Experience of Network Security In the 2nd/kloc-0th century, the network has become a part of people's daily life, and many people can't even live without it. With the internet, people can have food and clothing without leaving home. I just saw on TV a few days ago that online shopping was hot at the end of the year, and the courier company was there? Spring Festival travel rush craze? News. In the past, people had to ask someone for help when looking for something, but now people can find online help when looking for something. I remember one time I didn't know where I put the key, so I bought it. Where did you lose your key? The result was really found according to the scheme suggested by netizens.
With the explosive development of the network, the network environment has become more and more complex and open. At the same time, various security vulnerabilities are constantly exposed, malicious threats and attacks are increasing day by day, and security incidents are increasing day by day, which also threaten everyone who comes into contact with the Internet to varying degrees. Here, I will talk about my own experience on various network security problems I have encountered in my life and work:
1. It is very important to be aware of network security.
When it comes to network security, what makes us very helpless is that many people think that this is a matter for computer network professionals. In fact, everyone should have a sense of network security, which is particularly important for the staff of secret-related units. Some time ago, I watched the TV series "Secret War", and most of the ways of leaking secrets were caused by the weak safety awareness of the relevant personnel: the unit required that the confidentiality work be completed in the office, that is, someone brought it home to work overtime privately, resulting in leaking secrets; Important departments require outsiders not to enter, and some people bring idle people in to cause leaks; Private network computers are not allowed to connect to the Internet. Someone.
Playing games on the external network leads to leaks; Even the secret-related personnel made careless friends and fell in love with spies, causing leaks. Although this is only a TV series, it is also a warning to the secret units. When I watched this TV series, I thought that I should show it to the security department as a safety education film.
Not only secret-related units, but also individuals, network security awareness is particularly important. There are endless camera leaks on the Internet. Door? So what? Door? It is caused by a weak sense of personal safety. As the teacher said? What you see is not necessarily true! ? .
I have some software and systems that I usually make on my own computer. Although it's nothing important, it's also the result of my own efforts, so I've been very careful when using the computer, for fear of Trojan horses, viruses and the like. 360 traffic monitoring? The note was always in my hand? Desktop? In the lower right corner, as long as there is upload traffic, you must go and see what process is uploading.
2. Equipment safety? Many technologies are beyond our expectation.
Network equipment is the hardware foundation of network operation, and equipment security is an essential link of the network.
I've heard of electric leakage before, but I've never seen it. Recently, a colleague of the unit brought two? Electric cat? (Power line Ethernet signal transmission adapter), one network cable is plugged into the power supply, and the other is connected to the computer within 30 meters through the interface network cable to access the Internet. This reminds me that as long as someone connects the confidential network cable to the power cord, it is easy to leak. Of course, this national security department must have relevant preventive measures.
Search in a search engine, such as intitle: "Reality /-AXIS 206W", and you can find the camera. In the TV series "Secret War", the monitoring system of a secret department is networked, and spies use the monitoring system to steal the screen information and key information of staff. By installing a transmitter based on mobile network on the copier in a government confidential room, all confidential documents scanned on another receiver can be reused.
1985, at an international computer security conference held in France, van eyck, a young Dutchman, disclosed his technology of stealing microcomputer information in front of representatives of various countries. He transformed the ordinary TV set with equipment worth only a few hundred dollars and then installed it in the car. In this way, he received the information of computer electromagnetic waves lying on the eighth floor from the street downstairs, and displayed the images displayed on the computer screen.
His demonstration gave the delegates a great shock. I first learned about electromagnetic leakage when I was developing software for a certain army unit in 2004. In order to prevent electromagnetic leakage, jammers have been installed in many parts of the army.
Hard disk data does not exist unless deleted, and can be recovered by recovery software such as EasyRecovery. It seems that only by melting the confidential hard disk in the steelmaking furnace can it be foolproof.
3. Beware of Trojans
I first learned about Trojans when I was in college. I saw a model called? Big eyes? I was curious and tried it. Only commonly used software is installed on the computer in the university computer room, and other software, such as QQ, is stored on the server. I installed it myself when I used it. When the student computer is restarted with the protection card, it will be restored and must be reinstalled.
Would you? Big eyes? Put the client on the server and give it an attractive name. As a result, many students' screens were monitored by us. Some students said with a smile? It's just a Trojan horse! ? I didn't know there was a name until I asked. Trojan horse? The program also uses the same method to steal privacy. Later, I also made up a fake QQ program to steal other people's QQ, but I gave it to others. Who knew that 7-digit and 8-digit QQ numbers could be so popular now?
In the past, computers were protected against viruses such as CIH and worms, but now they are more protected against Trojan viruses, mainly because personal computers can steal passwords such as Alipay, QQ account and online banking. When you open an unsafe web page, someone sends you malicious emails, when you install unsafe software, when you use a USB flash drive, you may be infected with Trojan virus.
Some time ago? The dispute between 360 and QQ? There are many unsafe software in our computer, which may reveal our privacy.
4. Web page security
In the unit, I am responsible for the website maintenance of several departments, mainly the production of web pages. At the beginning of programming, I didn't expect to be attacked. Later, the website I made was often attacked, only to know the attack methods such as SQL injection and Ewebeditor vulnerability, so I will pay attention to the security of these aspects when programming. For example, what is my background database? x.asp#xxxxxx.mdb? . Prevent the database from being downloaded.
I remember writing a message board program for a department again. Results 1 day, there were more than 3000 malicious messages in English, which was quite a headache. Finally, the verification code is set, and the user verification will not work until the webpage code for detecting the source of the message is used. It turned out that people attacked with tools.
5. Develop good online habits
Network security involves everyone who uses the network. For individuals, to ensure their online safety, everyone should develop good online habits. I think it should include the following points:
1) The computer should be equipped with firewall and antivirus software, and upgraded in time. If the computer is connected to the Internet, it will automatically upgrade. And develop a regular security scanning computer;
2) Update windows patches in time;
3) Under the condition of ensuring the security of the system, do a good job of GHOST backup to prevent the system from recovering in time when it encounters stubborn viruses;
4) Don't use QQ to click and execute websites and programs sent by netizens.
5) Don't browse unsafe web pages;
6) Share files should be closed in time, and things shared by others are often seen in the working group computer of the unit;
7) Don't browse unfamiliar emails;
8) Open the USB flash drive after antivirus;
9) It is best not to log in to your bank account, Alipay, QQ, etc. On someone else's computer; For each of us, improving the awareness of network security and learning the knowledge of network security are the basic requirements for us in the network era.
Learning experience of network security and cryptography I took the course of network information security this semester. Since the first class, my concept has completely changed. The teacher is not a mechanical plagiarism, nor a reader who only watches ppt, but a scholar who is really imparting knowledge. The teacher's language is vivid and humorous, which gives great encouragement to continue listening. In class, I also learned a lot about cryptography.
Among all kinds of disciplines, only cryptography is different, which is composed of two branches of disciplines that are opposite and interdependent, but complement and promote each other. These two sub-disciplines, one is cryptography and the other is cryptanalysis.
? Password? For most people, this word is incredibly mysterious. The reason is that its theory and technology are strictly controlled by the state security organs involved in military, political and diplomatic affairs and are not allowed to be leaked.
The word cryptography comes from Greek? Kryptonian? And then what? logos? Two words, meaning? Hide? And then what? News? . It is a science that studies the security and confidentiality of information systems. Its purpose is to let two people communicate on an insecure channel without being understood by the decoder.
From thousands of years ago to 1949, cryptography has not become a real science, but an art. Cryptologists often design passwords based on their own intuition and beliefs, and the analysis of passwords is mostly based on the intuition and experience of cryptographers (that is, decoders). From 65438 to 0949, Claude elwood, an American mathematician and founder of information theory, published the article "Information Theory of Security Systems", which marked the beginning of the cryptography stage. At the same time, the information theory marked by this paper has established a theoretical basis for symmetric key cryptosystem, and cryptography has since become a science.
Due to the need of confidentiality, people can't see the documents and materials about cryptography at this time, and people usually don't touch passwords. 1967 Kahn published a novel called The Decoder, which made people understand cryptography. In the early 1970s, IBM published several technical reports on cryptography, which made more people understand the existence of cryptography.
However, the emergence of scientific theory has not made cryptography lose its artistic side. Today, cryptography is still an art science. 1976, Diffie and Hellman published the article "The New Direction of Cryptography", which proved for the first time the possibility of secure communication between the sender and the receiver without transmission keys, thus creating a new era of public key cryptography. This article has also become a symbol to distinguish between classical passwords and modern passwords.
1977, American data encryption standard (DES) was released. These two things have led to unprecedented research on cryptography. From this time on, we began to study civil cryptography, cryptography began to give full play to its commercial value and social value, and people began to contact cryptography. This transformation has also promoted the unprecedented development of cryptography.
The earliest encryption technology was Caesar encryption. The secret gold wheel means that encryption and decryption hardware equipment can be shared and mass-produced, so as to reduce the production and procurement costs of hardware encryption and decryption equipment. Decryption and encryption technologies have always coexisted, containing and advancing each other. Complicated encryption and decryption algorithms are constantly evolving to surpass human execution ability. Kerckhoffs principle, Shannon's perfect security, DES algorithm and Rijndael algorithm, just like the milestone of cryptography, stand on the road of cryptographers' continuous exploration, as a leap and as a symbol.
These are some common-sense questions about cryptography that I learned in this course, and then introduce the parts that I am interested in.
In this course, I am most interested in public key cryptography. In fact, the core foundation of public key cryptography is the positive and negative asymmetry of some problems in the field of mathematics, such as integer decomposition problem (RSA), discrete logarithm problem (DL) and elliptic curve problem (ECC), and these problems are inextricably linked with number theory without exception. The great mathematician Gauss once said? Mathematics is the queen of science, and number theory is the crown of mathematics? However, it is a pity that the introduction of number theory is almost blank in both primary and higher education in China, and the only thing involved is the junior and senior high school mathematics competition, but this coverage is definitely extremely limited.
This chapter does not give a complete introduction to number theory, but only expounds the knowledge related to the contents in the book, including Euclid theorem and its extension, Euler function, Fermat's infinitesimal theorem and euler theorem, in which Euclid theorem has detailed derivation and calculus, and the latter two only give conclusions and usage. But considering the independence of these parts, as long as we have a solid understanding of the basic knowledge of prime number, composite number and prime factor decomposition, it should not be difficult to understand.
For Euler function, Fermat's Last Theorem and euler theorem, it is not difficult to prove the method, and related processes can also be found on the Internet. But its application is very important, especially Fermat's last theorem, which is the basis of Miller-Rabin prime number test. I think students who like math will definitely like this course. This course involves a lot of mathematical knowledge, including number theory, advanced algebra, analytic geometry, group theory and many other fields.
In addition, the various algorithms mentioned by the teacher in class (such as the classic algorithms of Diffie and Hellman) have influenced so far, which have contributed to the formation of various emerging algorithms and have been cited many times. The classics are still there, and the new development of cryptography is still going on, which is still expected.
I recommend it carefully.