AN TON MNG

iu kin: 1. S dng thnh tho mt ngn ng lp trnh: Pascal, C++, Visual C . . . 2. hc xong mn hc Mng my tnh v mn hc an ton bo mt thng tin. Mc tiu ca mn hc: 1. 1 Nm c cc khi nim v an ton mng 2. Nm c cc vn v thm m. 3. Nm c vn v xc thc v ch k i t. 3 N h h in 4. Tm hiu v Virus, Firewall v Cc h thng IDS.

AN TON MNG
Yu cu i vi sinh vin: 1. Tham d y cc tit hc trn lp. 2. 2 c ti liu trc khi ln lp lp. 3. Phi tham d y cc bi kim tra trn lp. 4. h i hon h h i ln do i 4 Phi h thnh Bi tp l d ging vin yu cu. i 5. Hon thnh bi thi ht mn hc. Hnh thc thi: Vn p.

AN TON MNG
Ti liu tham kho: 1. Cryptography And Network Security - William stalling 4th Edition. 2. Computer Viruses and Malware Jonh Aycock 3. 3 Network Security Architectures Cisco Press 2004 Architectures, 4. Network Intrusion detection, Third Edition, SANS 2006 5. L thuyt mt m v An ton thng tin - Phan nh Diu. Diu 6. Mt s vn v An ton d liu - Trnh Nht Tin.

AN TON MNG
Ni dung chnh : Chng 1 Nhp mn Chng 2 Cc phng php m ha i xng Chng 3 Cc h mt m cng khai Chng 4 Xc thc thng ip g g p Chng 5 Ch k in t v cc giao thc xc thc Chng 6 An ninh mng v h thng Chng 7 Virus my tnh Chng 8 I Ch Internet Fi Firewall ll Chng 9 H thng pht hin v ngn chn xm nhp

Chng I Nhp mn An Ton Mng A T M

I.1 Nhp mn
Bo mt h thng thng tin: g g Thng tin ch c gi tr cao m bo tnh chnh xc v kp thi. p Mc tiu ca vic m bo ATAN h thng l a ra cc gii php v ng dng cc gii php ny loi tr v gim bt cc nguy him cho HT. Cc cuc tn cng hin nay th ngay cng tinh vi v theo nhiu hnh thc khc nhau, do cn phi a ra cc chnh sch v bin php phng cn thit.

I.1 Nhp mn
Cc nguy c e da: c rt nhiu nguy c anh hng g y g y g n s an ton ca mt HTTT, cc nguy c ny c th xut pht t bn ngoi hoc t bn thn cc l hng trong HT. Tt c cc HT u mang trong mnh l hng hoc im yu. Phn mm: vic lp trnh phn mm n cha sn cc l h ( t h c 1000 d m s c t hng(c tnh dng trung bnh t 10-15 li). Ph cng: li cc thit b phn nh fi Phn h ng h firewall, ll Router, . . .

I.1 Nhp mn
Cc nguy c e da: Chnh sch: a ra cc quy nh khng ph hp, khng m bo an ninh, v d nh chnh sch v xc g a ,v c sc c thc, qui nh v ngha v v trch nhim ngi dng trong h thng. S dng: Cho d h thng c trang b hin i n u th u do nhng con ngi s dng v qun l, s sai st v bt cn ca ngi dng c th gy ra nhng l hng nghim trng.

I.1 Nhp mn
Mt s v d v bo v ATTT: Truyn files, trao i thng ip, gi mo

I.1 Nhp mn
Kt lun: vn bo mt h thng mng hay lin mng g g y g l mt bi ton rt phc tp v Khng tn ti phng php thch hp cho mi trng g p gp p p g hp Cc c ch bo mt lun i i vi cc bin php i ph. La chn nhng gii php c th i vi tng ng cnh c th.

I.2 Cc dch v, c ch an ton an ninh thng tin g g g g v cc dng tn cng vo h thng mng
Cc dch v ATAN m bo tnh ring t m bo tnh tin cy Ton vn thng tin Tnh khng th t chi Kim sot truy cp T h sn sng Tnh

I.2 Cc dch v, c ch an ton an ninh thng tin g g g g v cc dng tn cng vo h thng mng
Cc c ch ATAN Trn thc t khng tn ti mt c ch duy nht no c y th m bo an ton thng tin cho mi h thng. m bo ATAN cho HTTT ngi ta s dng cc k th t m h i xng thut ha: hoc cng khai. S d dng Fi Firewall, IDS v cc ll bin php phi hp khc.

I.2 Cc dch v, c ch an ton an ninh thng tin g g g g v cc dng tn cng vo h thng mng
Cc dng tn cng g g Tn cng ch ng Tn cng th ng

I.3 Cc dng tn cng

Cc dng tn cng: tn cng ch ng v th ng g g g g g Th ng hay ch ng c hiu theo ngha c can thip vo ni dung v vo lung thng tin trao i hay p g g g y khng. Tn cng th ng ch nhm t mc tiu cui cng l nm bt c thng tin, khng bit c ni dung nhng cng c th d ra c ngi gi, ngi nhn nh vo th ti i khi giao th cha t h thng tin iu khin i thc h trong phn u ca cc gi tin. Hn th na, cn c th kim tra c s lng di v tn s trao i lng, bit c c tnh trao i ca d liu

I.3 Cc dng tn cng

Mt s hnh thc tn cng in hnh g Cc hnh vi d qut: 1. Thc hin thm d th ng bng cch thu thp cc thng tin c cng khai. 2. Thc hin thm d ch ng bng cch s dng cc cng c tm kim thng tin trn my tnh ca nn nhn. Cc cng c c dng ph bin nh Nmap, Stealth HTTP Security Scanner, . . .

I.3 Cc dng tn cng

Cc hnh vi d qut: q
1. NMAP l Cng c qut cc nhanh v mnh. C th qut trn mng din rng v c bit tt i vi mng n l. NMAP c th xem nhng dch v no ang chy trn server (services / ports : webserver , ftpserver , pop3,...),server ang dng h iu hnh g,loi tng la m server s dng,... NMAP h tr hu ht cc k thut qut nh : IP protocol , Null scan , TCP SYN,... 2. Stealth HTTP Security Scanner l cng c qut li bo mt tuyt vi trn Win32. N c th qut c hn 13000 li bo p mt v nhn din c 5000 exploits khc. ...

I.3 Cc dng tn cng

Tn cng t chi dch v - Denial Service Attacks: g y l kiu tn cng kh phng chng nht v hin nay cha c cch phng chng trit . Nguyn tc chung ca cch tn cng ny l:
1. Hacker s gi lin tc cc yu cu phc v n my nn nhn. 2. My b tn cng s phi tr li cc yu cu ny. 3. Khi yu cu gi n qu nhiu my b tn cng s khng phc v kp thi => vic p ng cc yu cu ca cc my hp , g g g l b chm tr, hoc ngng hot ng hoc c th b hacker nm quyn iu khin

I.3 Cc dng tn cng

Cc hnh vi khai thc l hng bo mt: cc ng g g dng lun lun c nhng im yu, v nhng im yu ny thng c cng b rng ri trn cc website v bo mt. - Theo mt thng k cho thy c khong 90% cc tn cng u
da d trn cc l h b mt hng bo c cng b. - Tn cng kiu Zero-Day: l cc cuc tn cng din ra ngay khi li c cng b v cha pht hin bn v li Kiu tn li. cng ny rt nguy him v cc h thng bo mt thng thng khng th pht hin ra.

I.3 Cc dng tn cng

- Virus Forbot: l loi virus c kh nng tn cng t ng vo ng dng MySQL bng cch khai thc cc l hng bo mt trong trnh ci t MySQL. Virus ny s dng cng MySQL 3360 tn cng.

Cc tn cng vo ng dng: y l tn cng nhm vo cc phn mm ng dng mc dch v, thng p g g , g thng cc tn cng ny khi thnh cng s cho php k xm nhp nm c quyn iu khin cc dch v hoc quyn iu khin my ch b tn cng.

I.3 Cc dng tn cng

Dng tn cng th ng g g g

I.3 Cc dng tn cng

Dng tn cng th ng g g g Gii phng ni dung ca thng ip: ngn chn i p phng thu v tm hiu ni dung ca thng tin truyn g g g y ti. Phn tch ti: Khi phn tch ti i phng c th xc nh c v tr ca cc my tham gia vo qu trnh truyn tin; tn sut v kch thc bn tin. Dng tn cng th ng rt kh pht hin v khng lm thay i d liu, vi dng tn cng ny ngi ta quan t vn ngn chn h l vn pht tm n h hn ht hin

I.3 Cc dng tn cng

Dng tn cng ch ng g g g

I.3 Cc dng tn cng

Dng tn cng ch ng g g g Gi danh Pht li Thay i ni dung thng ip T chi dch v Dng tn cng ch ng rt kh c th ngn chn tuyt i V vy yu cu phi bo v vt l mi i. ng truyn thng ti mi thi im. Mc tiu an ton ca dng tn cng ny l c th pht hin v phc hi li thng tin t mi trng hp b ph hy v lm tr.

I.4 Cc dch v an ton an ninh

m bo tnh ring t: Bo v d liu c truyn g y ti khi cc tn cng th ng. m bo tnh tin cy: Thng tin khng th b truy y g g y nhp tri php bi nhng ngi khng c thm quyn. m bo tnh ton vn: Thng tin khng th b sa i, b lm gi bi nhng ngi khng c thm quyn. m bo tnh khng th t chi: Thng tin c cam kt v mt php lut ca ngi cung cp.

I.4 Cc dch v an ton an ninh

Kim sot truy cp: Cung cp kh nng gii hn v y p g p gg kim sot cc truy cp ti cc my ch hoc ti cc ng dng thng qua ng truyn tin. m bo tnh sn sng: Thng tin lun sn sng p ng s dng cho ngi c thm quyn.

I.5 Cc m hnh ATAN mng

M hnh an ton mng: bi ton ny c ny sinh khi Cn thit phi bo v qu trnh truyn tin khi cc hnh ng truy cp tri php. m bo tnh ring t, tnh ton vn, tnh xc thc . . . M hnh an ton mng yu cu:
Thit k mt gii thut thch hp cho vic chuyn i lin quan n an ton. To ra thng tin b mt (kha) i km vi gii thut Pht trin cc phng php phn b v chia s thng tin b mt c t mt giao thc s dng bi hai bn gi v nhn da trn gii thut an ton v thng tin b mt, lm c s cho mt dch v an ton

I.5 Cc m hnh ATAN mng

V d: Giao thc SFTP(Secure Sh ll Fil T Gi th SFTP(S Shell File Transfer P t l) giao f Protocol): i thc truyn tin dng trnh bao bo mt, l mt giao thc da trn nn SSH. SFTP l FTP c cng thm chc nng m ho d liu ca SSL hoc TSL (Transport Layer Security - Bo mt tng giao vn). Giao thc SSL(S SSL(Secure S k t L Socket Layer): l giao thc a m c ch ): mc c thit k to ra cc giao tip gia hai chng trnh ng dng trn mt cng nh trc (socket 443) nhm m ho ton b thng tin i/n. Cc thut ton m ha v xc thc ca giao thc SSL:
DES - chun m ho d liu DSA - thut ton ch k in t, chun xc thc

I.5 Cc m hnh ATAN mng

V d:
KEA - thut ton trao i kho MD5 - thut ton to gi tr bm RC2, RC4 - m ho Rivest RSA - thut ton kho cng khai, cho m ho va xc thc RSA key exchange - thut ton trao i kho cho SSL da trn thut ton RSA SHA-1 - thut ton hm bm an ton SKIPJACK - thut ton kho i xng phn loi c thc hin trong phn cng Fortezza Triple-DES - m ho DES ba ln.

I.5 Cc m hnh ATAN mng

I.5 Cc m hnh ATAN mng

M hnh an ton truy cp mng: m hnh ny yu cu La chn cc chc nng gc cng thch hp nh danh ngi dng. Ci cc i khi an ton b ch nhng t iu khin m bo h h ngi dng c php mi c th truy nhp c vo cc thng tin v ti nguyn tng ng ng.