Antoanthongtin 532

Ngi son: ThS Nguyn Cng Nht
MC LC
MC LC.....................................................................................................i
DANH MC CC HNH V.....................................................................iv
DANH MC CC BNG..........................................................................iv
M U......................................................................................................v
M U......................................................................................................v
CHNG I. TNG QUAN V AN TON THNG TIN.........................1
1.1. M u v an ton thng tin..............................................................1
1.2. Nguy c v him ha i vi h thng thng tin..............................2
1.3. Phn loi tn cng ph hoi an ton thng tin...................................4
1.3.1. Tn cng vo my ch hoc my trm c lp...........................4
1.3.2. Tn cng bng cch ph mt khu..............................................5
1.3.3. Virus, su mng v trojan horse..................................................6
1.3.4. Tn cng b m (buffer attack).................................................6
1.3.5. Tn cng t chi dch v.............................................................7
1.3.6. Tn cng nh tuyn ngun (source routing attack)....................8
1.3.7. Tn cng gi mo........................................................................9
1.3.8. Tn cng s dng e-mail.............................................................9
1.3.9. Tn cng qut cng...................................................................10
1.3.10. Tn cng khng dy................................................................12
1.4. Vai tr ca h iu hnh trong vic m bo an ton thng tin.......12
1.4. Tnh cn thit ca an ton thng tin.................................................15
1.4.1. Bo v thng tin v ti nguyn..................................................15
1.4.2. Bo m tnh ring t................................................................16
1.4.3. Kch thch lung cng vic........................................................17
1.4.4. Pht hin cc l hng an ton v g ri phn mm...................17
1.4.5. Tn tht v li hay s bt cn ca con ngi.............................18
1.5. Chi ph m bo an ton.............................................................19
CHNG II: CC PHN MM PH HOI..........................................22
2.1. Phn loi cc phn mm ph hoi....................................................22
2.1.1. Virus..........................................................................................22
2.1.2. Su mng...................................................................................25
2.1.3. Con nga t roa (Trojan horse).................................................26
2.1.4. Phn mm gin ip (Spyware)................................................28
2.2. Cc phng php tn cng thng c s dng bi phn mm ph
hoi.........................................................................................................29
2.2.1. Cc phng php thc hin (Excutable methods)....................29
2.2.2. Cc phng php tn cng Boot v Partition sector.................30
2.2.3. Cc phng php tn cng dng Macro...................................31
ii
2.2.4. Cc phng php tn cng dng E-mail...................................32

2.2.5. Khai thc li phn mm (Software exploitation)......................33
2.2.6. Cc phng php tn cng gia vo h tng mng...................34
2.3. Bo v thng tin khi cc phn mm ph hoi................................36
2.3.1. Ci t cc bn cp nht............................................................37
2.3.2. Gim st qa trnh khi ng h thng.....................................40
2.3.3. S dng cc b qut phn mm c hi...................................41
2.3.4. S dng ch k s cho cc tp iu khin v tp h thng.......42
2.3.5. Sao lu h thng v to cc a sa cha..................................43
2.3.6. To v ci t cc chnh sch ca t chc.................................46
2.3.7. Thit lp tng la....................................................................47
CU HI V BI TP THC HNH................................................62
CHNG III: AN TON BNG CCH DNG MT M....................63
3.1. M c in.......................................................................................63
3.1.1. M i xng..............................................................................63
3.1.1.1. Cc khi nim c bn..........................................................63
3.1.1.2. Cc yu cu.........................................................................65
3.1.1.3. Mt m................................................................................65
3.3.1.4. Thm m.............................................................................66
3.1.1.5. Tm duyt tng th (Brute-Force).......................................66
3.1.1.6. an ton...........................................................................67
3.2. Cc m th c in thay th.............................................................67
3.2.1. M Ceasar..................................................................................68
3.2.2. Cc m bng ch n................................................................69
3.2.3. M Playfair................................................................................71
3.2.4. M Vigenere..............................................................................72
3.2.5. M Rail Fence...........................................................................74
3.2.6. M dch chuyn dng...............................................................74
3.3. M khi hin i..............................................................................75
3.3.1. Phn bit m khi vi m dng.................................................75
3.3.2. Claude Shannon v m php th hon v..................................76
3.3.3. Cu trc m Fiestel....................................................................76
3.4. Chun m d liu (DES)..................................................................78
3.4.1. Lch s DES:.............................................................................78
3.4.2. S m DES...........................................................................79
3.4.3. Tnh cht ca DES.....................................................................81
3.4.4. Cc kiu thao tc ca DES........................................................85
3.5. Chun m nng cao (AES)..............................................................90
3.5.1. Ngun gc.................................................................................90
iii
3.5.2. Tiu chun trin khai ca AES..................................................91

3.5.3. Chun m nng cao AES Rijndael.........................................92
3.6. Cc m i xng ng thi.........................................................100
3.6.1. Triple DES...............................................................................100
3.6.2. Blowfish..................................................................................101
3.6.3. RC4..........................................................................................103
3.6.5. RC5.........................................................................................104
3.6.6 Cc c trng ca m khi v m dng..................................106
Chng 4: AN TON WEB....................................................................108
4.1. Web v vn an ton Web...........................................................108
4.1.1. S ra i v pht trin ca Web..............................................108
4.1.2. M hnh Web...........................................................................110
4.1.3. Mt s vn an ton Web trn mi trng Windows...........115
4.2. An ton dch v web: Kin trc xut.........................................125
4.2.1. Cc c t ca Web Service Security......................................129
4.2.2. Quan h ca m hnh an ton dch v web vi cc m hnh an
ton hin nay.....................................................................................132
4.2.3. Cc kch bn............................................................................133
4.3. Gii thiu mt k thut tn cng SQL Injection............................144
4.3.1. Tn cng da vo cu lnh SELECT......................................145
4.3.2. Tn cng da vo cu lnh kt hp UNION...........................146
4.3.3. Tn cng da vo lnh INSERT..............................................148
4.3.4. Tn cng da vo STORED PROCEDURE...........................148
4.3.5. Chui k t khng c du nhy n:.......................................148
4.3.6. Tn cng 2 tng.......................................................................149
4.4. Cch phng chng.........................................................................150
CHNG V: AN TON MNG KHNG DY...................................153
5.1. Gii thiu v an ton mng khng dy..........................................153
5.1.1. Cc tn cng i vi mng khng dy....................................153
5.1.2. Cc cng ngh sng v tuyn.................................................158
5.2. Gii thiu v IEEE 802.11.............................................................159
5.2.1. Cc thnh phn ca mng khng dy......................................159
5.2.2. Cc phng php truy nhp mng khng dy.........................161
5.2.3. Kim sot li d liu..............................................................162
5.2.3. Tc truyn...........................................................................163
5.2.4. S dng xc thc hu b kt ni........................................164
5.3. Mng Boluetooth...........................................................................164
5.4. Phn tch cc tn cng mng khng dy........................................165
5.4.1. Cc tn cng thm d..............................................................165
iv
5.4.2. Cc tn cng DoS....................................................................166

5.4.3 Cc tn cng xc thc..............................................................167
5.4.4. Cc tn cng trn giao thc EAP............................................168
5.4.5. Cc im truy nhp gi mo....................................................169
5.5. Cc bin php an ton mng khng dy........................................170
5.5.1. Xc thc h thng m.............................................................170
5.5.2. Xc thc kho chung...............................................................170
5.5.3. An ton tng ng mng c dy (WEP)............................170
5.5.4. Dch v thit lp nh danh.....................................................173
5.5.5. An ton 802.1x, 802.1i............................................................173
5.6. Cu hnh an ton kt ni khng dy trong cc mng WINDOWS,
LINUX..................................................................................................174
5.6.1. Cu hnh an ton kt ni khng dy trong h iu hnh
Windows............................................................................................174
5.6.2. Cu hnh an ton kt ni khng dy trong h iu hnh Linux
...........................................................................................................176
CU HI V BI TP THC HNH..............................................177
TI LIU THAM KHO........................................................................178
DANH MC CC HNH V
Hnh 2-1:Ni dung ca tp win.ini trong h iu hnh WinXP.................28
Hnh 2-2: t tnh nng an ton macro trong Microsoft Office 2003........32
Hnh 5-1: Cc loi Antena trong WLAN..................................................131
Hnh 5-2: Antena hng trong mng WLAN...........................................131
Hnh 5.3: Khun dng gi d liu WEP..................................................143
Hnh 5.4: Qu trnh ng gi d liu WEP..............................................143
Hnh 5-5: Ci gi d liu WEP................................................................144
DANH MC CC BNG
Bng 2-1: Nhng xut pht im ca cc phn mm ph hoi..................27
Bng 2-2: Mt s phn mm qut virus.....................................................42
vi
M U
Gio trnh an ton thng tin c xy dng nhm cung cp cho ngi
c nhng kin thc c bn v an ton thng tin, khai thc s dng cc
dch v an ton trong h thng thng tin, s dng cc ng dng ci t trn
cc h iu hnh nhm m bo tnh an ton ca h thng.
Ni dung ca gio trnh bao gm:
Chng 1: Khi nim v an ton h iu hnh
Chng ny s trnh by cc vn : H iu hnh v an ton h iu
hnh, tnh cn thit ca an ton h iu hnh, cc tn cng i vi h iu
hnh, chi ph thit lp an ton cho cc h iu hnh v cc mc ca an
ton h iu hnh.
Chng 2: Cc phn mm ph hoi
Ni dung ca chng ny bao gm: Phn loi cc phn mm ph hoi, cc
kiu tn cng ca cc phn mm ph hoi v phng php bo v h iu
hnh khi cc tn cng ca cc phn mm ph hoi.
Chng 3: An ton bng cch dng mt m
Chng ny trnh by cc vn : cc phng php m ho, cc phng
php xc thc.
Chng 4: An ton IP v web
Chng ny chng ta s xt n c ch an ton IPSec v mt s giao thc
bo mt lp vn chuyn ng dng trn Web.
Chng 5: An ton mng khng dy
Chng ny trnh by cc vn tng quan v an ton mng khng dy,
cc cng ngh sng radio, mng sng bluetooth, chun IEEE 802.11 cng
nh vic phn tch cc tn cng i vi mng khng dy. Mt s bin php
vii
an ton mng khng dy v cch thc cu hnh an ton kt ni khng dy

trn cc h iu hnh .
Gio trnh c bin tp ln u v da trn cc ti liu tham kho ch
ra cng nh mt s ngun ti liu khc, chc chn cn rt nhiu khim
khuyt v ni dung cng nh phng php th hin, ti rt mong nhn
c nhng kin ng gp ca cc ng nghip v cc bn c c th
hon chnh tip trong qu trnh thc hin.
Vinh, 09/2008
Tc gi.
viii
CHNG I. TNG QUAN V AN TON

THNG TIN
1.1. M u v an ton thng tin
Ngy nay vi s pht trin bng n ca cng ngh thng tin, hu ht
cc thng tin ca doanh nghip nh chin lc kinh doanh, cc thng tin
v khch hng, nh cung cp, ti chnh, mc lng nhn vin,u c
lu tr trn h thng my tnh. Cng vi s pht trin ca doanh nghip l
nhng i hi ngy cng cao ca mi trng kinh doanh yu cu doanh
nghip cn phi chia s thng tin ca mnh cho nhiu i tng khc nhau
qua Internet hay Intranet. Vic mt mt, r r thng tin c th nh hng
nghim trng n ti chnh, danh ting ca cng ty v quan h vi khch
hng.
Cc phng thc tn cng thng qua mng ngy cng tinh vi, phc
tp c th dn n mt mt thng tin, thm ch c th lm sp hon ton
h thng thng tin ca doanh nghip. V vy an ton thng tin l nhim v
rt nng n v kh on trc c, nhng tu trung li gm ba hng
chnh sau:
-
Bo m an ton thng tin ti my ch
Bo m an ton cho pha my trm
An ton thng tin trn ng truyn
ng trc yu cu an ton thng tin, ngoi vic xy dng cc

phng thc an ton thng tin th ngi ta a ra cc nguyn tc v bo
v d liu nh sau:
-
Nguyn tc hp php trong lc thu thp v x l d liu.
Nguyn tc ng n.
Nguyn tc ph hp vi mc ch.
1
Nguyn tc cn xng.
Nguyn tc minh bch.
Nguyn tc c cng quyt nh cho tng c nhn v bo m

quyn truy cp
cho ngi c lin quan.
-
Nguyn tc khng phn bit i x.
Nguyn tc an ton.
Nguyn tc c trch nim trc php lut.
Nguyn tc gim st c lp v hnh pht theo php lut.
Nguyn tc mc bo v tng ng trong vn chuyn d liu xuyn

bin gii.
y chng ta s tp trung xem xt cc nhu cu an ninh v ra cc
bin php an ton cng nh vn hnh cc c ch t c cc mc tiu
.
Nhu cu an ton thng tin:
An ton thng tin thay i rt nhiu trong thi gian gn y. Trc
kia hu nh ch c nhu cu an ton thng tin, nay i hi thm nhiu yu
cu mi nh an ninh my ch v trn mng.
Cc phng php truyn thng c cung cp bi cc c ch hnh
chnh v phng tin vt l nh ni lu tr bo v cc ti liu quan trng
v cung cp giy php c quyn s dng cc ti liu mt .
My tnh i hi cc phng php t ng bo v cc tp v cc
thng tin lu tr. Nhu cu an ton rt ln v rt a dng, c mt khp mi
ni, mi lc. Do khng th khng ra cc qui trnh t ng h tr bo
m an ton thng tin.
Vic s dng mng v truyn thng i hi phi c cc phng tin
bo v d liu khi truyn. Trong c c cc phng tin phn mm v
2
phn cng, i hi c nhng nghin cu mi p ng cc bi ton thc

tin t ra.
Cc khi nim:
An ton thng tin: Bo mt + ton vn + kh dng + chng thc
An ton my tnh: tp hp cc cng c c thit k bo v d

liu v chng hacker.
An ton mng: cc phng tin bo v d liu khi truyn chng.
An ton Internet: cc phng tin bo v d liu khi truyn chng

trn tp cc mng lin kt vi nhau.Mc ch ca mn hc l tp trung vo
an ton Internet gm cc phng tin bo v, chng, pht hin, v hiu
chnh cc ph hoi an ton khi truyn v lu tr thng tin.
1.2. Nguy c v him ha i vi h thng thng tin
Cc him ha i vi h thng c th c phn loi thnh him ha
v tnh hay c , ch ng hay th ng.
- Him ha v tnh: khi ngi dng khi ng li h thng ch c

quyn, h c th ty chnh sa h thng. Nhng sau khi hon thnh cng
vic h khng chuyn h thng sang ch thng thng, v tnh k
xu li dng.
- Him ha c : nh c tnh truy nhp h thng tri php.
- Him ha th ng: l him ha nhng cha hoc khng tc ng trc
tip ln h thng, nh nghe trm cc gi tin trn ng truyn.
- Him ha ch ng: l vic sa i thng tin, thay i tnh trng hoc
hot ng
ca h thng.
i vi mi h thng thng tin mi e da v hu qu tim n l rt ln,
n c th xut pht t nhng nguyn nhn nh sau:
- T pha ngi s dng: xm nhp bt hp php, n cp ti sn c gi tr
- Trong kin trc h thng thng tin: t chc h thng k thut khng c
cu trc hoc khng mnh bo v thng tin.
- Ngay trong chnh sch an ton an ton thng tin: khng chp hnh cc
chun an ton, khng xc nh r cc quyn trong vn hnh h thng.
4
- Thng tin trong h thng my tnh cng s d b xm nhp nu khng c

cng c qun l, kim tra v iu khin h thng.
- Nguy c nm ngay trong cu trc phn cng ca cc thit b tin hc v
trong phn mm h thng v ng dng do hng sn xut ci sn cc loi
'rp' in t theo nh trc, gi l 'bom in t'.
- Nguy him nht i vi mng my tnh m l tin tc, t pha bn ti
phm.
1.3. Phn loi tn cng ph hoi an ton thng tin
Cc h thng trn mng c th l i tng ca nhiu kiu tn cng.
C rt nhiu kiu tn cng vo cc my tnh, mt s kiu tn cng nhm
vo cc h iu hnh, mt s li nhm vo cc mng my tnh, cn mt s
li nhm vo c hai. Di y l mt s kiu tn cng in hnh:
- Tn cng vo my ch hoc my trm c lp (Standalone workstation or
server).
- Tn cng bng cch ph mt khu.
- Virus, su mng v trojan horse.
- Tn cng b m (buffer attack).
- Tn cng t chi dch v.
- Tn cng nh tuyn ngun (source routing attack).
- Tn cng gi mo.
- Tn cng s dng e-mail.
- Qut cng.
- Tn cng khng dy.
1.3.1. Tn cng vo my ch hoc my trm c lp
Cch n gin nht tn cng mt h iu hnh l li dng mt
my tnh ang trng thi ng nhp (logged-on) ca mt ngi no
5
khi ngi b ra ngoi hoc bn lm vic khc. Rt nhiu ngi dng

khng tt my hoc ng xut (log off) khi i ra ngoi hoc khng ci t
mt khu mn hnh ch (screen saver). Rt nhiu h iu hnh cho php
ngi dng cu hnh mt mn hnh ch xut hin sau mt khong thi tnh
no (khong thi gian ngi dng khng thao tc vi my). Mn hnh
ch ny c th c ci t yu cu ngi dng nhp mt khu trc
khi thao tc li vi my.
My trm hoc my ch khng c bo v theo cch ny l mc
tiu d nht tn cng khi khng c ngi xung quanh. V d, trong mt
s c quan, cc nhn vin c th cng nhau i ung c ph trong gi gii
lao m khng ch n vn phng ca mnh. Trong tnh hung ny, mt
my tnh trng thi ng nhp s l mt li mi hp dn cho mt k tn
cng. i khi cc my ch cng l cc mc tiu tn cng, v qun tr vin
hoc ngi iu hnh my ch cng c th i ra ngoi b li my ch
trong trng thi ng nhp vi mt khon mc c c quyn ca qun tr
vin m bt c ai cng c th s dng. Thm ch c nhng my ch t
trong cc phng my c kho cn thn, th my ch ny cng tr thnh
mt mc tiu tn cng cho bt c ai vo c phng , nhng ngi ny
c th l nhng lp trnh vin, nhng nh qun l, th in, nhn vin bo
tr,
1.3.2. Tn cng bng cch ph mt khu.
Qu trnh truy trp vo mt h iu hnh c th c bo v bng
mt khon mc ngi dng v mt mt khu. i khi ngi dng khon
mc li lm mt i mc ch bo v ca n bng cch chia s mt khu vi
nhng ngi khc, ghi mt khu ra v n cng khai hoc mt ni
no cho d tm trong khu vc lm vic ca mnh.
Nhng k tn cng c rt nhiu cch khc phc tp hn tm mt
khu truy nhp. Nhng k tn cng c trnh u bit rng lun c
nhng khon mc ngi dng qun tr chnh, v d nh khon mc
6
Administrator trong cc h iu hnh Windows, khon mc root trong cc

h iu hnh Unix v Linux, khon mc Admin trong NetWare v cc
khon mc c quyn Admin trong hiu hnh Mac OS X. Nhng k tn
cng s c gng ng nhp bng cc khon mc ny mt cch cc b hoc
t trn mng, bng chng trnh Telnet chng hn. Telnet l mt giao thc
trong tng ng dng ca m hnh TCP/IP cho php truy nhp v cu hnh
t xa t trn mng hoc trn Internet.
Nu mt k tn cng tm kim mt khon mc truy nhp, th k
phi s dng h thng tn min DNS trong mt mng kt ni vi
Internet tm nhng ra c nhng tn khon mc c th. H thng tn
min (DNS) l mt dch v TCP/IP thc hin chuyn i tn my hoc tn
min sang a ch IP v ngc li bng mt tin trnh c gi l phn gii
tn min. Sau khi tm ra c tn khon mc ngi dng, k tn cng ny
s s dng mt phn mm lin tc th cc mt khu khc nhau c th.
Phn mm ny s to ra cc mt khu bng cch kt hp cc tn, cc t
trong t in v cc s. Ta c th d dng tm kim mt s v d v cc
chng trnh on mt khu trn mng Internet nh: Xavior, Authforce v
Hypnopaedia. Cc chng trnh dng ny lm vic tng i nhanh v
lun c trong tay nhng k tn cng.
1.3.3. Virus, su mng v trojan horse.
Hu nh ai cng tng nghe hay gp phi virus, su mng hoc
trojan horse. Virus l mt chng trnh gn trong cc a hoc cc tp v
c kh nng nhn bn trn ton h thng. Mt s virus c th ph hoi cc
tp hoc a, cn mt s khc ch nhn bn m khng gy ra mt s ph
hoi thng trc no. Mt virus hoax khng phi l mt virus, m l mt
e-mail cnh bo sai v mt virus. Mt s virus hoc e-mail cha cc hng
dn cch xo mt tp c cho l mt virus nguy him nhng thc cht
tp ny li l mt tp h thng. Ngi no m lm theo cnh bo ny c
th s mc phi cc li h thng hoc c th ci t li tp . Ngoi ra,
7
mc ch ca virus hoax l la cho ngi dng chuyn tip cc cnh

bo cho nhau, lm tng mt s lng ln e-mail trn mng, to ra nhng lo
ngi khng cn thit v gy ra nhng rc ri v lu lng mng.
Su mng l mt chng trnh nhn bn khng ngng trn cng mt
my tnh hoc gi chnh n n cc my tnh khc trong mng. S khc
nhau gia su mng v virus l su mng tip tc to cc tp mi, cn
virus th nhim a hoc tp ri a hoc tp s nhim cc a hoc
cc tp khc. Su mng l mt chng trnh c v l hu ch v v hi,
nhng thc t li gy hi cho my tnh ca ngi dng. Su mng thng
c thit k cho php k tn cng truy nhp vo my tnh m n ang
chy hoc cho php k tn cng kim sot my tnh . V d, cc su
mng nh Trojan.Idly, B02K v NetBus l cc su mng c thit k
cho php k tn cng truy nhp v iu khin mt h iu hnh. C th,
Trojan.Idly c thit k chuyn cho k tn cng khon mc ngi
dng v mt khu truy nhp my tnh nn nhn.
1.3.4. Tn cng b m (buffer attack).
Rt nhiu h iu hnh s dng b m (buffer) lu d liu cho
n khi n sn sng c s dng. Gi s, mt my ch vi mt kt ni
tc cao ang truyn d liu a phng tin ti mt my trm trn
mng, v my ch truyn nhanh hn my trm c th nhn. Khi giao
din mng ca my trm s s dng phn mm lu tm (m) thng tin
nhn c cho n khi my trm sn sng x l n. Cc thit b mng nh
switch cng s dng b m khi lu lng mng qu ti n s c ch
lu d liu cho n khi chuyn tip xong d liu n ch. Tn cng b
m l cch m k tn cng la cho phn mm m lu tr nhiu thng tin
trong b m hn kch c ca n (trng thi ny gi l trn b m). Phn
thng tin tha c th l mt phn mm gi mo sau s truy nhp vo
my tnh ch.
Tn cng b m c thc hin nh sau: Cc frame v packet l cc

n v thng tin c truyn i trn mng, v d cc frame v cc packet
c nh dng cho cc phin truyn thng TCP/IP. Mt phn ca thng
tin trong frame hoc packet ni ln kch c ca n, v d 324 byte. Khi
mt my tnh hoc thit b mng phi m d liu, thng tin ny s bo
cho my tnh hoc thit b bit dnh bao nhiu khng gian b m
gi tm d liu . Trong tn cng b m, kch c ca frame hoc packet
l qu nh nn mt on m c (v d m ca ngn ng my) c th gn
vo cui ca frame hoc packet m bn nhn khng bit c. Khi c
lu tr trong b m, on m ny khng nhng s bung ra lm trn b
m m cn chim quyn iu khin h thng.
1.3.5. Tn cng t chi dch v.
Tn cng t chi dch v (DoS) c s dng can thip vo qu
trnh truy nhp n mt my tnh, mt trang web hay mt dch v mng
bng cch lm lt mng bng cc thng tin v ch hoc bng cc frame
hay packet cha cc li m mt dch v mng khng nhn bit c. V
d, mt tn cng dch v c th nhm vo cc dch v truyn thng dng
giao thc truyn siu vn bn (HTTP) hoc giao thc truyn tp (FTP) trn
mt trang web. Mc ch chnh ca tn cng DoS l ch lm sp mt trang
cung cp thng tin hoc lm tt mt dch v ch khng lm hi n thng
tin hoc cc h thng. Trn thc t, s ph hoi l lm cho ngi dng
khng th truy nhp c mt trang web hoc mt my tnh trn mng
trong mt khong thi gian no , iu ny lm mt cc chc nng ca
cc giao dch trc tuyn. Mt s trang web thng mi in t tng b
cc tn cng DoS l Amazon.com, Buy.com v eBay.com.
Nhiu khi mt tn cng DoS vo mt h iu hnh c thc hin
trong chnh mng ni b m h iu hnh c ci t. K tn cng
ginh quyn truy nhp vi khon mc Administrator ca Windows 2003
Server v dng cc dch v trn my trm v my ch, lm cho ngi
9
dng khng th truy nhp vo my ch . T hi hn, k tn cng c th

g b mt dch v hoc cu hnh cm dch v . Mt cch khc l
lm y a trn cc h thng khng ci t chc nng Disk quota (hn
ngch a) lm cho cc a b trn bi cc tp. Vn ny trc y
thng xy ra i vi cc h thng my ch khng c cc tu chn qun l
hn ngch a.
Mt k tn cng t xa (khng khi to tn cng t trong mng cc
b) c th thc hin mt dng tn cng n gin l lm lt mt h
thng bng nhiu gi tin. V d, chng trnh Ping of Death s dng tin
ch Ping c trong cc h iu hnh Windows v Unix lm lt mt h
thng bng cc gi tin qu c, ngn chn truy nhp ti h thng ch. Ping
l mt tin ch m ngi dng mng v cc qun tr vin thng s dng
kim tra kt ni mng. Mt kiu tn cng t xa khc l s dng cc
gi tin c nh dng khng chun hoc cc gi tin c li. V d, phn
mm Jolt2 DoS s gi lin tc cc phn mnh gi tin theo cch m chng
khng th ti to li c. Khi , ti nguyn ca my tnh ch b tiu tn
hon ton khi c gng ti to li cc gi tin. Mt v d khc, phn mm
Winnuke s gi cc TCP frame c nh dng khng chun lm cho h
thng ch b treo hay b sp.
Trong mt s loi tn cng, my tnh khi to tn cng c th lm
cho rt nhiu my tnh khc gi i cc gi tin tn cng. Cc gi tin tn
cng c th nhm vo mt site, mt my ch hay nhiu my tnh c th
tn cng nhiu my ch. Kiu tn cng ny c gi l tn cng t chi
dch v phn tn DdoS.
1.3.6. Tn cng nh tuyn ngun (source routing attack).
Trong nh tuyn ngun, ngi gi gi s xc nh chnh xc tuyn
ng m gi s i qua n c ch. Thc cht, nh tuyn ngun ch
s dng trong cc mng token ring v g ri cc li mng. V d, tin
ch g ri Traceroute trong cc h iu hnh Windows, UNIX, Mac OS v
10
NetWare s dng nh tuyn ngun xc nh tuyn ng m gi tin i

t mt im ti mt im khc trn mt mng.
Trong tn cng nh tuyn ngun, k tn cng sa i a ch ngun
v thng tin nh tuyn lm cho gi tin c v nh n t mt a ch khc,
v d mt a ch tin cy truyn thng trn mt mng. Ngoi vic ng
gi lm mt ngi tin cy trong mng, k tn cng cn c th s dng nh
tuyn ngun thm d thng tin ca mt mng ring, v d mt mng
c bo v bi mt thit b mng s dng chc nng chuyn i a ch
(NAT). NAT (Network Address Translation) c th chuyn i a ch IP
ca gi tin t mt mng ring thnh mt a ch IP khc c s dng trn
mng cng cng hay mng Internet y l k thut va bo v nh
danh ca cc my tnh trong mt mng ring va b qua yu cu s
dng cc a ch IP duy nht trn ton cu trn mng ring.
* Ch : Nhng k tn cng c th lch c mt thit b NAT bng cch
s dng mt dng nh tuyn ngun gi l lm sai lch bn ghi nh tuyn
ngun (LSRR Loose Source Record Route). Dng nh tuyn ny khng
xc nh mt tuyn y cho gi tin, m ch mt phn v d, mt hoc
hai chng (hop) hay thit b mng trong tuyn i qua thit b NAT.
1.3.7. Tn cng gi mo.
Tn cng gi mo lm cho a ch ngun ca gi tin b thay i lm
cho c v nh c xut pht t mt a ch (my tnh) khc. S dng tn
cng gi mo, k tn cng c th truy nhp c vo mt h thng c
bo v. Tn cng nh tuyn ngun cng c coi l mt dng tn cng
gi mo. Ngoi ra, tn cng DoS lm lt mt my ch bng cc gi tin c
a ch ngun gi mo cng l mt dng tn cng gi mo.
1.3.8. Tn cng s dng e-mail.
Rt nhiu ngi s dng e-mail nhn ra rng h c th l nn nhn
ca mt tn cng e-mail. Mt tn cng e-mail c v nh xut pht t mt
ngun thn thin, hoc thm ch l tin cy nh: mt cng ty quen, mt
11
ngi thn trong gia nh hay mt ng nghip. Ngi gi ch n gin

gi a ch ngun hay s dng mt khon mc e-mail mi gi e-mail
ph hoi n ngi nhn. i khi mt e-mail c gi i vi mt tiu
hp dn nh Congratulation youve just won free software. Nhng e-mail
ph hoi c th mang mt tp nh km cha mt virus, mt su mng hay
mt trojan horse. Mt tp nh km dng vn bn word hoc dng bng
tnh c th cha mt macro (mt chng trnh hoc mt tp cc ch th)
cha m c. Ngoi ra, e-mail cng c th cha mt lin kt ti mt web
site gi.
Tn cng c tn Ganda c thc hin di dng mt e-mail v tp
nh km c gi i di rt nhiu dng khc nhau, nhng n lun mang
mt thng bo ku gi mt hnh ng nh Stop Nazis hoc Save
kittens - Hy cu ly l mo con. Khi ngi dng m tp nh km, su
mng Ganda s c kch hot. Ngoi vic to ra cc tp, su mng ny
cn can thip vo cc tin trnh khi ng, v d cc tin trnh ca phn
mm dit virus v bc tng la. Mt v d khc l mt e-mail gi c
gi cho cc ngi dng ca mt cng ty ng k web site ni ting trn
internet, yu cu ngi nhn cung cp tn, a ch v thng tin th tn dng
ly c l cp nht cc bn ghi ca cng ty. Nhng mc ch thc ca n l
b mt thu thp d liu v th tn dng.
1.3.9. Tn cng qut cng.
Truyn thng bng giao thc TCP/IP s dng cc cng TCP hoc
cng UDP nu giao thc UDP c s dng cng vi giao thc IP. Cng
TCP hoc UDP l mt con ng truy nhp h thng ch, thng
thng n lin quan n mt dch v, mt tin trnh hay mt chc nng
nht nh . Mt cng tng t nh mt mch o kt ni gia 2 dch v
hoc 2 tin trnh truyn thng vi nhau gia 2 my tnh hoc 2 thit b
mng khc nhau. Cc dch v ny c th l FTP, e-mail, C 65535 cng
12
trong giao thc TCP v UDP. V d, dch v DNS chy trn cng 53, FTP
chy trn cng 20.
Port No Purpose
Port
No
Purpose
Multiplexing
53
DNS server application
RJE applications
79
Find
active
application
Transmission discard
80
HTTP web browsing
15
Status of network
93
Device controls
20
FTP data
102
Service
(SAP)
21
FTP commands
103
Standadized
service
e-mail
23
Telnet applications
104
Standadized
exchange
e-mail
25
SNMTP
applications
37
Time transactions
access
user
point
e-mail 119
Usenet news transfers
139
NetBIOS applications
Bng 1-1: Mt s cng TCP v mc ch s dng

Sau khi mt k tn cng bit c mt hoc nhiu a ch IP ca
cc h thng ang sng (tn ti) trn mng, k tn cng s chy phn mm
qut cng tm ra nhng cng quan trng no ang m, nhng cng no
cha c s dng. V d, k tn cng cng c th truy nhp v tn cng
cc dch v DNS trn cng 53 ca mt my ch DNS. Cng 23 ca Telnet
cng l mt mc tiu hp dn m nhng k tn cng nhm n ginh
quyn truy nhp vo mt my tnh. C 2 phn mm qut cng thng dng
l Nmap v Strobe. Nmap thng c s dng qut cc my tnh
chy h iu hnh Unix/Linux, ngoi ra cn mt phin bn c s dng
cho cc my ch v my trm Windows. Ngoi nhng k tn cng, mt s
13
chuyn gia v an ton cng s dng Nmap pht hin cc l hng an

ton trn cc cng m. Strobe cng c s dng qut cc cng m,
nhng n c thit k tn cng cc h thng Unix/Linux.
Mt cch ngn chn truy nhp thng qua mt cng m l dng
cc dch v hoc cc tin trnh h iu hnh khng s dng hoc ch cu
hnh khi ng cc dch v mt cch th cng bng chnh hiu bit ca
mnh. Hnh 1-2 gii thiu lnh kill trong Red Hat Linux dng tin trnh
crond, s hiu ca tin trnh ny l 1249.
Hnh 1-2: Dng tin trnh crond bng lnh kill trong Redhat
linux
H iu hnh NetWare s dng cc module NLM (NetWare Loadable
Module) m rng cc kh nng v dch v ca h iu hnh. m
bo qu trnh qun l an ton tt, cn phi bit c cc module NLM no
c kch hot v cch dng cc module NLM khng cn thit. Qu trnh
dng mt module NLM (v d module REMOTE.NLM c s dng
truy nhp console t xa vo my ch) khng ch l mt cch bo m an
14
ton m cn l cch gii phng b nh dnh cho cho cc chc nng h

iu hnh khc.
Cng ging nh cc h iu hnh khc, h iu hnh Mac OS X cng
h tr rt nhiu dch v, ngi qun tr c th dng cc dch v ny trn
mn hnh desktop.
1.3.10. Tn cng khng dy
Cc mng khng dy thng rt d b tn cng, v rt kh bit
c ngi no xm hi n mng ny. i khi cc tn cng trn
mng khng dy cn c gi l war-drives, v k tn cng c th li xe
lng vng quanh mt khu vc, dng mt my tnh xch tay thu thp cc
tn hiu khng dy. Tuy nhin, k tn cng cng c th lm iu bng
cch i b hoc mt ni no vi chic my tnh xch tay ca mnh.
Hai thnh phn quan trng c s dng trong cc tn cng khng
dy l mt cc mng khng dy v mt ng ten a hng, c th thu tn
hiu t tt c cc hng. Mt thnh phn khc l phn mm wardriving c s dng bt v chuyn i cc tn hiu t ng ten qua card
mng khng dy. Cc tn cng khng dy thng c thc hin bng
cch qut rt nhiu knh s dng cho cc truyn thng khng dy, tng t
nh vic s dng mt my qut nghe cc knh ca cnh st v cha
chy.
1.4. Vai tr ca h iu hnh trong vic m bo an ton thng tin
Mt h iu hnh (OS) cung cp cc ch th chng trnh c bn
giao tip vi phn cng ca my tnh. H hiu hnh l mt m chng
trnh gip ngi s dng bt u cc chc nng c bn ca mt my tnh
nh: xem ni vn bn trn mn hnh ca my tnh, lu gi thng tin, truy
nhp v sa i thng tin, truy nhp vo mt mng, kt ni Internet v
chy cc phn mm ng dng khc. H iu hnh thc hin cc chc nng
qun l vo/ra (I/O) c bn nht ca my tnh. Qun l vo/ra cho php
15
cc chng trnh giao tip vi phn cng ca my mt cch d dng. ng

vai tr l mt giao din ga cc chng trnh ng dng v phn cng ca
my, mt h iu hnh thc hin cc tc v sau:
- Kim sot d liu vo t bn phm, thit b chut v mng.
- Kim sot d liu ra mn hnh, my in v mng.
- Cho php truyn thng qua modem hoc cc cng truyn thng khc.
- Kim sot vo/ra cho tt c cc thit b, k c cc giao din mng.
- Qun l vic lu tr, tm kim v phc hi thng tin trn cc thit b lu
tr nh cc a cng, cc a CD-ROM.
- Cho php cc chc nng a phng tin nh chi nhc v truy nhp cc
on video clip.
tt c cc cp h iu hnh, h iu hnh u c kh nng
cung cp cc chc nng an ton. V d, mt h iu hnh c th cung cp
chc nng an ton qun l vic truy nhp a cng hoc qun l cch
thc cc chng trnh phn mm kim sot cc chc nng phn cng.
Thng qua h iu hnh, vic truy nhp ti mt my tnh hay mt mng c
th c kim sot bng cc khon mc ngi dng v mt khu. Mt s
h iu hnh c kh nng t bo v m chng trnh ca chng bng cch
chy m ny trong mt vng an ton m ch c h iu hnh c php
s dng. Mt s h iu hnh li c kh nng t bo v bng cch t ng
tt cc phn mm c li hoc phn mm sai chc nng ngn khng cho
chng can thip vo cc phn mm khc hoc can thip vo phn cng.
16
Hnh 1.1: Thnh phn v chc nng ca h iu hnh.

- Giao din lp trnh ng dng (API): L phn mm trung gian gia
chng trnh ng dng v nhn h iu hnh (m chng trnh chnh ca
h iu hnh). API s bin dch cc yu cu t chng trnh ng dng
thnh m m nhn h iu hnh c th hiu c v chuyn xung cc
trnh iu khin thit b phn cng v ngc li. Mt chc nng khc ca
API l cung cp mt giao din cho h thng vo/ra c bn (BIOS).
- H thng vo/ra c bn (BIOS): L mt chng trnh nhn dng thit b
phn cng v thit lp qu trnh truyn thng c bn vi cc thnh phn
nh mn hnh v cc a. Ngoi ra, BIOS cn np cc thnh phn khc
ca h iu hnh khi khi ng v duy tr mt ng h thi gian thc
cung cp ngy gi cho h thng.
- Nhn h iu hnh (Kernel): L phn li ca h iu hnh thc hin phi
hp cc chc nng ca h iu hnh nh: kim sot b nh v thit b lu
tr. Nhn h iu hnh s giao tip vi BIOS, cc trnh iu khin thit b
17
v API thc hin cc chc nng ny. Ngoi ra, n cn l giao din vi
cc trnh qun l ti nguyn.
- Trnh qun l ti nguyn (Resource Manager): L cc chng trnh qun
l vic s dng b nh v vi x l trung tm.
- Trnh iu khin thit b (Device Driver): L cc chng trnh nhn cc
yu cu t API thng qua nhn h iu hnh ri bin dch chng thnh cc
lnh thao tc vi cc thit b phn cng tng ng nh: bn phm, mn
hnh, a v my in. Ngoi ra, h iu hnh cn c thm cc trnh iu
khin chuyn dng phc v cc chc nng v cc thit b khc nh m
thanh.
Trong cc thnh phn ny, mt dng an ton c bn nht l cu hnh
an ton mt khu BIOS. Tu chn an ton mt khu ny c th khc nhau
tu theo cc nh sn xut phn mm BIOS khc nhau. Di y l mt s
tu chn mt khu thng dng trong BIOS:
- t mt khu qun l vic truy nhp a cng.
- t mt khu truy nhp chng trnh ci t BIOS hoc xem cu hnh
ca BIOS (trong mt s trng hp ngi dng c th truy nhp vo BIOS
xem cc thng tin cu hnh nhng khng th thay i cc cu hnh ).
- t mt khu thay i cu hnh BIOS.
- t mt khu khi ng my.
- Ch cho php my tnh khi ng t a mm v ch sau khi ngi
dng nhp mt khu cho a .
1.4. Tnh cn thit ca an ton thng tin
An ton l rt cn thit v cc h thng my tnh v mng lu gi rt
nhiu thng tin v ti nguyn khc nhau. V d, khi ngi dng s dng
th tn dng mua hng qua internet th phi cn n nh cung cp dch
v internet cung cp mt knh an ton thc hin giao dch v bo m
tt c nhng thng tin cung cp khng b l; phng nhn s ca mt cng
18
ty lun phi bo m b mt nhng thng tin nhy cm ca nhn vin trong

cng ty. y ch l nhng v d l gii ti sao an ton h iu hnh v an
ton mng l cn thit. Mc ch ca an ton c th c chia thnh cc
nhm sau:
1.4.1. Bo v thng tin v ti nguyn.
Cc h thng my tnh lu gi rt nhiu thng tin v ti nguyn cn
c bo v. Trong mt cng ty, nhng thng tin v ti nguyn ny c th
l d liu k ton, thng tin ngun nhn lc, thng tin qun l, bn hng,
nghin cu, sng ch, phn phi, thng tin v nh my v thng tin v cc
h thng nghin cu. i vi rt nhiu cng ty, ton b d liu quan trng
ca h thng c lu trong mt c s d liu v c qun l v s
dng bi mt chng trnh phn mm. Cc tn cng vo h thng c th
xut pht t nhng i th kinh doanh, khch hng, nhng nhn vin bin
cht. Cc h thng my tnh cc trung tm o to lu gi tt c cc loi
ti nguyn, i khi chng c chia thnh 2 nhm l nhm tnh ton v
nhm qun tr. Nhng ti nguyn tnh ton bao gm c s d liu nghin
cu, cc my tnh v phn mm trong cc phng thc hnh, thng tin v
lp hc v cc bi lun v cc my tnh dng cho cc d n cng ngh cao.
Nhng ti nguyn qun tr bao gm thng tin v sinh vin, h s ng k,
cc h thng k ton v ngun nhn lc, cc h thng qun l qu, phn
mm qun l vic cp php v cc h thng pht trin. Cc tn cng vo
cc trung tm o to c th xut pht t bn trong hoc bn ngoi. V d,
mt trung tm o to, mt gim c kinh doanh tn cng cc h
thng b mt bin th hng nghn la. mt trung tm khc, mt
nhn vin bo v khoa cng ngh thng tin thng xuyn xm nhp cc
h thng thng qua cc my tnh s b li trong trng thi ng nhp
trong cc phng ca cc lp trnh vin ng dng v h thng.
Mi quc gia s hu mt s lng my tnh v ti nguyn thng tin
in t rt ln lin quan n quc phng, lut php v cc thng tin c
19
nhn khc. Do , cc phng php bo m an ton cho nhng thng

tin ny c th rt phc tp v nhy cm. Cc tn cng c th xut pht t
nhiu ngun khc nhau, c t bn trong v bn ngoi quc gia. Tt nhin,
hu qu m nhng tn cng thnh cng li s rt nghim trng.
Nhng ngi dng my tnh l mt nhm rt ln lu gi nhiu thng
tin quan trng cn c bo v. V d, c trn 15 triu ngi dng s dng
my tnh thng tin lin lc M. Tt c nhng ngi dng ny lu d,
ti ln hoc ti xung nhng thng tin nh nhng ti liu vn bn, ho
v bng tnh, mt kha cnh no , nhng thng tin ny li thuc quyn
s hu ca cc t chc m h ang lm vic. Nhng thng tin trn my
tnh cng bao gm nhng bn ghi c nhn, thng tin thu v nhng d liu
nhy cm khc.
1.4.2. Bo m tnh ring t.
Cc h thng my tnh lu gi rt nhiu thng tin c nhn cn c
gi b mt. Nhng thng tin ny bao gm:
- S th bo him x hi.
- S th ngn hng.
- S th tn dng.
- Thng tin v gia nh.
- Thng tin v sc kho.
- Thng tin vic lm.
- Thng tin v sinh vin.
- Thng tin v cc khon mc u t.
- Thng tin v s hu tr.
Tnh ring t l yu cu rt quan trng m cc ngn hng, cc cng ty
tn dng, cc cng ty u t v cc hng khc cn phi m bo gi i
cc ti liu thng tin chi tit v cch h s dng v chia s thng tin v
20
khch hng. Cc hng ny c nhng quy nh bt buc bo m nhng

thng tin c nhn c b mt v bt buc phi thc hin nhng quy nh
bo m tnh ring t. Hu qu nghim trng s xy ra nu mt k
gi mo truy nhp c nhng thng tin c nhn.
1.4.3. Kch thch lung cng vic
Lung cng vic bao gm mt chui cc hot ng cn thit hon
thnh mt tc v no . Trong mt vn phng nh, lung cng vic c th
c thc hin bi mt hoc 2 ngi. Trong mt cng ty ln hn, th
chui cng vic ny c th c thc hin bi rt nhiu ngi, mi ngi
m nhim mt cng vic khc nhau. V d, trong mt ngnh kinh doanh
lin quan n cc n hng. Mt ngi i din dch v khch hng s
nhn n hng bng in thoi v nhp n vo h thng my tnh. H
thng my tnh s bo cho phng vn chuyn gi hng ho theo n hng
ny i, phng kim k s c thng bo v nhng thay i trong c s
d liu kim k. Phng thanh ton s x l thng tin th tn dng bo
m ng th tc thanh ton.
S an ton l rt quan trng trong tng cng on ca lung cng vic.
Nu mt cng on b l do mt vn an ton no , khi mt t chc
c th mt tin, mt d liu hoc mt c hai. V d trong n hng, nu
ngi i din khch hng nhp n hng, nhng mt tn cng vo mt
dch v no trn my tnh lm cho n khng c x l y , khi
h thng c th vn thanh ton vi khch hng nhng li khng chuyn
hng ho n khch hng hoc vn chuyn hng ho ri nhng li khng
thanh ton vi khch hng.
1.4.4. Pht hin cc l hng an ton v g ri phn mm.
Cc nh sn xut cc thit b phn cng v phn mm thng gp
phi rt nhiu p lc a sn phm ca h ra th trng cng nhanh
cng tt. Nu sn phm ca mt nh sn xut tung ra mun, kt qu l i
21
th cnh tranh s chim mt th phn hoc nh sn xut s l mc tiu ca

nhng ch trch trn cc phng tin thng tin i chng.
Cc sn phm mi vi v c a ra th trng thng cha nhng
l hng an ton hoc khng n nh do chng khng c kim tra nh
gi mt cch k lng. V d, mt s h iu hnh c mt khon mc
"guest" c to sn. Nhng khon mc "guest" ny thng khng c
kch hot hoc c bo v bng mt khu v chng c cu hnh gii
hn cc truy nhp vo mt h thng. Cch y khng lu, mt nh sn xut
h iu hnh v tnh tip th mt phin bn h iu hnh mi, trong
khon mc "guest" c kch hot v khng c bo v bng mt
khu v cho php truy nhp h thng mt cch rng ri.
Mt s h iu hnh mi thng c nhng l hng bo mt truy nhp
internet hoc cc li lm cho h thng b cc xung t khng mong mun,
lm cho cc lnh khng hot ng bnh thng v nhiu vn khc na.
Khi bn mua mt h iu hnh mi, mt phn mm mi hoc mt thit b
phn cng mi, bn nn c k hoch kim tra mt cch nghim ngt chng
bo m tnh an ton v tin cy. Ngoi ra, nn kim tra cc tnh nng an
ton mc nh nh khon mc guest chc chn rng bn cu hnh chng
theo cch an ton nht. Nn ci t tt c cc bn v li hoc cc gi dch
v mi nht cho cc h thng mi ca mnh. Mt s ngi qun tr h
thng ch thch mua cc h thng mi ch sau 6 thng hoc mt nm chng
c mt trn th trng, tc l sau khi cc ngi dng khc s dng n
trong cc tnh hung c th, tm v thng bo cc li cho nh sn xut
sa cha chng.
Mt vn khc ny sinh l cc bn v li h thng c vi v
cng b trc khi chng c kim tra mt cch k lng. i khi mt
nh sn xut li thu hi li mt bn v li trn th trng ch sau mt thi
gian ngn ngi c cng b, bi v chng xut hin nhng vn mi.
Nu khng cp bch lm, tt nht ngi s dng nn ch cho n khi cm
22
thy chc chn rng khng c mt vn no ny sinh ri mi ci t bn

v li, ging nh lm vi cc phin bn h iu hnh mi.
i khi cc nh sn xut li cng b cc tnh nng an ton nhng li
rt d b b qua v n bt tin cho ngi dng. V d, vn c nhng h iu
hnh cho php ngi dng b qua giai on ng nhp. Mt s h iu
hnh trc y li cho php thit lp cc khon mc ngi dng mi m
khng yu cu t mt khu truy nhp.
1.4.5. Tn tht v li hay s bt cn ca con ngi.
Cc tnh nng an ton ca h iu hnh cng cha quyt nh nu
thiu ngi bit cch cu hnh v s dng chng. Mt h iu hnh c rt
nhiu tnh nng an ton, nhng nhng tnh nng ny s tr nn v ch nu
ngi dng khng bit cch thc hin hoc s dng chng mt cch ti
u. V d, cho d mt h iu hnh c tu chn yu cu ngi dng thay
i mt khu truy nhp ca h sau mt khong thi gian nht nh, nhng
mt cng ty li khng p dng iu . Hu qu l, sau mt thi gian nht
nh mi ngi c th trao i mt khu cho nhau, v d liu ca cng ty
c nguy c mt an ton vi nhng ngi chuyn i, nhng ngi bin
cht hoc nhng ngi sn tm thng tin b mt bn hay cho.
C rt nhiu l do dn n vic khng s dng y cc tnh nng an
ton, cc l do ny bao gm:
- Thiu o to, hiu bit v nhng tnh nng ny.
- Chn s tin li v d s dng hn l an ton.
- Thiu thi gian.
- Do chnh sch ca cc c quan, t chc.
- Khng kim tra nh gi thng xuyn.
- Thi quen lm vic theo mt cch nht nh.
23
C rt nhiu cch khc phc yu t con ngi trong vn bo

m an ton cho mt t chc. Chng hn, nn s dng cc h iu hnh
cho php t chc ci t cc chnh sch an ton trong h thng. V d,
ngi qun tr c th ci t mt chnh sch an ton yu cu ngi dng
thay i mt khu ca h sau mt khong thi gian l 45 ngy v yu cu
di mt khu ti thiu l 8 k t. Nu trong t chc s dng mt kt ni
internet khng an ton, th nn t chnh sch dch v th mc ngn chn
mt s ngi dng nht nh hoc tt c ngi dng s dng cc trnh
duyt internet.
Trin khai cc chnh sch an ton bng vn bn l mt cch khc bo
m ngi dng trong mt t chc bit c cc chnh sch ny v tm
quan trng ca chng. Cc thnh phn ca chnh sch an ton bng vn
bn c th c cu hnh trong h iu hnh v cc chnh sch an ton
phn mm mng. Ngoi ra, cc chnh sch an ton bng vn bn cn c
th c s dng thay th cc chnh sch hn ch s an ton trong mt
t chc.
o to l mt phng php khc c th gip ci thin nng lc v
s l ng ca con ngi. Vic o to lin quan n t nht 2 nhm ngi
trong mt t chc. o to cho cc nh qun tr h thng v qun tr mng
v cc cng c an ton v cch s dng chng nh cu hnh cc chnh sch
an ton. o to cho ngi dng v cc phng php an ton c bn m
h c th trin khai nh to mt khu an ton, m ho nhng tp nhy
cm.
Kim tra cc tnh nng an ton cng l mt cch nh gi cc yu
t v con ngi. Tt c cc h iu hnh v phn mm cn c kim tra
trc khi a cng b ra th trng. Mt s t chc dng mt i ng an
ton kim tra cc h thng. Cc t chc khc th trin khai h thng
my tnh kim tra s an ton ca h thng. Ngun gc ca hacker
chnh l mt chuyn gia my tnh thn thin ly vic c gng b gy cc h
24
thng tm ra cc l hng an ton cn phi sa cha, bo m rng

cc h thng v d liu c bo v.
1.5. Chi ph m bo an ton
C hai vn v chi ph lin quan n qu trnh bo m an ton:
- Mt l: Chi ph trin khai cc chc nng an ton.
- Hai l: Chi ph khi khng trin khai cc chc nng an ton.
Vic khng trin khai cc chc nng an ton c v tit kim c tin
(v d, c th dng ngi lm cc cng vic khc). Nhng trong thc t,
s th ng nh vy s lm chi ph tn hn nhiu so vi vic trin khai cc
chc nng an ton. Nu ngi s dng khng s dng cc bin php an
ton th s mt rt nhiu tin v d liu do mt h thng b hng hc hoc
do mt tn cng no vo h thng. Trong trng hp xu nht, vic
thiu an ton cng ng ngha vi vic mt ton b d liu ca mt cng
ty, dn n vic cng ty s ph sn.
Chi ph trin khai cc chc nng an ton bao gm:
- o to cc chuyn gia an ton.
- o to ngi dng.
- Chi ph thm cho cc h thng c cc tnh nng an ton.
- Mua cc cng c an ton th ba.
- Chi ph thi gian m cc chuyn gia m ngi dng s dng ci t v
cu hnh cc chc nng an ton.
- Th nghim cc chc nng an ton h thng.
- V l hng an ton trong h thng mt cch thng xuyn.
Chi ph trin khai cc chc nng an ton l mt thnh phn trong
ton b chi ph s hu mt h thng my tnh (TCO Total Cost of
Ownership). Gi tr TCO ca mt my tnh l tng chi ph s hu mng
v cc my tnh trong mng, bao gm: phn mm, phn cng, o to,
25
bo tr, an ton v cc chi ph h tr ngi dng. Cch gim chi ph

TCO l mua cc h thng c thit k lm vic cng nhau trong mt
mi trng cho php cu hnh nhanh hn, d dng hn. V d, ta c th ci
t v cu hnh t xa mt my Windows XP Professional t mt my
Windows 2003 Server. Windows 2003 Server cn c th ci t hng trm
chnh sch nhm (k c cc chnh sch an ton) qun l cc ng dng
khch (client) ca Windows XP Professional. iu ny l hon ton c th
v ta c th ci t Windows 2003 Server lm mt trung tm qun tr mng
thng qua Active Directory (l mt c s d liu v cc my tnh, ngi
dng, nhm, cc my in v th mc chia s, cc ti nguyn khc v v s
cc dch v mng v dch v qun tr). S dng phng php ny khng
nhng gip ta t ng ho vic ci t v cu hnh h iu hnh ca cc
my trm, m cn gip ta ci t v s dng cc phn mm ng dng ca
ngi dng.
Trn mt s mng, kinh ph hng nm qun tr mt my tnh ca
ngi s dng l trn 11000 USD. Bng cch s dng cc phng php t
ng ho, v d nh ci t phn mm v chnh sch nhm t xa, c th
gim c 2/3 tng s chi ph ny. Trong phng php ny, chi ph an ton
gim i rt nhiu, v cc chc nng an ton c cu hnh cng vi cc
tham s h thng khc. Trong hu ht cc trng hp vic cu hnh an ton
tp trung l r hn nhiu so vi vic b cc chc nng an ton hay ngi
dng t cu hnh h thng ca mnh.
26
CHNG II: CC PHN MM PH HOI

2.1. Phn loi cc phn mm ph hoi
Thut ng virus v phn mm ph hoi c s dng m t cc
phn mm my tnh gy nguy him n tnh ton vn ca d liu, qu trnh
truyn tin, h iu hnh hay mng my tnh. C mt s kiu phn mm
ph hoi sau:
- Virus.
- Su mng.
- Trojan horse.
- Spyware.
- Cc chng trnh khc gy nguy him n h thng hoc d liu.
Trong , virus, su mng v trojan horse l nhng chng trnh
nguy him nht. Ngi ta c tnh, hng nm cc cng ty v cc c nhn
phi chi ph hng t USD khi phc li cc h thng b ph hoi v
mua cc phn mm chng virus. Mc ch ca phn mm ph hoi l
mang li nhng phin phc cho ngi dng, ph hoi cc tp hay cc h
thng my tnh, v hiu ho cc chc nng thng dng ca my tnh v
mng. Trc khi tm cch chng li cc tn cng ny, ta nn tm hiu r
chng l ci g v cch thc ly lan nh th no.
2.1.1. Virus
Virus l mt chng trnh thng tr mt a hoc mt tp. Virus
c kh nng nhn bn v ly lan trn ton b h thng. Nu virus cha gy
ra nhng hu qu hu hnh, th ngi dng khng th nhn bit c s c
mt ca chng. Mt s du hiu nhn bit virus l: xut hin thng bo
l; pht hin mt s tp no b ph hoi; h iu hnh tr nn chm
chp, b xung t hoc khng th khi ng c. Mt s loi virus n
mnh trong mt khong thi gian v sau thc thi tc dng vo mt ngy
27
nh trc no . Mt s loi virus li nhim vo cc tp thc thi, cc tp

kch bn, cc macro, phn vng khi ng hay cc phn vng no ca
mt a. Mt s loi virus c np vo b nh v sau tip tc ly
nhim cc h thng, ging nh ly nhim t cc tp thc thi.
W32.Pinfi l mt v d v mt virus ly lan qua cc h thng v cc
a chia s. N c th xm nhp vo mt h thng thng qua mt dch v
khng c s dng (nh FTP hay Telnet), sau n gn vo mt tp.
Ngoi ra, n c th ly lan qua cc a chia s trn mng. W32.Pinfi tn
cng tt c cc phin bn ca h iu hnh Windows (t Windows 95 n
Windows XP). Khi ngi dng v tnh kch hot virus ny, trc tin n s
to ra mt danh mc trong Windows Registry sau ly lan thng qua
chng trnh Windows Explorer (Explorer.exe). Mi khi ngi dng chy
chng trnh Windows Explorer. W32.Pinfi s c gn vo cc tp thc
thi v cc tp macro c hin th trn ca s Windows Explorer, k cc
cc tp trong cc a mng hoc cc a chia s. di ca on m
m virus ny gn thm vo cc tp l 177,917 bytes. Theo thit k th
W32.Pinfi khng nhim tt c cc loi tp ny cng mt lc, m mi ln
n ch nhim mt s tp nht nh. W32.Pinfi cng khng c sc tn ph
nhiu, nhng n cng lm cho cc tp thc thi b nhim s hot ng
khng bnh thng na.
Virus INIT 1984 l mt v d v loi virus c sc tn ph ln, n
nhim cc h thng MAC OS. Virus ny nhn bn di dng tin trnh nn
nn ngi dng khng nhn bit c. Virus s gy hi khi ngi dng
thc thi tp b nhim ng vo th 6 ngy 13. Khi tn ph, virus INIT
1984 s i tn cc tp thnh cc k t ngu nhin v c th xo cc tp
trn cng.
Virus ly lan theo tng giai on sau:
- Giai on th nht: Virus thm nhp t mt mi trng (h thng) ny
sang mt mi trng (h thng) khc (thng qua cc a, e-mail hay cc
28
a chia s chng hn). Khi thm nhp c vo mt h thng, th mt

phn hay ton b virus c th c gn vo mt hoc nhiu tp, c lu
trong b nh, c ghi vo boot sector hay partition sector ca a cng
hoc ghi vo Registry ca cc h thng h nh Windows.
- Giai on th 2: Nhn bn (ly lan) trn h thng. V d, virus c th ly
lan t boot sector mi ln my tnh c khi ng hoc t mt tp thc
thi mi ln tp ny c thc hin. Ngoi ra, virus cng c th ly lan t
b nh hoc t Registry ca thng qua cc tham s cu hnh Registry ca
my tnh. Tc nhn bn ca virus nhanh hay chm tu thuc vo mc
ch ca ngi vit ra n, tt c u nhm gip cho virus pht huy tc
dng tt nht.
- Giai on th 3: li nhng du hiu trn h thng. Thng thng,
virus gn m ca n vo cui cc tp c chn, i tn cc tp, xo cc
tp hoc c 2. Mt virus li nhng du hiu d thy nh to nn nhng
ting bp hay mt thng bo bt ln nh Dont panic chng hn.
Virus c phn loi theo nhiu tiu ch khc nhau. Nu phn loi
virus theo cch chng nhim vo cc h thng, c cc loi virus nh sau:
- Boot sector (hoc partition sector): Nhim vo phn vng khi ng ca
mt h thng. Boot sector (hoc partition sector) l v tr u tin ca
a, lu gi m ca ngn ng my chu trch nhim khi ng h iu
hnh. Khi h thng c khi ng, virus s thc thi trc, thng thng
n t np mnh vo b nh. Cch m virus c th ly lan l thng qua a
mm, a CD b nhim.
- File infector: Nhim vo cc tp nh tp h thng, tp thc thi, tp iu
khin, cc tp h tr khc (v d, tp .dlls).
- Macro: Nhim vo cc tp macro (cha cc lnh hoc cc t hp phm,
gip cho vic truy nhp cc lnh hoc cc t hp phm mt cch nhanh
chng thng qua mt lnh hoc mt phm n l). Macro thng c s
29
dng trong cc ng dng ca Microsoft office nh: chng trnh x l vn

bn, bng tnh, c s d liu v cc chng trnh khc.
- Multipartile: C th nhim vo cc h thng thng qua rt nhiu phng
tin khc nhau, v d nh thng qua boot sector v qua cc tp thc thi.
Nu phn loi theo cch virus trnh b pht hin bng cc phn mm qut
virus, c cc loi virus sau:
- Amored: Mt virus c m rt kh gii m nn rt kh bit chnh xc
virus hot ng nh th no.
- Polymorphic: Mt virus c kh nng thay i sau mi ln nhn bn nn
rt kh chng li.
- Stealth: Mt virus c kh nng t phng v nn rt kh pht hin.
- Companion: Mt virus chy t mt tp khng phi l tp m n gn vo.
Nu phn loi theo kh nng ph hoi ca virus, c cc loi virus sau:
- Benign: Mt virus c th ly lan nhng khng gy hi cho my tnh. Mt
s virus benign ch th nghim kh nng nhn bn ca mt chng
trnh hay mt on m thc thi no . i khi nhng k tn cng s dng
loi virus ny th nghim m chng trnh ca mnh trc khi thc
hin cc tn cng tht. Ngoi ra, virus benign cn c s dng trong cc
phng th nghim vit hoc kim tra cc phn mm ngn chn virus.
Cho d loi virus ny l v hi nhng chng cng gy phin toi v lo ngi
cho ngi dng.
- Destructive: Mt virus c thit k xo hoc lm hng cc tp, dng
dng cng vic (workflow) bnh thng hoc gy ra cc vn cho ngi
dng my tnh hoc cc h thng mng.
2.1.2. Su mng
Su mng l mt chng trnh c th nhn bn trn cng mt my
tnh hoc c th t ly lan sang cc my tnh khc trn mt mng hoc
30
internet. Su mng thng ly lan thng qua cc phng php tn cng

nh: trn b m (buffer overflow), qut cng (port scanning), trn cng
(port flooding) v mt khu yu.
Su mng Code Red v Code Red II l cc v d v su mng s
dng tn cng trn b m ph hoi. C 2 phin bn ca Code Red u
nhm vo cc my ch Windows NT v Windows 2000 Server chy dch
v my ch Web (IIS) hay cc dch v ch mc (indexing service), cha v
cc l hng chng li su mng ny. Ngoi ra, Code Red cn li dng
mt s yu im trong cc cu hnh phn mm qun l router, cho php
su mng ny c th ly lan nhiu thm trn cc mng. Code Red nhn bn
vo 19 ngy u ca thng sau li dng. Cc phin bn trc y ca
loi su mng ny c thit k lm trn kt ni my ch ca nh trng
trn cng 80. Cng 80 l cng mc nh ca mt s phn mm my ch
Web, s dng n cc kt ni web t my khch.
Linux.Millen.Worm ly nhim cc h thng Linux chy trn cc my
tnh dng Intel hoc tng thch vi Intel. Su mng ny cng ly lan
thng qua tn cng trn b m. Thng qua tn cng trn b m, mt
on m khi to ca su mng ny s khi to mt tin trnh FTP trn h
thng ch (h iu hnh b tn cng), tin trnh ny s download v thc
hin tp mworm.tgz. Mworm.tgz l mt tp nn cha gn 50 tp. Ngoi
vic chim khng gian trn my tnh cc b, su mng ny cn s dng
mt phn ca cc tp mi tm kim cc my tnh khc tn cng.
ng thi, n m mt ca hu (back door) trn tt c cc my tnh n tn
cng thnh cng, cho php m khi to ca su mng truy nhp n tt c
cc my tnh . Ca hu (back door) l mt con ng b mt vo h iu
hnh dng trnh cc chc nng an ton ca h thng, v d ca hu c
th cho php truy nhp vo h thng thng qua mt chng trnh hay mt
dch v no . Mt h hng ca su mng Linux.Millen.Worm c tn l
Linux.Lion.Worm, su mng ny c th to ra rt nhiu ca hu trn mt
31
h thng v cung cp mt khu ca cc khon mc trn h thng m n

xm phm.
Su mng Digispid.B.Worm chuyn nhm vo cc h thng c s d
liu SQL server trn windows. N c thit k xm nhp vo h thng
thng qua khon mc SQL Administrator, do mt s phin bn ca SQL
server khng c mt khu mc nh cho khon mc ny. Ngoi ra, n cn
c kh nng truy nhp vo h thng khi khon mc SQL Administrator s
dng mt khu l sa. Khi xm nhp vo h thng s sinh ra cc tp
trong th mc \System32 ca th mc h thng (\winnt hoc \windows),
lm trn cng TCP hoc UDP 1433 (y l cng dch v SQL server) bng
cc yu cu gi. N cn c th thay i mt khu ca khon mc SQL
Administrator v gi mt khu mi ti mt a ch e-mail ca k tn cng
khi to su mng ny, do ngi qun tr tht khng th truy nhp
vo cc dch v c s d liu ca mnh.
2.1.3. Con nga t roa (Trojan horse)
Trojan horse l mt chng trnh c v hu ch v v hi, n khng
gy hi n my tnh ca ngi dng. Mt s trojan horse cng cho php
truy nhp ca hu n mt my tnh. Nhn b ngoi, trojan horse l mt
chng trnh hp dn, v d nh mt tr chi, mt chng trnh x l vn
bn, mt chng trnh mn hnh ch, nhng thc cht n cha ng
mt chng trnh c hi khc. Khi download mt chng trnh t trn
mng hay t internet, ngi dng khng th bit c s c mt ca trojan
horse trong chng trnh , v nghim nhin trojan horse c th ly lan
thm khi ngi dng chuyn cho bn b mnh thng qua cc a hay email.
Backdoor.Egghead l mt trojan horse nhm vo cc h thng
windows NT, windows 2000 v windows XP. Khi trojan horse ny hot
ng, n s to ra mt th mc mi c tn l Vchost trong th mc
\Winnt\System32 hoc \Windows\System32 v to ra cc tp ca n vo
32
th mc ny. Ngoi ra n cn to ra mt s tp trong th mc h thng

\Winnt hoc \Windows. giai on tip theo, trojan horse ny s thm cc
danh mc vo Registry cho php khi ng cc chng trnh ca n mi
khi h thng my tnh c khi ng. Mc ch ca trojan horse ny l
to ra mt ca hu k tn cng c th truy nhp vo my tnh nn nhn.
AOL4FREE l mt trojan horse m phin bn gc ca n c thit k
cho php ngi dng to cc khon mc AOL min ph, v tc gi ca n
b bt v nghim tr. Sau , nhiu k tn cng sa i n thnh mt
trojan horse ly lan qua e-mail v c th hot ng trn hu ht cc h iu
hnh. Khi hot ng, AOL4FREE s xo cc tp trn a cng.
Simpsons AppleScript Virus l mt trojan horse nhm vo cc h
thng MAC OS. Trojan horse ny thng c gi i bng mt e-mail li
ko cc fan ca hng hot hnh Simpsons download cc trch on ca
hng Simpsons. Khi ngi dng thc thi chng trnh nh km trong email, n s m mt trnh duyt web kt ni ti mt a ch (URL) gi v
gi cc e-mail n tt c cc a ch c trong danh b ca chng trnh email Entourage hoc Outlook Express.
Mt c im chung gia virus, su mng v trojan horse l chng thng
c ti ra t nhng v tr nht nh trong cc h iu hnh. Bng 2-1 tng
hp cc v tr thng thng m cc phn mm ph hoi ny c ti ra.
V tr
M t
Autoexec.bat
L mt trong cc tp t ng khi ng khi cc

h iu hnh windows hoc NetWare khi
ng. Chng trnh c tn trong danh sch cc
danh mc trong tp ny s c thc thi khi h
thng khi ng.
Bootloader program
Cc chng trnh np h iu hnh nh GRUB

(Grand United Bootloader), LILO (Linux
Bootloader) c s dng np nhn ca h
33
iu hnh.
Inittab_file
Tp ny c s dng trong cc h iu hnh

UNIX/Linux, c chc nng tng t tp
autoexec.bat ca windows.
Kernel
Trong linux v Mac OS, vi rt c th c gn

vo nhn hoc cc module trong nhn h iu
hnh. Chng s c kch hot khi ti np nhn
v cc module ca h iu hnh
win.ini
Thc thi khi khi ng bi h thng windows.

Cc chng trnh s c khi ng bi vic
thit lp:
the load= hoc the run=

Bng 2-1: Nhng xut pht im ca cc phn mm ph hoi
Hnh 2-1:Ni dung ca tp win.ini trong h iu hnh WinXP

2.1.4. Phn mm gin ip (Spyware)
Spyware l mt phn mm chy trn my tnh (ngi dng khng
nhn bit c s c mt ca n) sau n s gi thng tin v cc hot
34
ng ca my tnh nn nhn cho k tn cng hoc ngi qung co. i

khi Spyware khng cn ci t chy trn my tnh ca ngi dng m
n ch cn chn bt cc thng tin lin quan n cc trao i trn internet
ca ngi dng . Mt cch m Spyware c th c ci t trn my
tnh ca ngi dng l qua mt virus my tnh hoc mt trojan horse.
Ngoi ra, cc hng qung co v tip th c th cung cp cc phn mm
min ph, ngoi vic ci t mt chng trnh hp php, chng cn ci mt
Spyware kim sot vic s dng my tnh ca ngi dng. Trn
internet, mt s dng Spyware hot ng thng qua vic khai thc cc
cookies. Mt cookie l thng tin v mt web server c lu tr trn my
tnh khch.
Mt s dng Spyware c th chn bt cc cookie hoc cc thng tin
trong cc cookie do k iu hnh Spyware c th ti to li tt c cc
ng thi ca ngi dng trn internet. Kiu tn cng ny c gi l
cookie snarfing. Mt s cng c gi mo c chc nng cookie snarfing
l SpyNet v PeepNet. Cc cng c ny thng c dng kt hp vi
nhau, SpyNet c s dng chn bt thng tin mng lin quan n cc
cookie trong phin truy cp internet ca ngi dng, cn PeepNet c s
dng gii m tt c cc thng tin cookie, do k tn cng c th c th
phn tch chi tit chui cc hnh ng m ngi dng internet thc hin.
* Ch : Mt cch chng li tn cng cookie snarfing l v hiu ho
chc nng to cookie thng qua trnh duyt internet.
2.2. Cc phng php tn cng thng c s dng bi phn mm
ph hoi
Virus, su mng, trojan horse v cc phn mm ph hoi khc s
dng rt nhiu phng php khc nhau thc hin cng vic bn thu ca
chng v ly lan sang cc h thng khc. Phn ny s gii thiu cc
phng php m cc phn mm ph hoi thng c s dng tn
cng, cc phng php ny bao gm:
35
- Excutable methods.
- Boot and partition sector methods.
- Macro methods.
- E-mail methods.
- Software exploitation.
2.2.1. Cc phng php thc hin (Excutable methods)
Virus, su mng hay trojan horse c th thc thi l mt tp cha cc
dng m my c th chy c. Trong cc on m ny, mt s c
bin dch, cn mt s cha c bin dch do chng s dng trnh bin
dch trn my tnh nn nhn. V d, cc tp batch (tp l) v cc tp script
(kch bn) l cc tp cha cc on m hoc cc ch th c chy bi
trnh bin dch ca my tnh. Trnh bin dch s bin dch mt tp cha cc
ch th v thc thi chng, mi dng l mt ch th v qu trnh thc thi s
ln lt tng dng mt. Di y l danh sch cc tp thc thi v phn m
rng tng ng:
- .exe (c s dng trong cc h thng Windows v NetWare).
- .com (c s dng trong cc h thng Windows v NetWare).
- .bat (c s dng trong cc h thng Windows v NetWare).
- .bin (c s dng trong cc h thng Windows, NetWare v Mac OS).
- .btm (c s dng trong cc h thng Windows).
- .cgi (c s dng trong cc h thng Windows, UNIX/Linux, NetWare
v Mac OS).
- .pl (c s dng trong cc h thng UNIX/Linux v Mac OS).
- .cmd (c s dng trong cc h thng Windows v NetWare).
- .msi (c s dng trong cc h thng Windows).
- .msp (c s dng trong cc h thng Windows).
36
- .mst (c s dng trong cc h thng Windows).

- .vb v .vbe (c s dng trong cc h thng Windows v NetWare).
- .wsf (c s dng trong cc h thng Windows).
Bin dch song song mt virus thc thi l qu trnh nhim m ngun
hoc m thc thi ca cc chng trnh. Loi virus ny c th s dng cc
lnh sn c t dng lnh hoc t mt trnh son tho gn thm hoc
chn m c vo cc chng trnh, tp batch hay tp script. K thut ny
thng c thc hin rt tt khi s an ton trong kim sot truy nhp cc
kiu tp ny cn lng lo, cho php chng c th sa i cc tp mt cch
d dng.
2.2.2. Cc phng php tn cng Boot v Partition sector
Khi mt a mm c nh dng di dng mt a khi ng (boot
disk), th qu trnh nh dng s to ra mt phn vng khi ng (boot
sector) v tr u tin ca a. Trn cng th qu trnh to phn vng v
nh dng cng s to ra phn vng khi ng ch hoc phn vng khi
ng v tr u tin ca a. Phn vng khi ng cha bn ghi khi
ng ch (MBR), n l mt tp cc ch th c s dng tm v np h
iu hnh. Qu trnh khi to trnh khi ng t a bao gm cc qu trnh
sau:
1. My tnh tm MBR.
2. Cc ch th trong MBR cho php n nh v c phn vng khi ng
ch ca phn vng tch cc
3. Cc ch th (i khi cn c gi l boot loader) trong phn vng khi
ng ch s nh v v khi ng h iu hnh ca my tnh.
Cc virus Boot sector hay Partition sector thng nhim cc h thng
Windows v Unix (bao gm c h thng Mac OS). Mt virus Boot sector
hay Partition sector thng nhim v thay th cc ch th trong MBR hoc
Partition Boot Sector. Mt phng php khc l lm sai lch cc a ch
37
ca phn vng chnh c xc nh trong bng phn vng (partition table)

ca a. Hn na, nu dung lng ca virus ln hn dung lng b nh
c phn b cho boot sector, th virus c th di chuyn boot sector sang
mt v tr khc c dung lng ln hn (cha s dng), v d nh sang v tr
cui ca a. Khi b nhim, h thng s khng khi ng c hoc
virus c th gi cc on m b nhim kh ng cng vi h iu hnh v
ly lan sang cc a khc v sang cc boot sector ca cc a mm. Sau
khi nhim vo a mm, virus c th nhim sang boot sector ca cc
my tnh khc s dng a mm b nhim.
Thng thng, vic dit tr virus Boot sector hoc Partition sector
ng ngha vi vic to li MBR v cc ch th trong Partition Boot Sector.
Trn cc h thng Windows v NetWare s dng h thng file FAT, ta c
th s dng tin ch fdisk /mbr hoc cc lnh ca dos to li tp cc ch
th ny. Trn cc h thng Windows s dng h thng file NTFS, c rt
nhiu tin ch trn a ci t c th dng thay th MBR v cc ch th
ca Partition Boot Sector. Ngoi ra, trong h thng file NTFS ta cng c
th s dng lnh fixboot trong ca s khi phc (recovery console) sa
li boot sector hoc fixmbr sa li MBR.
2.2.3. Cc phng php tn cng dng Macro
Mt macro l mt on kch bn hay mt tp cc ch th hoc phm
tt c khi ng khi s dng tn ca macro hoc n mt phm trn bn
phm. Cc macro thng c s dng trong phn mm (v d nh cc
phn mm x l vn bng v bng tnh) v trong cc ngn ng lp trnh.
Cc phn mm s dng macro nhiu nht l cc phn mm Microsoft
Office, cc phn mm ny s dng tnh nng macro trong Visual Basic cho
cc ng dng ca n. V d, mt macro c th c vt t ng m mt
th mc v lu li mt vn bn word. Mt s macro c lp trnh thnh
cc phm, do mt chui cc phm phc tp c th c thc hin ch
bng mt phm n l.
38
Mt virus c th nhim mt macro v ly lan mi ln macro c s dng.

Mt cch thc hin iu ny l thng qua mt macro i km vi mt mu
ti liu (template) c s dng bi chng trnh x l vn bn hoc bng
tnh. Trong mt vn phng c rt nhiu ti liu c chia s, iu ny lm
cho virus c th ly lan sang mt my tnh mi mi ln ngi s dng m
mt ti liu b nhim. Mt cch khc virus ly lan qua cc macro l gn
n vo mt mu ti liu m nhiu ngi dng chia s v s dng, iu ny
cho php n c th ly lan mi ln mu ti liu ny c m ra trong mt
ti liu mi.
2.2.4. Cc phng php tn cng dng E-mail
Hu ht cc ngi dng e-mail hin nay u bit c rng virus, su
mng v trojan horse c th c gi i di dng cc ti liu nh km
trong e-mail. Mt trong cc virus macro rt ni ting l virus Melissa,
virus ny c gi i di dng mt tp nh km trong e-mail vi tiu
l Important Message From tn mt ngi dng no . Ni dung thng
bo trong e-mail l Here is that document you asked for dont show
anyone else. Khi ngi dng m ti liu nh km vi e-mail ny, virus
ny s gi mt e-mail vi cng ni dung ti 50 ngi u tin trong danh
sch cc a ch e-mail ca Microsoft Outlook. Virus Melissa khng ph
hu d liu, n chn thm mt dng c ni dung: Twenty-two points,
plus triple-word-score, plus fifty points for using all my letters. Games
over. Im outta here vo ti liu mang virus khi ti liu ny c m ra.
Virus Melissa bin th thnh mt virus e-mail ph hoi mi nh virus
Resume. y l mt virus macro c giu trong mt tp nh km c tn
l Explorer.doc v n c gi i vi tiu l Resume Janet
Simmons. Khi ti liu nh km c m ra v ng li, c 2 iu xy ra:
th nht l thng bo ny v tp nh km s c gi i cho tt c cc a
ch trong danh sch a ch ca Outlook; th 2 l mt s tp ca h iu
hnh v tp d liu s b xo khi a cng.
39
Ngy nay, Microsoft v cc hng phn mm khc cu hnh cc phn

mm (v d Microsoft Office) v hiu ho cc macro nu chng khng
c k bi mt ngun tin cy no (Trusted sources). Ch k s l mt
m c t trong mt tp kim tra tnh xc thc ca n bng cch
chng minh rng n bt ngun t mt ngun tin cy. Khi ngi dng m
mt ti liu c cha mt macro, ngi dng s nhn c mt cnh bo
rng macro b v hiu ho v macro ch c hiu lc i vi
nhng ti liu c gi t mt ngun tin cy. Hnh 2-2 gii thiu cch t
tnh nng an ton macro trong Microsoft Office 2003.
Hnh 2-2: t tnh nng an ton macro trong Microsoft Office 2003.
2.2.5. Khai thc li phn mm (Software exploitation)
Virus, su mng v Trojan horse u l nhng i din ca phn mm
ph hoi c th tm ra nhng im yu hay nhng l hng ca cc h iu
hnh v mng. Chng thc hin vic ny bng nhng chng trnh khai
thc li phn mm (software exploitation). Mc ch ca nhng chng
trnh ny l tm ra tt c cc im yu ca cc phn mm v h iu hnh.
Khai thc li phn mm thng nhm vo cc phn mm mi hoc cc
phin bn phn mm mi. Mt phin bn mi ca h iu hnh thng
c cc nh pht trin v kim nh vin kim tra v chy th hng
40
thng, nhng khi trin khai s dng trn thc t ngi ta vn pht hin
nhng yu im m qu trnh kim tra th nghim khng pht hin c.
Khi c mt phin bn mi ca h iu hnh, nhng k tn cng bt u
tm kim li trong cc dch v, ng dng, h thng v cc chc nng
thng c cc im yu nh:
- Cc dch v DNS.
- Cc dch v mi c pht trin hoc mi nng cp.
- Cc dch v v cc ng dng mng.
- Cc dch v v cc ng dng e-mail v truyn thng ip.
- Cc dch v v cc ng dng internet.
- Cc dch v truy nhp t xa.
- Cc h thng c s d liu.
- Kim sot li trn b m.
V d virus Linux.Millen.Worm (trnh by trong phn 2.1.2) s dng
li trn b m v dch v FTP (c 2 u thuc dng c nhiu l hng ph
bin). Virus Code Red v Code Red II cng s dng li trn b m tn
cng vo cc im yu trong cc my ch Web IIS ca Microsoft. Cc nh
sn xut lun tm kim thng tin v cc vn an ton trong cc phn
mm ca h. Nu pht hin c vn , ngay lp tc h to ra cc bn v li
(patch) v cc bn cp nht (update) cung cp cho ngi dng.
2.2.6. Cc phng php tn cng gia vo h tng mng
Tn cng vo li ca Web Server: Hu ht cc h thng thng tin u
a Web Server ln Internet nhm qung b, phc v khch hng hoc
nhn vin xa do khng th b qua hay nh gi thp nguy c ny.
y cng l nguy c ng hng th 2. Cc tin tc li dng nhng im
yu ca Web Server tn cng vo cc Web Site. Mt s im yu in
hnh c th lit k sau y:
41
- im yu lp trnh CGI: Hu ht cc Webserver, bao gm Microsoft IIS

v Apache u h tr cho lp trnh CGI t cung cp cc trang web
cho php tng tc vi cc chc nng nh ly d liu hay thm tra. im
yu lp trnh CGI l mt mc tiu ht sc li cun cho nhng k quy ry
bi h c th d dng nh v v hot ng vi nhng c quyn trn phn
mm webserver , khai thc nhng im yu ca chng trnh CGI
ph hoi c ch nhng trang web, nh cp thng tin th tn dng v c
vic ci t nhng phng thc cho cc ln tp kch khc trong tng lai.
Nhng ng dng Web server cng s b nhng im yu tng t khi c
xy dng bi nhng lp trnh vin thiu kin thc v cu th.
- Trn b m m rng ISAPI: Khi IIS c ci t, mt vi ISAPI m
rng cng c t ng ci t. ISAPI dng cho ng dng lp trnh dch
v giao din Internet, cho php ngi pht trin m rng kh nng s dng
DLL ca my ch ISS. Vi DLLs, nh idq.dll, cha cc li lp trnh m
chng c th to ra nhng li khng thch hp s kim tra. c bit, chng
khng ngn vic khng chp nhn cc chui nhp di. Nhng k tn cng
s gi d liu n cc DLL ny m chng bit cc b m s trn khi
tp kch v nh vy chng c th ly c quyn iu khin ca my ch
IIS.
Tn cng t chi dch v (39%): l mt kiu tn cng lm t lit cc
dch v trn h thng ch, c th bng cch gy xung t trn ton b h
thng. Kiu tn cng ny rt d thc hin v kh c th tm c mt gii
php hu hiu bo v h thng trc mt cuc tn cng DoS. Vn c
bn y l h iu hnh UNIX cho rng ngi dng lun c nhng hnh
ng thn thin. Cc cuc tn cng DoS thuc loi him c nht u s
dng k thut chim dng ng truyn. K tn cng s chim dng ht
bng thng ca mng lm vic no . iu ny c th c thc hin t
mng ni b, nhng ni chung cc hacker s thc hin vic ny t xa.
Cisco router cng c th b tn cng t chi dch v.
42
Tn cng lm trn b m: 32%. Trn buffer trn Server FTP IIS:

Tn cng bng cch lm trn buffer rt d c tin hnh trn cc server
FTP IIS (Internet Information Server) do chng rt nhy cm i vi
nhng tnh hung c th dn ti trn buffer, bng cch s dng lnh list
hacker c th h o vn server t xa. s dng c cu lnh ny, ngi
s dng cn phi c chng thc. Tuy vy, nhng ngi dng FTP v danh
cng c th s dng c n. iu quan trng l phi lun mt n kh
nng c th dn ti ri ro - to iu kin cho mt cuc tn cng DoS. Ri
ro s khng ngng tng ln nu ngi s dng c php t thi hnh
nhng on m chng trnh trn h thng trong khi ang c nguy c trn
buffer.
Tn cng xm nhp bng cc ngn ng script v mobile nh
ActiveX, Java, Java Script, VBS: 28%.
Tn cng da vo im yu ca giao thc: 23%.
- im yu ca giao thc SNMP c cng b rng ri nm 2001-2002.
Giao thc SNMP (The Simple Network Management Protocol) c s
dng rng ri theo di v qun l cc thit b kt ni mng t cc b
nh tuyn n my in, my tnh...SNMP s dng mt m ho chui cng
ng (community string) nh l c ch chng thc duy nht. S yu km
trong m ho xu, nhng cc chui cng ng c s dng trong
phn ln thit b SMNP l cng cng v mt s nh cung cp thit b mng
thng minh thay i chui thnh ring t cho nhiu thng tin nhy
cm hn. Nhng k tn cng c th s dng nhng im yu ny trong
SNMP cu trc li hoc tt thit b t xa. Xem xt thng tin qua SNMP
c th l ra mt khon ln cu trc mng ca bn, cng nh cc h thng
v dch v gn trn . Nhng k quy ri s dng nhng thng tin ny
nh cc mc tiu v ln k hoch tn cng. Lu : SNMP khng ch c
trong h thng Unix, tuy nhin nhng cng tc vin nhn thy rng nhng
cuc tn cng chnh vo im yu ny thng din ra trn cc h thng
43
Unix (vn khng c cu hnh SNMP cn thn). H cng cho rng y

khng l mt vn nghim trng vi h thng Windows.
- Dch v RPC (Remote procedure calls - gi th tc t xa) cho php cc
chng trnh trn mt my c th thc thi cc chng trnh khc trn my
khc. Chng c s dng rng ri thm nhp vo vo cc dch v
mng nh chia s tp tin NFS v NIS. Nhiu im yu gy ra bi nhng k
h trong RPC b li dng. C nhng bng chng cho thy rng phn ln
cc cuc tn cng t chi dch v din ra trong sut t nm 1999 n u
nm 2000 c thc hin thng qua cc im yu RPC trn my.
Tn cng da trn tnh km bo mt ca mt khu: 21%. Hu ht cc
h thng c thit k hin nay s dng mt khu nh mt phng n
phng v trc tip u tin v duy nht. Cc cng ty cn cho php truy cp
t xa qua ng in thoi m khng cn firewall. Nu nhng k tn cng
c c tn truy cp v mt khu th chng c th ung dung i vo h
thng. Hin nay vn cn kiu t mt khu mt cch rt u tr, d on
hoc s dng mt khu mc nh, thm ch l to ti khon vi mt khu
rng. Do vy, cn phi loi b tt c nhng mt khu d on, mt khu
mc nh hoc mt khu rng trong h thng ca bn. Thm vo , nhiu
h thng c ti khon gn sn hoc mc nh. Nhng ti khon ny thng
s dng cng mt mt khu trong qu trnh ci t phn mm. Nhng k
tn cng thng nhm ng nhng ti khon ny, bi l chng c bn
xm nhp bit rt r. Nh vy, bt k ti khon mc nh hay gn sn no
cng cn phi c xc nh v loi b khi h thng.
2.3. Bo v thng tin khi cc phn mm ph hoi
C rt nhiu cch bo v mt h iu hnh khi cc phn mm
ph hoi nh sau:
- Ci t cc bn cp nht (updates).
- Quan st cc dch v c kch hot khi h thng khi ng.
44
- S dng cc cng c qut phn mm ph hoi.

- S dng ch k s bo v cc tp h thng v cc tp iu khin.
- Sao lu d phng h thng v to a khc phc (khi phc disk).
- To v thc hin cc chnh sch c tnh t chc.
2.3.1. Ci t cc bn cp nht.
Vic ci t cc bn cp nht v cc bn v li (patches) l cch rt
hiu qu chng li cc tn cng trn mt h iu hnh. V d, u nm
2003 su mng Slammer tn cng thnh cng vo my ch c s d liu
SQL l do nhiu nh qun tr khng ci cc bn v li mi c thit k
ngn chn tn cng ny. Tt c cc h iu hnh nh Windows 2000,
Windows XP Professional, Windows Server 2003, Red Hat Linux,
NetWare v Mac OS X u cung cp rt nhiu cch ci t cc bn cp
nht v cc bn v lii.
* i vi cc h iu hnh Windows 2000, Windows XP Professional v
Windows Server 2003:
C 2 cch chnh ci t cc bn cp nht cho Windows 2000,
Windows XP Professional v Windows Server 2003 l chc nng
Windows Update v cc bn Service Pack. Windows Update c s dng
cho php truy nhp n cc bn v li c cng b thng xuyn, y
thng l cc bn v li an ton. Khi ta s dng Windows Update, chng
trnh ny s kt ni ti trang web cha cc bn cp nht ph hp vi h
iu hnh ca mnh. Sau khi kt ni c thc hin, ngi dng c th
chn cc tu chn qut h iu hnh xem nhng bn cp nht no
cha c ci t, sau khi qut xong h thng s ti v tt c cc bn v li
cn thiu.
Trong cc h iu hnh Windows 2000 Server v Windows 2000
Professional, th tu chn Windows Update thng xut hin trn menu
Start. i vi h iu hnh Windows XP Professional, c 2 cch thc
45
hin Windows Update. Cch th nht l click vo menu Start, chn All
Programs ri click vo Windows Update. Cch th 2 l click menu Start,
m ca s Help and Support Center v chn tu chn Windows Update
trong ca s .
Windows XP Professional v Windows Server 2003 cung cp giao
din Automatic Updates Setup Wizard, giao din ny c thit k nhc
nh ngi dng ti cc bn cp nht mi v hoc thm ch cn t ng ti
v my ca ngi dng. Cc tu chn trong giao din ny bao gm:
- Bt chc nng cp nht t ng.
- a ra mt thng bo nhc nh ngi dng khi c bn cp nht mi, sau
khi chng c ti v, giao din ny s cung cp tu chn ci t chng
ngay lp tc hoc ch mt khong thi gian sau .
- T ng tm cc bn cp nht mi, v nhc nh ngi dng ti chng v
ngy lp tc hoc mt lc khc.
- T ng ti cc bn cp nht mi v ci t chng theo mt thi gian
biu nh, v d nh vo 10 gi ti th 7 hng tun.
Cc bn Service Pack c thit k v cc l hng v an ton
cng nh cc vn nh hng n s n nh, hiu nng hay hot ng
ca cc chc nng no trong h iu hnh. Cc bn Service Pack c
cng b khng thng xuyn nh cc bn v li t Windows Update,
nhng n bao gm cc gi sa li chnh, cc tnh nng mi ca h iu
hnh v cc phin bn Service Pack trc . Sau khi ci t xong h iu
hnh Windows hay cc phn mm ca Microsoft nh Microsoft Office, ta
nn ti v ci t bn Service Pack mi nht xa xc li v v cc l
hng an ton. Ta c th ti cc phin bn Service Pack mi nht cho cc h
iu hnh v phn mm Microsoft khc nhau t a ch
www.microsoft.com/downloads.
46
Di y l nhng ch khi ci t cc phin bn Service Pack mi nht

cho cc h iu hnh Windows 2000, Windows XP Professional v
Windows Server 2003:
- Ti bn Service Pack mi nht t trang download ca Microsoft. Ngoi
ra, cc bn ny cn c th c cung cp trn a CD ring.
- c ti liu i km vi bn Service Pack . Ti liu ny lit k cc bc
ci t v cnh bo cc vn lin quan n qu trnh ci t Service
Pack.
- Nu my trm hoc my ch ang hot ng trong dy chuyn sn xut,
hy thc hin sao lu d phng y trc khi ci t.
- i vi cc my ch ang phc v cc client, hy xc nh thi gian
ci t Service Pack, v my ch cn c khi ng li trong qu trnh ci
t. Nn cnh bo cho cc client v vn ny.
- Sau khi Service Pack c ci t, hy ghi li ton b cc s c xy ra v
cch x l chng tin tham kho cho nhng ln ci t sau.
* i vi h iu hnh Red Hat Linux:
Red Hat cng b cc bn cp nht thng xuyn trn trang web
www.redhat.com. Red Hat Linux cng a ra thng bo nhc nh ngi
dng sau khi phin bn Red Hat Linux 9.x c ci t v ng k, mt
biu tng du chm than (!) s xut hin trong vng trn mu gn
ng h ca thanh tc v trn mn hnh ca Linux. y l cng c nhc
nh cnh bo mng ca Red Hat Linux. Biu tng du chm than c
ngha l cng c ny cha c cu hnh hoc ang c cc bn cp nht
cn ti v v ci t t trang web ca hng Red Hat. Khi cng c cnh bo
ny c biu din bng mt biu tng c 2 mi tn ngc chiu nhau
trong mt vng trn mu xanh th c ngha l cng c ny c cu
hnh v hin khng c bn cp nht mi no ti v.
Khi ta kch phi chut vo cng c ny, xut hin cc tu chn sau:
47
- Check for updates: Cho php ta kim tra cc bn cp nht trn web site
ca Red Hat (tu chn ny s b n khi ta cha cu hnh cho cng c cnh
bo).
- Launch up2date: c s dng ti v ci t cc bn cp nht cn
thiu.
- Configuration: c s dng cu hnh qu trnh ti v ci t cc bn
cp nht.
- RHN Web site: M trang trnh duyt mc nh kt ni vi web site ca
hng Red Hat.
- About: Cung cp cc thng tin v phin bn ca cng c cnh bo ang
s dng.
- Exit: Thot khi menu cc tu chn.
Cc bc c bn cu hnh cng c cnh bo ca Red Hat nh sau:
1. Kch phi chut vo biu tng du chm than trn thanh tc v gn
biu tng ng h, kch vo tu chn Configuration.
2. Kch chn Forward trong ca s Red Hat Alert Notification Tool.
3. Ca s tip theo cung cp cc thng tin v iu khon (Terms of Service
Information) v cung cp tu chn loi b biu tng du chm than
khi thanh tc v ca Linux. Ta nn biu tng ny trn thanh tc v
cp nht d dng hn. Kch chn Forward tip tc.
4. Nu ta s dng mt HTTP proxy, hy cu hnh n trong ca s tip theo
bng cch chn chc nng HTTP Proxy v cung cp cc thng tin xc
thc. Kch Forward tip tc.
5. Kch Apply kt thc.
Sau khi cng c cnh bo c cu hnh, kch vo biu tng du
chm than xem cc bn cp nht mi. Nu ta khng bit r c cng
c ny qut c ht cc bn cp nht hay khng, hoc nu ta mun
48
xem cc bn cp nht l g, hy kch phi chut vo biu tng v chn

Check for Updates. Kch vo biu tng ny mt ln na xem cc bn
cp nht. ci t cc bn cp nht, kch phi chut vo biu tng v
kch Launch up2date.
* i vi h iu hnh Netware:
Hng Novell lun duy tr mt phn h tr trn trang web ca hng,
cho php ta ti cc bn cp nht cho cc phin bn NetWare 6.x. Hy truy
nhp n phn h tr ca web site v sau chn mt lin kt tm cc
bn v li cho h iu hnh NetWare. Ta c th t cc bn cp nht cho cc
phin bn khc nhau ca NetWare v cho cc sn phm v dch v chuyn
dng, v d nh cc dch v cross-platform. Ta cng c th tm mt danh
sch cha cc thng tin vn tt v cc bn v li v cc cnh bo an ton.
Hng Novell cng cung cp cc gi h tr (consoliate support pack)
cho cc h iu hnh ca hng tng t nh cc gi Service Pack ca
Microsoft. Ta c th ti mt gi h tr di dng cc tp .iso gjo vo
a CD. Khi ta download mt gi h tr, ta cn phi ch n ngn ng
ci t v phin bn bit ph hp vi h iu hnh ang s dng (v d
phin bn 128 bit). Trc khi ta ti cc bn v li hoc cc gi h tr, ta
cn phi ng k sn phm ca mnh v to mt khon mc hp l trn
web site ca hng Novell. Ngoi ra, ta nn sao lu d phng h thng
trc khi ci t cc bn v li hoc cc gi h tr. Cui cng, ta cn nh
thi gian ci t, m bo rng khi ci t khng c client no ang kt
ni ti h thng.
2.3.2. Gim st qa trnh khi ng h thng
Mt cch pht hin nhng s c khi khi ng do cc phn mm
ph hoi gy ra trong phn vng khi ng l s dng mt ch ca h
iu hnh cho php theo di trn mn hnh nhng dch v h iu hnh
no ang khi ng hoc xem li nht k ca tin trnh ny, chng hn:
49
- Trong Windows 2000, Windows XP Professional v Windows Server

2003, ta c th theo di thng tin trn mn hnh hoc c bn ghi nht k
ca qu trnh khi ng sau khi h thng khi ng xong. Ta c th cu
hnh 2 tu chn ny trong trnh n Advanced Options khi khi ng my
tnh. truy nhp trnh n ny, khi mn hnh xut hin bng chn h iu
hnh trong qu trnh khi ng, ta n phm F8. Nu khng nhn thy trnh
n ny, ta phi n phm F12 ngay khi h thng bt u khi ng truy
nhp bng chn ri n phm F8. Trn mn hnh trnh n Advanced
Option, ta chn Safe Mode ( theo di qu trnh np, khi ng cc tp)
hoc chn Enable Boot Logging ( to mt bn ghi nht k). Nu ta chn
Safe Mode th sau khi khi ng xong, ta phi khi ng li h thng mt
ln na, v Safe Mode ch c dng pht hin s c. Nu ta cn
Enable Boot Logging , sau khi h thng chy, ng nhp bng mt khon
mc c c quyn qun tr, ri dng Notepad hay Wordpad m v c
ni dung tp nht k ntbtlog.txt trong th mc \Winnt (trong Windows
2000) hoc \Windows (trong Windows XP Professional v Windows
Server 2003).
- Red Hat Linux v NetWare s t ng hin th cc thng tin v qu trnh
np cc tp khi ng trn mn hnh mi ln nhng h thng ny c
khi ng.
2.3.3. S dng cc b qut phn mm c hi
S dng cc cng c qut phn mm ph hoi l mt cch hiu qu
bo v h iu hnh. Mc d chng c th qut h thng pht hin
virus, su mng v trojan horse, nhng chng thng c gi l cng c
qut virus.
Khi mua mt phn mm qut virus, ta cn ch n mt s tnh nng sau
y:
- Qut b nh v dit virus.
- Qut b nh mt cch lin tc.
50
- Qut a cng, mm v dit virus.

- Qut tt c cc nh dng tp, k c tp nn.
- Qut cc ti liu HTML v cc tp nh km qua e-mail.
- T ng chy theo mt thi gian biu do ngi s dng t.
- C tu chn chy nhn cng.
- Pht hin c phn mm ph hoi cng b hoc phn mm ph hoi
mi (cha c bit n).
- Cp nht c s d liu v cc loi phn mm ph hoi mi.
- Qut cc tp ti v t trn mng hoc t internet.
- S dng mt vng c bo v hoc c cch ly cha cc tp ti v
t ng qut chng mt ni an ton trc khi s dng chng.
V cc phn mm ph hoi cha c bit n, cc cng c qut c
th c to ra qut v ghi nh cu trc ca cc tp, c bit l cc tp
thc thi. Khi chng pht hin mt s lng bt thng, nh kch c ca
tp ln t t hoc mt thuc tnh ca tp b thay i, th cng c qut s
c cnh bo c th l mt phn mm ph hoi cha c bit n.
Trong trng hp ny, cng c qut c th thng bo cho ngi dng v
ch ra mt s cch gii quyt chng. Bng 2-2 gii thiu mt s phn
mm qut virus min ph hoc phn mm thng mi.
Phn mm
M t
AntiVir Software
S dng min ph trong cc h

iu hnh Windows
Central
AntiVirus
Command
Computer Associates eTrust
Vexira Phn mm thng mi chy trn

cc h iu hnh Unix/Linux v
Windows; bao gm c chc nng
cp nht virus
Min ph i vi mt my trm
51
n l; l phn mm thng mi
cho cc h thng Unix/Linux v
Windows
F-Secure Anti-Virus
Phn mm thng mi chy trn

cc h iu hnh Unix/Linux v
Windows; bao gm c chc nng
cp nht virus
HandyBits VirusScan

cc h iu hnh Windows; bao
gm c chc nng cp nht virus
McAfee VirusScan

cc h iu hnh Windows v Mac
OS; bao gm c chc nng cp
nht virus
Sophos Anti-Virus

cc h iu hnh Unix/Linux,
Macintosh, NetWare v Windows;
bao gm c chc nng cp nht
virus
Vcatch Basic
S dng min ph trong cc h

iu hnh Windows
Bng 2-2: Mt s phn mm qut virus
2.3.4. S dng ch k s cho cc tp iu khin v tp h thng

Trong Windows 2000, Windows XP Professional v Windows Server
2003, rt nhiu tp h thng v trnh iu khin thit b c gn ch
k s. iu ny gip bo v cc tp c khng b ghi bi cc tp mi.
Mt u im na ca vic dng ch k s l bo m tnh an ton ca h
thng bng cch ch cho php s dng cc tp h thng v cc trnh iu
khin thit b c xc nhn bi Microsoft.
52
Khi mt tp h thng hoc tp thit b c xc nhn bi Microsoft, th

mt ch k duy nht do Microsoft cp s c gn vo tp , y c
gi l qu trnh k. Sau khi ci t Windows 2000, Windows XP
Professional hoc Windows Server 2003, ta c th t ch cnh bo khi
mt trnh iu khin thit b khng c k, hoc ch b qua, khng
cn quan tm n c c k hay khng. Ch cnh bo c gn mc
nh, do nu trnh iu khin thit b m ta ci t cha c k, th h
thng s a ra thng bo, nhng ta vn c th quyt nh c ci t trnh
iu khin thit b hay khng.
Khi thit lp h thng yu cu s dng ch k s cho cc tp h
thng v trnh iu khin thit b, c 2 c ch bo v c thit lp, l:
- Mi khi ci t mt tp h thng hoc mt trnh iu khin thit b mi,
th h iu hnh s kim tra xem n c k hay cha.
- Nu v mt l do g (v d do virus) m mt tp h thng hay mt
trnh iu khin thit b li, th khi h iu hnh khi ng li, n s thay
th tp bn mt phin bn chy tt (last known good) c lu gi
trong th mc h thng sao lu d phng.
2.3.5. Sao lu h thng v to cc a sa cha
Sao lu d phng h thng l rt quan trng bo v h thng do
li a, mt mt d liu hay do phn mm ph hoi. Nu ta sao lu d liu
m sau h thng b nhim mt m c ph hoi cc hay xo cc tp, th
ta c th khi phc li c cc tp hay ton b h thng. Tt c cc h
iu hnh c cp trong gio trnh ny u c cc c ch sao lu d
phng.
Ngoi vic sao lu d phng, mt s h iu hnh cn cho php ta
to mt a khi ng (boot disk) hoc mt a khi phc (repair disk)
dng trong cc trng hp mt tp h thng no b xung t v h
thng khng thng khng th khi ng c. Nhng a ny gip ta khi
53
ng my tnh bng cc tp ca h iu hnh t a mm hoc a CD,

hoc s dng a khi phc khi phc li cc tp h thng.
* To a khi phc khn cp trong Windows 2000:
Sau khi ci t Windows 2000 Server hoc Windows 2000
Professional, ta c th to mt a khi phc khn cp (emergency repair
disk - ERD) sa cc li pht sinh cho h thng, v d xung t cc tp
h thng. Hy ln k hoch to a khi phc khn cp mi khi ta ci t
mt phn mm mi, thay i cu hnh h thng, ci t mt card mi,
phn vng li a hay nng cp h iu hnh. Ta c th to mi hoc cp
nht ERD bt c lc no sau khi ci t Windows 2000 Server bng cch
khi ng Backup Wizard v kch chn nt Emergency Repair Disk, cc
bc thc hin nh sau:
1. Chn Start Programs Accessories System Tools ri kch chn
Backup.
2. a a mm c nh dng vo a mm.
3. Kch chn Emergency Disk v kch chn OK.
4. Kch chn OK mt ln na v ng ca s Backup li.
s dng a khi phc khn cp, thc hin cc bc sau:
1. Nu my tnh h tr khi ng t a CD-ROM Windows 2000 Server
th a n vo a. Nu khng, a a mm Windows 2000 c dn nhn
Setup Disk 1 v khi ng t n.
2. Shutdown v tt my.
3. Bt my tnh, v chn chc nng khi ng t a CD hoc a mm.
Nu khi ng t a mm, hy lm theo hng dn trn mn hnh a
a 2 vo a.
4. Trn mn hnh Welcome to Setup, n phm R khi phc.
54
5. Trn mn hnh tip theo, n phm R mt ln na s dng a khi

phc khn cp thc hin khi phc.
6. a a khi phc khn cp vo a.
7. C 2 tu chn ta c th theo: mt l n phm M ta c th t chn cc
tu chn khi phc; hoc n phm F thc hin tt c cc tu chn khi
phc.
8. Sau khi chn xong, theo cc ch dn trn mn hnh sa li.
9. Khi ng li my tnh.
To b khi phc h thng t ng
i vi cc my tnh chy Windows XP Professional hoc Windows
Server 2003, ta c th to mt b khi phc h thng t ng (Automated
System Recovery ASR) s dng trong cc trng hp h thng b li.
B ASR bao gm 2 thnh phn: mt bn lu tt c cc tp h thng
(khong trn 1,5 MB) v mt bn lu cc cu hnh ci t h thng
(khong 1,44 MB). ASR khng sao lu cc tp d liu ng dng.
Ta c th to mt b ASR mi mi khi thay i cu hnh h thng
nh thm mt giao thc hoc ci t mt trnh iu khin thit b mi cho
giao din mng chng hn. Ta c th s dng chng trnh Backup trong
Windows XP Professional v Windows Server 2003 to mt b ASR,
cc bc to c thc hin nh sau:
1. Chn Start Programs Accessories System Tools ri kch chn
Backup.
2. Khi xut hin Backup (hoc Restore) Wizard, kch chn lin kt
Advanced Mode.
3. Kch chn nt Automated System Recovery Wizard.
55
4. Khi Automated System Recovery Preparation xut hin, kch nt Next.

Thay i ng dn ti a CD-R hoc bng t m ta s dng. Hy a
a CD-R hoc bng t vo a.
5. Kch chn Next.
6. Kch chn Finish ghi d liu d phng vo a CD-R hoc bng t.
7. Ta s thy hp thng tin v Automated System Recovery v sau l
hp thoi hin th qu trnh copy cc tp.
8. Khi c yu cu, a a mm trng nh dng vo v kch OK.
9. B a mm, a CD-R hoc bng t ra khi ri kch OK.
10. ng ca s Backup.
Khi cn s dng ASR khi phc d liu, thc hin cc bc sau:
1. a a CD ci t h iu hnh vo a.
2. Khi ng li my tnh.
3. Khi mn hnh hin th tu chn s dng ASR, n phm F2 khi bt u
qu trnh ci t.
4. a a cha ASR vo a.
5. Theo cc ch dn trn mn hnh sa li.
To a khi ng trong Red Hat Linux
Ta c th to mt a khi ng trong Red Hat Linux khi ng
h iu hnh t a mm trong trng hp mt tp h thng b li. Ta c
th to a khi ng bc cui cng khi ci t h iu hnh hoc s
dng lnh dng mkbootdisk. Cc bc thc hin nh sau:
1. ng nhp vi khon mc root hoc s dng lnh su chuyn sang t
cch ngi dng root.
2. Trn ca s dng lnh, g cd /lib/modules v n Enter chuyn vo
th mc modules.
56
3. G uname -r v n Enter xem s hiu phin bn ca kernel.

4. a a mm vo .
5. G lnh mkbootdisk device /dev/fd0 <s hiu phin bn ca kernel> v
n Enter.
2.3.6. To v ci t cc chnh sch ca t chc
Cc t chc c th bo v h thng ca h bng cch ban hnh cc
chnh sch s dng cc h thng my tnh. Mt phng php hiu qu nht
bo v l o to ngi dng thng qua cc chnh sch ca t chc.
Mt s t chc thnh lp cc u ban an ton my tnh thc hin ban hnh
cc hng dn an ton. Cc t chc khc th li o to ngi dng ri
mi pht trin cc chnh sch da trn nhng ni dung o to.
Cc chnh sch ca h thng c tc dng tt nht khi ngi dng
c tham gia vo xy dng chng, lm cho h bit r c tm quan
trng ca an ton. o to v cho ngi dng tham gia vo u ban chnh
sch an ton l 2 cch bo m rng ngi dng cm thy chnh bn
thn h l nhng nhn t trong vic xy dng h thng an ton mnh. Mt
u im ca vic gn ngi dng theo cch ny l nu ngi dng hiu
c bn cht ca cc mi e do v an ton, h s khng lm tri cc n
lc bo m an ton. Con ngi chnh l im yu d tn cng nht trong
mt t chc. Nhng k tn cng s vn dng tt c cc k nng giao tip
x hi, c bit l thng qua e-mail v trojan horse li dng nhng s
h ca ngi dng. K nng giao tip x hi (social engineering), lin
quan n cc tn cng trong my tnh, cp n vic s dng mi tng
tc gia con ngi ginh quyn truy nhp vo mt h thng hoc ph
hoi h thng. Nhng mi tng tc ny c th l gi mt e-mail c tiu
hp dn hoc cha mt tp nh km trng c v li cun. Nhng tng
tc ny c th l thc hin nhng cuc in thoi gi mo - thu thp cc
thng tin gip ngi gi c th truy nhp vo khon mc ca ngi dng
chng hn. Cc t chc c th t bo v h trc nhng k nng giao tip
57
x hi nh vy bng cch cnh bo ngi dng phi cnh gic, trnh s h

bo v cc h thng v mng.
Mt chnh sch ca mt t chc c th tp trung vo mt s vn
sau:
- o to cho ngi dng v cc k thut an ton.
- o to cho ngi dng v cc phn mm ph hoi.
- Yu cu ngi dng phi qut cc a mm, a CD bng cc phn
mm qut virus trc khi s dng chng.
- Thit lp cc chnh sch quy nh nhng phng tin no t bn ngoi c
th mang c vo h thng v cch s dng chng nh th no.
- Thit lp cc chnh sch ngn chn ngi dng t ci t cc phn
mm ring ca h.
- Thit lp cc chnh sch gim thiu hoc ngn chn ngi dng ti v
cc tp v yu cu ngi dng phi qut virus i vi cc tp ny.
- To mt vng ring ngi dng cch ly cc tp c ngun gc khng
r rng qut chng trc khi s dng.
- Qut virus trn e-mail v trn cc tp nh km.
- Loi b cc tp nh km t e-mail l hoc khng tin cy.
2.3.7. Thit lp tng la
L im c chai kim sot v theo di. Cc mng lin kt vi
tin cy khc nhau, buc c hn ch trn cc dch v ca mng. Chng hn,
vn chuyn phi c giy php. Kim tra v kim sot truy cp, c th ci
t cnh bo cc hnh vi bt thng.
Mt cch vn tt, tng la (firewall) l h thng ngn chn vic truy
nhp tri php t bn ngoi vo mng. Tng la thc hin vic lc b
nhng a ch khng hp l da theo cc quy tc hay ch tiu nh trc.
Tng la c th l h thng phn cng, phn mm hoc kt hp c hai.
58
Nu l phn cng, n ch bao gm duy nht b nh tuyn (router). B

nh tuyn c cc tnh nng bo mt cao cp, trong c kh nng kim
sot a ch IP (IP Address l s a ch ho nh ngha cc trm
(host) trong lin mng). Quy trnh kim sot cho php bn nh ra nhng
a ch IP c th kt ni vi mng ca bn v ngc li. Tnh cht chung
ca cc tng la l phn bit a ch IP hay t chi vic truy nhp khng
hp php cn c trn a ch ngun.
Cc dng tng la
Mi dng tng la khc nhau c nhng thun li v hn ch ring.
Dng ph bin nht l tng la mc mng (Network-level firewall). Loi
tng la ny thng da trn b nh tuyn, v vy cc quy tc quy nh
tnh hp php cho vic truy nhp c thit lp ngay trn b nh tuyn.
M hnh tng la ny s dng k thut lc gi tin (packet-filtering
technique) l tin trnh kim sot cc gi tin qua b nh tuyn. Khi
hot ng, tng la s da trn b nh tuyn m kim tra a ch ngun
(source address) hay a ch xut pht ca gi tin. Sau khi nhn din xong,
mi a ch ngun IP s c kim tra theo cc quy tc do ngi qun tr
mng nh trc. Tng la da trn b nh tuyn lm vic rt nhanh do
n ch kim tra lt trn cc a ch ngun m khng h c yu cu thc s
no i vi b nh tuyn, khng tn thi gian x l nhng a ch sai hay
khng hp l. Tuy nhin, bn phi tr gi: ngoi tr nhng iu khin
chng truy nhp, cc gi tin mang a ch gi mo vn c th thm nhp
mt mc no trn my ch ca bn.
Mt s k thut lc gi tin c th c s dng kt hp vi tng la
khc phc nhc im ni trn. a ch IP khng phi l thnh phn
duy nht ca gi tin c th "mc by" b nh tuyn. Ngi qun tr nn p
dng ng thi cc quy tc, s dng thng tin nh danh km theo gi tin
nh thi gian, giao thc, cng... tng cng iu kin lc. Tuy nhin, s
59
yu km trong k thut lc gi tin ca tng la da trn b nh tuyn

khng ch c vy.
Mt s dch v gi th tc t xa (Remote Procedure Call - RPC) rt
kh lc mt cch hiu qu do cc server lin kt ph thuc vo cc cng
c gn ngu nhin khi khi ng h thng. Dch v gi l nh x cng
(portmapper) s nh x cc li gi ti dch v RPC thnh s dch v gn
sn, tuy nhin, do khng c s tng ng gia s dch v vi b nh
tuyn lc gi tin, nn b nh tuyn khng nhn bit c dch v no
dng cng no, v th n khng th ngn chn hon ton cc dch v ny,
tr khi b nh tuyn ngn ton b cc gi tin UDP (cc dch v RPC ch
yu s dng giao thc UDP User Datagram Protocol). Vic ngn chn tt
c cc gi tin UDP cng s ngn lun c cc dch v cn thit, v d nh
DNS (Domain Name Service dch v t tn vng). V th, dn n tnh
trng "tin thoi lng nan".
Tng la da trn ng dng/ca khu ng dng
Mt dng ph bin khc l tng la da trn ng dng (applicationproxy). Loi ny hot ng hi khc vi tng la da trn b nh tuyn
lc gi tin. Ca khu ng dng (application gateway) da trn c s phn
mm. Khi mt ngi dng khng xc nh kt ni t xa vo mng chy
ca khu ng dng, ca khu s ngn chn kt ni t xa ny. Thay v ni
thng, ca khu s kim tra cc thnh phn ca kt ni theo nhng quy tc
nh trc. Nu tho mn cc quy tc, ca khu s to cu ni (bridge)
gia trm ngun v trm ch.
Cu ni ng vai tr trung gian gia hai giao thc. V d, trong mt
m hnh ca khu c trng, gi tin theo giao thc IP khng c chuyn
tip ti mng cc b, lc s hnh thnh qu trnh dch m ca khu
ng vai tr b phin dch.
u im ca tng la ca khu ng dng l khng phi chuyn tip
IP. Quan trng hn, cc iu khin thc hin ngay trn kt ni. Sau cng,
60
mi cng c u cung cp nhng tnh nng thun tin cho vic truy nhp
mng. Do s lu chuyn ca cc gi tin u c chp nhn, xem xt, dch
v chuyn li nn tng la loi ny b hn ch v tc . Qu trnh
chuyn tip IP din ra khi mt server nhn c tn hiu t bn ngoi yu
cu chuyn tip thng tin theo nh dng IP vo mng ni b. Vic cho
php chuyn tip IP l li khng trnh khi, khi , cracker (k b kho)
c th thm nhp vo trm lm vic trn mng ca bn.
Hn ch khc ca m hnh tng la ny l mi ng dng bo mt
(proxy application) phi c to ra cho tng dch v mng. Nh vy mt
ng dng dng cho Telnet, ng dng khc dng cho HTTP, v.v..
Do khng thng qua qu trnh chuyn dch IP nn gi tin IP t a ch
khng xc nh s khng th ti my tnh trong mng ca bn, do h
thng ca khu ng dng c bo mt cao hn.
Mc tiu ca tng la
Mt trong nhng mc tiu chnh ca tng la l che chn cho mng
ca bn khi "tm nhn" ca nhng ngi dng bn ngoi khng c
php kt ni, hay ch t cng khng cho php h "nhm" ti mng. Qu
trnh ny thc thi cc ch tiu lc b do ngi qun tr n nh.
Trn l thuyt, tng la l phng php bo mt an ton nht khi
mng ca bn c kt ni Internet. Tuy nhin, vn tn ti cc vn xung
quanh mi trng bo mt ny. Nu tng la c cu hnh qu cht ch,
tin trnh lm vic ca mng s b nh hng, c bit trong mi trng
ngi dng ph thuc hon ton vo ng dng phn tn. Do tng la
thc thi tng chnh sch bo mt cht ch nn n c th b sa ly. Tm li,
c ch bo mt cng cht ch bao nhiu, th tnh nng cng b hn ch by
nhiu.
Mt vn khc ca tng la tng t nh vic xp trng vo r.
Do l ro chn chng kt ni bt hp php nn mt khe h cng c th d
dng ph hu mng ca bn. Tng la duy tr mi trng bo mt, trong
61
n ng vai tr iu khin truy nhp v thc thi s bo mt. Tng

la thng c m t nh ca ng ca mng, ni xc nhn quyn truy
nhp. Tuy nhin iu g s xy ra khi n b v hiu ho? Nu mt k thut
ph tng la c pht hin, cng c ngha "ngi v s" b tiu dit v
c hi sng st ca mng l rt mng manh.
V vy trc khi xy dng tng la, bn nn xem xt k v tt nhin phi
hiu tng tn v mng ca mnh.
Tng la rt d b ph?
L thuyt khng chng minh c c khe h trn tng la, tuy
nhin thc tin th li c. Cc cracker nghin cu nhiu cch ph tng
la. Qu trnh ph tng la gm hai giai on: u tin phi tm ra dng
tng la m mng s dng cng cc loi dch v hot ng pha sau n;
tip theo l pht hin khe h trn tng la - giai on ny thng kh
khn hn. Theo nghin cu ca cc cracker, khe h trn tng la tn ti
l do li nh cu hnh ca ngi qun tr h thng, sai st ny cng khng
him khi xy ra. Ngi qun tr phi chc chn s khng c bt trc cho d
s dng h iu hnh (HH) mng no, y l c mt vn nan gii.
Trong cc mng UNIX, iu ny mt phn l do HH UNIX qu phc
tp, c ti hng trm ng dng, giao thc v lnh ring. Sai st trong xy
dng tng la c th do ngi qun tr mng khng nm vng v TCP/IP.
Mt trong nhng vic phi lm ca cc cracker l tch cc thnh
phn thc ra khi cc thnh phn gi mo. Nhiu tng la s dng "trm
hy sinh" (sacrificial hosts) - l h thng c thit k nh cc server Web
(c th sn sng b i) hay by (decoys), dng bt cc hnh vi thm
nhp ca cracker. By c th cn dng ti nhng thit b ngy trang phc
tp nhm che du tnh cht tht ca n, v d: a ra cu tr li tng t h
thng tp tin hay cc ng dng thc. V vy, cng vic u tin ca
cracker l phi xc nh y l cc i tng tn ti tht.
62
c c thng tin v h thng, cracker cn dng ti thit b c

kh nng phc v mail v cc dch v khc. Cracker s tm cch nhn
c mt thng ip n t bn trong h thng, khi , ng i c
kim tra v c th tm ra nhng manh mi v cu trc h thng.
Ngoi ra, khng tng la no c th ngn cn vic ph hoi t bn
trong. Nu cracker tn ti ngay trong ni b t chc, chng bao lu mng
ca bn s b b kho. Thc t xy ra vi mt cng ty du la ln: mt
tay b kho "tr trn" vo i ng nhn vin v thu thp nhng thng tin
quan trng khng ch v mng m cn v cc trm tng la.
Cc th h tng la
Mt tng la l mt gateway mng, n p dng cc quy tc bo mt
cho tt c cc kt ni peer-to-peer. Tng la cn phi to ra mt ng
bin gii bao quanh mt hay nhiu mng m n bo v v phi c cu
hnh tr thnh mt pho i vng chc. N s xem xt, x l tt c cc
gi tin da trn chnh sch bo mt mng (l mt tp hp cc quy tc an
ton, cc phng php x l lm vic trn cc kt ni vo v ra mt
mng my tnh). Thng thng, tt c cc dng d liu trao i gia bn
trong v bn ngoi cn phi c m bo i qua server firewall, nh vy
n mi c th kim tra c mi gi tin i qua.
Hu ht cc tng la u cho php kim tra v gim st cc kt ni.
Chng s ghi chp li chi tit nguyn nhn v hon cnh pht sinh cc hot
ng kim tra kt ni. V sau, khi c ci thin v mt cng ngh, cc
tng la cn c th kim tra nhiu thng tin hn trong cc gi tin, s
dng nhiu thut ton kim tra tinh vi hn, lu tr nhiu thng tin trng
thi hn v c th kim tra cc gi tin nhiu tng mng hn. Cha ht,
cng ngh tng la cn c th cho php ghi li chi tit hn kt qu ca
vic kim tra cc gi tin, da vo , qun tr vin c th mau chng pht
hin c nhng vn bt n trong mng my tnh nh t cu hnh cha
tt,
63
- Tng la lc gi tin
Tng la lc gi tin (packet filter firewall) l cng ngh tng la

th h u tin phn tch lu lng mng tng giao vn (transport
protocol layer). Mi gi tin IP s c kim tra xem liu n c tho mn
mt quy tc no trong tp cc quy tc khng. Tp cc quy tc ny c
a ra xc nh gi tin no c i qua, gi no khng da vo thng
tin cha trong phn header thuc tng internet v tng giao vn cng nh
l hng di chuyn ca gi tin (t trong ra ngoi hay ngc li).
Cc b lc gi tin cho php can thip vo vic trao i d liu (cho
php hoc cm) da vo vic kim sot:
- Giao din mng vt l m gi tin i qua.
64
a ch IP ngun.
a ch IP ch.
Loi giao thc s dng trn tng giao vn (TCP, UDP, ICMP).
Cng ngun tng giao vn.
Cng ch tng giao vn.
Cc b lc gi tin ni chung khng hiu c cc giao thc trn tng

ng dng c s dng trong cc gi tin trao i qua li. Do chng
phi lm vic da vo mt tp hp cc lut (rule set) c lu trong nhn
TCP/IP (TCP/IP kernel). Tp hp lut ny bo m cho b lc gi tin thc
hin mt hnh ng tng ng no i vi bt k gi tin no tho mn
nhng yu t nhc n trn.
Hnh ng ny c th l t chi (deny) hay chp nhn (permit)
gi tin. C 2 danh sch, danh sch t chi v danh sch chp nhn, u
c lu tr ti nhn. c th c nh hng ti ch mt cch chnh
xc, mt gi tin cn phi vt qua c mt k kim tra da trn c 2
danh sch chp nhn v t chi. Ngha l gi tin phi c chp
nhn, ng thi n cng khng b t chi. i vi mt vi b lc gi tin
c tch hp trong thit b router, s vic li din ra theo cch khc.
nhng b lc ny, gi tin ch c kim tra da vo mt danh sch, nu n
khng b t chi c ngha l n c chp thun. c th hiu c cc
quy tc lc, bn cn phi bit quan im v bo mt (security stance) trong
phn cng nh tuyn.
Thng thng cc b lc gi tin thc hin mt tp hp cc lnh nhm
kim tra s hiu cng ngun v cng ch TCP hoc UDP (cc giao thc
trn tng giao vn). Vic kim tra ny nhm xc nh xem liu c tn ti
mt quy tc t chi hay chp nhn i vi cc cng ny khng. Tuy nhin,
i vi cc gi tin ICMP, do khng c s hiu cng nn cc b lc kh c
th p dng c chnh sch kim tra ny. c th p dng mt cch
hiu qu chnh sch bo mt i vi cc gi tin ICMP, b lc gi tin cn
phi lu gi cc bng trng thi (state table) chc chn rng mt host
65
bn trong va mi yu cu mt thng ip phn hi ICMP. y l im

khc bit chnh gia cc b lc gi tin n gin v cc b lc gi tin ng.
Do cc b lc gi tin c thit k cho tng mng (tng IP - tng 2
trong m hnh 4 mc TCP/IP), nn ni chung chng khng bit cch x l
thng tin trng thi trn cc tng cao hn, nh tng ng dng. Cc b lc
tinh vi hn c kh nng nhn ra cc gi tin IP, TCP, UDP v ICMP. Bng
cch s dng mt b lc gi tin c kh nng lc cng TCP/UDP, bn c
th cho php cc kt ni thuc mt loi no (kt ni TCP, UDP) c
thit lp ti cc my tnh xc nh trong khi cm kt ni thuc cc loi
khc ti cng nhng my tnh cng nh l cm cc kt ni tng t ti
cc my tnh khc.
Vic kim tra mt gi tin c tin hnh theo th tc sau:
- Nu khng c quy tc no tng ng c tm thy, gi tin b
loi b
- Nu c mt quy tc tng ng c tm thy cho php kt ni,
kt ni peer-to-peer c thit lp
- Nu c mt quy tc tng ng c tm thy t chi kt ni,
gi tin b loi b
Do loi tng la ny khng kim tra d liu thuc tng ng dng

ca gi tin v khng theo di trng thi ca cc kt ni nn n c lit
vo loi km an ton nht trong cng ngh tng la. N cho php gi tin
i qua m khng cn kim tra k lng. Tuy nhin, bi v n thc hin t
thao tc kim tra hn nn tc x l rt nhanh v lun c tch hp
trong cc gii php phn cng v d nh cc router IP.
Cc tng la lc gi tin thng nh li a ch IP ngun ca cc
gi tin chng c v nh l c sinh ra t nhng host khc bn ngoi
ch khng phi l t host bn trong. Qu trnh ti thit lp a ch gi tin
ny c gi l bin dch a ch mng (network address translation). Bin
dch a ch mng nhm mc ch che giu m hnh mng v h thng cc
a ch trong mng tin cy.
66
Tng la da trn cng ngh lc gi tin c mt s u im sau:

B lc gi tin ni chung nhanh hn cc cng ngh tng la khc
bi v chng thc hin t thao tc kim tra hn. Chng cng d dng c
trin khai nh l gii php phn cng.
Ch mt quy tc ring l cng c th bo v c ton mng bng
cch cm cc kt ni gia mt a ch IP xc nh ti cc my tnh bn
trong.
Cc b lc gi tin khng yu cu cc my khch phi c cu hnh
c th, chng lm tt c mi vic.
Bng cch kt hp vi vic bin dch a ch mng, bn c th s
dng cc tng la lc gi tin che khng cho ngi s dng bn ngoi
bit cc a ch IP thc bn trong mng.
Ngoi ra, cc tng la lc gi tin cng c nhng nhc im sau:
Cc b lc gi tin khng hiu cc giao thc trn tng ng dng,
chng khng th hn ch c truy cp n cc dch v thm ch rt c
bn nh FTP. Chnh bi l do ny m chng tr nn km an ton hn so
vi cc tng la mc ng dng v mc giao vn.
Cc b lc gi tin khng lu tr thng tin trng thi . Hu nh khng
c kh nng xem xt thng tin bn trong mt gi tin.
Khng a ra cc chc nng m rng nh lu tr i tng HTTP,
lc URL v chng thc bi chng khng hiu c cc giao thc c s
dng.
Khng th kim sot c nhng thng tin no t bn trong c
php i qua kt ni ti cc dch v trn server tng la. Cc b lc gi
tin ch kim sot c nhng thng tin no c th i n n m thi. Do
, k xm nhp c th truy cp n cc dch v trn server tng la.
Khng sinh ra cc s kin kim tra v khng c c ch cnh bo.
67
Rt kh kim tra tnh ng n ca cc quy tc chp nhn v

t chi.
- Tng la mc giao vn
Tng la mc giao vn (circuit level firewall) l cng ngh tng
la th h th 2 cho php xc nh mt gi tin c th l mt yu cu kt
ni, mt gi d liu thuc mt kt ni hoc l mt mch o (virtual circuit)
tng giao vn gia 2 my.
lm cho mt phin lm vic tr nn hp l, tng la xem xt
mi thit lp kt ni chc chn rng kt ni c thit lp theo mt
phng thc bt tay (handshake) hp l c s dng trn tng giao vn
(ch duy nht giao thc bt tay 3 chiu TCP c s dng rng ri). Cc
gi d liu khng c chuyn i cho n khi vic bt tay c hon
thnh. Tng la lu gi bng cc kt ni hp l (bao gm ton b trng
thi phin lm vic v thng tin v th t) v cho php cc gi tin cha d
liu i qua nu thng tin cha trong chng ph hp vi mt bn ghi trong
bng (virtual circuit table). Khi kt thc mt kt ni, bn ghi ca n trong
bng b xo i v mch o tng giao vn gia 2 my ng li.
Khi mt kt ni c thit lp, tng la s lu tr li cc thng tin
sau:
- ID phin lm vic (duy nht) ca kt ni, c dng cho mc
ch duyt kt ni.
- Trng thi kt ni: handshake, established hay closing.
- Thng tin v th t kt ni.
- a ch IP ngun (d liu i ra t y).
- a ch IP ch (d liu i vo y).
- Giao din vt l mng m gi tin khi vo phi i qua.
- Giao din vt l mng m gi tin khi ra phi i qua.
S dng cc thng tin ny, tng la c th kim tra header trong cc

gi tin xc nh xem my tnh gi c c php gi d liu cho my
68
tnh nhn khng v my tnh nhn c c php nhn cc d liu

khng.
Cc tng la mc giao vn ch c th nhn bit c mt loi gi
tin - gi tin TCP. Ging nh cc b lc gi tin, tng la mc giao vn p
dng mt tp hp cc quy tc c lu tr nhn TCP/IP.
Tng la mc giao vn khng kim tra k lng cc gi tin trc
khi cho chng i qua do vic a ra mt dng trng thi kt ni hn ch.
Ch c nhng gi tin gn vi mt kt ni ang tn ti l c i qua tng
la. Khi nhn c mt gi tin yu cu thit lp kt ni, tng la s kim
tra da vo cc quy tc ca n xc nh xem liu kt ni c c cho
php khng. Nu kt ni c cho php, mi gi tin gn lin vi kt ni
ny c nh tuyn i qua tng la (theo tuyn c xc nh trong
bng nh tuyn trn server tng la) m khng cn phi kim tra g thm
na. Phng thc ny gip tng tc v hn ch c thao tc kim tra
trng thi.
Cc tng la ny c th thc hin thm cc thao tc kim tra
m bo gi tin khng phi l gi mo v d liu cha trong phn header
thuc tng giao vn tun theo mt chun ca giao thc thuc tng ny.
Cc tng la mc giao vn cng thng nh li a ch cho cc gi
tin sao cho chng c v nh c sinh ra t tng la ch khng phi l t
mt host bn trong. Nh ni trn, qu trnh ny c gi l bin dch
a ch mng v bi v tng la mc giao vn lu li cc thng tin v mi
phin lm vic nn chng c th nh x mt cch chnh xc cc phn hi
t bn ngoi n host bn trong tng ng.
Tng la mc giao vn c cc u im sau:
- Nhanh hn so vi tng la mc ng dng do thc hin t thao
tc kim tra hn.
- Mt tng la mc giao vn c th bo v cho ton b mng
bng cch cm cc kt ni gia mt a ch Internet bn ngoi
vi cc my tnh bn trong.
69
- Bng cch kt hp vi vic bin dch a ch mng, bn c th

s dng cc tng la mc giao vn che khng cho ngi
s dng bn ngoi bit cc a ch IP thc bn trong mng.
Ngoi ra cn mt s nhc im sau:
- Khng th kim sot c cc kt ni da trn cc giao thc khc
ngoi TCP.
- Khi c nhu cu th khng th tin hnh vic kim tra cht ch
mt giao thc tng cao hn.
- Kh nng sinh ra cc s kin kim tra cn b hn ch, nhng li
gn cht gi d liu vi mt giao thc tng ng dng bng
vic a ra cc dng thc trng thi phin lm vic hn ch.
- Khng a ra cc chc nng b sung nh lu tr cc i tng
HTTP, lc URL v chng thc
- Kh c th kim tra cc quy tc chp nhn v t chi
- Tng la mc ng dng
Tng la mc ng dng l cng ngh tng la th h th 3, n
kim tra tnh ng n d liu thuc tng ng dng trong cc gi tin trc
khi cho php kt ni. Tng la ny xem xt d liu trong tt c cc gi
tin thuc tng ng dng v lu tr ton b trng thi v cc thng tin v
th t. Ngoi ra, n cn kim tra tnh hp l ca cc thng s bo mt
khc ch c tng ng dng nh l mt khu ngi dng v cc yu cu
dch v.
Hu ht cc tng la mc ng dng bao gm c phn mm ng
dng c chuyn bit ho (specialized application software) v cc dch
v u nhim (proxy services). Dch v u nhim l cc chng trnh
chuyn dng (special-purpose program) dng qun l lu lng thng
tin i qua tng la i vi tng dch v c th nh HTTP hay FTP. Cc
dch v u nhim cn phi c xc nh c th i vi mi loi giao thc,
ng thi chng h tr cho vic kim sot truy cp tng cng, kim tra
k lng, chi tit tnh hp l ca d liu v lu tr thng tin kim tra
lung d liu m chng truyn i.
Mi u nhim ng dng yu cu phi c 2 thnh phn hot ng
trong mt th thng nht: mt server u nhim (proxy server) v mt client
70
u nhim (proxy client). Server u nhim hot ng ging nh mt server

u cui i vi tt c cc yu cu kt ni n t mt my client thc (real
client) trong mt mng tin cy. iu ny c ngha l tt c cc kt ni gia
ngi dng bn trong vi Internet u thng qua server u nhim ch
ngi dng khng c php kt ni trc tip vi cc server trn Internet.
Mt ngi dng bn trong (client) gi mt yu cu kt ni vi mt dch v
bn ngoi (FTP, HTTP, Telnet) ti server u nhim, server u nhim s
nh gi yu cu ny v quyt nh cho php hay khng da vo mt tp
cc quy tc. Do server u nhim c th hiu c giao thc gn vi dch
v m n ang xem xt, nn n s ch cho php cc gi tin tun theo chun
giao thc i qua. Ngoi ra, server u nhim cn c cc kh nng m
rng nh lu li chi tit thng tin kim tra phin lm vic, chng thc
ngi dng
Client u nhim l mt phn trong mt ng dng ngi dng, n
thay mt client thc giao tip vi server thc trong mng bn ngoi. Khi
client thc yu cu mt dch v, server u nhim kim tra yu cu ny da
trn cc quy tc c xc nh trc, v n s quyt nh c cho php hay
khng. Nu chp thun yu cu, server u nhim s gi yu cu n
client u nhim. Sau , client u nhim s thay mt client thc lin lc
vi server thc (do mi c cm t u nhim) v tin hnh chuyn cc
yu cu t server u nhim n server thc v chuyn cc phn hi theo
chiu ngc li. Tng t nh vy, server u nhim chuyn tip cc yu
cu v cc phn hi gia client u nhim v client thc.
Cc dch v u nhim khng bao gi cho php cc kt ni trc tip
v chng bt buc tt c cc gi tin phi c kim tra v lc trnh cc
gi tin khng thch hp. Thay cho vic kt ni trc tip vi dch v thc,
ngi dng kt ni ti server u nhim (bi v gateway ngm nh ca
ngi dng l server u nhim trn tng la). i vi giao tip theo
chiu ngc li gia dch v thc v ngi dng cng tng t nh vy.
Cc proxy kim sot tt c cc kt ni gia ngi dng v dch v tht.
71
Mt dch v u nhim nm gia ngi dng bn trong v dch v

thc trn mng bn ngoi v trong sut. C ngha l ngi dng ngh rng
h ang lin lc trc tip vi dch v thc. Cn dch v thc cng ngh
rng n lin lc trc tip vi ngi dng trn server u nhim (ch khng
phi l lin lc trc tip vi my tnh thc s ca ngi dng).
Cc dch v u nhim c t phn u ngn xp mng (network
stack) ca host tng la v ch hot ng trong khng gian ng dng
(application space) ca h iu hnh. Do , mi gi tin cn phi c
thng qua cc giao thc mc nhn trc khi n phn stack trn khng
gian ng dng cc proxy kim tra k lng cc header v d liu trong
n. Sau , gi tin phi quay tr li vng khng gian nhn ri li tr v
ngn xp c truyn i. Bi v mi gi tin trong mt phin lm vic
u l i tng x l trong qu trnh ny nn cc dch v u nhim hot
ng kh chm.
Ging nh tng la mc giao vn, tng la mc ng dng c th
tin hnh kim tra thm m bo mt gi tin khng phi l gi mo v
tng la ny cng thng xuyn thc hin vic bin dch a ch mng.
Cc dch v u nhim c mt vi u im chnh sau:
- Cc dch v u nhim hiu v lm cho cc giao thc mc cao
(nh HTTP v FTP) tr nn c hiu lc.
- Cc dch v u nhim lu gi thng tin v cc kt ni i qua
server tng la. Chng c th lu li tng phn thng tin
trng thi kt ni, ton b thng tin trng thi ng dng v
thng tin tng phn v phin lm vic.
- Cc dch v u nhim c th c dng t chi truy cp n
cc dch v mng no , trong khi vn cho php truy cp n
cc dch v mng khc
- Cc dch v u nhim cng c kh nng kim sot tt d liu
trong cc gi tin.
- Cc dch v u nhim khng cho php kt ni trc tip gia
server bn ngoi vi cc my tnh bn trong, do tn cc
my tnh ny khng b l ra ngoi. Ni cch khc cc dch v
u nhim che giu a ch IP bn trong khng l ra ngoi.
72
- Bi v cc hot ng l trong sut nn cc proxy khin cho

ngi dng ngh rng h vn ang giao tip trc tip vi cc
server bn ngoi ch khng phi l qua proxy.
- Cc dch v u nhim c th nh tuyn cc dch v bn trong
cng nh l cc yu cu t ngoi vo trong (v d, chng c
th nh tuyn cc dch v n mt server HTTP trn mt my
tnh khc).
- Cc dch v u nhim c th h tr cc chc nng b sung nh
lu tr cc i tng HTTP, lc URL, v chng thc ngi dng.
- Cc dch v u nhim c kh nng sinh cc thng tin kim tra,
cho php ngi qun tr nhn ra nhng hnh ng xm hi n
cc chnh sch bo mt ca tng la.
Cc dch v u nhim cng c mt s nhc im sau:
- Cc dch v u nhim i hi phi thay th ngn xp mng sn
c trn server tng la.
- Bi v cc server u nhim nghe trn cng mt cng vi cc
server mng nn khng th sp nhp server mng vi server
tng la.
- Cc dch v u nhim gy ra nhng khong tr (performance
delays). Cc d liu i vo phi c x l 2 ln, bi ng dng
v bi proxy ca ng dng (v d, ng dng e-mail Internet
giao tip vi tc nhn e-mail u nhim (proxy e-mail agent),
sau n lt mnh, tc nhn e-mail u nhim ny li giao
tip vi ng dng e-mail trong mng LAN).
- Ni chung, phi c proxy cho tng giao thc m bn mun
ghp vo tng la v do s lng cc dch v mng sn c
v tnh kh chuyn ca chng s b gii hn.
- Tng la mc ng dng khng th h tr cc proxy UDP, RPC
v cc dch v khc da trn cc h giao thc ph bin.
- Cc dch v u nhim thng i hi vic lp cu hnh p dng
cho cc client.
- Cc dch v u nhim rt d b tn thng do cc li h iu
hnh v cc li mc ng dng. Hu ht cc tng la lc gi
tin khng hon ton tin tng vo cc c ch m h iu hnh
h tr, tuy nhin chng li rt tin tng vo cc driver thit
b Cn cc tng la mc ng dng li i hi h iu hnh
phi h tr c th hot ng chnh xc, c th k ra y cc
h tr v NDIS, TCP/IP, WinSock, Win32 v th vin C chun.
Nu nh mt li no xut hin trong bt k mt th vin
no n cng c th c nhng nh hng tiu cc n c ch
bo mt ca tng la
73
- Tng la mc ng dng gim st cc thng tin v gi tin

mng c trong cc tng thp. Nu nh ngn xp mng hot
ng thiu chnh xc th mt s thng tin c c nh cc li
gi n cc hm chun c tng la s dng tin hnh
kim tra s b sai lc, ly v d nh li gi n hm
getpeeraddress() call.
- Cc proxy c th c nhng yu cu thm v password hoc l cc
th tc xc nhn khc. iu ny lm tng tr v khin ngi
dng cm thy bt tin.
- Tng la lc gi tin ng
Tng la lc gi tin ng l cng ngh tng la th h th t. N
rt hu ch i vi giao thc UDP. Giao thc ny thng c s dng i
vi cc yu cu thng tin c gii hn v cc truy vn trn tng ng dng.
Tng la ny hot ng bng cch gn tt c cc gi tin UDP i qua
vnh ai bo mt (security perimeter) vi mt kt ni o. Nu mt gi tin
phn hi c gi tr li ni yu cu, th mt kt ni o s c thit lp
v gi tin c server tng la chp nhn. Thng tin gn vi kt ni o s
c ghi nh trong mt khong thi gian ngn, v nu nh khng nhn
c gi tin phn hi no trong khong thi gian ny th kt ni o s tr
nn khng hp l.
Tng la lc gi tin ng cng c nhng u v nhc im ging
vi tng la th h th nht, ngoi tr vic n khng cho php cc gi tin
UDP ngoi mun (unsolicited UDP packets) i vo mng. Ch cn c
mt gi tin yu cu UDP c sinh ra bn trong mng v c gi n
mt host khng tin cy no bn ngoi server tng la s cho php tt
c cc gi tin c v nh l cc gi tin phn hi c truyn n ni gi
yu cu. Gi tin phn hi c php i qua phi cha mt a ch ch ph
hp vi a ch ngun yu cu, mt cng ch trn tng giao vn ph hp
vi cng ngu yu cu v phi cng mt loi giao thc tng giao vn
Chc nng ny rt hu ch i vi nhng giao thc trn tng ng
dng chng hn nh Domain Name System (DNS) chng c th hot
ng m khng b vnh ai an ton ca bn cn tr. Mt server DNS phi
74
a ra cc yu cu n cc server DNS khc trn Internet nhn c

thng tin v a ch ca cc host m n khng bit. Nhng server DNS ny
c th a ra cc yu cu s dng kt ni TCP hay kt ni UDP o.
Mt tng la lc gi tin ng cng c th c s dng nhm h
tr cho giao thc ICMP. ICMP c s dng kim tra hot ng kt ni
mng, vic kim tra ny c tin hnh bng cch gi i 1 cp gi tin gia
2 host, mt gi tin yu cu v mt gi tin phn hi. Do server tng la c
th cho php mt phn hi i qua n mt host bn trong, nn host bn
trong ny c th da vo bit c liu c tn ti mt host bn ngoi
no m n cn tm khng.
Cu hnh tng la
75
76
CU HI V BI TP THC HNH
Cu 1: Hy trnh by nh ngha v phn loi cc phn mm ph hoi?
Cu 2: Hy trnh by cc phng php tn cng thng c s dng bi
cc phn mm ph hoi?
Cu 3: Hy nu cc gii php phng chng cc phn mm ph hoi?
Cu 4: Thc hnh qut v dit cc phn mm ph hoi s dng b phn
mm Synmantec Antivirus.
Cu 5: Thc hnh to cc a khi ng v a khi phc khn cp cho cc
h iu hnh Windows 2003 server v linux.
77
CHNG III: AN TON BNG CCH DNG

MT M
An ton h iu hnh v an ton mng ging nh tr chi mo vn
chut, vi mt bn c giu i, cn mt bn c tm li n. Cc chuyn
gia my tnh ang tip tc pht trin cc phng php mi che giu
thng tin gi n b mt trc nhng k tn cng. ng thi, nhng k
tn cng cng pht trin nhng phng php mi chng li cc n lc
ca cc chuyn gia my tnh. Ngy nay, cc nh ton hc v cc chuyn
gia my tnh pht minh ra rt nhiu k thut m ho chng li vic truy
nhp thng tin bt hp php. Ngoi ra, c rt nhiu k thut xc thc cng
c s dng bo m s chng ta ang trao i thng tin vi ngi ta
mong mun ch khng phi l mt k tn cng.
3.1. M c in
M ho c in l phng php m ho n gin nht xut hin u
tin trong lch s ngnh m ho. Thut ton n gin v d hiu. Nhng
phng php m ho ny l c s cho vic nghin cu v pht trin thut
ton m ho i xng c s dng ngy nay. Trong m ho c in c hai
phng php ni bt l:
- M ho thay th
- M ha hon v
Mi m c in u l m i xng m chng ta s xt trong phn sau.
3.1.1. M i xng.
3.1.1.1. Cc khi nim c bn
Mt m i xng s dng cng mt kha cho vic m ha v gii
m. C th ni m i xng l m mt kho hay m kha ring hay m
kho tha thun.
78
y ngi gi v ngi nhn chia s kho chung K, m h c th

trao i b mt vi nhau. Ta xt hai hm ngc nhau: E l hm bin i
bn r thnh bn m v D l hm bin i bn m tr v bn r. Gi s X
l vn bn cn m ha v Y l dng vn bn c thay i qua vic m
ha. Khi ta k hiu:
Y = EK(X)
X = DK(Y)
Mi thut ton m c in u l m kho i xng, v thng
tin v kha c chia s gia ngi gi v ngi nhn. M i xng l
kiu duy nht trc khi pht minh ra kho m cng khai (cn c gi l
m khng i xng) vo nhng nm 1970. Hin nay cc m i xng v
cng khai tip tc pht trin v hon thin. M cng khai ra i h tr m
i xng ch khng thay th n, do m i xng n nay vn c s
dng rng ri.
Sau y ta a ra nh ngha mt s khi nim c bn v m ha.
1. Bn r X c gi l l bn tin gc. Bn r c th c chia nh
c kch thc ph hp.
2. Bn m Y l bn tin gc c m ho. y ta thng xt
phng php m ha m khng lm thay i kch thc ca bn r, tc l
chng c cng di.
3. M l thut ton E chuyn bn r thnh bn m. Thng thng
chng ta cn thut ton m ha mnh, cho d k th bit c thut ton,
nhng khng bit thng tin v kha cng khng tm c bn r.
4. Kho K l thng tin tham s dng m ho, ch c ngi gi v
ngui nhn bit. Kha l c lp vi bn r v c di ph hp vi yu
cu an ton.
79
5. M ho l qu trnh chuyn bn r thnh bn m, thng thng

bao gm vic p dng thut ton m ha v mt s qu trnh x l thng
tin km theo.
6. Gii m chuyn bn m thnh bn r, y l qu trnh ngc li
ca m ha.
7. Mt m l chuyn ngnh khoa hc ca Khoa hc my tnh nghin
cu v cc nguyn l v phng php m ho. Hin nay ngi ta a ra
nhiu chun an ton cho cc lnh vc khc nhau ca cng ngh thng tin.
8. Thm m nghin cu cc nguyn l v phng php gii m m
khng bit kho. Thng thng khi a cc m mnh ra lm chun dng
chung gia cc ngi s dng, cc m c cc k thm m cng nh
nhng ngi pht trin m tm hiu nghin cu cc phng php gii mt
phn bn m vi cc thng tin khng y .
9. L thuyt m bao gm c mt m v thm m. N l mt th
thng nht, nh gi mt m mnh hay khng, u phi xt t c hai
kha cnh . Cc nh khoa hc mong mun tm ra cc m hnh m ha
khi qut cao p ng nhiu chnh sch an ton khc nhau.
80
3.1.1.2. Cc yu cu.
Mt m i xng c cc c trng l cch x l thng tin ca thut
ton m, gii m, tc ng ca kha vo bn m, di ca kha. Mi lin
h gia bn r, kha v bn m cng phc tp cng tt, nu tc tnh
ton l chp nhn c. C th hai yu cu s dng an ton m kho
i xng l
1. Thut ton m ho mnh. C c s ton hc vng chc m bo
rng mc d cng khai thut ton, mi ngi u bit, nhng vic thm m
l rt kh khn v phc tp nu khng bit kha.
2. Kho mt ch c ngi gi v ngi nhn bit. C knh an ton
phn phi kho gia cc ngi s dng chia s kha. Mi lin h gia
kha v bn m l khng nhn bit c.
3.1.1.3. Mt m
H mt m c c trng bi cc yu t sau
- Kiu ca thao tc m ho c s dng trn bn r:
1. Php th - thay th cc k t trn bn r bng cc k t khc
2. Hon v - thay i v tr cc k t trong bn r, tc l
hin hon v
thc
cc k t ca bn r.
3. Tch ca chng, tc l kt hp c hai kiu thay th v hon v cc
k t
ca bn r.
- S kho c s dng khi m ha: mt kho duy nht - kho ring hoc
hai kho - kho cng khai. Ngoi ra cn xem xt s kha c dng c
nhiu khng.
- Mt c trng ca m na l cch m bn r c x l, theo:
81
1. Khi - d liu c chia thnh tng khi c kch thc xc nh

v p dng thut ton m ha vi tham s kha cho tng khi.
2. Dng - tng phn t u vo c x l lin tc to phn t u ra
tng ng.
3.3.1.4. Thm m.
C hai cch tip cn tn cng m i xng.
1. Tn cng thm m da trn thut ton v mt s thng tin v cc
c trng chung v bn r hoc mt s mu bn r/bn m. Kiu tn cng
ny nhm khai ph cc c trng ca thut ton tm bn r c th hoc
tm kha. Nu tm c kha th l tai ha ln.
2. Tn cng duyt ton b: k tn cng tm cch th mi kha c th
trn bn m cho n khi nhn c bn r. Trung bnh cn phi th mt
na s kha mi tm c.
Cc kiu tn cng thm m.
- Ch dng bn m: bit thut ton v bn m, dng phng php thng k,
xc nh
bn r.
- Bit bn r: bit thut ton, bit c bn m/bn r tn cng tm kha.
- Chn bn r: chn bn r v nhn c bn m, bit thut ton tn cng
tm kha.
- Chn bn m: chn bn m v c c bn r tng ng, bit thut ton
tn cng
tm kha.
- Chn bn tin: chn c bn r hoc m v m hoc gii m tung ng,
tn cng
tm kha.
82
3.1.1.5. Tm duyt tng th (Brute-Force)

V mt l thuyt phng php duyt tng th l lun thc hin c,
do c th tin hnh th tng kho, m s kho l hu hn. Phn ln cng
sc ca cc tn cng u t l thun vi kch thc kho. Kha cng di
thi gian tm kim cng lu v thng tng theo hm m. Ta c th gi
thit l k thm m c th da vo bi cnh bit hoc nhn bit c
bn r.
Sau y l mt s thng k v mi lin h gia di kha, kch thc
khng gian kha, tc x l v thi gian tm duyt tng th. Chng ta
nhn thy vi di kha t 128 bit tr ln, thi gian yu cu l rt ln,
ln n hng t nm, nh vy c th coi phng php duyt tng th l
khng hin thc.
3.1.1.6. an ton.
C th phn lai an ton thnh hai kiu nh sau:
- An ton khng iu kin: y khng quan trng my tnh mnh nh th
no, c th thc hin c bao nhiu php ton trong mt giy, m ho
khng th b b, v bn m khng cung cp thng tin xc nh duy
nht bn r. Vic dng b m ngu nhin mt ln m dng cho d liu
m ta s xt cui bi ny c coi l an ton khng iu kin. Ngoi ra
cha c thut ton m ha no c coi l an ton khng iu kin.
- An ton tnh ton: vi ngun lc my tnh gii hn v thi gian c hn
(chng hn thi gian tnh ton khng qu tui ca v tr) m ho coi nh
khng th b b. Trong trng hp ny coi nh m ha an ton v mt tnh
ton. Ni chung t nay v sau, mt thut ton m ha an ton tnh ton
c coi l an ton.
3.2. Cc m th c in thay th
C hai loi m c in l m thay th v m hon v (hay cn gi l
dch chuyn).
83
M thay th l phng php m tng k t (nhm k t) trong bn r c

thay th bng mt k t (mt nhm k t) khc to ra bn m. Bn nhn
ch cn thay th ngc li trn bn m c c bn r ban u.
M hon v, cc k t trong bn r vn c gi nguyn, chng ch c
sp xp li v tr to ra bn m. Tc l cc k t trong bn r hon ton
khng b thay i bng k t khc m ch o ch ca chng to thnh
bn m.
Trc ht ta xt cc m c in s dng php thay th cc ch ca bn r
bng cc ch khc ca bng ch to thnh bn m.
- y cc ch ca bn r c thay bng cc ch hoc cc s hoc cc
k t khc.
- Hoc nu xem bn r nh mt dy bt, th php th thay cc mu bt bn
r bng cc
mu bt bn m.
3.2.1. M Ceasar
y l m th c bit sm nht, c sng to bi Julius Ceasar.
Ln u tin c s dng trong qun s. Vic m ho c thc hin n
gin l thay mi ch trong bn r bng ch th ba tip theo trong bng ch
ci.
V d:
Meet me after the toga party
PHHW PH DIWHU WKH WRJD SDUWB
y thay ch m bng ch ng th 3 sau m l p (m, n, o, p); thay

ch e bng ch ng th 3 sau e l h (e, f, g, h).
- C th nh ngha vic m ho trn qua nh x trn bng ch ci sau: cc
ch dng di l m ca cc ch tng ng dng trn:
84
abcdefghijklmnopqrstuvwxyz
D E F G H I J K LM N O PQ R S TU VW X YZAB C
V ton hc, nu ta gn s th t cho mi ch trong bng ch ci.
Cc ch dng trn c s th t tng ng l s dng di:
abcdefghijk l m
0 1 2 3 4 5 6 7 8 9 10 11 12
n o p q r s t u v w x y z
13 14 15 16 17 18 19 20 21 22 23 24 25
th m Ceasar c nh ngha qua php tnh tin cc ch nh sau:
c = E(p) = (p + k) mod (26)
p = D(c) = (c k) mod (26)
y, p l s th t ca ch trong bn r v c l s th t ca ch
tng ng ca bn m; k l kho ca m Ceasar. C 26 gi tr khc nhau
ca k, nn c 26 kho khc nhau. Thc t di kho y ch l 1, v
mi ch u tnh tin i mt khong nh nhau.
Thm m Ceasar l vic lm n gin, do s kho c th c l rt t.
Ch c 26 kho c th, v A ch c th nh x vo mt trong s 26 ch ci

ca bng ch ci ting Anh: A, B, C, Cc ch khc s c xc nh
bng s bc tnh tin tng ng ca A. K thm m c th th ln lt
tng kho mt, tc l s dng phng php tm duyt tng th. V s kho
t nn vic tm duyt l kh thi. Cho trc bn m, th 26 cch dch
chuyn khc nhau, ta s on nhn thng qua ni dung cc bn r nhn
c.
V d. B bn m "GCUA VQ DTGCM" bng cch th cc php tnh
tin khc nhau ca bng ch, ta chn c bc tnh tin thch hp l 24
v cho bn r l "easy to break".
85
3.2.2. Cc m bng ch n
By gi ta khc phc nhc im ca m Ceasar bng cch m ho
cc ch khng ch l dch chuyn bng ch, m c th to ra cc bc
nhy khc nhau cho cc ch. Trong mt m mi ch ca bn r c nh
x n mt ch khc nhau ca bn m. Do mi cch m nh vy s
tng ng vi mt hon v ca bng ch v hon v chnh l kho ca
m cho. Nh vy di kho y l 26 v s kho c th c l 26!.
S kho nh vy l rt ln.
V d. Ta c bn m tng ng vi bn r trong m bng ch n
nh sau:
Plain: a b c d efg h I j k l mno p q r s t u vwx y z
Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN
Plaintext: ifwewishtoreplaceletters
Ciphertext: WIRFRWAJUHYFTSDVFSFUUFYA
- Tnh an ton ca m trn bng ch n. Tng cng c 26! xp x khong
4 x 1026 kho. Vi kh nhiu kho nh vy nhiu ngi ngh l m trn
bng ch n s an ton. Nhng khng phi nh vy. Vn y l do
cc c trng v ngn ng. Tuy c s lng kho ln, nhng do cc c
trng v tn sut xut hin ca cc ch trong bn r v cc ch tng ng
trong bn m l nh nhau, nn k thm m c th on c nh x ca
mt s ch v t m tm ra ch m cho cc ch khc. Ta s xt kha
cnh ny c th trong mc sau.
- Tnh d tha ca ngn ng v thm m. Ngn ng ca loi ngi l d
tha. C mt s ch hoc cc cp ch hoc b ba ch c dng thng
xuyn hn cc b ch cng di khc. Chng hn nh cc b ch sau
y trong ting Anh "th lrd s m shphrd shll nt wnt". Tm li trong nhiu
ngn ng cc ch khng c s dng thng xuyn nh nhau. Trong
ting Anh ch E c s dng nhiu nht; sau n cc ch T, R, N, I,
O, A, S. Mt s ch rt t dng nh: Z, J, K, Q, X. Bng phng php
thng k, ta c th xy dng cc bng cc tn sut cc ch n, cp ch,
b ba ch.
86
S dng bng tn sut vo vic thm m. iu quan trng l m th

trn bng ch n khng lm thay i tn sut tng i ca cc ch, c
ngha l ta vn c bng tn sut trn nhng i vi bng ch m tng
ng. iu c pht hin bi cc nh khoa hc Ai cp t th k th 9.
Do c cch thm m trn bng ch n nh sau:
- Tnh ton tn sut ca cc ch trong bn m
- So snh vi cc gi tr bit
- Tm kim cc ch n hay dng A-I-E, b i NO v b ba RST; v cc
b t dng JK, X-Z..
- Trn bng ch n cn xc nh cc ch dng cc bng b i v b ba
tr gip.
V d. Thm m bn m trn bng ch n, cho bn m:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ
VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSXEPYEP
OPDZSZUFPOUDTMOHMQ
87
- Tnh tn sut cc ch
- on P v Z l e v t.
- Khi ZW l th v ZWP l the.
- Suy lun tip tc ta c bn r:
it was disclosed yesterday that several informal but direct contacts have
been made with political representatives in moscow
3.2.3. M Playfair
Nh chng ta thy khng phi s kho ln trong m bng ch n
m bo an ton m. Mt trong cc hng khc phc l m b cc ch, tc
l mi ch s c m bng mt s ch khc nhau ty thuc vo cc ch
m n ng cnh. Playfair l mt trong cc m nh vy, c sng to bi
Charles Wheastone vo nm 1854 v mang tn ngi bn l Baron
Playfair. y mi ch c th c m bng mt trong 7 ch khc nhau
ty vo ch cp i cng n trong bn r.
Ma trn kho Playfair. Cho trc mt t lm kho, vi iu kin
trong t kho khng c ch ci no b lp. Ta lp ma trn Playfair l ma
trn c 5 x 5 da trn t kho cho v gm cc ch trn bng ch ci,
c sp xp theo th t nh sau:
- Trc ht vit cc ch ca t kho vo cc hng ca ma trn bt t hng
th nht.
- Nu ma trn cn trng, vit cc ch khc trn bng ch ci cha c s
dng vo cc cn li. C th vit theo mt trnh t qui c trc, chng
hn t u bng ch ci cho n cui.
- V c 26 ch ci ting Anh, nn thiu mt . Thng thung ta dn hai
ch no vo mt chung, chng hn I v J.
- Gi s s dng t kho MONARCHY. Lp ma trn kho Playfair tng
ng nh sau:
MONAR
88
CHYBD
EFGIK
LPQST
UVWXZ
M ho v gii m: bn r c m ho 2 ch cng mt lc theo qui

tc nh sau:
- Chia bn r thnh tng cp ch. Nu mt cp no c hai ch nh
nhau, th ta chn thm mt ch lc chng hn X. V d, trc khi m
balloon bin i thnh ba lx lo on.
- Nu c hai ch trong cp u ri vo cng mt hng, th m mi ch
bng ch pha bn phi n trong cng hng ca ma trn kha (cun
vng quanh t cui v u), chng hn ar bin i thnh RM
- Nu c hai ch trong cp u ri vo cng mt ct, th m mi ch bng
ch pha bn di n trong cng ct ca ma trn kha (cun vng quanh
t cui v u), chng hn mu bin i thnh CM
- Trong cc trng hp khc, mi ch trong cp c m bi ch cng
hng vi n v cng ct vi ch cng cp vi n trong ma trn kha.
Chng hn, hs m thnh BP, v ea m thnh IM hoc JM (tu
theo s thch)
An ton ca m Playfair:
- An ton c nng cao so hn vi bng n, v ta c tng cng 26 x 26
= 676 cp. Mi ch c th c m bng 7 ch khc nhau, nn tn sut
cc ch trn bn m khc tn sut ca cc ch ci trn vn bn ting Anh
ni chung.
- Mun s dng thng k tn sut, cn phi c bng tn sut ca 676 cp
thm m (so vi 26 ca m bng n). Nh vy phi xem xt nhiu
trng hp hn v tng ng s c th c nhiu bn m hn cn la chn.
Do kh thm m hn m trn bng ch n.
89
- M Playfair c s dng rng ri nhiu nm trong gii qun s M v

Anh trong chin tranh th gii th 1. N c th b b kho nu cho trc
vi trm ch, v bn m vn cn cha nhiu cu trc ca bn r.
3.2.4. M Vigenere
M th a bng n gin nht l m Vigenere. Thc cht qu trnh
m ho Vigenere l vic tih hnh ng thi dng nhiu m Ceasar cng
mt lc trn bn r vi nhiu kho khc nhau. Kho cho mi ch dng
m ph thuc vo v tr ca ch trong bn r v c ly trong t kho
theo th t tng ng.
Gi s kho l mt ch c di d c vit dng K = K1K2Kd,
trong Ki nhn gi tr nguyn t 0 n 25. Khi ta chia bn r thnh
cc khi gm d ch. Mi ch th i trong khi ch nh dng bng ch th i
vi tnh tin l Ki ging nh trong m Ceasar.Trn thc t khi m ta c
th s dng ln lt cc bng ch v lp li t u sau d ch ca bn r.
V c nhiu bng ch khac nhau, nn cng mt ch cc v tr khc nhau
s c cc bc nhy khc nhau, lm cho tn sut cc ch trong bn m dn
tng i u.
Gii m n gin l qu trnh lm ngc li. Ngha l dng bn m
v t kho vi cc bng ch tng ng, nhng vi mi ch s dng bc
nhy lui li v u.
V d: s dng m Vigenere vi t kha v bn r cho trc ta c th
lm nh sau:
- Vit bn r ra
- Vit t kho lp nhiu ln pha trn tng ng ca n
- S dng mi ch ca t kho nh kho ca m Ceasar
- M ch tng ng ca bn r vi bc nhy tng ng.
- Chng hn s dng t kho deceptive
key:
deceptivedeceptivedeceptive
90
plaintext: wearediscoveredsaveyourself
ciphertext:ZICVTWQNGRZGVTWAVZHCQYGL
m ch w u tin ta tm ch u ca kha l d, nh vy w s
c m trn bng ch tnh tin 3 (tc l a tnh tin vo d). Do ch u
w c m bi ch Z. Ch th hai trong t kha l e, c ngha l ch th
hai trong bn r s c tnh tin 4 (t a tnh tin n e). Nh vy th hai
trong bn r e s c m bi ch I. Tng t nh vy cho n ht bn r.
Trn thc t h tr m Vigenere, ngi ta to ra trang Saint
Cyr tr gip cho vic m v gii m th cng. l mt bng c 26 x
26 c tn tng ng l cc ch ci trong bng ch ting Anh. Hng th i l
tnh tin i ch ca bng ch ci. Khi ch ct u tin chnh l kho
ca bng ch cng hng. Do ch m ca mt ch trong bn r nm
trn cng ct vi ch v nm trn hng tng ng vi ch kho.
ABCDEFGHIJKLMNOPQRSTUVWXYZ
A ABCDEFGHIJKLMNOPQRSTUVWXYZ
B BCDEFGHIJKLMNOPQRSTUVWXYZA
C CDEFGHIJKLMNOPQRSTUVWXYZAB
D DEFGHIJKLMNOPQRSTUVWXYZABC
E EFGHIJKLMNOPQRSTUVWXYZABCD
F FGHIJKLMNOPQRSTUVWXYZABCDE
G GHIJKLMNOPQRSTUVWXYZABCDEF
H HIJKLMNOPQRSTUVWXYZABCDEFG
I IJKLMNOPQRSTUVWXYZABCDEFGH
J JKLMNOPQRSTUVWXYZABCDEFGHI
K KLMNOPQRSTUVWXYZABCDEFGHIJ
L LMNOPQRSTUVWXYZABCDEFGHIJK
M MNOPQRSTUVWXYZABCDEFGHIJKL
N NOPQRSTUVWXYZABCDEFGHIJKLM
O OPQRSTUVWXYZABCDEFGHIJKLMN
P PQRSTUVWXYZABCDEFGHIJKLMNO
Q QRSTUVWXYZABCDEFGHIJKLMNOP
R RSTUVWXYZABCDEFGHIJKLMNOPQ
S STUVWXYZABCDEFGHIJKLMNOPQR
T TUVWXYZABCDEFGHIJKLMNOPQRS
U UVWXYZABCDEFGHIJKLMNOPQRST
V VWXYZABCDEFGHIJKLMNOPQRSTU
W WXYZABCDEFGHIJKLMNOPQRSTUV
X XYZABCDEFGHIJKLMNOPQRSTUVW
Y YZABCDEFGHIJKLMNOPQRSTUVWX
Z ZABCDEFGHIJKLMNOPQRSTUVWXY
Bng Saint Cyr
91
An ton ca m Vigenere. Nh vy c ch m khc nhau cho cng

mt ch ca bn r. Suy ra tn sut ca cc ch b l phng, ngha l tn
sut xut hin cc ch trn bn m tng i u nhau. Tuy nhin cha
mt hon ton, do di ca kho c hn, nn c th to nn chu k vng
lp. K thm m bt u t tn sut ca ch xem c phi y l m n
bng ch hay khng. Gi s y l m a bng ch, sau xc nh s
bng ch trong t kho v ln tm tng ch. Nh vy cn tng di t
kho tng s bng ch dng khi m l tn sut ca cc ch.
3.2.5. M Rail Fence
y l m hon v n gin. Vit cc ch ca bn r theo ng cho
trn mt s dng. Sau c cc ch theo theo tng dng s nhn c
bn m. S dng chnh l kho ca m. V khi bit s dng ta s tnh c
s ch trn mi dng v li vit bn m theo cc dng sau ly bn r
bng cch vit li theo cc ct.
V d. Vit bn tin meet me after the toga party ln lt trn hai
dng nh sau
mematrhtgpry
etefeteoaat
Sau ghp cc ch dng th nht vi cc ch dng th hai cho bn
m:
MEMATRHTGPRYETEFETEOAAT
3.2.6. M dch chuyn dng
M c s phc tp hn. Vit cc ch ca bn tin theo cc dng vi
s ct xc nh. Sau thay i th t cc ct theo mt dy s kho cho
truc, ri c li chng theo cc ct nhn c bn m. Qu trnh gii
m c thc hin ngc li.
V d:
Key:
431 25 6 7
Plaintext: a t t a c k p
o s t po n e
d u n t i l t
wo amxy z
92
Ta c theo th t cc ct t 1 n 7 nhn c bn m:
Ciphertext:
TTNAAPTMTSUOAODWCOIXKNLYPETZ
3.3. M khi hin i
By gi chng ta xt cc m khi hin i. y l kiu m c s
dng rng ri nht ca cc thut ton m ho. ng thi n cng c s
dng kt hp vi cc th tc khc nhm cung cp cc dch v an ton v
xc thc.
Trc ht chng ta tp trung vo chun m d liu DES (Data
Encryption Standards) minh ho cho cc nguyn l m khi. Trc ht
chng ta xt hai kiu x l thng tin khc nhau trn bn r. Mt kiu chia
d liu thnh tng khi x l, kiu kia x l trc tip tng n v thng
tin.
3.3.1. Phn bit m khi vi m dng.
- M khi (block) x l bn tin theo tng khi, ln lt mi khi c m
hoc gii m. C th xem ging nh php th vi cc k t ln mi khi
gm 64 bt hoc nhiu hn.
- M dng x l bn tin theo tng bt hoc bite, ln lt mi bt hoc bite
c m ho hoc gii m. Chng hn nh m kho t ng Vigenere.
- Rt nhiu m hin nay l m khi. Chng c kh nng ng dng rng ri
hn. Rt nhiu ng dng m i xng trn mng s dng m khi. Cc
nguyn l m khi
- Hu ht cc m khi i xng da trn cu trc m Fiestel, do nh bac
hc Fiestel xut nm 1973. y l iu cn thit, v cn phi c kh
nng gii m cc bn m mt cch c hiu qu.
93
- M khi c coi ging nh php th cc ln. Cn bng c 264 u vo

cho m khi 64 bt, bng nh vy l rt ln. Do c th thay th bng
cch to cc khi nh hn.
- S dng tng dng m tch. y s kt hp gia m thay th v m
hon v, ng thi s dng nhiu vng lp nh vy.
3.3.2. Claude Shannon v m php th hon v
Nm 1949, Shannon a ra tng mng php th v hon v (S-P
networks) l m tch php th v hon v hin i vi mc ch l cn tr
vic thm m da vo cc phn tch thng k. Gi s k thm m bit mt
s tnh cht thng k ca bn r nh bng phn b tn sut ca cc ch
ci, b cc ch ci. Nu cc c trng thng k ny c phn nh trong
bn m, th k thm m s tm cch tm c kho hoc mt phn kho
hoc tm m ra bn r. Shannon mun c mt bn m l tng, mi
c trng thng k u c lp vi kho ring c dng, nh vy k thm
m s khng c c s tm kho.
Mng S-P to nn c s cho m khi hin i. Mng S-P da trn
hai thao tc m c bn m ta bit: php th (S-box) v hon v (P-box).
Chng s to nn ri lon v khuch tn ca bn tin. Ri lon v
khuch tn
- Mt tnh cht quan trng ca m tt l m cn phi che du hon ton cc
tnh cht thng k ca bn tin gc. Nh ta thy m b m mt ln c
th lm c iu , do tnh ngu nhin ca kho m v di bng bn
tin ca n.
- Shannon nghin cu v xut phng php thc t hn l kt hp cc
thnh phn khc nhau ca bn r x l qua nhiu ln v nhn c bn
m.
94
- Khuch tn l lm tan bin cu trc thng k ca bn r trn bn m.

iu t c nu mi bit ca bn r tc ng n gi tr ca rt nhiu
bit trn bn m hay mi bit ca bn m chu tc ng ca nhiu bit bn r.
- Ri lon l lm cho quan h gia bn m v kho cng phc tp cng tt.
Bn m c tnh ri lon cao s lm cho vic tm m kho tr nn rt kh
khn, ngay c khi k tn cng c cc c trng thng k ca bn m v
bit cch kho tc ng n bn m.
3.3.3. Cu trc m Fiestel
Horst Fiestel sng to nn m Fiestel da trn m tch nghch o c,
tc l kt hp m th vi m hon v v qui trnh gii m l ging vi m
ho, ch cn thay i vai tr khi bn m vi khi bn r v th t cc
kho con c dng. T kho chnh sinh ra cho mi vng lp mt kho
con.
Chia khi u vo thnh 2 na bng nhau:
- Thc hin php th trn na tri. S dng hm vng trn na phi v
kho con, ri tc ng n na tri.
- Sau hon v cc na, na phi cha c x l.
- X l vng tip theo.
- y l mt th hin ca m th kt hp vi hon v ca Shannon. Ta xem
xt c th cu trc m Fiestel gm n vng:
95
Nguyn tc thit k m khi Fiestel

Tng kch thc khi s lm tng an ton nhng lm gim tc m
Tng kch thc kho s lm tng an ton tm kho kh hn,
nhng lm chm m.
Tng s vng lm tng an ton nhng lm chm m
Pht sinh kho con cng phc tp lm cho vic thm m kh hn nhng
lm chm m
Hm vng cng phc tp lm cho vic thm m kh hn nhng lm
chm m
Phn mm m ho/gii m nhanh v kh thm m l tiu ch hay c
cp n i vi ng dng v kim nghim thc t.
Gii m khi Fiestel
96
3.4. Chun m d liu (DES)

DES (Data Encryption Standards) l m khi s dng rng ri nht
trn th gii trong thi gian va qua. N c a ra nm 1977 bi NBS
vn phng chun Quc gia Hoa k (by gi l NIST - Vin chun v cng
ngh Quc gia). DES l m khi vi mi khi d liu 64 bt v dng kho
di 56 bt. N c s dng rng ri v c tranh lun k v mt an
ton.
3.4.1. Lch s DES:
Cui nhng nm 1960, IBM pht trin m Lucifer, c lnh o bi
Fiestel. Ban u Lucifer s dng khi d liu 64 bt v kho 128 bt. Sau
tip tc pht trin nh m thng mi. Nm 1973 NBS yu cu xut
chun m Quc gia. IBM ngh bn sa i Lucifer, sau ny gi l DES.
c cc tranh lun v thit k ca DES. V chun ca DES c cng
khai, mi ngi ng gp kin v tc , di kho v mc an ton,
kh nng thm m. Ngi ta xut chn kho 56 bt thay v 128 tng
97
tc x l v a ra cc tiu chun thit k mt chun m d liu. Cc

suy lun v phn tch chng t rng thit k nh vy l ph hp. Do
DES c s dng rng ri, c bit trong lnh vc ti chnh.
3.4.2. S m DES
Hon v ban u IP: y l bc u tin ca tnh ton d liu, hon v

IP o th t cc bt u vo: cc bt chn sang na tri v cc bt l sang
na phi. Hon v trn d dng thc hin trn phn cng. Mi s trong h
16 biu din bi 4 bit, 16 s c th hin bi 64 bit. Mi bit c mt v tr
xc nh qua hon v ban u (xem bng ph lc cui ti liu).
V d
IP(675a6967 5e5a6b5a) = (ffb2194d 004df6fb)
Cu to mt vng ca DES
S dng hai na 32 bt tri v 32 bt phi. Nh i vi mi m Fiestel, na
phi ca vng trc c chuyn qua na tri ca bc sau v ly u ra
ca hm vng trn na phi v kho con cng c s 2 vi na tri. C th
biu din bng cng thc nh sau:
Li = Ri1
Ri = Li1 xor F(Ri1, Ki)
98
y F ly 32 bt na phi R, m rng thnh 48 bt nh hon v E, ri

cng vo vi kho con 48 bt. Sau chia thnh 8 cm 6 bt v cho qua 8
S-box nhn c kt qu 32 bt. o ln cui s dng hon v 32 bt P
nhn c 32 bt u ra, ri cng vi na tri chuyn thnh na phi
ca bc sau.
Cc hp th S (xem ph lc cui ti liu)

C 8 hp S khc nhau nh x 6 bt vo 4 bt. Cc hp S box thc hin cc
php th, chng c cu to khng c qui lut v c nh. Mi S box l
hp 4 x 16 bt, mi hng l mt hon v ca 16 phn t. Gi s ta c 6 bt
u vo. Ta ly hai bt ngoi 1-6 ghp li c s nh phn xc nh chn
hng t 0 n 3 trong S box. Bn bt t 2 n 5 l mt s nh phn xc
nh ct t 0 n 15 trong S box. Ly phn t tng ng trn hng v ct
mi c xc nh, y l mt s t 0 n 15, chuyn sang s nh phn ta
c 4 bt u ra. Nh vy 48 bt chia thnh c 8 cm 6 bt, qua 8 S box
c chuyn thnh 8 cm 4 bt, tng cng l 32 bt Vic chn hng trong
cc S box ph thuc c d liu v kho - c trng ny c gi l kho t
xc nh
V d:
S(18 09 12 3d 11 17 38 39) = 5fd25e03
Sinh kho con ca DES
99
O To 16 kho con s dng cho 16 vng ca DES. 56 bit kho u

vo c s dng nh bng 8 x 8, trong ct th 8 khng s dng.
O Hon v ban u ca kho PC1 v tch 56 bt thnh hai na 28 bt.
O 16 giai on bao gm
mi vng na tri v na phi c dch tri vng quanh tng ng
1 v 2 bit. Hai na ny c dng tip cho vng sau.
ng thi hai na cng cho qua hon v PC2 v chn mi na 24 bt
gp li thnh 48 bt sinh kho con..
o ng dng thc t trn c phn cng v phn mm u hiu qu
Cc thng s c th v hon v ban u, cc hp Box v thut ton sinh

kho ca DES c cho cui ti liu trong phn ph lc.
Gii m DES
Gii m lm ngc li qu trnh m ho. Vi thit k Fiestel thc hin m
ho tip vi cc kho con t SK16 ngc li v SK1. Nhn thy rng hon
v ban u IP s tr li tc dng ca hon v cui FP. Vng u vi SK16
s tr li tc dng ca vng m th 16. Vng th 16 vi SK1 s tr li tc
dng ca vng m u tin. Hon v cui FP tr li tc dng hon v ban
u IP. Nh vy khi phc li c d liu ban u.
100
3.4.3. Tnh cht ca DES

Tc dng ng lot. Khi ta thay i 1 bit trong kho s gy ra tc ng
ng lot lm thay i nhiu bit trn bn m. y l tnh cht mong mun
ca kho trong thut ton m ho. Nu thay i 1 bt u vo hoc kho s
ko theo thay i mt na s bt u ra. Do khng th on kho c.
Co th ni rng DES th hin tc ng ng lot mnh.
Sc mnh ca DES kch thc kho.
di ca kho trong DES l 56 bt c 256 = 7.2 x 1016 gi tr khc
nhau. y l con s rt ln nn tm kim duyt rt kh khn. Cc thnh tu
gn y ch ra rng thi gian cn thit gii mt trang m DES m khng
bit kho l: sau mt vi thng trn Internet trong nm 1997; mt vi
ngy trn thit b phn cng tng cng trong nm 1998; sau 22 gi nu
kt hp cc bin php trong nm 1999. Nh vy vn c th on c bn
r sau mt khong thi nht nh, nu c ngun lc my tnh mnh. Chnh
v vy by gi ngi ta xt mt vi bin th ca DES nhm nng cao
sc mnh cho DES.
Sc mnh ca DES tn cng thi gian.
y l dng tn cng vo ci t thc t ca m. y s dng hiu bit
v qu trnh ci t thut ton m suy ra thng tin v mt s kho con
hoc mi kho con. c bit s dng kt lun l cc tnh ton chim
khong thi gian khc nhau ph thuc vo gi tr u vo ca n. Do k
thm m theo di thi gian thc hin m phn on v kho. C th k
thm m sng to ra cc loi card thng minh phn on kho, m cn
phi bn bc thm v chng.
Sc mnh ca DES tn cng thm m.
C mt s phn tch thm m trn DES, t xut xy dng mt s cu
trc su v m DES. Ri bng cch thu thp thng tin v m, c th on
bit c tt c hoc mt s kho con ang dng. Nu cn thit s tm
101
duyt nhng kho cn li. Ni chung, l nhng tn cng da trn

phng php thng k bao gm: thm m sai phn, thm m tuyn tnh v
tn cng kho lin kt.
Thm m sai phn
Mt trong nhng thnh tu cng khai gn y trong thm m l phng
php thm m sai phn. N c bit n bi NSA trong nhng nm 70,
chng hn trong thit k DES. Murphy, Birham v Shamir cng b phng
php sai phn nm 1990. y l phng php mnh phn tch m khi.
N s dng phn tch hu ht cc m khi hin ti vi mc thnh cng
khc nhau. Nhng DES c th khng c li cc tn cng . Thm m sai
phn l tn cng thng k chng li cc m Fiestel. M Fiestel dng cc
cu trc m cha c s dng trc kia nh thit k S-P mng c u ra
t hm f chu tc ng bi c u vo v kho. Do khng th tm li
c gi tr bn r m khng bit kho.
Thm m sai phn so snh hai cp m c lin quan vi nhau
o
Vi s khc bit bit u vo
Kho st s khc bit u ra
Khi vi cng kho con c dng
o
Trong cng thc sau vi hai u vo khc nhau, v tri l s khc
bit m cng vng th i c biu din qua s khc bit m vng
trc i-1 v s khc bit ca hm f trong ngoc vung.
S khc bit u vo cho s khc bit u ra vi mt xc sut cho

trc.
102
Nu tm c mt th hin u vo - u ra vi xc sut cao. Th c

th lun ra kho con c s dng trong vng
O
Sau c th lp li cho nhiu vng (vi xc sut gim dn)
Cp ng cho bt kho nh nhau

Cp sai cho gi tr ngu nhin
i vi s vng ln, xc sut c nhiu cp u vo 64 bt tho
mn yu cu l rt nh.
O
Birham v Shamir ch ra rng lm nh th no cc c trng lp

ca 13 vng c th b c DES 16 vng y .
O
Qui trnh thm m nh sau: thc hin m ho lp li vi cp bn r

c XOR u vo bit trc cho n khi nhn c XOR u ra mong
mun
O
Khi c th tm c
nu vng trung gian tha mn XOR yu cu th c cp ng
103
nu khng th c cp sai, t l sai tng i cho tn cng bit trc

da vo thng k.
O
Sau c th to ra cc kho cho cc vng theo suy lun sau
Thm m tuyn tnh

y l mt pht hin mi khc. N cng dng phng php thng k.
y cn lp qua cc vng vi xc sut gim, n c pht trin bi Matsui
v mt s ngi khc vo u nhng nm 90. C s ca phng php da
trn tm xp x tuyn tnh. V c nhn nh rng c th tn cng DES vi
247 bn r bit. Nh vy thm m tuyn tnh vn khng kh thi trong
thc t.
O
Tm xp x tuyn tnh vi xc sut p !=

P[i1,i2,...,ia] (+) C[j1,j2,...,jb] = K[k1,k2,...,kc]
trong ia, jb, kc l cc v tr bit trong bn r, m, kho.

O
iu kin trn cho phng trnh tuyn tnh ca cc bt kho.
nhn c 1 bt kho s dng thut ton ln cn tuyn tnh

S dng mt s ln cc phng trnh th nghim. Hiu qu cho bi |
p 1/2| Trong qu trnh tm hiu DES ngi ta h thng li cc tiu
chun thit k DES. Nh bo co bi Copperscmith trong [COPP94]:
O
C 7 tiu chun i vi S box c cung cp m bo
tnh phi tuyn tnh

chng tham m sai phn
Ri lon tt
O
C 3 tiu chun cho hon v P tng khuch tn
Cc nguyn l m khi
Cc nguyn l c bn ca m khi ging nh Fiestel xut trong nhng
nm 70:
104
C mt s vng: cng nhiu cng tt; tn cng tt nht phi tm tng
th
Trong mi vng c hm cung cp ri lon l phi tuyn, tc ng
ng lot
O
Qui trnh sinh kho con phc tp, kho tc ng ng lot n bn
m.
3.4.4. Cc kiu thao tc ca DES
M khi m cc block c kch thc c nh. Chng hn DES m cc
block 64 bt vi kho 56 bt Cn phi c cch p dng vo thc t v cc
thng tin cn m c kch thc ty . Trwosc kia c 4 kiu thao tc c
nh ngha cho DES theo chun ANSI: ANSI X3.106-1983 Modes of Use.
By gi m rng them c 5 cch cho DES v chun m nng cao (AES
Advanced Encryption Standards). Trong c kiu p dng cho khi v
c kiu p dng cho m dng.
1. Sch mt m in t (Electronic Codebook Book - ECB)
O
Mu tin c chia thnh cc khi c lp, sau m tng khi
Mi khi l gi tr cn thay th nh dng sch m, do c tn nh
vy
O
Mi khi c m c lp vi cc m khc Ci = DESK1 (Pi)
Khi dng: truyn an ton tng gi tr ring l
105
u v nhc ca ECB
Lp trn bn m c ch r lp trn bn tin

- Nu dng ng khi
- c bit vi hnh nh
- Hoc vi bn tin m thay i rt t s tr thnh i tng thm
m
Nhc im l cc khi c m c lp
c s dng ch yu khi gi mt t d liu
2. Dy chuyn m khi (Cipher Block Chaining - CBC)
O
Cc mu tin c chia thnh cc khi
Nhng chng c lin kt vi nhau trong qu trnh m ho
Cc block c sp thnh dy, v vy c tn nh vy
S dng vct ban u IV bt u qu trnh
Ci = DESK1(Pi XOR Ci-1)

C-1 = IV
O
Dng khi: m d liu ln, xc thc
106
O u v nhc ca CBC
Mi khi m ph thuc vo tt c cc khi bn r
S thay i ca bn tin u s ko theo s thay i ca mi khi
m
Cn gi tr vc t ban u IV c bit trc bi ngi gi v ngi
nhn
- Tuy nhin nu IV c gi cng khai, k tn cng c th thay i
bt u tin v thay i c IV b tr
- Vy IV cn phi c gi tr c nh trc hoc m ho trong ch ECB
v gi trc phn cn li ca mu tin
cui bn tin, kim sot cc block ngn cn li
- C th b sung cc gi tr khng phi d liu nh NULL
- Hoc dng b m cui vi s byte m kch thc ca n.
V d
[ b1 b2 b3 0 0 0 0 5] <- 3 data bytes,
vy c 5 bytes dnh cho m v m.
3. M phn hi ngc (Cipher FeedBack - CFB)
O
Bn tin coi nh dng cc bt

107
B sung vo u ra ca m khi
Kt qu phn hi tr li cho giai on tip theo, v vy c tn nh
vy.
Ni chung cho php s bt phn hi l 1, 8, 64, hoc tu : k hiu
tng ng l CFB1, CFB8, CFB64,
O
Thng hiu qu s dng c 64 bt

Ci = Pi XOR DESK1(Ci-1)
C-1 = IV
c dng cho m d liu dng, xc thc
u v nhc im ca m phn hi ngc

O
c dng khi d liu n theo byte/bit
Ch dng thng gp nht
Hn ch l cn ngn chung khi m khi sau mi n bit
Nhn xt l m khi c dng ch m c hai u
Li s lan ra mt vi block sau li
4. Phn hi ngc u ra (Output FeedBack - OFB)

O
Mu tin xem nh dng bit

108
u ra ca m c b sung cho mu tin
u ra do l phn hi, do c tn nh vy
Phn hi ngc l c lp i vi bn tin
C th c tnh trc
Ci = Pi XOR Oi
Oi = DESK1(Oi-1)
O-1 = IV
c dng cho m dng trn cc knh m thanh
u im v nhc im ca OFB
c dng khi li phn hi ngc li hoc ni cn m trc khi
mu tin sn sng
O
Rt ging CFB
Nhng phn hi l t u ra ca m v c lp vi mu tin
L bin th ca m Vernam, suy ra khng s dng li vi cng mt

dy (Key + IV)
O
109
Ngi gi v ngi nhn phi ng b, c phng php khi phc

no l cn thit m bo vic .
O
O
O
Nguyn bn ch r m bit phn hi ngc theo cc chun

Cc nghin cu tip theo ch ra rng ch c OFB64 l dng c
5. B m CTR (Counter)
O
L ch mi, tuy c xut t lu
Ging nh OFB, nhng m gi tr m thay v gi tr phn hi tu .
Cn phi c kho khc v gi tr m cho mi khi bn r (khng

bao gi dng li)
O
Ci = Pi XOR Oi
Oi = DESK1(i)
O
c dng m trn mng vi tc cao
u v nhc im ca CTR
Hiu qu
- Do c th m song song
- Chun b trc nu cn
- Tt cho cc kt ni vi tc rt cao
Truy cp ngu nhin n cc khi d liu m
Tnh an ton c th chng minh c
Nhng phi tin tng
kho/m, nu khng c th b.
110
khng
bao
gi
dng
li
3.5. Chun m nng cao (AES)

3.5.1. Ngun gc
R rng cn phi thay th DES, v c nhng tn cng v mt l
thuyt c th b c n. Mt s tn cng nghin cu thu o kho
c trnh din. Ngi ta thy rng, cn s dng Triple DES (s dng
DES ba ln lin tip) cho cc ng dng i hi tng cng bo mt, nhng
qu trnh m v gii m chm, ng thi vi khi d liu nh. Do Vin
chun quc gia Hoa k US NIST ra li ku gi tm kim chun m mi
vo nm 1997. Sau c 15 c c chp nhn vo thng 6 nm 1998.
V c rt gn cn 5 ng c vin vo thng 6 nm 1999. n thng 10
nm 2000, m Rijndael c chn lm chun m nng cao v c xut
bn l chun FIPS PUB 197 vo 11/2001.
Yu cu ca AES
L m khi i xng kho ring.
Kch thc khi d liu 128 bit v di kho l ty bin: 128, 192
hoc 256 bit.
Chun m mi phi mnh v nhanh hn Triple DES. M mi c c
s ls thuyt
111
mnh thi gian sng ca chun khong 20-30 nm (cng thm thi gian
lu tr).
Khi a ra thnh chun yu cu cung cp chi tit thit k v c t
y . m bo rng chun m mi ci t hiu qu trn c C v Java.
NIST in rt gn mi xut, phn tch v khng phn loi.
3.5.2. Tiu chun trin khai ca AES
Tiu chun ban u:

o
An ton - chng mi tn cng thm m v thc t
Gi tr v mt tnh ton
Cc c trng ci t v thut ton.
Tiu chun cui cng:

o
An ton tng th
D ci t phn mm v phn cng
Chng c tn cng v mt ci t
Mm do trong m / gii m, kho v cc yu t khc
Danh sch cc ng c vin Chun m nng cao c rt gn:

o
MARS (IBM): phc tp, nhanh, bin tin cy cao
RC6 (USA): n gin, rt nhanh, bin tin cy thp
Rijndael (B): r rng, nhanh, bin tin cy tt
Serpent (Chu u): chm, r rng, bin tin cy rt cao
Twofish (USA): phc tp, rt nhanh, bin tin cy cao
Sau tc phn tch v nh gi. Tp trung vo vic so snh cc thut ton

khc
nhau:
o
t vng nhng phc tp vi nhiu vng n gin hn.

112
Nu r ci tin cc m c vi cc xut mi.
3.5.3. Chun m nng cao AES Rijndael

Cui cng Rijndael c chn l chun m nng cao. N c thit
k bi Rijmen Daemen B, c cc c trng sau:
C 128/192/256 bit kho v 128 bit khi d liu.
Lp hi khc vi Fiestel
o
Chia d liu thnh 4 nhm 4 byte
Thao tc trn c khi mi vng
Thit k :
chng li cc tn cng bit
tc nhanh v nn m trn nhiu CPU
n gin trong thit k
X l khi d liu 128 bit nh 4 nhm ca 4 byte: 128 = 4*4*8 bit.

Mi nhm nm trn mt hng. Ma trn 4 hng, 4 ct vi mi phn t l 1
byte coi nh trng thi c x l qua cc vng m ho v gii m.
Kho m rng thnh mng gm 44 t 32 bit w[i].
C ty chn 9/11/13 vng, trong mi vng bao gm

o
Php th byte (dng mt S box cho 1 byte)
Dch hng (hon v byte gia nhm/ct)
Trn ct (s dng nhn ma trn ca cc ct)
Cng kho vng (XOR trng thi d liu vi kho vng).
o
Mi php ton c thc hin vi XOR v bng tra, nn rt
nhanh v hiu qu.
S Rijndael
113
Php th Byte
Php th byte n gin
o
bit
S dng mt bng 16 x 16 byte cha hon v ca tt c 256 gi tr 8
o
Mi byte trng thi c thay bi byte trn hng xc nh bi 4 bit
tri v ct xc nh bi 4 bit phi.
Chng hn {95} c thay bi hng 9, ct 5, m gi tr s l {2A}.
o
S box c xy dng s dng hon v cc gi tr trong GF(28)
c xc nh trong chng trc.
o
Thit k chng mi tn cng bit
Dch hng
Dch hng vng quanh trn mi hng
Hng 1 khng i
Hng 2 dch vng quanh 1 byte sang tri

114
Gii m thc hin dch ngc li sang phi
o
V trng thi c x l bi ct, bc ny thc cht l hon v byte
gia cc ct.
Trn cc ct
Mi ct c x l ring bit.
Mi byte c thay bi 1 gi tr ph thuc vo tt c 4 byte trong ct
Nhn ma trn hiu qu trong GF(28), s dng a thc nguyn t

m(x) =x8+x4+x3+x+1
Trn ct
o
C th biu din mi ct mi l nghim ca 4 phng trnh
tm ra byte mi trong mi ct
M yu cu s dng ma trn nghch o
Vi h s ln th tnh ton kh khn hn
C cc c trng khc ca ct nh sau:
Mi ct l mt a thc bc 3 gm 4 s hng
Vi mi phn t l mt byte tng ng vi phn t trong GF(28).
Cc a thc nhn tnh theo Modulo (x4+1).
Cng kho quay vng
XOR trng thi vi 128 bit kho quay vng

115
X l li bng ct (hiu qu qua mt lot cc thao tc bit)
o
Nghch o cho gii m hon ton xc nh, v khi XOR vi nghch
o ca bn thn n, XOR trng vi o bit ca kho quay vng.
o
Thit k n gin nht c th
Dng m Vernam vi kho m rng
i hi thm mt s bc tng phc tp/tnh an ton.
Mt vng AES
M rng kho AES
o
Dng kho 128 bit (16 byte) v m rng thnh mng gm 44/52/60
t 32 bit.
o
Bt u bng vic copy kho vo 4 t u
o
Sau to quay vng cc t m ph thuc vo gi tr cc v tr
trc v 4 v tr sau
3 trong 4 trng hp ch l XOR chng cng nhau
Mi ci th 4 c S box kt hp quay v XOR vi hng s trc ,

trc khi XOR cng nhau
Thit k chng cc tn cng bit
116
Gii m AES
o
Gii m ngc li khng duy nht v cc bc thc hin theo th t
ngc li.
o
Nhng c th xc nh m ngc tng ng vi cc bc lm
i vi m
Nhng s dng ngc li vi tng bc
Vi kho con khc nhau
Thc hin c v kt qu khng thay i khi
i li php th byte v dch cc hng
i li vic trn cc ct v b sung kho vng
L do m rng kho: cc tiu chun thit k bao gm
Gi s bit mt phn kho, khi khng bit nhiu hn, tc l

cc kho con khc hoc kho ni chung.
Php bin i nghch o c.
Nhanh i vi nhiu kiu CPU.
S dng hng s vng lm mt tnh i xng
Khuch tn bit kho thnh kho con cho cc vng
C tnh phi i xng chng thm m
n gin trong vic gii m
Cc kha cnh ci t:
c th ci t hiu qu trn CPU 8 bit
Php th byte lm vic trn cc byte s dng bng vi 256
u vo.
-
Dch hng l php dch byte n gin

117
Cng kho vng lm vic trn byte XOR
Cc ct hn hp yu cu nhn ma trn trong GF(28) m lm vic trn

gi tr cc byte, c th n gin bng cch tra bng
c th ci t hiu qu trn CPU 32 bit
Xc nh li cc bc s dng t 32 bit
C th tnh trc 4 bng vi 256 u vo
Sau mi ct trong mi vng c th tnh bng cch tra 4 bng v 4

XOR
-
Cn 16 Kb lu cc bng
Nhng nh thit k tin tng rng vic ci t rt hiu qu ny l yu

t c bn trong vic chn n l m AES
Sau y ta xt chi tit hn cc qu trnh m ho, sinh kho v gii m AES.
Xt c th qu trnh m ha bao gm 4 bc:
1. AddRoundKey - mi byte ca khi c kt hp vi kha con, cc kha
con ny c to ra t qu trnh to kha con Rijndael.
Hnh 2.5: M t hot ng bc AddRoundKey

2. SubBytes - y l qu trnh thay th (phi tuyn) trong mi byte s
c thay th bng mt byte khc theo bng tra (Tm trong ti liu tng
ng).
118
Hnh 2.6: M t hot ng bc SubBytes
3. ShiftRows - i ch, cc hng trong khi c dch vng.
Hnh 2.7: M t hot ng bc ShiftRows

4. MixColumns - qu trnh trn lm vic theo cc ct trong khi theo mt
chuyn
i tuyn tnh.
Hnh 2.8: M t hot ng bc MixColumns

119
Ti chu trnh cui th bc MixColumns c thay th bng bc

AddRoundKey.
Thut ton m ho
INPUT: M 128 bit, w[Nb*(Nr+1)] --- w l mng kho , M l khi d liu
r
OUTPUT: Y 128 bit -- Khi d liu c m ho
TIN TRNH X L:
State:=in;
AddRoundKey(State,w[0,Nb-1]);
for i in 1..Nr-1 loop
SubByte(state);
ShiftRows(state);
MixColums(state);
AddRoundKey(state,w[i*Nb],(i+1)*Nb-1);
end loop;
SubByte(state);
ShiftRows(state);
AddRoundKey(state,w[i*Nb],(i+1)*Nb-1);
Y:=state;
Thut ton sinh kho con s dng ba hm:
SubWord(): L mt hm a 4 t u vo qua S-box c 4 t u ra
RotWord(): Bin i mt t [a0a1a2a3] thnh mt t [a1a2a3a0]
Rcon(i): Cha cc gi tr [xi-1,{00},{00},{00}] vi x={02} v i>=1.
Trng hp Nk=8 ( di kho =256) v i-4 l bi s ca Nk th
SubWord() c tnh
120
ton vi w[i-1] trc khi XOR

Thut ton:
INPUT: Kho u vo K, Nk
OUTPUT: Mng kho con
TIN TRNH X L:
Tch kho K thnh Nk khi 4 byte w[i] i=0..Nk-1

i:=Nk;
while (i<Nb*(Nr+1)) loop
temp:=w[i-1];
if (i mod Nk = 0);
temp = SubWord(RotWord(temp)) xor Rcon[i/Nk];
else if (Nk > 6 and i mod Nk = 4);
temp = SubWord(temp);
end if;
w[i] = w[i-Nk] xor temp;
i = i + 1;
end loop;
Thut ton gii m s dng 4 bin i trong c 1 bin i

AddRoundKey v 3 bin i o ngc.
Bin i InvShiftRows(): tng t bin i ShiftRows thay v dch
tri th trong bin i ny l dch phi.
Bc InvSubBytes(): Php bin i ny tng t nh SubBytes()
thay v dng S-box th s dng InvS-box .
Bc InvMixColums(): Tng t nh php MixColums thay v a
XOR vi c(x) th l a-1 XOR c(x).
Thut ton gii m
121
INPUT: M 128 bit, w[Nb*(Nr+1)] --- w l mng kho , M l bn m

OUTPUT: Y 128 bit -- Khi d liu c gii m
TIN TRNH X L:
state = M
AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1])
for round = Nr-1 step -1 downto 1
InvShiftRows(state)
InvSubBytes(state)
AddRoundKey(state, w[round*Nb, (round+1)*Nb-1])
InvMixColumns(state)
end for
InvShiftRows(state)
InvSubBytes(state)
AddRoundKey(state, w[0, Nb-1])
Y = state.
3.6. Cc m i xng ng thi
3.6.1. Triple DES
M DES nhiu ln
R rng DES cn c thay th, v
Cc tn cng v mt l thuyt c th b gy n
Tn cng kho ton din c trnh din
AES l m mi thay th
Trc n ngi ta s dng lp DES, tc l s dng nhiu ln cng

mt thut ton, nhng c th vi kha khc nhau.
Triple DES l dng c chn, y lp DES 3 ln.

122
Ti sao li l Triple DES
o
M khng phi l lp hai ln Double DES: khi lp hai ln khng
hon ton l trng vi 1 ln DES no nhng cng c th.
o
C th dng 2 ln DES trn mt block vi hai kho K1 v K2 :

C = EK2(EK1(P))
Vn l c th rt gn v mt bc khng.
Double DES gp tn cng mc trung gian
Gp ni chung khi s dng mt m no 2 ln nh trn
V X = EK1[P] = DK2[C]
Tn cng bng cch m P vi mi kho v lu li.
V gii m C vi cc kho v snh trng nhau tm X.
C th ch ra rng cn O(256) bc d tm.
Triple DES vi 2 kho
o
trnh tn cng mc trung gian, cn s dng 3 m, vy ni
chung c th dng 3 kho khc nhau.
o
Nhng n gin hn c th s dng 2 kho theo trnh t:ED-E,
tc l m, gii m, ri li m.
C = EK1[DK2[EK1[P]]]
V mt an ton m v gii m tng ng nhau
Nu K1 = K2 th tng ng lm vic vi mt ln DES
Chun ho trong ANSI X9.17 & ISO8732
Cha thy tn cng thc t.
Triple DES vi 3 kho
o
Mc d cha c tn cng thc t, nhng Triple DES vi 2 kho c
mt s ch nh trnh ri vo mt s trng hp c bit.
123
Cn phi s dng 3 ln DES vi 3 kho trnh iu

C = EK3[DK2[EK1[P]]]
c chp nhn bi mt s ng dng trn Internet: PGP, S/MIME
3.6.2. Blowfish
M i xng c thit k bi Shneier khong 1993-1994.
M c cc c trng sau:
Ci t nhanh trn CPU 32 bit
Dng t b nh.
Cu trc n gin, d ci t v phn tch.
an ton thay i theo di ca kho
c ci t trn nhiu sn phm khc nhau
Lc kho con ca Blowfish
Dng kho c di bit linh hot t 32 n 448.
S dng kho sinh
18 kho con 32 bit lu tr trong mng K: KJ
Bn S box c 8 x 32 lu trong Si, j
Lc kho gm
Khi to P mng v sau l 4 hp S box
XOR P mng vi bit kho (s dng li nu cn)
Lp li vic m d liu s dng P & S hin thi v thay cp thnh
cng P sau S.
i hi 512 kho, nn chm khi ly kho con mi
M Blowfish
S dng 2 php c bn cng v XOR

124
D liu c chia thnh 2 na mi na 32 bit L0 & R0

for i = 1 to 16 do
Ri = Li-1 XOR Pi;

Li = F[Ri] XOR Ri-1;
L17 = R16 XOR P18;
R17 = L16 XOR i17;
trong
F[a,b,c,d] = ((S1,a + S2,b) XOR S3,c) + S4,a
Bn lun:
Kho con v S box ph thuc vo kho sinh ra, s dng vo chnh

m
nn vic phn tch rt kh
Thay i hai na sau mi vng lm tng an ton
Kho c cp ln vic tm duyt kho l khng thc t, c
bit khi tp trung vo lc to kho con.

3.6.3. RC4
RC4 l m ng k bn quyn ca RSADSI, c thit k bi
Ronald Rivest. RC4 n gin, nhng hiu qu, c nhiu c kho v l m
bit dng.
M c s dng rng ri (Web SSL/TLS, khng dy WEP). Kho
thc hin hon v ngu nhin c 8 gi tr bit. S dng hon v khuy
thng tin u vo c x l tng byte.
Sinh kho RC4
o
Bt u t mng S vi bin : 0..255
125
o
S dng kho xo trn u thc s.
o
S to trng thi trong ca m.
M RC4
o
M tip tc trn cc gi tr ca mng.
o
Tng ca cc cp trn chn gi tr kho dng t hon v
o
XOR S[t] vi byte tip theo ca bn tin m/gii m
i=j=0
for each message byte Mi
i = (i + 1) (mod 256)
j = (j + S[i]) (mod 256)
swap(S[i], S[j])
t = (S[i] + S[j]) (mod 256)
Ci = Mi XOR S[t]
Tng quan RC4
An ton RC4
o
m bo an ton chng cc tn cng
C mt s thm m, nhng khng thc t

126
Kt qu rt phi tuyn
V RC4 l m dng nn khng c s dng li kho.
o
C lin quan n WEP, nhng ty thuc qun l kho hn l bn thn
RC4
3.6.5. RC5
RC5 cng l m ng k bn quyn ca RSADSI, c thit k bi
Ronald Rivest v
c s dng trong nhiu sn phm ca RSADSI. RC5 c nhiu c kho
v d liu khc nhau v c bit khng c vng lp. Thit k rt n gin
v r rng. RC5 c ci t d dng trn nhiu CPU v cn c nh
gi l an ton.
Cc m RC5
RC5 l mt h cc m vi bat ham s RC5-w/r/b
w l kch thc ca t (16/32/64), s bit data = 2w
r l s vng (0..255)
b l s byte ca kho (0..255)
Phin bn chun l RC5-32/12/16
Tc l 32 bit word, m khi 64 bit d liu
S dng 12 vng
Vi 16 byte (128 bit) kho
M rng kho RC5
RC5 s dng 2r + 2 t kho con (w-bit)
Cc kho con lu trong mng R[i], i = 0,1,.., t-1
Sau lc sinh kho gm
127
Khi to S l gi tr gi ngu nhin c nh, da trn hng s e v

phi.
-
Kho byte c sao vo mng c-word L
Php trn s kt hp L v S thnh mng S cui cng
M RC5
Tch u vo thnh 2 na A v B
L0 = A + S[0];
R0 = B + S[1];
for i = 1 to r do
Li = ((Li-1 XOR Ri-1) <<< Ri-1) + S[2 x i];
Ri = ((Ri-1 XOR Li) <<< Li) + S[2 x i + 1];
Mi vng ging nh 1 vng 2 DES
Quay l ngun phi tuyn chnh
Cn s vng chp nhn c (12-16)
Cc ch m RC5
RFC2040 xc nh 4 ch ca RC5
M khi RC5, tc l ch ECB
RC5-CBC
RC5-CBC-PAD l ch vi b m bng cc byte c gi tr bng s

byte m.
RC5-CTS, mt kiu ca CBC, cng kch thc vi bn tin gc.
3.6.6 Cc c trng ca m khi v m dng.

1. Cc c trng m khi. Cc c trng trong m khi hin i l
o
di kho / kch thc khi / s vng c th thay i
Cc php ton trn, quay ph thuc kho hoc d liu.
S box ph thuc kho
To kho con phc tp hn
Php ton vi y d liu mi vng.

128
Bin thin hm phi tuyn.
2. Cc c trng m dng.
o
X l mu tin ln lt theo tng bit.
Thng thng c kho dng (gi) ngu nhin.
Kt hp XOR vi bn r theo tng bit
Ngu nhin vi kho dng s xo b hon ton cc phn tch
thng k ca mu tin
Ci = Mi XOR StreamKeyi
o
Rt n gin
Nhng kho khng c s dng li
3. Cc tnh cht ca m dng trong khi thit k

a. S dng lu khng b lp
b. Ngu nhin thng k
c. Ph thuc kho ln
d. phc tp tuyn tnh ln
e. Ri lon
f. Khuch tn
g. S dng hm Boole phi tuyn bc cao
129
Cu 1: Tm hiu cu trc ca cc tp /etc/passwd v /etc/shadow trong h
iu hnh linux? vai tr ca 2 tp ny trong h iu hnh linux l g?
Cu 2: Thc hnh m ho mt tp d liu bng vic s dng h thng tp
m ho trn h i hnh windows 2003 server?
Cu 3: Nu s lc cc phng php xc thc?
Cu 4: Thc hnh cu hnh chnh sch an ton s dng IPSec trong h iu
hnh windows 2000 server v windows 2003 server cung cp cc giao
dch an ton.
Cu 5:Thc hnh s dng chc nng m ho tp ca openssl trong h iu
hnh linux m ho cc tp d liu.
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
CHNG V: AN TON MNG KHNG DY

5.1. Gii thiu v an ton mng khng dy
5.1.1. Cc tn cng i vi mng khng dy
Vic mng khng dy c s dng rng ri v ph bin hin nay
c cc k tn cng mng c bit quan tm bi s thun tin do cc l
do sau:
Vic xm nhp vo mng khng dy nhm cc mc ch bt hp
php d dng hn khi xm nhp vo mng c dy.
Qu trnh ci t mng khng dy t tn km hn so vi mng c dy,
cc k tn cng mng khi mun gn kt, xm nhp vo mng khng dy c
chi ph cng r hn mng c dy ( v d k tn cng ch cn mt my tnh
c gn cc mng khng dy l c th s dng xm nhp vo mng).
Mng khng dy cung cp kh nng truy nhp vo mng ti bt c
ch no (trong vng ph sng ca APS) cng l mt l do cc k tn
cng mng c th s dng truy nhp v tn cng ti bt c ch no.
Vic s dng mng khng dy trong cc cng s nh v trong gia
nh cng to ra nhiu hn cc khu vc tn cng tim tng cho nhng k
tn cng.
Khi tn cng vo mng khng dy, nhng k tn cng mng c rt
nhiu mc ch khc nhau, v d: truy nhp vo cc ti nguyn mng (cc
tp d liu nhy cm); khng phi tr tin; gi mo ging nh spammer
gi cc e-mail c mc ch m khng b theo di; hoc l mt k vit virus
mun tm mt ni nc danh th nhng con su mng mi nht. Cui
cng cc tn cng vo mng khng dy l nhm mc ch ct t lin lc
trong mng khng dy v l do tr th hay lm hi i th cnh tranh theo
mt cch no . i khi cc kiu tn cng ny c kt hp vi nhau. V
d, k tn cng c th thc hin tn cng t chi dch v (DoS) hng
176
khch hng ti cc Acess Point gi mo do k tn cng kim sot. Cy tn

cng (attack tree) s trnh by r hn v cc mc ch tn cng ny v ch
ra mt s phng php thc hin chng.
* Cy tn cng (attack tree):
K tn cng lun tun theo mt quy trnh tn cng cc mng.
Trc tin chng thng thm d (reconnaissance) sau mi thc hin
cc tn cng c th. Trong giai on thm d, k tn cng tm ra s hin
din ca mng v sau khai thc cc mc tiu tim nng trong n. Di
y l ba mc tiu chnh m k tn cng thc hin tn cng cc mng
khng dy l: t chi dch v; tn cng dnh quyn c (read access) v
tn cng dnh quyn ghi (write access).
Cy tn cng l cch m t cc im yu trong h thng. N cng c
th c s dng nh l mt cng c phn tch h tr cho vic hoch
ch chin lc phng chng li cc im yu . Mi cy tn cng lun
bt u bng mt mc tiu (GOAL), mc tiu c th chi thnh cc mc
tiu nh (SUBGOAL), cc mc tiu nh cng c th c chia thnh cc
mc tiu nh hn.
* Tn cng thm d:
K tn cng phi khm ph mng ch trc khi tn cng n. Trong
th gii mng c dy, cc h thng pht hin xm nhp tri php v
firewall c th pht hin ra cc hot ng tn cng thm d. Trong th gii
khng dy, vic pht hin l hon ton b ng v khng pht hin c.
Tuy nhin, c mt s tn cng thm d c th pht hin c nh cc
chng trnh qut mng (network scan). Cy tn cng 1 s m t v cc
tn cng thm d ny:
Attack Tree 1
GOAL: Khm ph mng ch.
AND
177
Khm ph s hin din ca mng.

OR
Thc hin wardriving.
Nghe trm cc mc tiu nht nh ("parking lot
sniffing").
Khm ph thm thng tin v mng.
OR
Thc hin qut cng ch ng (active host and port
scanning).
Thc hin nghe trm th ng (passive sniffing).
* Tn cng DoS:
DoS l mt dng tn cng vo tnh sn sng phc v ca mng nhm
thc hin nhiu mc ch ca k tn cng. Cc mc ch c th l tn cng
nhm gin on lin lc; h tr cho tn cng ngi n ng gia (manin-the-midle). Ngoi ra k tn cng cn mun ci t cc thit b khng
dy chim knh truyn thng dnh cho nhng ngi dng hp php.
Bng cch ngt t cc thnh phn no ca mng, k tn cng c th
loi b s can thip ca cc thit b hp php v hng ngi dng n
ng dn gi m k tn cng dng ln. Tn cng DoS c m t trong
cy tn cng 2 nh sau:
Attack Tree 2
GOAL: T chi dch v.
AND
Khm ph mng ch (dng cy tn cng 1).
T chi dch v.
OR
T chi dch v n ton mng.
OR
178
Dng thit b lm nghn sng v tuyn.

Lin tc pht qung b cc frame lm nghn
bng thng mng.
Tn cng Ngt trnh bo/hu xc thc i vi

tt c cc ngi dng.
Lm trn cc bng ca Acess Point.
Thit lp mt Acess Point gi v hng ngi
dng ti mng gi .
T chi dch v i vi mt ngi dng no.
Tn cng Ngt trnh bo/hu xc thc i vi mt
ngi dng.
* Tn cng truy nhp mng:

Mc ch thng thng nht ca k tn cng l dnh quyn truy nhp
c hoc quyn truy nhp ghi n mt mng. Truy nhp c bao gm kh
nng chn bt v c lung thng tin trn mng v bao gm cc tn cng
vo cc phng php m ho, xc thc v cc phng php bo v khc.
Truy nhp ghi bao gm kh nng gi d liu vo mt thc th mng v
bao gm c quyn truy nhp c v k tn cng thng phi c cc gi
phn hi c th truyn thng trn mt s giao thc mng. Tuy nhin
mt s trng hp, k tn cng c th chn thm cc gi tin ln mng m
khng cn phi c cc lung d liu phn hi.
Cy tn cng 3 m t mc ch dnh quyn truy nhp c
Attack Tree 3
GOAL: Dnh quyn truy nhp c.
AND
c lung d liu.
OR
179
c lung d liu khng m ho.

Bt lung d liu bng cng c nghe ln
(sniffer).
c lung m ho.
AND
Bt lung d liu m ho bng cng c nghe
ln (sniffer).
Ly kho.
OR
Khi phc kho.
Khi phc mm kho.
Thit lp Acess Point gi v kim sot cc tham
s mng nh cc kho m.
AND
Lm tn thng client.
Xm nhp vo client thng qua mng ad-hoc network nh
vo nhng li cu hnh sai hoc cc l hng cha v.
Ci t phn mm gin ip ln client.
Phn mm gin ip s chuyn d liu n k tn cng
bng mt s phng php no .
Cy tn cng 4 m t mc ch dnh quyn truy nhp ghi:

Attack Tree 4
GOAL: Dnh quyn truy nhp ghi.
AND
Lch c ch xc thc dnh cc c quyn truy nhp
mng.
OR
180
Mng khng c xc thc. Khng cn lch.

Gi mo a ch MAC qua h thng lc a ch
MAC.
S dng tn cng lch xc thc bng kho b mt.
Nu mng ang s dng 802.1x xc thc, th
s dng tn cng t in LEAP hoc tn cng ngi n ng
gia PEAP.
Chn thm cc gi d liu.
OR
Mng khng s dng m ho. Chn thm d liu.
Ghi d liu m bng cch dng li mm kho bt
c.
Khi phc mm kho.
M d liu bng kho v ghi n ln mng.
Khi phc kho.
Xm nhp vo client thng qua mng ad-hoc. Ci
t m c client.
Thc hin tn cng t in LEAP.
AND
Bt
phin lm vic LEAP.
Thc hin tn cng t in offline khi

phc password.
Xc thc bng cc d liu mt bt c.
Sau khi c xc thc, ghi d liu ln mng.
Thc hin tn cng ngi n ng gia PEAP.
AND
Thit lp Acess Point gi client kt ni.
Thit lp mt phin lm vic ti Acess Point
tht.
181
Bt cc d liu mt v s dng chng xc

thc vi my ch.
Chim kt ni ca client.
Ghi d liu.
5.1.2. Cc cng ngh sng v tuyn

Cc tn hiu ca mng c truyn bng sng v tuyn tng t nh
cch cc i v tuyn qung b a phng truyn tn hiu, nhng i vi
cc ng dng mng th c cc tn s s dng cao hn. V d, i vi sng
pht thanh FM, tn s s dng trong khong 88- 108 MHz, cn M, tn
s c s dng truyn cc tn hiu mng l 902-928 MHz, 2,4
2,4835 GHz hoc 5-5,4825 GHz.
Trong mng khng dy, tn hiu c truyn theo mt hoc nhiu
hng, tu thuc vo kiu ca ng ten c s dng. Hu ht cc mng
sng v tuyn u s dng cng ngh tri ph truyn cc gi tin. K
thut truyn tri ph l k thut tri cc tn hiu mang tin (thng l tn
hiu s) lm cho rng bng tn ca knh v tuyn rng hn nhiu so
vi rng bng tn ca thng tin ban u.
to ra mt tn hiu tri ph, tn hiu mang tin c nhn vi mt
m tri ph. Mt bit tn hiu mang tin ban u s to ra rt nhiu bit tin sau
php nhn ny. Qu trnh ny to ra tn hiu pht trn mt bng tn rng.
thu c tn hiu, bn thu phi s dng mt m tri ph ging vi bn
pht khki phc li tn hiu mang tin ban u..
K thut ny lm thay i (tri) cc thnh phn tn s ca mt tn
hiu bng hp sang mt bng tn rng tng ng.
S dng k thut truyn tri ph m bo c tnh an ton v bo
mt ca tn hiu rt cao v cho php nhiu ngi dng s dng chung mt
bng tn. L do l v nng lng ca tn hiu c pht i l rt thp so
vi nhiu nn t nhin ca cc tn hiu thu c. Do tn hiu c pht i
trn mt bng tn rng, nn cc tn hiu bng hp khc (nh tn hiu nghn
182
sng v tuyn cng sut cao) s c nh hng rt nh n ton b qu

trnh truyn tn hiu tri ph. iu ny lm cho tn hiu tri ph rt kh b
xuyn nhiu.
S truyn thng s dng sng v tuyn c th tit kim chi ph ti
nhng a im kh thi cng cp mng hoc thi cng nhng vi gi thnh
cao. Mt khc, vic s dng sng v tuyn trong thit lp mng cng em
li s tin li i vi ngi dng nh khng phi c nh v tr lm vic v
c th di chuyn v tr lm vic trong vng ph sng.
Tuy nhin, bn cnh nhng tin li ca vic s dng sng v tuyn
trong truyn thng mng, n cng cn tn ti nhng bt tin, v d nh tc
, v s xuyn nhiu gia cc h thng, nh hng ca mi trng, thi
tit n cht lng tn hiu , v.v...
5.2. Gii thiu v IEEE 802.11
5.2.1. Cc thnh phn ca mng khng dy
* im truy nhp (Access Point)
Access Point (AP) l mt b thu pht sng v tuyn (kt hp c thit
b pht v thit b thu) s dng kt ni cc thit b d liu v tuyn (cc
trm lm vic) vi cc h thng mng cc b LAN. AP lm nhim v bin
i v iu khin vic gi cc gi d liu. AP c th kt ni mt hoc rt
nhiu thit b khng dy vo mt mng cc b c dy (LAN).
AP c th thc hin mt hoc nhiu chc nng truyn ti d liu khc
nhau nh lm cu ni (bridging lin kt cc mng), pht li (repeating),
phn tn (hubs), nh hng cc gi d liu (switching, routing) hoc ghp
ni nhiu loi mng khc nhau (gateway)
* Thit b truy nhp u cui
Trong h thng WLAN, cc thit b truy nhp u cui (End user
access device) cn c gi l cc trm lm vic (Workstation - STA). Cc
183
trm lm vic u cui l cc my thu pht bin i tn hiu v tuyn

thnh tn hiu s c nh tuyn n hoc t cc thit b truyn thng.
Cc thit b ny (cc thit b truy nhp u cui) s kt ni cc thit
b truyn thng (my tnh, laptop, PDA) vi cc thit b truy nhp tp
trung (Access Point). Thit b ny c nhim v nhn v phn phi cc gi
d liu n cc thit b hoc cc mng khc. Cc thit b truy nhp u
cui c th l card mng khng dy hay cc module v tuyn tch hp
trong cc thit b tnh ton c nhn nh laptop hoc PDA.
* Antena
Antena l thit b c s dng chuyn i (convert) cc tn hiu
in sang tn hiu in t v ngc li. Antena thng c thit k hot
ng trn mt di tn nht nh. Cc Antena hng c thit k tp
trung nng lng truyn theo mt hng nht nh. Cc Antena thng
c tch hp cc trm u cui ngi dng c trong Acess Point.
Hnh 5-1: Cc loi Antena trong WLAN

Hnh 6-1 gii thiu cc loi Antena thng c s dng trong cc
h thng WLAN. Trong cc Antena a hng (omnidirectional) s ph
sng xung quanh thit b vi cng thp hn (khng tp trung), cn cc
Antena YAGI v Flat Panel cho cng tn hiu mnh hn theo mt
hng nht nh.
184
tng hiu nng truyn v tuyn (tc truyn v khong cch),

cc Acess Point s dng 2 Antena thu a im (diversity reception).
Thu a im s dng 2 Antena bt cc tn hiu v tuyn 2 im khc
nhau. iu ny cho php s dung Antena c cht lng tn hiu cao nht
tng hiu nng ca h thng WLAN.
Hnh 5-2: Antena hng trong mng WLAN

Hnh 6-2 l mt v d v s dng Antena hng tng khong cch
truyn gia mt trm lm vic v mt Acess Point. Trong , Laptop kt
ni vi mt thit b truy nhp thng qua cng USB. Thit b truy nhp c
mt u ni RF kt ni vi Antena hng. Antena hng ny s tp trung
tn hiu hng ti Acess Point. Do lm tng khong cch truyn v tc
truyn trong h thng WLAN.
* Ch : Antena c nh hng hay antena a hng u em li cho cc
k tn cng mng nhng thun li v kh khn nht nh. Bi v, i vi
antena c nh hng, tn hiu c truyn theo mt hng v truyn c
khong cch xa, do vy k tn cng khng cn phi tip cn gn cc
ngun tn hiu cng c th thu c tn hiu. Tuy nhin, thu c tn
hiu, cn phi xc nh c hng truyn ca tn hiu, m iu ny cng
khng phi d thc hin. Cn i vi cc tn hiu c truyn bi antena
a hng th d dng hn trong vic chn bt thu trm, bi v cc k tn
cng khng cn phi xc nh hng truyn tn hiu ca antena. Tuy
185
nhin, trong trng hp ny th cn phi tip cn cc ngun tn hiu

khong cch tng i gn, do vy d b pht hin.
5.2.2. Cc phng php truy nhp mng khng dy
Chun 802.11 s dng hai phng php truy nhp mng khng dy,
l: truy nhp da trn u tin v a truy nhp pht hin sng mang
c trnh va chm (CSMA/CA).
Trong phng php truy nhp da trn u tin, cc im truy cp
hot ng nh mt trm iu phi tp trung (point coordinator). Trm iu
phi s thit lp mt giai on khng tranh chp, trong ch c my trm
m trm iu phi lin lc u tin mi c php gi d liu ln ng
truyn. Trong giai on khng tranh chp, trm iu phi s gi cc tn
hiu thm d trng cu cc my trm. Nu my trm phn hi li rng
n c thng bo gi th trm iu hnh s a n vo danh sch c
trng cu. Vi cc my trm khng c trng cu, trm iu phi s gi
cho chng mt "beacon frame" thng bo khong thi gian m chng phi
ch n giai on khng tranh chp tip theo. Tip theo, cc my trm
trong danh sch c trng cu s c cp quyn truy nhp ng truyn
trn d liu, mi my trm c php truyn mt thi im khc
nhau. Sau khi tt c cc my trm trong danh sch trng cu truyn d
liu xong, tram iu phi s thit lp mt giai on khng tranh chp khc.
Phng php truy nhp da trn u tin c s dng cho cc
ng dng nhy cm vi thi gian nh voice, video v videoconferencing.
Tt c cc ng dng nay ch hot ng tt nht trn cc ng truyn c
thng lng khng b nghn (khng b gin on). Trong chun 802.11,
phng php truy nhp da trn u tin cn c gi l chc nng iu
phi tp trung (PCF).
a truy nhp pht hin sng mang c trnh va p (CSMA/CA) l
phng php c s dng nhiu hn trong mng khng dy v n c
gi l chc nng iu phi phn tn (DCF). Trong phng php ny, mt
186
trm i pht s lng nghe ng truyn pht hin tn s nhn ri bng

cch kim tra mc ch s mnh tn hiu nhn c (RSSI). Thi im
c tn s ri l thi im c kh nng va p ln nht do nhiu trm cng
mun truyn d liu ln ng truyn. Ngay sau khi pht hin tn s ri,
mi trm s tnh c mt thi gian i (backoff time) v s lng nghe
thm mt khong thi gian DIFS na (DIFS l khong cch gia cc
frame trong h thng iu phi phn tn) chc chn rng tn s l ri
. Nu tn s ny l nhn ri th trm c thi gian i ngn nht s c
pht d liu ln ng truyn. Nu tn s ny l khng ri, cc my trm
cn pht s phi i cho n khi tn s ri tr li v sau tip tc ch
thm bao lu na tu thuc vo thi gian i m chng tnh c.
Thi gian i c tnh bng cch nhn mt gi tr slot-time vi mt
s ngu nhin. Gi tr slot-time c lu trong bng thng tin qun l
(MIB) ca mi my trm. S ngu nhin c th t 0 n gi tr kch thc
ca s va p ti a, gi tr ny cng c lu trong MIB. Tuy nhin,
nhng k tn cng cng c th gy ra cc vn cho mng khng dy
bng cch khng tun th thi gian i v lm lt AP bng cc gi tin.
5.2.3. Kim sot li d liu
Qu trnh truyn thng trong mng khng dy thng b can nhiu
bi thi tit, nh sng mt tri (solar flares), cc mng khng dy khc
hoc do cc tr ngi vt l hoc cc ngun khc. Bt k mt s can nhiu
no trn cng c th lm hng qu trnh truyn nhn d liu. Chun
802.11 c c tnh yu cu lp li t ng (ARQ- automatic repeat
Request) gip cc thit b khng dy ngn chn c cc kh nng can
nhiu.
Vi ARQ, nu mt trm gi mt gi tin i m khng nhn li c
tn hiu xc nhn (ACK) t trm thu th n s t ng gi li gi tin . S
ln gi li gi tin s ph thuc vo kch thc ca gi tin . Mi mt
trm s lu gi hai gi tr, mt gi tr l kch c ti a ca mt gi tin ngn
187
v mt gi tr l kch thc ca gi tin di. Mi trm cng s lu gi thm

hai gi tr, l s ln c gng gi li gi tin ngn v s ln c gng gi
li hi tin di. Mi trm s cn c vo cc gi tr ny gi li gi tin.
V d, mt trm t gi tr kch c ti a ca gi tin ngn l 776 byte,
s ln pht li gi ngn l 10 ln. Gi s trm ny pht i mt gi tin c
di 608 byte nhng khng nhn c tn hiu xc nhn t trm thu. iu
ny c ngha l trm pht s pht li gi tin ti a l 10 ln nu khng nhn
c tn hiu xc nhn t trm thu. Sau 10 ln gi gi tin i m khg nhn
c tn hiu xc nhn, n s thi khng pht li gi tin na.
K tn cng c th to ra can nhiu v tuyn ph hoi bng cch
mua hoc thit k mt thit b pht hot ng cng tn s vi cc mng
khng dy. Vi vic s dng 1 ng ten hng tp trung v pht i cc tn
hiu c cng sut ln, k tn cng hon ton c th to ra can nhiu trong
cc mng khng dy.
5.2.3. Tc truyn
Trong IEEE 802.11, tc truyn v tn s sng v tuyn lin quan
c nh ngha thng qua ba chun l 802.11a, 802.11b v 802.11g.
( Trong cc chun trn, tc truyn ph hp vi tng vt l trong m
hnh tham chiu cc h thng m OSI).
Trong chun 802.11a, vi di tn 5 Ghz, tc truyn ca mng khng
dy bao gm:
- 6 Mbps
- 9 Mbps
- 12 Mbps
- 18 Mbps
- 24 Mbps
- 36 Mbps
188
- 48 Mbps
- 54 Mbps
Chun 802.11a hot ng ti tng vt l trong m hnh tham chiu
cc h thng m, n s dng phng thc OFDM ( orthogonal frequencydivision multiplexing) pht cc tn hiu d liu bng sng v tuyn.
OFDM hot ng bng cch chia di tn 5 Ghz thnh tp hp ca 52 tn
hiu sng mang con hoc 52 knh v truyn tn hiu d liu ng thi qua
52 tn hiu (hoc knh) , ngi ta cn gi y l phng thc truyn
song song. Trong s 52 tn hiu sng mang c chia, 4 dng cho iu
khin truyn, 48 cn li dng cho truyn d liu ca trm.
Chun 802.11b s dng di tn 2.4 Ghz, cc tc truyn gm c:
- 1 Mbps
- 2 Mbps
- 10 Mbps
- 11 Mbps
Chun 801.11b s dng phng thc DSSS ( Direct sequence spread
specrum modulation) pht cc tn hiu mng d liu thng qua sng v
tuyn. Vi DSSS, d liu c th c truyn qua cc knh c di thng l
22 Mhz, s lng cc knh tu thuc vo tng quc gia v c th ln ti
14 knh.
Chun 802.11g l s m rng ca ca chun 802.11b, n cho php
tc truyn c th ln ti 54 Mbps, v cc thit b khng dy s dng
chun 802.11g c th giao tip c vi cc thit b s dng chun
802.11b v 802.11g khc. Chun 802.11g s dng phng thc OFDM v
c th t c cc tc truyn:
- 6 Mbps
- 9 Mbps
189
- 12 Mbps
- 18 Mbps
- 24 Mbps
- 36 Mbps
- 48 Mbps
- 54 Mbps
5.2.4. S dng xc thc hu b kt ni
Mt chc nng ca qu trnh xc thc l hu b kt ni khi phin lin
lc hon thnh. Qu trnh xc thc trong hu b cc kt ni l quan
trng bi v n s ngn chn hai trm truyn thng b hu b kt ni mt
cch v tnh (khng c ) bi mt trm khng xc thc. Hai trm s hu
kt ni khi mt trong cc trm gi mt thng bo deauthentication v
kt qu l qu trnh truyn thng s c kt thc ngay lp tc.
5.3. Mng Boluetooth
Bluetooth l mt cng ngh khng dy c m t bi SIG
(Bluetooth Special Interest Group). Bluetooth l cng ngh c s hp dn
li cun nhiu nh cung cp nh 3Com, Agre, IBM, Intel, Lucent,
Microsoft, motorola,...Bluetooth s dng cc tn s nhy trong di tn
2,4 Ghz ( 2,4 - 2,4835 Ghz) c thit k bi FCC cho vic truyn thng
ISM khng bn quyn. K thut nhy tn s (frequency hopping) l mt
k thut s dng ph tn rng, n xoay quanh vic gi tn hiu qua mt
tn s ngu nhin; ngha l ln u s gi trn mt tn s, ln hai gi trn
tn s khc, ln th ba v vn vn. tn s ny khng tht s l ngu nhin
m c tnh ton mt cch c gii thut bi mt b sinh s ngu nhin.
Bn nhn s dng cng mt gii thut nh bn gi v do c th nhy
qua cc tn s khc nhau ng b vi bn gi nhn chnh xc khung
thng tin. Thun li ca nhy tn s l gim thiu c s xuyn nhiu khi
c nhiu thit b c s dng.
190
Vi vic s dng k thut truyn cng sut cao, Bluetooth c th

truyn xa ti 100 mt, nhng trong thc t, hu ht cc thit b Bluetooth
truyn nhn khong cch 9 mt. Bluetooth in hnh s dng truyn
thng khng ng b tc 57,6 kbps v 721 kbps, ngoi ra, cc thit b
bluetooth cng c th s dng truyn thng ng b tc 432,6 kbps
nhng khng ph bin.
Bluetooth s dng TDD ( time division duplexing), iu ny c ngha
l cc gi tin c truyn qua li theo cc hng s dng cc khe thi gian
(time slots). S khe thi gian trong mt qu trnh truyn c th ln n con
s 5, iu ny cho php nhiu gi tin c th truyn nhn ng thi v qu
trnh thc s l song cng. Bluetooth c th cho php 7 thit b cng kt
ni v thc hin truyn thng ng thi, v khi cc thit b ny thc hin
truyn thng, mt thit b s c t ng la chn lm thit b ch
( master device) iu khin hot ng nh thit lp khe thi gian, qun
l cc bc nhy tn. Truyn thng Bluetooth i din cho hot ng
mng ngang hng.
5.4. Phn tch cc tn cng mng khng dy
5.4.1. Cc tn cng thm d
Vn an ton r rng nht trong cc mng WLAN chnh l u im
chnh ca n: Bt c ai cng c th thu c d liu bt c u trong
vng ph sng v tuyn. Tn hiu c th i qua tng, ra ngoi cc to nh
hay vt qua tt c cc ro cn. Nhng k tn cng c th bt v pht tn
hiu khng dy min l chng trong vng ph sng. Vi cc Antena
mnh, k tn cng c th nhn v pht cc gi tin khong cch xa nhiu
km.
Nhng k tn cng dng phng php thm d khm ph v phn tch
cc mc tiu tn cng. Trong qu trnh phn tch, k tn cng s bit c
giao thc v nhng c ch an ton no ang c s dng t chn cng
c tn cng ph hp. Cho d cc chng trnh nh sniffing v wardriving
191
khng phi l chng trnh tn cng v c cc nh qun tr h thng s

dng vi mc ch hp php, nhng chng cng c th l cng c thc
hin cc tn cng thm d.
5.4.2. Cc tn cng DoS
DoS l vn ng quan tm nht, n l dng tn cng nhm ph v
chc nng ca mt dch v. S ph v c th l ph hoi v vt l cc thit
b mng hoc cc tn cng nhm chim ton b bng thng ca mng. N
cng c th l mt hnh ng nhm ngn khng cho mt ngi dng no
s dng mt dch v. Tn cng DoS c bit nghim trng trong mng
khng dy do tnh d dng truy nhp mng ca n. Mt k tn cng c th
thc hin mt tn cng DoS rt n gin bng mt thit b lm nghn sng
v tuyn, hin nay ngi ta s dng cc cc 802.11 thay cho cc thit b
do tnh hiu qu v d dng vn chuyn ca n.
* Cc tn cng ngt trnh bo v ngt xc thc:
Cc tn cng ngt trnh bo v ngt xc thc khai thc bn cht
khng xc thc ca cc frame qun l giao thc 802.11. Khi mt trm lm
vic kt ni vo Acess Point, trc ht n phi trao i cc frame xc thc
v sau l cc frame trnh bo. N ch c php tham gia vo mng sau
khi xc thc (authenticate) v trnh bo (associate) thnh cng. Tuy
nhin, bt c mt trm no cng c th lm gi mt thng bo ngt trnh
bo v ngt xc thc, khi Acess Point s loi trm ra khi mng v
do n khng gi c d liu cho n khi n trnh bo li. Bng cch
gi cc frame ny lp i lp li nhiu ln, k tn cng c th loi c
nhiu my ra khi mng.
* Tn cng thi gian pht:
Mt dng khc ca tn cng t chi dch v da trn trng Transmit
Duration ca cc frame 802.11. Transmit Duration l c ch chng xung
t dng cng b cho cc trm khc bit khi no thi gian pht kt thc.
K tn cng c th gi mt lot cc gi c gi tr Transmit Duration ln
192
nht (1/30 giy), gi tr ny lm cho cc trm khc khng pht c d

liu trong khong thi gian . Do , ch cn gi i cc gi vi s lng
30 gi/giy l c th chim c mng. Hin nay rt nhiu card b
trng Transmit Duration nn tn cng ny khng cn hiu lc na.
5.4.3 Cc tn cng xc thc
Tn cng DoS l kh n gin nhng chng ch t c mt s mc
ch nht nh. Truy nhp c vo mng s gip k tn cng khai thc
c nhiu hn. Do vic dnh quyn truy nhp vt l vo mng khng dy
l n gin, nn ngi ta pht trin nhiu c ch cung cp chc nng
kim sot truy nhp. IEEE a ra cc c ch xc thc mi da trn
chun 802.1x v EAP. Ngoi ra mt s nh sn xut cn thc hin mt s
c ch xc thc khc nh lc a ch MAC.
* Tn cng xc thc bng kho b mt:
Cc nh thit k 802.11 to ra mt c ch xc thc, gi l xc thc
kho b mt chia s (shared-key authentication). Tuy nhin, n li rt d
gi mo v d r thng tin v mm kho. Nhng tht may mn s xc thc
l tu chn (optional). C ch xc thc mc nh l xc thc m (open
authentication), v c bn l khng xc thc, v c a dng hn c ch
xc thc bng kho b mt chia s.
Xc thc bng kho b mt chia s l c ch xc thc 2 chiu m
trong mi bn s gi mt gi tr ngu nhin (random challenge) v sau
m gi tr bng mt kho WEP m bn kia cung cp. C ch ny rt
d b ph v v k tn cng c th thu thp y thng tin bng cch
quan st mt phin xc thc thnh cng v s to ra c nhng response
xc thc hp l s dng trong tng lai.
Bng mt php tnh XOR gia challenge v response, k tn cng c
th tm ra c chui kho tng ng vi vc t khi to . Gi y k
tn cng c thng tin xc thc v hn c th dng li vc t khi
193
to v chui kho m hn tnh ra. Hn ch n gin m tt c cc challenge

chuyn n bng chui kho ny v do hn xc thc thnh cng.
* Tn cng gi a ch MAC:
Rt nhiu Acess Point c kh nng gii hn kt ni ca cc trm lm
vic da trn a ch MAC. Tuy nhin mt k tn cng li d dng gi mo
a ch MAC v rt nhiu card 802.11 cho php ngi dng t t cc a
ch MAC m h mun. K tn cng c th d dng c c mt a ch
MAC hp l bng cch s dng cng c sniffer.
* Tn cng khi phc kho WEP v khi phc bn r:
C 2 cch gii m d liu m bng WEP. Cch r rng nht l
khm ph ra ng mm kho, cch th 2 l tm ra tt c cc kho c th
m mm kho to ra.
M ho RC4 l php tnh XOR gia kho (K) vi d liu r (P) to
ra bn m (C). Nu mt k tn cng bit c 2 trong 3 thnh phn ny,
hn s tnh c thnh phn th 3. V k tn cng lun lun bit c bn
m C, do n c pht qung b trn mng, nn nu bit P k tn cng s
tnh c K v ngc li.
* T in kho:
Vn an ton ca RC4 chnh l khng c s dng trng kho.
WEP thc hin iu ny bng cch s dng vc t khi to (IV) cho
php 224 (tng ng vi khong 16 triu) kho ng vi mi mm kho.
Do , tm ra kho th phi tm ra tng kho. C mt phng php l
i cc kho lp li, iu ny s lm d r thng tin v d liu v v kho.
Phng php khc l phi bit c mt s d liu trong ton b d liu
m, gi l tn cng bn r bit trc (known plaintext attack). Sau khi k
tn cng xy dng c mt t in bao gm 16 triu kho, hn c th
gii m bt c d liu no gi i trn mng c m bng kho WEP
. T in ny ch c di 1500 byte v ch phi mt 24 GB lu tr,
194
rt ph hp vi cng ca my Laptop. Hin nay ta c th thay giao thc

WEP bng WPA v chun 802.11i
* Tn cng khi phc mm kho WEP:
Mt trong nhng mc tiu hp dn nht m k tn cng nhm vo
cc mng WLAN c bo v bng WEP l khi phc mm kho WEP.
Do cc im yu ca giao thc v mt s li khi thc hin, nn rt nhiu
tn cng c thc hin nhm vo mm kho WEP. Mt trong nhng
tn cng nguy nhim nht l tn cng Fluhrer-Mantin-Shamir, n cho php
dng mt sniffer th ng tm ra c mm kho WEP ch trong vng 9
pht thc hin.
5.4.4. Cc tn cng trn giao thc EAP
Rt nhiu nh sn xut pht trin cc giao thc khng dy da trn
giao thc EAP (Extensibel Authentication Protocol). Tt c cc giao thc
ny u cn n mt my ch xc thc, Acess Point ng vai tr ch yu
trung chuyn cc thng bo xc thc. K tn cng c th nhm vo cc
giao thc ny vi mt trong 2 t cch: k tn cng th ng quan st
lung thng tin v c gng thu thp cc thng tin c ch; k tn cng ch
ng ng gi vai tr l ngi trong cuc. Theo cch ny, hn s c ng
gi mt client, mt my ch hoc c 2 (ging nh ngi n ng gia).
5.4.5. Cc im truy nhp gi mo
Cc im truy nhp gi mo (Rogue Acess Point) l cc Acess Point
khng hp l trong mng. Nhng ngi dng mng thng thit lp ln
s dng cho tin li, c bit trong trng hp khng tn ti c s h tng
mng khng dy. Do gi ca cc Acess Point r v d ci t nn chng
thng c thit lp m khng c hoc rt t chc nng an ton. Cho d
chng c c ci t cc chc nng an ton nh WEP, th mt ngi
dng thng khng th cu hnh mt c ch an ton mnh hn nh VPN
hay xc thc u cui. Mt him ho tim nng khc l nhng k tn
195
cng c th dng ln cc Acess Point gi ginh quyn truy nhp vo

mng.
Cc Acess Point gi khng cn phi ci t trong phm vi vt l ca
mng. Chng c th c t bn ngoi (trong mt chic xe hoc trong
mt to nh bn cnh). Mun thc hin c tn cng ngi n ng
gia, k tn cng cng cn phi dng ln mt Acess Point gi.
Mt s Acess Point ng vai tr nh cc cng truy nhp cng cng
(nh sn bay, khch sn, qun c ph hay cc a im cng cng khc)
u yu cu cung cp username v password xc thc s dng dch
v khng dy. Mt k tn cng cng c th dng ln cc Acess Point gi
thu thp cc thng tin v khon mc. Nu ngi dng khng c cch
no xc thc Acess Point (nh s dng SSL) th khng c cch no
chng li kiu tn cng ny.
K tn cng cng c th s dng Acess Point gi lm n by lm
tn thng n mt mng no . Nu k tn cng c quyn truy nhp vt
l n mt mng (trc tip hay thng qua trung gian), hn cng c th
dng ln mt Acess Point gi trn mt mng c dy. Sau Acess Point
ny c th cho php truy nhp vo mng m khng cn phi truy nhp vt
l vo mng . K tn cng c th dng ip vin ny thc hin cc
tn cng khc nh gi cc d liu quan trng ra bn ngoi.
R rng, cc Acess Point gi cho thy nhng im yu v an ton rt
nghim trng. Nn ngi qun tr mng cn c chin lc tm v xo
b cc Acess Point gi trong mng
5.5. Cc bin php an ton mng khng dy
5.5.1. Xc thc h thng m
Trong cc h thng m, hai trm tham gia truyn thng c th xc
thc ln nhau. Trm gi s gi i mt thng bo n gin yu cu c
xc thc bi trm ch hoc im truy nhp (AP), khi trm ch xc nhn
196
yu cu th qu trnh xc thc s hon thnh. Trong phng thc ny,

mt trm bt k khi yu cu xc thc th n s cng nhn lun qu trnh
xc thc . Trong xc thc h thng m, tnh an ton c cung cp rt
thp v y l thnh phn ngm nh ca cc thit b khng dy.
5.5.2. Xc thc kho chung
Xc thc kho chung (kho chia s trc) s dng mt m kho i
xng, vi vic s dng cng mt kho (hoc mm kho) m ho v gii
m. K thut xc thc c s dng l thch v p ng (challenge/
response), my tnh b truy nhp s yu cu mt tham s b mt t my
tnh truy nhp khi khi to kt ni, v d nh kho mt m m c hai s
dng trong m ho v gii m thng tin. Trong truyn thng khng dy,
cc bc c s dng nh sau:
1. My tnh khi to kt ni s gi mt khung yu cu qun l xc thc ti
thit b ch.
2. Thit b ch gi mt khung yu cu qun l xc thc i hi tham s b
mt (shared secret).
3. My tnh khi to gi tr li cho thit b ch tham s b mt cng vi
tng tra tra CRC xc nhn tnh chnh xc ca tham s b mt.
4. Thit b ch s kim tra tham s b mt t my tnh truy nhp, nu
chnh xc th s gi tr li cho my tnh ch mt thng bo xc nhn qu
trnh xc thc thnh cng v qu trnh truyn nhn d liu s bt u.
5.5.3. An ton tng ng mng c dy (WEP)
WEP (Wired Equivelent Privacy) l mt thut ton m ho c cng b
trong chun 802.11 u tin. N c 3 chc nng chnh nh sau:
- Chng l cc gi tin trong qu trnh truyn
- Chng sa i cc gi tin trong qu trnh truyn
- Cung cp chc nng kim sot truy nhp mng
197
Mc ch ca giao thc ny l bo m an ton cho mi trng

truyn khng dy ging nh trong mi trng truyn c dy dn.
* WEP key v WEP seed:
WEP key l mt kho c di 40 hoc 104 bit c s dng lm
kho c s cho tng gi tin. Khi c kt hp vi 24 bit vc t khi to n
s c gi l WEP seed. Do WEP seed s c di 64 hoc 128 bit.
WEP s dng thut ton RC4 trong h mt RSA m ho cc gi
tin. Tuy nhin, RC4 l mt loi m lung v khng cho php dng li
kho, nn cc nh thit k thm vo cc vc t khi to (IV) lm cho
chng nhau i vi tng gi tin. Vc t khi to ny c kt hp vi
WEP key to nn ci gi l WEP seed. Trn thc t, WEP seed c s
dng lm kho cho RC4, m RC4 ch cho php cc kho mi s dng
cho mi gi tin. Tuy nhin, cc nh thit k li cn gi tr IV duy nht v
khng lp li i vi mi gi tin. Chnh iu ny lm cho k tn cng
d dng dng li cc gi tin hoc chn mt IV thch hp no phc v
tn cng.
chng sa i gi tin khi truyn, ngi thit k s dng vc t
kim tra tnh ton vn (Integrity check Vector ICV). ICV l mt m tng
kim tra tuyn tnh c di 4 octet (32bit) c tnh trn cc plaintext
payload ca gi v c gn vo encrypted payload. N s dng thut
ton kim tra d tha CRC-32.
thc hin chc nng kim sot truy nhp, ngi thit k chn c
ch challenge-response kt hp vi WEP key. V n c gi l xc thc
kho b mt chia s. tng xc thc l client phi chng minh c
l mnh nm gi WEP key th mi c php truy nhp vo mng.
* RC4:
RC4 l thut ton m ho c bn m WEP s dng. RC4 l mt loi
m lung kho i xng, to ra mt kho m c cng di vi di ca
198
d liu. Trong WEP, kho ny c kt hp vi d liu bng ton t OR

(XOR) to ra bn m.
RC4 s dng mt S-box, thc ra n l mt mng cc gi tr. Cc gi tr ny
c np vo mng thng qua mt lot php hon i; chng to u ra l
cc s gi ngu nhin. Hai pha trong thut ton RC4 l thut ton lp kho
(Key scheduling algorithm - KSA) v thut ton to s gi ngu nhin
(Pseudorandom Generation Algorithm - PRGA). Nhim v ca KSA l
truyn gi tr ban u cho S-box bng kho RC4, v nhim v ca PRGA
l to cc bit kho bng cch mi bit c truyn vo S-box th u ra s
cho ra mt bit.
* ng gi tin WEP (WEP encapsulation):
ng gi l qu trnh bin i d liu t mt tng mng sang khun
dng ca tng thp hn. ng gi bao gm m ho, tnh gi tr kim tra
ton vn, phn mnh v gn cc header. Ci gi thc hin ngc li, bao
gm loi b header, gii m, tp hp li cc gi v xc nhn gi tr kim
tra ton vn.
ng gi d liu WEP l qu trnh m ho v kin trc ln gi d
liu WEP. Khun dng ca gi d liu WEP c m t trong hnh 6.3
Hnh 5.3: Khun dng gi d liu WEP

Qu trnh ng gi c m t trong hnh 6.4 nh sau:
199
Hnh 5.4: Qu trnh ng gi d liu WEP

* Ci gi tin WEP (WEP decapsulation):
Qu trnh ci gi d liu WEP c m t nh hnh 6.5 nh sau:
Hnh 5-5: Ci gi d liu WEP

5.5.4. Dch v thit lp nh danh
Khi chng ta mua cc thit b khng dy, phi chc chn rng cc
hng cung cp h tr dch v thit lp nh danh (SSID). Dch v thit
lp nh danh (SSID) l mt gi tr nh danh c trng v l mt chui c
di c th ln ti 32 k t. SSID khng phi l mt khu, song gi tr
ny c dng ch r cc thit b thuc mt mng logic no. S trin
khai SSID khng ging nh mt cch ngn cn cc k tn cng mng nguy
him nhng n cng c tc dng lm kh khn hn cho cc k tn cng.
200
5.5.5. An ton 802.1x, 802.1i

Chun 802.11i l chun nng cao ca cc chun 802.11 cung cp
thm rt nhiu c ch an ton mi bo m tnh b mt v ton vn ca
thng bo. C mt s c ch c thm mi v mt s c ch l s thay
th ton cc c ch ca chun 802.11. Ngoi ra, chun 802.11i cn kt hp
vi thut ton xc thc cng 802.1x v cc chun IEEE khc cung cp
c ch xc thc 2 bn v qun l kho rt mnh. Cc c tnh mi bao
gm:
- Hai kiu mng mi c gi l Transition Security Network (TSN) v
Robust Security Network (RSN).
- Cc phng php m ho v ton vn d liu mi: Temporal Key
Integrity Protocol (TKIP) v Counter mode/CBC-MAC Protocol (CCMP).
- C ch xc thc mi s dng giao thc EAP.
- Qun l kho thng qua cc giao thc bt tay an ton c thc hin trn
802.1x.
TKIP l mt b mt m v c cha mt thut ton trn kho v mt b
m gi bo v cc kho mt m. N cng cha thut ton Micheal, l
mt thut ton ton vn d liu (MIC - Message Integrity Check) kt hp
vi b m gi chng dng li v sa i gi tin. TKIP v Micheal
c s dng cng nhau v c thit k hot ng trn cc thit b
hp php, do cho ta thm mt phng n bo m an ton cho cc
mng hin c.
CCMP l mt thut ton da trn thut ton AES dng m ho v
bo m ton vn d liu. CCMP m ho v bo m ton vn d liu
mnh hn TKIP v c a dng hn, nhng n li khng tng thch vi
cc phn cng c thit k s dng giao thc WEP.
201
Mt mng RSN l mng ch cho php cc my s dng

TKIP/Micheal v CCMP. Cn mng TSN l mng h tr cho php cc
my ca mng RSN v ca mng tin-RSN (WEP) hot ng.
Chun 802.11i ch r tc dng ca chc nng qun l cng 802.1x,
chc nng ny da vo EAP xc thc. Sau khi xc thc EAP thnh
cng, cc kho ch (Master key) c th c thit lp. Sau khi cc kho
ch c thit lp, qu trnh qun l kho c thc hin bi mt hay
nhiu giai on bt tay.
5.6. Cu hnh an ton kt ni khng dy trong cc mng WINDOWS,
LINUX
5.6.1. Cu hnh an ton kt ni khng dy trong h iu hnh
Windows
Trong cc h iu hnh Windows XP, Windows 2000 Professional,
nu h thng c s dng cc cc mng khng dy th ngi dng c th
cu hnh cc h thng thc hin cc kt ni "an ton" khng dy.
Cc tham s an ton c th c cu hnh bao gm:
- i vi h iu hnh Windows 2000 Professional:
+ Xc thc h thng m
+ Xc thc kho chung (kho b mt chia s)
+ WEP ( 40 bit v 104 bit kho)
+ Dch v thit lp nh danh (SSID)
+ 801.1x
+ EAP
+ Xc thc thng qua Radius
- i vi h iu hnh Windows XP:
+ Xc thc h thng m
202
+ Xc thc kho chung (kho b mt chia s)

+ WEP ( 40 bit v 104 bit kho)
+ Dch v thit lp nh danh (SSID)
+ 801.1x
+ EAP v EAP-TLS
+ PEAP
+ Xc thc thng qua Radius
Cc bc cu hnh an ton kt ni khng dy trn h iu hnh Windows:
- Cu hnh SSID
1. Kch phi chut vo biu tng My Computer, chn Manage
2. Kch chut vo Device Manager
3. Kch p chut vo Network Adapters
4. Kch phi chut vo WNIC, sau chn Properties
5. Chn tab Advanced v la chn cc tham s an ton cn ci t. Nu c
cc mng c h tr dch v thit lp nh danh th s thy xut hin danh
sch SSID, ta s kch vo SSID, sau g gi tr SSID v chn OK.
6. Khi ng li h thng
- Cu hnh 802.1x
1. m bo rng dch v Wireless Configuration service ang c chy
trn h thng, Kch phi chut vo biu tng My Computer, chn
Manage
2. Kch p chut vo Services and Applications
3. Chn Services
4. Chn Wireless Configuration (hoc Wireless Zero Configuration i
vi Windows XP), kch p chut v kim tra chc chn l dch v ang
203
trong trng thi started, sau thit lp mc Startup type vi gi tr

Automatic, sau chn OK.
5. Thot khi ca s Computer manage
6. Chc chn rng 802.1x ang ch "enabled", chn start => Setting
=> Network and Dial-up Connections => Kch phi chut vo Local Area
Connections (Trong Windows XP, chn Control panel => Network and
internet connections) => chn Properties
7. Chn trang Authentication
8. Chn mc Enable IEEE 802.1x Authentication for this network, sau
chn cc tu chn cho mc ny
9. Chn OK
10. Thot khi ca s Local Area Connections (Network and internet
connections i vi Windows XP)
5.6.2. Cu hnh an ton kt ni khng dy trong h iu hnh Linux
1. Kch chut vo Main menu
2. Chn System Tools, sau chn mc Network Device Control
3. Kch p chut vo biu tng ca cc mng khng dy
4. Chn trang Wireless Setting
5. La chn cc tham s an ton cho kt ni khng dy, sau kch OK v
thot khi cc ca s cu hnh
204
Cu 1: Nu vai tr ca cc thnh phn c bn ca mng khng dy?
Cu 2: Trnh by cc tn cng i vi mng khng dy?
Cu 3:Thc hnh cu hnh cc tham s an ton cho kt ni khng dy trn
h iu hnh windows 2003 server?
Cu 4: Thc hnh cu hnh cc tham s an ton cho kt ni khng dy trn
h iu hnh linux?
205
TI LIU THAM KHO

[1] Michael Palmer, Guid to Operating Systems Security, Nh xut bn
Thomson course Technology, 2004.
[2] Micheal D.Bauer: Linux Server Security , Nh xut bn OReilly,
2005.
[3] Nguyn Thanh Tng, Bo mt v ti u trong Red Hat Linux, Nh
xut bn lao ng - x hi, 2004.
[4] S.Castano, M.G. Fugini, G. Martella, P. Samarati, Database security,
nh xut bn Addison-Wesley Publishing Company, 1994.
[5] Charles P. Pfleeger, Security in computing Second Edittion, Nh xut
bn Prentice - Hall International, Inc, 1997.
[6] David A.Curry, Unix system Security: A guide for users and system
Administrator, Nh xut bn Addison-Wesley Publishing Company, 1992.
206

Antoanthongtin 532

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Antoanthongtin 532

Uploaded by

Copyright:

Available Formats

Ngi son: ThS Nguyn Cng Nht

2.2.4. Cc phng php tn cng dng E-mail...................................32

3.5.2. Tiu chun trin khai ca AES..................................................91

5.4.2. Cc tn cng DoS....................................................................166

an ton mng khng dy v cch thc cu hnh an ton kt ni khng dy

CHNG I. TNG QUAN V AN TON

Bo m an ton thng tin ti my ch

Bo m an ton cho pha my trm

An ton thng tin trn ng truyn

ng trc yu cu an ton thng tin, ngoi vic xy dng cc

Nguyn tc hp php trong lc thu thp v x l d liu.

Nguyn tc minh bch.

Nguyn tc c cng quyt nh cho tng c nhn v bo m

Nguyn tc khng phn bit i x.

Nguyn tc c trch nim trc php lut.

Nguyn tc gim st c lp v hnh pht theo php lut.

Nguyn tc mc bo v tng ng trong vn chuyn d liu xuyn

phn cng, i hi c nhng nghin cu mi p ng cc bi ton thc

An ton thng tin: Bo mt + ton vn + kh dng + chng thc

An ton my tnh: tp hp cc cng c c thit k bo v d

An ton mng: cc phng tin bo v d liu khi truyn chng.

An ton Internet: cc phng tin bo v d liu khi truyn chng

- Him ha v tnh: khi ngi dng khi ng li h thng ch c

- Thng tin trong h thng my tnh cng s d b xm nhp nu khng c

khi ngi b ra ngoi hoc bn lm vic khc. Rt nhiu ngi dng

Administrator trong cc h iu hnh Windows, khon mc root trong cc

mc ch ca virus hoax l la cho ngi dng chuyn tip cc cnh

Tn cng b m c thc hin nh sau: Cc frame v packet l cc

dng khng th truy nhp vo my ch . T hi hn, k tn cng c th

NetWare s dng nh tuyn ngun xc nh tuyn ng m gi tin i

ngi thn trong gia nh hay mt ng nghip. Ngi gi ch n gin

DNS server application

HTTP web browsing

Usenet news transfers

Bng 1-1: Mt s cng TCP v mc ch s dng

chuyn gia v an ton cng s dng Nmap pht hin cc l hng an

ton m cn l cch gii phng b nh dnh cho cho cc chc nng h

cc chng trnh giao tip vi phn cng ca my mt cch d dng. ng

Hnh 1.1: Thnh phn v chc nng ca h iu hnh.

ty lun phi bo m b mt nhng thng tin nhy cm ca nhn vin trong

nhn khc. Do , cc phng php bo m an ton cho nhng thng

khch hng. Cc hng ny c nhng quy nh bt buc bo m nhng

th cnh tranh s chim mt th phn hoc nh sn xut s l mc tiu ca

thy chc chn rng khng c mt vn no ny sinh ri mi ci t bn

C rt nhiu cch khc phc yu t con ngi trong vn bo

thng tm ra cc l hng an ton cn phi sa cha, bo m rng

bo tr, an ton v cc chi ph h tr ngi dng. Cch gim chi ph

CHNG II: CC PHN MM PH HOI

nh trc no . Mt s loi virus li nhim vo cc tp thc thi, cc tp

a chia s chng hn). Khi thm nhp c vo mt h thng, th mt

dng trong cc ng dng ca Microsoft office nh: chng trnh x l vn

internet. Su mng thng ly lan thng qua cc phng php tn cng

h thng v cung cp mt khu ca cc khon mc trn h thng m n

th mc ny. Ngoi ra n cn to ra mt s tp trong th mc h thng

L mt trong cc tp t ng khi ng khi cc

Cc chng trnh np h iu hnh nh GRUB

Tp ny c s dng trong cc h iu hnh

Trong linux v Mac OS, vi rt c th c gn

Thc thi khi khi ng bi h thng windows.

the load= hoc the run=

Hnh 2-1:Ni dung ca tp win.ini trong h iu hnh WinXP

ng ca my tnh nn nhn cho k tn cng hoc ngi qung co. i

- .mst (c s dng trong cc h thng Windows).