1、Threat Capabilities – More dangerous and easier to use
–password guessing –> self-replicating code –> password cracking
–expoiting known vulnerablities –> Back door –> scanners –>stealth diagnostics –>
packet forging/spoofing
–disabling audits –> hijacking sessions –>sniffers
2、Netowrk security is a continuous Process build around a security policy
Step1: Secure
—> Methods
– Authentication
– Encryption
– Firewalls
– Vulnerability patching
Step2: Monitor
— Vulnerablity scanners
— IDSs
Step3: Test
Step4: Improve
3、Network Security Policy
–” A formal statement of the rules by which people who are given access to
an organization’s technology and information assets must abide.”
4、What should the security policy contain?
– Statemnet of authority and scope ‘申明权利范围
– Acceptable use policy
– Identification and authentication policy
– Internet use policy
– Campus access policy
– Remote access policy
– Incident handling procedure
5、Netowrk Security Threats
– unstructured threats/structured threats/internal threats/external threats
6、 Four Primary Attack Categories
–Reconnaissance attacks/Access attacks/Denial of service attacks
/Worms,viruses,Trojan horses …
