20,199,138 2019-2020-2 "network attack and defense practice," the first week of operation
1. knowledge carding and summary
1.1 Overview of network attack and defense technology
First, learn the Dasher worm emergency response events of the actual cases, so I have a visual impression of the network attack and defense technology; the understanding of the history of the hacker Road, network attack and defense technology framework and outlines the different types of offensive and defensive technology; this chapter focuses on the offensive and defensive technology can not be ignored physical attacks and social engineering; finally emphasized the right attitude and hackers should be aware of laws and regulations.
- Network attack and defense technology framework
1.2 three types of attack techniques:
(1) Using software security system to attack
(2) Application protocol security flaws network protocol attacks
(3) Using the human weaknesses of social engineering attacks
Attack of network protocols including:
(1) Network Interface Layer: an Ethernet-based protocol and the mainstream WIFI broadcast protocol, there is a risk of eavesdropping network sniffer (Sniffer)
(2) interconnection layers: the IP protocol is performed View route only when forwarding destination address, source address not be verified, so an attacker can implement IP source address spoofing, impersonate another IP address to send data packets, in order to hide the source of the attack purposes.
ARP, ICMP, and so there is a corresponding protocol defect
(3) transport layer: three-way handshake for the connection establishment procedure SYN Flooding denial of service attacks using vulnerability disconnect function TCP RST attacks, TCP session hijacking, etc.
(4) application. layer: HTTP, FTP, POP3, SMTP etc. in plain text encoding, there is sensitive information eavesdropping, tampering and impersonation attacks such risks.System security attack and defense
The life cycle of software security vulnerabilities
- Web security offensive and defensive
Collection is currently on the hot issues in the field of network attack and defense, but also mainstream applications. Including Web server security, Web application security, Web client and Web browser security transmission protocol security.
1.3 analyze network attacks
a.信息收集:踩点、扫描、查点
b.实施攻击:获取访问、特权提升、拒绝服务攻击
c.成功之后:偷窃、掩踪灭迹、创建后门
1.4物理攻击与社会工程学
通过物理攻击或人际交流,达到攻击信息系统目标的攻击方法
2.课后作业
(1)黑客电影鉴赏,撰写一篇影评在个人博客上发表,或者从影视作品中截取社会工程学或者物理攻击片段,说明其利用了何种攻击手段,加以具体评述。
(2)通过社会工程学手段尝试获取其他同学的个人信息,并详述你的社工过程,包括成功的和失败的。
2.1黑客电影鉴赏
《我是谁:没有绝对安全的系统》是一部高智商黑客网络犯罪电影。表面上讲黑客入侵电脑的高科技手段,实则映射人类才是系统中最大的漏洞。可以说这部电影颠覆了我之前对黑客的理解和认知。
经典技术片段
改写供电系统程序导致瘫痪
改写金融证券系统
攻击德国情报局
经典社会工程学片段
垃圾搜寻,单位或企业的垃圾堆往往包含了大量的信息,攻击者可找出很多可能危害安全的信息
伪装身份,骗取信任,潜入攻击目标所在处的工作区
预演被谈话过程,针对人性弱点,使对方信服你
经典语句
- 黑客技术就像魔术,处处充满了欺骗。
- 不要沉迷于网络技术,人才是突破信息系统的关键。
- 没有一个系统是安全的。
- 人不能总藏在他的计算机后面,最大的安全漏洞并不是存在于什么程序或者服务器内,人类才是最大的安全漏洞。
- 所有黑客手段中最有效的、最伟大的幻想艺术——社会工程学。
- 每个人都只看到他愿意看到的。
2.2社工实践
在购物群中随便添加了一个人的微信,通过伪装身份并抓住其想寻找购物优惠券的心理,获取其姓名电话等信息。
3.学习中遇到的问题及解决
第一章内容主要是概述,重点是对一些概念的理解。在开始了解重现黛蛇蠕虫传播场景时,感到有些不够直观,反复看了两遍加深了对其的理解。
4.学习感悟、思考等
网络攻防实践这门课涉及理论知识较多,处在多门学科交叉地带中。基础,理解,实践,思考缺一不可。
参考资料
- [《网络攻防技术与实践.zgjw》]
- [《网络层的安全威胁》](https://blog.csdn.net/robur/article/details/1383120?ops_request_misc=%7B%22request%5Fid%22%3A%22158322476719724847009491%22%2C%22scm%22%3A%2220140713.130056874..%22%7D&request_id=158322476719724847009491&biz_id=0&utm_source=distribute.pc_search_result.none-task)