Current location - Education and Training Encyclopedia - Graduation thesis - Preface of direct attack and defense in large and medium-sized network intrusion cases
Preface of direct attack and defense in large and medium-sized network intrusion cases
At present, the application of the Internet is more and more extensive, and hackers and viruses are everywhere, which greatly affects the reliability and security of the Internet. It is urgent to protect the Internet and strengthen the construction of network security. Compared with ordinary individual users or small networks, the information security of large and medium-sized complex networks of various enterprises and companies is particularly difficult. Many inexperienced network administrators and information security workers often have no way to start or go astray in the face of large and medium-sized network security management and maintenance.

Misunderstanding of security defense of large and medium-sized networks

In large and medium-sized networks of various enterprises and companies, network information security is particularly important. Once the network system security is seriously threatened or even paralyzed, enterprises will suffer huge economic losses. However, there is a very common misunderstanding among many large and medium-sized network information security administrators and workers.

Many network information security administrators and workers often rely too much on hardware firewalls, intrusion detection systems and other security devices in their work, and have a deep understanding of various security theories, but they cannot cope with some "script kiddies" attacks in real work.

Especially in various large and medium-sized network management, due to the complex network structure, security work is often impossible. With the help of various hardware security devices and ready-made defense schemes, a seemingly solid security line is established. However, due to the lack of understanding of the methods and ways of hacking attacks, there are actually many missing security corners hidden under the seemingly solid security line. Many large and medium-sized enterprises, companies, governments, websites and other complex networks seem to be solid and secure, but in fact they are fragile, and hackers can easily invade and attack the whole network.

At the beginning of this book, we have carried out intrusion detection on the four major portals on the domestic Internet. Facts have proved that even such a well-known network company, with a large number of information security administrators and staff, will still be easily invaded and attacked by hackers. This reflects a very serious problem to a great extent. Domestic large and medium-sized network security defense is facing great crisis and threat, and there are many shortcomings in the work of large and medium-sized network security defense, which must be substantially improved.

"Hand-beating each other" is the safe way.

How can we better improve all kinds of large and medium-sized network security defense work?

A senior network security expert in China once said that people engaged in computer network management and information security should learn the skills of "drawing a square with their left hand and drawing a circle with their right hand", so that their left brain can become a top expert in network security and their right brain can become a top hacker, in order to truly understand and guarantee the security of network information.

A qualified network information security administrator should be a skilled hacker first.

As administrators or workers who have systematically studied the theory of network information security, they often have a natural sense of superiority, look down on some so-called hackers and regard hacking technology as heresy. It is this understanding that hinders the progress of many network information security administrators and workers. As the saying goes, know yourself and know yourself. Only by learning and mastering hacking techniques can we know where hackers invade and what methods or loopholes to use to attack, so as to carry out more targeted security defense and improve the efficiency of security work.

Especially in large and medium-sized networks with complex environment, if you are not familiar with the ways and methods of hacker attacks, security work will often be ignored or even omitted. Network information security administrators and workers, it is very necessary to understand and learn hacker intrusion technology.

Therefore, this book introduces in detail the common types of large and medium-sized network attacks, the ways, methods, tools and prevention methods of hackers invading and attacking large and medium-sized networks, so as to make up for the lack of experience and technology of network information security administrators and workers and better improve the security defense work.

About the content arrangement of this book

This book mainly introduces Trojan horse attacks, website intrusions and internal infiltration that are most commonly encountered in large and medium-sized networks, and sorts out and explains various network attacks and protection technologies in the form of analyzing the most typical cases of large and medium-sized network attacks. The contents of each chapter are arranged in the following form:

1. Typical attack and defense cases reappear; 2. Simple analysis of the case; 3. The systematic exposition of hacker attack technology; 4. Network management security protection solution; 5. In-depth analysis of intrusion technology and protection difficulties.

Among them, the typical case of 1 reproduces the real hacker attacks on large and medium-sized networks as the introduction and clue of the whole chapter. In the case introduction, readers will see the real process of hacking, from which they will have an intuitive and perceptual understanding of the targets, ways and methods of hacking.

The second part briefly analyzes the attack technology and security protection means involved in this case, so as to lead to the whole content outline.

The third and fourth parts are the key contents. The third part systematically and comprehensively explains the hacker attack technology in the corresponding network environment from the perspective of hackers, and the fourth part introduces the detailed professional security protection scheme from the perspective of network information security administrators and workers.

The fifth part is an in-depth analysis of various security attack technologies and corresponding theoretical knowledge. From the angle of attack and defense, some new technologies and valuable technical difficulties are deeply analyzed.

In addition, in addition to typical cases, many auxiliary and reference cases are added in each article, which makes the knowledge introduced more closely combined with practice.

Express gratitude/gratitude

This book was finally published, thanks to the great help of Mr. Zhang Chunyu and Ms. Gao Hongxia, editors of Electronic Industry Press. Thanks to the help and support of many friends from hacker base, Huaxia Hacking Alliance and hacker organization H.S.T

In addition, thanks to my parents Xiao Jiyun, Lu and my wife, your love has given me the strength to overcome difficulties!

Finally, I sincerely thank Mr. Li who has been teaching and guiding me in my life! It is your guidance that gives me the power of faith. Facing the material desire and money temptation of the dark side of the industry, I will keep my true heart and abide by the professional ethics of a network security technology researcher. Thank you!

The main authors of this book are Xiao Yao, Han Yu, Deng Ruopeng, Gao, Mai, Yan, Ding Jing, Yin Ruoyan, Yu Wenqing, Qian Yiyi and Du Nongyuan.

Solemnly declare: the purpose of this book is by no means to provide support for those with ulterior motives, nor to bear joint responsibility for the abuse of technology; The purpose of this book is to arouse everyone's awareness of network security to the maximum extent, face up to a crisis facing our network world and take action.