Network security related knowledge-Common Problem-php.cn

Home

Common Problem

Network security related knowledge

藏色散人

Apr 21, 2020 am 09:47 AM

network

Network security related knowledge

Five ways to steal secret attacks

Footprinting: The attacker collects the target's information in advance and usually uses tools such as Whois, Finger, Nslookup, and Ping to obtain some of the target's information, such as domain name, IP address, network topology, related user information, etc. These are often the first steps for hackers to invade;

Scanning: Scanning here mainly refers to port scanning. Nmap and other port scanning tools are usually used to obtain some useful information about the target computer. Information, such as which ports are opened on the machine, will know which network services are opened. Hackers can exploit these server-side vulnerabilities to conduct further intrusions. This is often the second step in a hacker's intrusion.

Protocol stack fingerprinting (Stack Fingerprinting) identification (also called operating system detection): Hackers send detection packets to the target host. Since there are many subtle differences between the IP protocol stack implementations of different OS manufacturers, each OS Each has its own unique response method, and hackers are often able to determine the OS the target host is running. This can often be seen as part of the scanning phase.

Information flow sniffing (Sniffering): By setting a host's network card to promiscuous mode in a shared LAN, or using ARP spoofing in various LANs, the host will accept all passing data packets. Based on this principle, hackers can use a sniffer (hardware or software) to monitor network information flow and collect information such as account numbers and passwords. This is the third step of hacking.

Session Hijacking: The so-called session hijacking means that during a normal communication process, a hacker participates as a third party, or injects additional information into the data stream, or inserts the information of both parties into the process. The communication model secretly changes, that is, from direct contact to being relayed by hackers. This attack method can be considered as the fourth step of hacking - one of the real attacks.

What is a firewall? Why do you need a firewall?

A firewall is a device, which is a combination of software and hardware equipment. It is usually located between an enterprise's internal LAN and the Internet. It restricts Internet users' access to the internal network and manages internal user access. Internet permissions.

In other words, a firewall provides a blocking tool between an internal network that is considered safe and trusted and an external network that is considered less secure and trustworthy. If there is no firewall, the security of the entire internal network completely depends on each host. Therefore, all hosts must achieve a consistent high level of security, which is very difficult in actual operation.

The firewall is designed as a device running dedicated access control software and has no other services, so it means there are relatively few defects and security holes, which makes security management more convenient. Ease of control will also make internal networks more secure. The principle followed by the firewall is to ensure the security of the internal network as much as possible while ensuring the smooth flow of the network. It is a static security component.

What are the limitations of firewalls?

Some attacks on the network can bypass the firewall

Firewalls cannot prevent attacks from the internal network.

Firewalls cannot protect the transmission of virus-infected programs and files.

Firewalls cannot protect against new online threats.

When using end-to-end encryption, the role of the firewall will be greatly limited.

Firewalls are not completely transparent to users and may cause problems such as transmission delays, bottlenecks, and single points of failure.

Firewalls cannot protect against data-driven attacks.

The above is the detailed content of Network security related knowledge. For more information, please follow other related articles on the PHP Chinese website!

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

网络ms是什么意思Jul 12, 2021 am 10:52 AM

网络ms是指网络延迟了以ms（毫秒）为单位的数据。网络中的ms就是指的毫秒，ms数值则代表了网络的延时情况，如果ms数值越高，说明当前网络延迟状况严重，用户进行游戏时会出现卡顿现象；如果ms数值越低，也就代表了网络状况流畅。

网络接入已满是什么意思Feb 28, 2023 pm 02:15 PM

网络接入已满的意思是指当前连接的WIFI已经达到预定的设备数量了，无法再接入新的设备了；通俗说就是路由器设置了只能连接N个设备，现在已经足够了，所以新的设备就连接不了。

在因特网上的每一台主机都有唯一的地址标识称为什么Aug 22, 2022 pm 03:24 PM

每一台主机都有唯一的地址标识称为“IP地址”。IP地址是IP协议提供的一种统一的地址格式，它为互联网上的每一个网络和每一台主机分配一个唯一的逻辑地址，以此来屏蔽物理地址的差异。由于有这种唯一的地址，才保证了用户在连网的计算机上操作时，能够高效而且方便地从千千万万台计算机中选出自己所需的对象来。

网络忙是什么意思Mar 10, 2023 pm 03:39 PM

网络忙的意思就是“网络忙线”，指对方拒绝接听电话或者当信号不好时，就会出现提示网络忙；提示网络忙的其他原因有：1、所处的电话基站的无线信道太少或打电话的人太多；2、晚上IP路由比较忙，所以会经常听到网络忙的提示。

chn-ct是什么网络Oct 27, 2022 pm 05:09 PM

chn-ct是中国电信的4G网络。CHN-CT全称China Telecom（FDD-LTE），翻译过来是中国电信（第四代移动通信网络），属于中国电信的移动通信网络，只有电信用户可以使用。CHN-CT技术包括TD-LTE和FDD-LTE两种制式，但LTE只是3.9G，因此在严格意义上其还未达到4G的标准；只有升级版的LTE Advanced才满足国际电信联盟对4G的要求。

进网许可和进网试用有什么区别Sep 28, 2022 am 11:22 AM

进网许可和进网试用的区别：1、标志上的颜色不同，进网试用的标志颜色是绿色，而进网许可标志是蓝色的；2、两者的使用时间不同，进网试用是给用户一年的试用期，但是进网许可是直接进行使用，没有时间限制。

evdo是什么网络Oct 26, 2022 am 11:31 AM

evdo是电信的CDMA网络的3G网络制式，最高速度可以达到3.1M左右；evdo是三个单词的缩写，全称为“CDMA2000 1xEV-DO”，已被国际电联ITU接纳为国际3G标准。

puo的网络意思是什么Nov 21, 2022 am 10:43 AM

puo的网络意思是禁止的用户操作。puo其原理是通知用户是否对应用程序使用硬盘驱动器和系统文件授权，以达到帮助阻止恶意程序损坏系统的效果。puo提示要求获得许可才能提升权限时，桌面被锁定，这样它只接受来自Windows进程的消息；Windows页面内存管理进程作为单线程运行在每个处理器上，并在系统不处理其他线程的时候分派处理器的时间。