Documentos de Académico
Documentos de Profesional
Documentos de Cultura
: 1020
..
2008
1. .3
2. DoS (Denial of Service) ....5
3. ..8
3.1.Worm ().8
3.2.Trojan Horse ()...9
3.3.Spyware ( )...9
3.4.Adaware ( )...9
4.Sniffer ()..12
5.Spoofing attack ( )...16
5.1. MAC Spoofing..17
6. ..19
7.Firewall ( )22
8.24
[2]
1.
hack 1960
,
.
1970
.. phreaks.
.
(phreaker) John Draper (Captain Crunch). blue
box
.
Steven Wozniak Steve Jobs (
Apple), .
1983 War Games
, .
414 , 9 ,
60 Los Alamos National
Labaratory .
1984 . 2600
1986 .
.
1988 . (worm).
Robert T.Morris Cornell University
NSA (National Security Agency). ARPAnet
6000 . 3 10.000
.
1990 . Sundevil 14 ,
BBS (Bulletin Board Systems).
BBS : ,
.
1993 . Kevin Poulsen ( Dark Dante)
Los Angeles
:
. 5 .
1995 . 10
. ,
. CityBank 10
. 10- ,
400.000 . 3
.
1995 . ,
. :
20.000 ,
[3]
USA,
. 4 ,
: 4 . 2003
. Defensive Thinking
,
.
2000 . DOS (Denial Of Service) .
: eBay, Yahoo, Amazon
. Microsoft
source code- Windwos i Office.
2001 Microsoft DOS DNS
. : Microsoft 2
.
2002 .
Garry McKinnon
NASA
900.000 .
2006
,
150,000 ,
10,000 .
,
.
.
.
, ,
,
.
, ,
,
.
.
[4]
2. DOS(Denial of Service)
DOS .
,
( ,
)
( . ). DOS
.
, .
DOS DOS
. (. flood)
.
TCP ( Transmission Control Protocol)
.
DOS
(. flooding).
: bandwidth .
,
.
,
.
zombie (zombie
).
.
.
. .
IP
- .
.
DS . zombie
[5]
-
.
.
DoS DDoS (Distributed Denial of
Service)
.
. DDoS
, Yahoo, eBay, Amazon, CNN .
,
(zombie)
..
. (ping)
.
.
(buffer
overflow) ,
.
. IP (request)
,
IP
IP .
DoS
,
. Arbor
[6]
DoS
2000 2006 USA
2006 3 DoS
. DoS 2006 5,27%
.
[7]
3.
.
1972
When H.A.R.L.I.E. Was One
.
.
,
(Host).
, (File).
.. ,
.
Bomb.
(Time
Bomb)
(Logic bomb).
, :
1.
Worm ()
2.
Trojan Horse ()
3.
Spyware ( )
4.
Adaware ( )
3.1
Worm ()
( )
(
).
.
:
1.
2.
( ).
Rabbit().
(segments),
(
).
[8]
. ..
Octopus ().
,
.
3.2
Trojan Horse ()
(
)
. Back Door .
(65.536) .
3.3
Spyware ( )
, ,
.
..
. ,
.
. : Spyware Doctor, Microsoft
AntiSpyware .
3.4
Adaware ( )
Advertising - .
(pop-up) .
.
. ,
.
10-
CIH (1998).
: 20 80 ,
6 , 1998
. Windows 95, 98,
ME
.
.
.
Sin. CIH (. Chernobyl)
.
[9]
.
Melissa (1999)
: 300 600
26 1999 W97M/Melissa
.
15 20 .
Intel, Microsoft Outlook
.
Microsoft Outlook 50 .
: Here is that document you asked fordont show anyone
else. .
.
,
.
I LOVE YOU (2000)
: 10 15
Loveletter
The Love Bug
( ).
Visual Basic
: . 3-
2000 , ILOVEYOU
.
-
ILOVEYOU
Love-Letter-For-You.TXT.vbs. Melissa,
Microsoft Outlook.
. ,
,
.
.
Code Red (2001)
: 2.6
[10]
Sobig , 2003 ,
.
Sobig.F ,
24 .
- ( application.pif thank_you.pif).
-
. .
[11]
10 , 2003
. Microsoft $250,000
Sobig.F, .
Bagle (2004)
:
Bagle, , 18
2004 .
, ,
- . Bagle
( Beagle) 60 100 ,
TCP
.
Bagle.B, Bagle
28 2004 ,
.
MyDoom (2004)
:
10 ,
50 .
26 2004 MyDoom
-. Norvarg,
- Mail Transaction Failed. MyDoom
Kazaa peer-topeer.
10
. MyDoom
12
2004
Sasser (2004)
:
Sasser
30 2004
.
.
Sasser -
.
Windows 2000 Windows XP
.
.
.
[12]
4.Sniffer ()
( .
).
client/server ,
.. .
.
, ,
.
/
, ,
, ,
,
. ,
.. (
) . open source
: Ethereal, WireShark, Nmap .
.. ,
Carnivore, FBI.
(
).
sniffer-
.
promiscuous ,
.
MAC .
. .
.
monitor . ,
. ,
promiscuous
.
,
[13]
.
,
.
.
. .
.
.
.
,
,
.
: .
(
)
.
. ,
.
Chat , ,
( mIRC,
Messneger, ISQ, ,
). , ftp , telnet,
,
sniffer
.
[14]
.
, ,
.
.
sniffer- promiscous
sniffer-. AntiSniff.
. ,
.
.
.
SSL( Secure Sockets Layer) .
Chat , mIRC, essenger-.
PGP (Pretty Good Privacy)
open source PGP
GPG.
[15]
5.Spoofing attack( )
spoofing
.
.
. Hijacking- spoofing-
spoofing-.
. hijacking
spoofing-,
.
spoofing IP spoof. IP
, TCP/IP
..
.
.
.
,
.
..
.
IP
IP IP ,
.. IP
(Man in
the Middle ).
,
, ,
. ,
IP
.. IP ,
.
[16]
ARP (Adress Resolution Protocol)
IP , MAC
, XXX.XXX.XXX.XXX.
update- ARP
.
DoS DDoS
Spoofing .
5.1.MAC Spoofing
( Access Point) (
) MAC
. ( 20
) ,
, MAC
, ,
.
,
, .
.
..
MAC , ,
Etherial WireShark.
, MAC
.. .
(
MAC )
.
SMAC. Windows
, CISSP, CISA, MSCE
.
:
ID
( ) NIC
(/)
IP
MAC
MAC
NIC ID
NIC ID
[17]
.
,
, , IP MAC .
[18]
6.
.
: , , , .
,
.
..
,
.
.. .
.
: ,
(Confidentiality, Integrity and Availability).
.
,
.
:
( ) .
.
.
[19]
( ).
( )
(. Security clearance).
, .
.
: PPTP, L2TP,
IPSec, SSL(Secure Socket Layer), TLS(Transport Layer Security), EAP(Extensible
Authentication Protocol), EAP TTLS EAP Tunneled TLS Authentication Protocol.
PPTP -
Windows Windows
VPN(Virtual Private Network) TCP/IP
.
L2TP L2TP (
) VPN
.
:
-
IP-IPSec, - IP
IETF.
. IPSec ,
IP . IPSec
OSI ,
,
.
.
Checksum
(Invalid checksum) .
Checksum 2 :
checksum- 1 byte. 1
byte = 8 bits ,
28 .
0 255 .
[20]
1 255
checksum ,
255 checksum
256. .
:
Byte1
Byte2
Byte3
Byte4
Byte5
Byte6
Byte7
Byte8
Checksum
212
232
54
135
244
15
179
80
1151
127
1151/256 = 4.496( 4)
4 256 = 1024
Kerberos
SSL/HTTPS.
().
[21]
7.FIREWALL ( )
(Firewall-) .
.
LAN gateway firewall.
firewall
. firewall-:
packet-filtering firewalls application-level gateways. Firewall-
(packet filtering firewalls)
(LAN)
. , ..
firewall-
, ,
. firewall-
, . firewall ..
application-level gateway .
[22]
firewall packet-filtering.
TCP
Any
Any
192.168.1.0
> 1023
Firewall-
192.168.1.1
Any
Any
Any
Any
Any
192.168.1.1
Any
Firewall-.
192.168.1.0
Any
Any
Any
Any
Any
192.168.1.2
SMTP
email
Any
Any
192.168.1.3
HTTP
WWW
"Catch-All" -
Any
Any
Any
Any
8.
[23]
. ,
,
,
( ) ..
.
.
..
.
:
1.
2.
3.
4.
IT .
[24]