Network security blackboard content information

Computer network security refers to the use of network management controls and technical measures to ensure that the confidentiality, integrity and availability of data are protected in a network environment. Computer network security includes two aspects, namely physical security and logical security. Physical security means that system equipment and related facilities are physically protected from damage, loss, etc. Logical security includes information integrity, confidentiality, and availability. Below is the content of the network security blackboard report that I have collected and organized. Everyone is welcome to read it!

Content information of network security blackboard

Vulnerability of computer network

The Internet is a network open to the whole world, and any organization or individual can All kinds of information can be easily transmitted and obtained online. The open, exclusive and international characteristics of the Internet pose challenges to computer network security. The main insecurities of the Internet include the following:

1) The openness of the network

The network technology is fully open, making the network facing attacks from many aspects. Either attacks from physical transmission lines, attacks on network communication protocols, or attacks on vulnerabilities in computer software and hardware.

2) The international nature of the network

means that attacks on the network not only come from users of the local network, but also from hackers from other countries on the Internet. Therefore, the security of the network Facing the challenge of internationalization.

3) Freedom of the Internet

Most networks have no technical restrictions on users’ use. Users can freely access the Internet, publish and obtain all kinds of information.

Countermeasures to prevent the harm of spyware

1. Publicly installed spyware

For those publicly installed spyware, you don’t need to spend much time studying Because you can easily uninstall them, and in addition, you can also know their major functions. In other words, you have a lot to protect your privacy from publicly installed spyware. For example, never check private email on your office computer. Publicly installed spyware is generally legal and has specific uses and purposes.

Companies and colleges: They may use spyware to monitor their employees' computer and network usage.

Parents: They may use spyware to monitor home computer and Internet usage. Prevent their children from being poisoned by harmful information. Many parents hope that spyware might help them.

Governments: They may use spyware to monitor networks for public security or information warfare purposes.

2. Spyware that secretly invades

The real danger comes from spyware that secretly invades your computer, because you don’t know what it wants to do. All spyware installations exploit two weaknesses. One is the PC application software, and the other is yourself.

Because modern computer software is extremely complex, many existing application software and operating systems have various vulnerabilities. Spyware can exploit these vulnerabilities to break into your computer. Theoretically you can't prevent this kind of intrusion. When you surf the web, a small picture can give you the terrible spyware. In addition to applying necessary patches to your operating system, avoiding unsafe or unfamiliar sites is an effective way to reduce this intrusion.

Obviously, this intrusion method that exploits application software vulnerabilities requires a high level of technology. The vast majority of spyware intrusions are through simple fraud. For example, they provide you with free spyware removal software, but their real purpose is to remove the original spyware from your computer and replace it with theirs.

If you are used to downloading free software online, you may have a lot of spyware on your computer.

So we have two ways to deal with these secretly invading spyware: try not to go to unfamiliar or unsafe sites, and try not to download free software from the Internet.

This kind of secret intrusion also has its own specific user group and purpose. On preventing the dangers of spyware.

Network security knowledge information

1. Network security type

Operating system security means ensuring the security of information processing and transmission systems. It focuses on ensuring the normal operation of the system, avoiding damage and loss to the information stored, processed and transmitted by the system due to system collapse and damage, and avoiding information leakage, interference with and interference by others due to electromagnetic leakage.

Security of system information on the network. Including user password authentication, user access rights control, data access rights and method control, security audit, security issue tracking, computer virus prevention, and data encryption.

The security of information dissemination on the Internet is the safety of the consequences of information dissemination. Including information filtering, etc. It focuses on preventing and controlling the consequences of the dissemination of illegal and harmful information. Prevent a large amount of freely transmitted information on public networks from getting out of control.

Security of information content on the Internet. It focuses on protecting the confidentiality, authenticity and integrity of information. Prevent attackers from exploiting system security vulnerabilities to conduct eavesdropping, impersonation, fraud, and other behaviors that are detrimental to legitimate users. Essentially, it protects the interests and privacy of users.

2. Network security features

Network security should have the following four characteristics:

Confidentiality: information is not leaked to unauthorized users, entities or process, or characteristics for its exploitation.

Integrity: The characteristic that data cannot be changed without authorization. That is, the information remains unmodified, destroyed and lost during storage or transmission.

Availability: Features that can be accessed by authorized entities and used as needed. That is, whether the required information can be accessed when needed. For example, denial of service in a network environment, damage to the normal operation of the network and related systems, etc. are all attacks on availability;

Controllability: the ability to control the dissemination and content of information.

3. Factors threatening network security

Natural disasters, accidents; computer crimes; human behaviors, such as improper use, poor security awareness, etc.; hacker behavior: due to hacker intrusion or Intrusion, such as illegal access, denial of service computer viruses, illegal connections, etc.; internal leaks; external leaks; information loss; such as information flow analysis, information theft, etc.; information warfare; defects in network protocols, such as security issues of the TCP/IP protocol Etc.

There are two main types of network security threats: penetration threats and implantation threats.

Penetration threats mainly include: impersonation, bypass control, and authorization infringement;

Implanted threats mainly include: Trojan horses and trapdoors

Trapdoor: setting a certain "feature" in a system or system component so that when specific input data is provided, Allow security policies to be violated

4. Structural power of network security

1. Physical security

Natural disasters (such as lightning, earthquakes, fires, etc.). , physical damage (such as hard disk damage, equipment service life expiration, etc.), equipment failure (such as power outage, electromagnetic interference, etc.), accidents, the solution is: protective measures, safety system, data backup, etc.

Electromagnetic leakage, information leakage, interfering with others, being interfered by others, taking advantage of the opportunity (such as entering the security process and leaving halfway), leaking traces (such as password keys, etc. are not properly kept). The solution is: radiation protection, hidden destruction, etc.

Operation errors (such as deleting files, formatting hard drives, removing lines, etc.), accidental omissions. The solution is: status detection, alarm confirmation, emergency recovery, etc.

Computer system room. Environmental safety. Characteristics are: strong controllability and large losses.

Solution: Strengthen computer room management, operation management, safety organization and personnel management.

2. Security control

Security control of microcomputer operating system. For example, the password typed by the user at startup (some microcomputer motherboards have a "universal password"), and the control of read and write access to files (such as the file control mechanism of Unix systems). It is mainly used to protect the information and data stored on the hard disk.

Security control of network interface module. Securely control network communication processes from other machines in a network environment. Mainly including: identity authentication, customer permission setting and identification, audit logs, etc.

Security control of network interconnection equipment. Safely monitor and control the transmission information and operating status of all hosts in the entire subnet. This is mainly achieved through network management software or router configuration.

5. Network encryption method

Link encryption method

Node-to-node encryption method

End-to-end encryption method

6. Security issues of TCP/IP protocol

TCP/IP protocol data stream is transmitted in clear text.

Source address spoofing or IP spoofing. Source Routing spoofing.

Routing Information Protocol Attacks (RIP Attacks).

Authentication Attacks.

TCP Sequence number spoofing.

TCP SYN Flooding Attack, referred to as SYN attack.

Ease of spoofing.

7. Network security tools

Scanner: It is a program that automatically detects security vulnerabilities in remote or local hosts. A good scanner is equivalent to the value of a thousand passwords.

How it works: TCP port scanner, selects TCP/IP port and service (such as FTP), and records the target's answer, which can collect useful information about the target host (whether anonymous login is possible, whether a certain services). What the scanner tells us: It can discover the inherent weaknesses of the target host. These weaknesses may be the key factors in compromising the target host. System administrators use scanners to help strengthen system security. Hackers use it, which is detrimental to network security.

Currently popular scanners:

(1) NSS network security scanner.

(2) Stroke is a super-optimized TCP port detection program that can record all open ports of the specified machine.

(3) SATAN security administrator’s network analysis tool.

(4) JAKAL.

(5) XSCAN.

8. Information collection tools commonly used by hackers

Information collection is the first step to break through the network system. Hackers can use the following tools to collect the required information:

1. SNMP protocol

The SNMP protocol is used to check the routing table of non-secure routers to understand the network topology of the target organization. interior details.

The Simple Network Management Protocol (SNMP) was first proposed by the research group of the Internet Engineering Task Force (IETF) to solve router management problems on the Internet. SNMP is designed to be protocol-agnostic, so it can be used over IP, IPX, AppleTalk, OSI, and other used transport protocols.

2. TraceRoute program

TraceRoute program can obtain the number of networks and routers passed by to reach the target host. The Traceroute program, written with Van Jacobson, is a convenient tool for in-depth exploration of the TCPIP protocol. It allows us to see the route that datagrams take from one host to another. The Traceroute program can also use the IP source routing option to let the source host specify the sending route.

3. Whois protocol

Whois protocol is an information service that can provide data about all DNS domains and the system administrators responsible for each domain. (However, these data are often out of date). WHOIS protocol. Its basic content is to first establish a connection to the server's TCP port 43, send the query keyword and add a carriage return and line feed, and then receive the query results from the server.

4. DNS server

The DNS server is Domain Name System or Domain Name Service. The Domain Name System assigns domain name addresses and IP addresses to hosts on the Internet. When a user uses a domain name address, the system will automatically convert the domain name address into an IP address. Domain name services are Internet tools that run the domain name system. The server that performs domain name services is called a DNS server, and the DNS server responds to domain name service queries.

5. Finger protocol

The Finger protocol can provide detailed information about users on a specific host (registration name, phone number, last registration time, etc.).

6. Ping utility

The Ping utility can be used to determine the location of a specified host and determine whether it is reachable. Using this simple tool in a scanner can ping every possible host address on the network, thus constructing an inventory of the hosts that actually reside on the network. It is a command used to check whether the network is smooth or the network connection speed. As an administrator or hacker living on the network, the ping command is the first DOS command that must be mastered. The principle it uses is this: all machines on the network have unique IP addresses. We give the target When an IP address sends a data packet, the other party will return an equally large number of data packets. Based on the returned data packets, we can determine the existence of the target host and preliminarily determine the operating system of the target host. Of course, it can also be used to measure the connection. Speed ??and packet loss.

How to use (under XP system)

Start-Run-CMD-OK-enter ping 0.0.0.0-Enter 0.0.0.0 is the IP you need.

Some firewalls will prohibit ping, so it may prompt timed out (timeout) and other situations.

To determine the operating system, look at the returned TTL value.

9. Internet Firewall

An Internet firewall is a system (or a group of systems) that can enhance the security of an organization's internal network.

The firewall system determines which internal services can be accessed by the outside world; who from the outside can access which internal services, and which external services can be accessed by internal personnel. For a firewall to be effective, all information from and to the Internet must pass through the firewall and be inspected by the firewall. A firewall only allows authorized data to pass through, and the firewall itself must be impervious to penetration.

1. The relationship between Internet firewalls and security strategies

A firewall is not just a combination of a router, a bastion host, or any device that provides network security. A firewall is a part of a security strategy.

The security policy establishes a comprehensive defense system, even including: informing users of their responsibilities, company-specified network access, service access, local and remote user authentication, dial-in and dial-out, disk and data encryption, virus protection measures, and employee training. All places that may be vulnerable to attack must be protected with the same level of security.

3. The role of Internet firewall

Internet firewall allows network administrators to define a central "control point" to prevent illegal users, such as hackers and network saboteurs, from entering the internal network. Ban security-vulnerable services from entering and exiting the network and fight attacks from a variety of routes. Internet firewalls can simplify security management. Network security is reinforced on the firewall system instead of being distributed on all hosts in the internal network.

The firewall can easily monitor the security of the network and generate alarms. (Note: For an internal network connected to the Internet, the important question is not whether the network will be attacked, but when?) Network administrators must audit and record all important information that passes through the firewall. If network administrators cannot respond to alarms promptly and review routine records, the firewall is ineffective. In this case, the network administrator will never know if the firewall is compromised.

Internet firewall can be used as a logical address to deploy NAT (Network Address Translator, Network Address Translation). Therefore, firewalls can be used to alleviate the problem of address space shortage and eliminate the trouble of re-addressing when organizations change ISPs.

An Internet firewall is the best place to audit and log Internet usage. Network administrators can provide management departments with the cost of Internet connections, identify potential bandwidth bottlenecks, and provide departmental billing based on the organization's accounting model.

10. Main manifestations of Internet security risks

1. The Internet is an open, uncontrolled network. Hackers often invade computer systems on the network, or Steal confidential data and misappropriate privileges, or destroy important data, or prevent system functions from being fully utilized until they become paralyzed.

2. Internet data transmission is based on TCP/IP communication protocols. These protocols lack security measures to prevent the information during transmission from being stolen.

3. Most communication services on the Internet are supported by the Unix operating system. The obvious security vulnerabilities in the Unix operating system will directly affect security services.

4. Electronic information stored, transmitted and processed on computers will also be protected and signed and stamped like traditional email communications. Whether the source and destination of the information are true, whether the content has been altered, whether it has been leaked, etc. are all governed by a gentleman's agreement in the service agreement supported by the application.

5. There is a possibility that emails may be read, mistakenly delivered and forged. There are great dangers in using email to transmit important confidential information.

6. The spread of computer viruses through the Internet brings great harm to Internet users. Viruses can paralyze computers and computer network systems, and cause data and file loss. Viruses can be spread on the Internet through public anonymous FTP file transfers, or through emails and email attachments.

Network security system

1. The "Measures for the Security Protection and Management of International Networking of Computer Information Networks" and the "Interim Regulations of the People's Republic of China on the Management of International Networking of Computer Information Networks" must be observed and other relevant laws and regulations.

2. The school network center must adopt various technical and administrative means to ensure network security and information security.

3. Network center staff and users must be responsible for the information provided. Computer networking is not allowed to engage in illegal activities such as endangering national security, leaking state secrets, etc., and is not allowed to produce, review, copy and disseminate information that is harmful to social security and is offensive to customs and culture.

4. Any activities that interfere with network users, disrupt network services, or damage network equipment are not allowed. This includes not publishing untrue information on the Internet, not spreading computer viruses, and not using the Internet to access computers without authorization, etc.

5. The school should establish a network security officer to be responsible for network security and information security.

6. The network center should regularly provide relevant network security and information security education to corresponding network users in accordance with the "Management Measures for the Security Protection of Computer Information Networks International Networks".

7. The network center should review Internet users in accordance with relevant national regulations. Any information that violates relevant national regulations is strictly prohibited from accessing the Internet.

8. All users are obliged to report illegal, criminal activities and harmful information to network security officers and relevant departments.

9. Network centers and users must accept supervision and inspection by relevant superior departments in accordance with the law. Individuals who violate these management regulations will be given a warning, their network connection will be stopped, and they will be reported to the school.

10. Install genuine anti-virus software and firewalls, update anti-virus software and firewalls on time, and perform regular anti-virus to prevent illegal user intrusions and computer virus intrusions.

Network security slogan

1. Quality is the foundation of safety, and safety is the prerequisite for production

2. Ignoring it for a period of time is painful

3. The production is busy and safe

4. Be careful, there are no big mistakes, just random casting.

5. Always pay attention to safety and prevent accidents.

6. Carelessness is the breeding ground for accidents. Carelessness is the rock of a safe waterway

7. Recklessness is the first step towards the abyss of accidents

8. The eyes cannot tolerate a grain of sand. It is safe to be careless

9. If weeds are not removed and the hidden dangers of weak seedlings are not removed, the benefits will be difficult

10. Thousands of products are piled up into mountains, and the spark source is destroyed

11. Safety is the hidden danger of increased production and the embryo of accidents

12. Pay attention to the fruits of safety and ignore the dangers of safety

13. Sharp knives will produce food without sharpening Rust will not catch any mistakes safely

14. Go to work happily and go home safely

15. The weight is not enough to press the helmet to save people

16. Keep safety rules and regulations at hand

17. Safety is a happy flower.

Watering your family is a unique way

18. Don’t forget the crisis, and don’t forget the chaos

19. You have to work hard to avoid accidents

20. Check the wind before entering the sea and practice before going to work

Network security knowledge

1. What network security precautions should be taken when using computers:

1 , install firewall and anti-virus software, and upgrade them frequently;

2. Pay attention to patching the system frequently to plug software vulnerabilities;

3. Don’t go to websites that you don’t know well. Do not execute software downloaded from the Internet without anti-virus treatment, and do not open unknown files sent from MSN or QQ.

2. How to prevent USB flash drives and mobile hard drives from leaking secrets:

1. Check and kill Trojans and viruses in a timely manner;

2. Purchase removable storage from regular merchants media;

3. Back up and encrypt important data regularly;

4. Do not mix office and personal removable storage media.

3. How to configure the web browser to be more secure:

1. Set up a unified and trustworthy browser initial page;

2. Clean it regularly Local cache, history and temporary file contents in the browser;

3. Use virus protection software to scan all downloaded resources for malicious code in a timely manner.

IV. How to set the Windows operating system startup password:

In order, use the mouse to click "User Accounts" under "Control Panel" in the "Start" menu, and select After entering the account, click "Create Password", enter the password twice and then click the "Create Password" button.

5. Why regular patch upgrades are necessary: ??

It is impossible to write a program perfectly, so software will inevitably have bugs, and patches are specifically used to fix these bugs. Because the originally released software had flaws, a small program was compiled to improve it after it was discovered. This small program is commonly known as a patch. Regular patch upgrades to the latest security patches can effectively prevent illegal intrusions.

6. What are the symptoms of computer poisoning:

1. Frequent crashes;

2. Files cannot be opened;

3. Frequent reports of insufficient memory;

4. Prompt for insufficient hard disk space;

5. A large number of files of unknown origin;

6. Data loss;

7. The system runs slower;

8. The operating system automatically performs operations.

7. Why not open web pages, email links or attachments from unknown sources:

The Internet is filled with various phishing websites, viruses, and Trojan horse programs. There are likely to be a large number of viruses and Trojans hidden in web pages, email links, and attachments from unknown sources. Once opened, these viruses and Trojans will automatically enter the computer and hide in the computer, causing file loss, damage, and even system paralysis.

8. Why do you need to perform a virus scan before accessing mobile storage devices (such as mobile hard disks and USB flash drives):

External storage devices are also information storage media, and the stored information can be easily taken with you. There are various viruses. If an external storage medium containing viruses is connected to the computer, the virus can easily be spread to the computer.

9. What are the abnormal situations encountered in daily use of computers:

Computer failures may be caused by hardware failures, software failures, misoperations or viruses of the computer itself. Mainly Including abnormal phenomena such as the system being unable to start, the system running slowly, and the size of the executable program file changing.

10. What security risks will cookies cause:

When a user visits a website, Cookies will be automatically stored in the user's IE, including various activities of the user visiting the website, Personal information, browsing habits, spending habits, and even credit history, etc. Users cannot see this information. When the browser sends a GET request to other homepages of this URL, this Cookies information will also be sent there. This information may be obtained by criminals. To protect personal privacy, you can restrict the use of Cookies in IE settings.