information security
-
firewall technology
- The filtering and blocking mechanism established on the boundary of the internal and external networks assumes that the internal network is safe and reliable, while the external network is unsafe and unreliable.
- The role is to prevent unauthorized access to the protected internal network, and strengthen the security policy of the internal network through border control
- Related work: control, audit, alert, react
- There is a DMZ (demilitarized zone or demilitarized zone) between the outside and the inside
- Public servers can be stored: web server, E-mail server, FTD server can only access the DMZ from the outside, but not from the inside, all can be accessed from the inside
- It has experienced three stages of development: packet filtering, application proxy gateway, and status inspection technology
- packet filtering firewall
- The user is completely transparent, the speed is fast, and the low-level control checks the source address, destination address, protocol and port
- The disadvantage is that it cannot prevent hacker attacks, does not support application layer protocols, and the granularity of access control is too rough to deal with new security threats
- Application Proxy Gateway Firewall
- Completely cut off the direct communication between the external network and the internal network, becoming: internal network – firewall – external network
- The advantage is that it can check the protocol characteristics of the application layer, transport layer and network layer, and has a relatively strong detection ability for data packets. The disadvantage is that it is difficult to configure and the processing speed is very slow
- Stateful Inspection Technology Firewall
- Combining the advantages of the above two, improved performance
- packet filtering firewall
-
Virus
- Trojan Horse: Network Connection Problems
-
Network attacks
- ARP attack (ARP spoofing) can generate (send) a large amount of ARP traffic to block the network by forging IP addresses and MAC addresses; forging gateway ARP makes it impossible to communicate across network segments; the processing method is to disconnect the connection first and then use the arp-d command
-
cyber security
- Security Protocol
- SSL (Secure Sockets Layer)
- Transport layer security protocol, used to implement web security communication; port number 443; has become the de facto web security standard
- TLS (Transport Layer Security Protocol)
- It is a protocol formulated by IEIF and an upgraded version of SSL;
- SSH (secure connection)
- A protocol for establishing a secure connection between an end device and a remote site
- Security protocols at the application and transport layers
- A protocol designed to provide security for remote login sessions and other network services, preventing message leakage
- HTTPS 443 Secure
- The HTTP channel with the goal of security, which uses the HTTP (80 insecure) SSL encryption algorithm
- MIME Multipurpose Internet Mail Extensions type e-mail type correlation
- E-mail related can support: non-ASCII character text, non-file format Fujian (binary, sound, image)
- PGP Excellent Non-Disclosure Agreement Email Security Related
- It is an email encryption software based on RSA (asymmetric encryption) public key encryption system
- SSL (Secure Sockets Layer)
- Security Protocol
-
expand
