1、 PGP为什么在压缩前生成签名为什么在压缩前生成签名(1)对未压缩的消息进行签名可以保存未压缩)对未压缩的消息进行签名可以保存未压缩的消息和签名,验证时直接处理,不用涉及压缩的消息和签名,验证时直接处理,不用涉及压缩部分的内容部分的内容(2)释然可以在验证时对消息重新压缩后验证,)释然可以在验证时对消息重新压缩后验证,用用PGP现有的压缩算法很难实现这个处理过程。现有的压缩算法很难实现这个处理过程。主要内容 木马木马 防火墙防火墙木马 利用计算机利用计算机程序程序漏洞侵入后窃取文件的程序程序漏洞侵入后窃取文件的程序程序被称为木马被称为木马 软件部分:实现远程控制所必须的软件程序。控软件部分:实
2、现远程控制所必须的软件程序。控制端程序:控制端用以远程控制服务端的程序。制端程序:控制端用以远程控制服务端的程序。木马程序木马程序:潜入服务端内部,获取其操作权限的:潜入服务端内部,获取其操作权限的程序,设置木马程序的程序,设置木马程序的端口号端口号。具体连接部分:通过具体连接部分:通过INTERNET在服务端和控制在服务端和控制端之间建立一条木马通道。木马端口:即控制端,端之间建立一条木马通道。木马端口:即控制端,服务端的数据入口,通过这个入口,数据可直达服务端的数据入口,通过这个入口,数据可直达控制端程序或木马程序。控制端程序或木马程序。Secure,trusted operating s
3、ystems are one way to secure against Trojan Horse attacks敏感敏感公开公开防火墙防火墙products-device Throughput(Mbps)2000 Security filtering bandwidth 1100 IDS Dos、DDoS Security standard ICSA Firewall,ICSA IPSec,VPNC IPSec,ICSA Cryptography Throughput(Mbps)188 Security filtering bandwidth(Mbps)130 IDS DoS Main fu
4、nctions Redundant firewall,filtering URL and virus detection Standard UL1950,CAN/CSA-C22.2 No.950,EN 60950,IEC60825-1,IEC60825-2,EN60825-1,EN60825-2,21CFR 1040products pure software An example Firewall What is firewall Types of Firewalls Firewall Configurations A firewall can be software,hardware,or
5、 a combination of both.All traffic from inside to outside must pass through the firewall Only will be allowed to pass.defined by the local security police Attention:Firewalls dont prevent but,in some circumstances,they can stop viruses from sending information from an infected computer.Establish con
6、trolled links Protect the system(network or a computer)from Internet-based attacksFour general techniques Service control Determines the types of Internet services that can be accessed,inbound or outbound Direction control Determines the direction in which particular service requests are allowed Use
7、r control Controls access to a service according to which user is attempting to access it Behavior control Controls how particular services are used(e.g.filter e-mail)Firewall What is firewall Types of Firewalls Firewall Configurations Packet-filtering 报文过滤报文过滤 Application-level gateways 应用层网关应用层网关
8、Circuit-level gateways 电路层网关电路层网关 Stateful Inspection Firewall 状态检测状态检测(1)Packet-filtering Applies a set of rules to each incoming IP packet and then forwards/discards the packet based on matches to fields in the IP or TCP header Advantages:Simplicity,Transparency to users,High speed Disadvantages:D
9、ifficulty of setting up packet filter rules,Lack of AuthenticationAn example(2)Application-level Gateway proxy server 代理服务器代理服务器 Acts as a relay of application-level traffic Advantages:Higher security than packet filters Only need to scrutinize(细察细察)a few allowable applications.Easy to log and audit
10、(审计审计)all incoming traffic Disadvantages:Additional processing overhead on each connectioncircuit-level gateway It filters packets at of the OSI model.E.g.Socks软件包 An implement of circuit-level gateway Port 1080(Socks server)TCP/UDP1080(4)Stateful Inspection Firewall maintains the state of each TCP
11、session or UDP pseudo-session on outbound TCP/UDP session Firewall What is firewall Types of Firewalls ExamplesScreened host firewall system single-homed bastion host Firewall consists of two systems:A packet-filtering router A bastion host bastion host directly connected with the public network pac
12、ket-filtering router Only packets from and to the bastion host are allowed to pass through the router.Screened-subnet firewall systemAn example of Screened firewallHoney-pot A computer system on the Internet that is set up to attract and trap people who attempt to penetrate other peoples computer systems.欲擒故纵欲擒故纵Most security