Lectures for 2008 - KTH

More documents

Recommendations

Info

KURSKOMPENDIUM NÄTVERKSSÄKERHETSKURS ___________________________________________________________________________ Innehållsförteckning Figurförteckning.....................................................................................................................5 1 Introduktion och grundläggande koncept ..........................................................................7 1.1 Vad är information?...................................................................................................7 1.1.1 Informationssamhället.........................................................................................8 1.2 Varianter av säkerhet .................................................................................................9 1.2.1 Fysisk säkerhet....................................................................................................9 1.2.2 Logisk säkerhet...................................................................................................9 1.2.3 Informationssäkerhet.........................................................................................10 1.2.4 Nätverkssäkerhet...............................................................................................11 1.3 Principiella skydds- och säkerhetsåtgärder ...............................................................12 1.3.1 Autentisering.....................................................................................................12 1.3.2 Auktorisering ....................................................................................................16 1.3.3 Sekretess...........................................................................................................16 1.3.4 Riktighet ...........................................................................................................17 1.3.5 Spårbarhet.........................................................................................................17 1.3.6 Oavvislighet......................................................................................................17 1.3.7 Tillgänglighet....................................................................................................18 1.4 Informationssäkerhet ur ett historiskt perspektiv ......................................................18 2 Hotbeskrivningar............................................................................................................21 2.1 Viktiga begrepp relaterat till hot och risk .................................................................21 2.2 Hackers, Crackers och hackerkultur.........................................................................24 2.3 Informationsinsamling .............................................................................................26 2.3.1 Port- och nätverksscanning................................................................................27 2.4 Säkerhetsproblem ....................................................................................................28 2.4.1 Trafikanalys......................................................................................................29 2.4.2 Avlyssning........................................................................................................30 2.4.3 Uppträdande under falsk identitet......................................................................31 2.4.4 Återuppspelningsattack .....................................................................................32 2.4.5 Buffertöverskrivning.........................................................................................32 2.4.6 Intrång ..............................................................................................................33 2.4.7 Omdirigeringsattack..........................................................................................35 2.4.8 Överlastning och resursmissbruk.......................................................................35 2.4.9 Mannen-i-mittenattacker ...................................................................................35 2.4.10 Race conditions...............................................................................................36 2.4.11 Datamanipulation............................................................................................36 2.4.12 Trunkeringsattack............................................................................................36 2.4.13 Omarrangeringsattack .....................................................................................36 2.4.14 Klipp-och-klistra-attack...................................................................................37 2.4.15 Övertagande av session ...................................................................................37 2.4.16 Datadrivna attacker .........................................................................................37 2.5 Att leta säkerhetshål.................................................................................................38 2.5.1 Security by obscurity.........................................................................................38 2.5.2 Källkodsgranskning ..........................................................................................39 2.5.3 Baklängeskonstruktion......................................................................................39 2.5.4 Fuzzing .............................................................................................................40 2.5.5 Testexekvering samt introspektion ....................................................................41 2.6 Andra typer av tekniska hot .....................................................................................41 2.6.1 Övertro till tekniska lösningar ...........................................................................41 Copyright (c) 2003-2008 Robert Malmgren AB. All rights reserved Sid 2 (139)
KURSKOMPENDIUM NÄTVERKSSÄKERHETSKURS ___________________________________________________________________________ 2.6.2 För hög grad av integration ...............................................................................41 2.6.3 Alltför snabb adaption av nya tekniker ..............................................................42 2.6.4 Alltför komplexa lösningar................................................................................42 2.6.5 Ej uppsäkrade system........................................................................................42 2.6.6 Lättillgängliga attackverktyg.............................................................................43 2.6.7 Formgivnings- och implementationsfel .............................................................43 2.6.8 Skräppost, spam................................................................................................43 2.6.9 Nätfiske och nigeriabrev ...................................................................................44 2.7 Organisatoriska hot och risker..................................................................................46 2.7.1 Oklara ansvarsförhållanden ...............................................................................46 2.7.2 Personrisker ......................................................................................................46 2.7.3 Organisationsförändringar.................................................................................46 2.8 Administrativa hot och risker...................................................................................47 2.8.1 Okunskap om system och infrastruktur..............................................................47 2.8.2 Ojämna skyddsnivåer och felfokuserade lösningar ............................................47 2.8.3 Avtal, dokumentation, rutiner och policies saknas .............................................47 2.8.4 Bristande underhåll ...........................................................................................48 2.8.5 Bristande uppföljning........................................................................................48 2.9 Kriminella hot och risker .........................................................................................48 2.10 Sociala attacker......................................................................................................49 3 Skadlig kod ....................................................................................................................50 3.1 Exempelfall .............................................................................................................58 3.1.1 AIDS-disketten .................................................................................................58 3.1.2 Concept.............................................................................................................58 3.1.3 Code Red ..........................................................................................................59 3.1.4 Morrismasken ...................................................................................................59 3.2 Virusskydd ..............................................................................................................60 4 Nätverksarkitektur ..........................................................................................................62 4.1 Nätverkstopologi .....................................................................................................62 4.1.1 Säkerhetszoner..................................................................................................62 4.1.2 Virtuella nätverk ...............................................................................................62 4.2 Brandväggar ............................................................................................................63 4.2.1 Brandväggsprinciper .........................................................................................64 4.2.2 Paketfiltrerande brandväggar.............................................................................65 4.2.3 Applikationsbrandvägg .....................................................................................65 4.2.4 Interna brandväggar ..........................................................................................66 4.2.5 Brandväggar och yttre anslutningar ...................................................................66 4.2.6 Personliga brandväggar.....................................................................................67 4.2.7 Vad är en brandvägg inte?.................................................................................68 4.2.8 Brandväggens framtid .......................................................................................68 4.3 Adress- och portöversättning....................................................................................69 4.4 Logisk åtkomstkontroll ............................................................................................71 4.5 Honungsfällor..........................................................................................................72 4.6 Intrångsdetektering ..................................................................................................72 5 Kryptering......................................................................................................................74 5.1 Äldre kryptosystem..................................................................................................75 5.1.1 Substitutionskrypto ...........................................................................................75 5.1.2 Transpositionskrypto.........................................................................................75 5.2 Modernare kryptosystem..........................................................................................75 5.2.1 Enigma och G-skrivaren....................................................................................76 Copyright (c) 2003-2008 Robert Malmgren AB. All rights reserved Sid 3 (139)
Page 1: KURSKOMPENDIUM NÄTVERKSSÄKERHETSK
Page 5 and 6: KURSKOMPENDIUM NÄTVERKSSÄKERHETSK
Page 53 and 54:
KURSKOMPENDIUM NÄTVERKSSÄKERHETSK
Page 55 and 56:
Page 57 and 58:
Page 59 and 60:
Page 61 and 62:
Page 63 and 64:
Page 65 and 66:
Page 67 and 68:
Page 69 and 70:
Page 71 and 72:
Page 73 and 74:
Page 75 and 76:
Page 77 and 78:
Page 79 and 80:
Page 81 and 82:
Page 83 and 84:
Page 85 and 86:
Page 87 and 88:
Page 89 and 90:
Page 91 and 92:
Page 93 and 94:
Page 95 and 96:
Page 97 and 98:
Page 99 and 100:
Page 101 and 102:
Page 103 and 104:
Page 105 and 106:
Page 107 and 108:
Page 109 and 110:
Page 111 and 112:
Page 113 and 114:
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
Page 137 and 138:
Page 139:
show all

Lectures for 2008 - KTH

Create successful ePaper yourself

Delete template?

Save as template?