Joke Collection Website - Mood Talk - Can you talk about the factors that affect network security?
Can you talk about the factors that affect network security?
1. Environmental factors and disaster factors
Temperature, humidity, power supply, static electricity, dust, strong electromagnetic field, electromagnetic pulse, etc. The environment where the network equipment is located, as well as fire, flood, earthquake, lightning, etc. It will affect and destroy the normal work of the network system in natural disasters. For these non-man-made environmental factors and disaster factors, there are already good coping strategies.
2- Human factors
Most network security incidents are caused by the negligence of personnel or the active attack of hackers, that is, human factors, including:
(1) Intention: malicious attack, violation of discipline, illegal crime, etc.
(2) Unintentional: negligence in work leads to errors (improper configuration, etc.). ), causing adverse consequences to the network system.
Network security technology mainly protects against such network security threats.
3. System's own factors
The system's own factors refer to the network insecurity caused by the computer system or network equipment in the network due to its own reasons, mainly including:
1) Computer hardware system failure.
2) Various computer software failures or security defects, including system software (such as operating system) and supporting software (various middleware, database management system, etc.). ) and application software.
3) Defects in the network and communication protocols themselves will also lead to network security problems. 1.4 will analyze the security issues of Internet protocols in detail.
The loopholes and shortcomings of the system itself (or security loopholes) are the internal sources of information system security problems, and attackers use the loopholes of the system to make various threats come true.
Generally speaking, in the process of system design and development, there are many factors that will lead to system vulnerabilities, mainly including:
1) System foundation design errors lead to loopholes. For example, there is no authentication mechanism when designing the Internet, and it is easy to impersonate IP addresses.
2) Vulnerabilities caused by coding errors, such as buffer overflow, formatted string vulnerability, script vulnerability, etc. , are all vulnerabilities caused by not implementing strict security checks when programming.
3) Security policy implementation errors lead to loopholes, for example, when designing access control policies, access control checks are not carried out for every access.
4) The ambiguity of the object that implements the security policy leads to the vulnerability, that is, when implementing the security policy, the object processed is inconsistent with the object processed by the final operation, such as the decoding vulnerability of IE browser.
5) The back door deliberately left by the system developer. Some backdoors are used by developers for debugging, while others are used by developers for illegal control in the future. Once these back doors are known by attackers, they will seriously threaten the security of the system.
In addition to the above-mentioned system security vulnerabilities in the process of design and implementation, many security incidents are caused by incorrect security configuration, such as too short passwords, opening guest users, improper security policy configuration and so on.
Although people gradually realize the serious threat of security vulnerabilities to network security and take many measures to avoid leaving security vulnerabilities in the system, new security vulnerabilities are published on the Internet every day, which not only exist, but also emerge endlessly. Why? The main reasons are:
The design of 1) scheme may be flawed.
2) It is very difficult to prove the correctness of a program in theory.
3) Some products are rashly put into the market without enough testing.
4) In order to shorten the development time, manufacturers often put safety in a secondary position.
5) With more and more applications running in the system, more and more corresponding vulnerabilities are inevitable.
In order to reduce the threat of security vulnerabilities to network security, the common treatment measures at present are patching and eliminating security vulnerabilities. However, patching is not everything, mainly because:
1) Because there are too many vulnerabilities and too many corresponding patches, it can't be fixed.
2) Some patches will make some existing functions unusable, leading to denial of service.
3) Sometimes patches can't solve the problem as claimed by the supplier.
4) Many patches cannot be uninstalled once installed. If it is found that the patch is not suitable for one reason or another, it is very troublesome to uninstall and reinstall the whole software.
5) There is a time interval between the discovery of vulnerabilities and the release of patches. In addition, the vulnerability may be discovered by some people but not made public, so there is no corresponding patch available.
6) The network and website are developing too fast, and there are not enough qualified patch administrators.
7) Sometimes patching requires offline operation, which means shutting down the services on the computer, which may be fatal for many key services.
8) Sometimes patches are not always available, especially for those systems that are not widely used, and manufacturers may not have enough time, energy and motivation to develop patches.
9) In addition to solving the existing problems, the manufacturer may add many other functions to the patch. These additional functions may lead to new vulnerabilities, system performance degradation, service interruption or integration problems, and temporary interruption of security functions.
1 0) The maturity of the patch also needs a process, and hasty patches often have problems of one kind or another, and even bring new security loopholes.
1 1) Automatic patch installation also has its problems, and many automatic installation programs can't run normally.
One of the most basic research directions in the field of network countermeasure research is vulnerability mining, that is, through testing, reverse analysis and other methods, unknown security vulnerabilities in systems or software are discovered, and corresponding attack programs are developed and applied on a large scale before their security patches are released. For the software that has been patched, we can also find the details of the security vulnerabilities targeted by the patch through the patch comparison technology, develop the utilization program in the shortest time, and attack before the user has time to patch. In this case, the patch provides useful information for the attacker.
In short, there are many factors that threaten network security, but the most fundamental reason is that there are security loopholes in the system itself, which gives attackers an opportunity.
- Previous article:How do ducks do it? Does it taste good£¿
- Next article:A simple sentence for posting photos Copywriting sentences for posting photos
- Related articles
- How to play Yangshuo How to play Yangshuo
- Genealogy and ordination of Wu family in Qiling
- I can't whisper.
- Postcard copywriting
- When is the best time to go to Peach Blossom Hometown? When is the best time to go to Peach Blossom Hometown?
- On mood phrases in couples' sad sentences
- Why do you have something to say?
- What are the pain points of college students?
- Who are the generals under Yue Fei?
- What do you think of when you mention Sanya? Why?