网络安全服务 发表于 2011-12-21 08:43

绝对反击 用网络安全知识查找黑客老巢

<DIV>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; mso-char-indent-count: 2.0"><SPAN lang=EN-US><SPAN lang=EN-US style="FONT-FAMILY: 宋体; mso-hansi-font-family: Calibri; mso-ascii-font-family: Calibri"><SPAN lang=EN-US><A href="http://blog.chinaunix.nethttp://blog.chinaunix.net/attachment/201105/11/25544838_13050979780VPw.jpg" target=_blank></A><A href="http://www.wafty666.com/yunnan.html" target=_blank>网络安全</SPAN></SPAN></A></SPAN><SPAN style="FONT-FAMILY: 宋体; mso-hansi-font-family: Calibri; mso-ascii-font-family: Calibri">是一个综合的、复杂的工程,任何</SPAN><SPAN lang=EN-US><A href="http://www.wafty666.com/yunnan.html" target=_blank><SPAN lang=EN-US style="FONT-FAMILY: 宋体; mso-hansi-font-family: Calibri; mso-ascii-font-family: Calibri"><SPAN lang=EN-US>网络安全</SPAN></SPAN></A></SPAN><SPAN style="FONT-FAMILY: 宋体; mso-hansi-font-family: Calibri; mso-ascii-font-family: Calibri">措施都不能保证万无一失。因此,对于一些重要的部门,一旦网络遭到攻击,如何追踪网络攻击,追查到攻击者并将其绳之以法,是十分必要的。</SPAN></P><SPAN style="FONT-FAMILY: 宋体; mso-hansi-font-family: Calibri; mso-ascii-font-family: Calibri">
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; mso-char-indent-count: 2.0"><SPAN style="FONT-FAMILY: 宋体; mso-hansi-font-family: Calibri; mso-ascii-font-family: Calibri">追踪</SPAN><SPAN lang=EN-US><A href="http://www.wafty666.com/yunnan.html" target=_blank><SPAN lang=EN-US style="FONT-FAMILY: 宋体; mso-hansi-font-family: Calibri; mso-ascii-font-family: Calibri"><SPAN lang=EN-US>网络攻击</SPAN></SPAN></A></SPAN><SPAN style="FONT-FAMILY: 宋体; mso-hansi-font-family: Calibri; mso-ascii-font-family: Calibri">就是找到事件发生的源头。它有两个方面意义:一是指发现</SPAN><SPAN lang=EN-US><FONT face=Calibri>IP</FONT></SPAN><SPAN style="FONT-FAMILY: 宋体; mso-hansi-font-family: Calibri; mso-ascii-font-family: Calibri">地址、</SPAN><SPAN lang=EN-US><FONT face=Calibri>MAC</FONT></SPAN><SPAN style="FONT-FAMILY: 宋体; mso-hansi-font-family: Calibri; mso-ascii-font-family: Calibri">地址或是认证的主机名;二是指确定攻击者的身份。网络攻击者在实施攻击之时或之后,必然会留下一些蛛丝马迹,如登录的纪录,文件权限的改变等虚拟证据,如何正确处理虚拟证据是追踪网络攻击的最大挑战。</SPAN></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; mso-char-indent-count: 2.0"><SPAN style="FONT-FAMILY: 宋体; mso-hansi-font-family: Calibri; mso-ascii-font-family: Calibri"></SPAN>&nbsp;</P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; mso-char-indent-count: 2.0"><SPAN style="FONT-FAMILY: 宋体; mso-hansi-font-family: Calibri; mso-ascii-font-family: Calibri"><SPAN lang=EN-US><SPAN lang=EN-US style="FONT-FAMILY: 宋体; mso-hansi-font-family: Calibri; mso-ascii-font-family: Calibri"><SPAN lang=EN-US><A href="http://blog.chinaunix.nethttp://blog.chinaunix.net/attachment/201105/11/25544838_13050979780VPw.jpg" target=_blank><IMG src="http://blog.chinaunix.nethttp://blog.chinaunix.net/attachment/201105/11/25544838_13050979780VPw.jpg" border=0 ; .load="imgResize(this, 650);"></A></SPAN></SPAN></SPAN></SPAN></P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-US><FONT face=Calibri></FONT></SPAN>&nbsp;</P>
<P class=MsoNormal style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; mso-char-indent-count: 2.0"></SPAN>&nbsp;</P></DIV>
页: [1]
查看完整版本: 绝对反击 用网络安全知识查找黑客老巢