Chapter 1 Overview of Computer Network Security
1. 1 Basic concepts of computer network security 1
1. 1. 1 network security definition 1
1. 1.2 characteristics of network security 2
Threats to computer network security 3
1.2. 1 network security threat classification3
1.2.2 The threat of computer virus 3
1.2.3 Trojan threats 4
1.2.4 network monitoring
1.2.5 Hacking 4
1.2.6 Malware Attacks 4
1.3 root causes of network security threats 5
1.3. 1 system and program vulnerabilities 5
1.3.2 Facilities required for network security protection
existing problems
1.3.3 Problems in safety protection knowledge 9
1.4 network security policy 9
1.4. 1 network security policy design principle 9
1.4.2 Several network security strategies 10
1.5 Computer Network Security Status and Development 1 1
1.5. 1 Computer Network Security Status
1.5.2 development direction of computer network security 12
1.6 summary and exercise 13
1.6. 1 summary 13
1.6.2 exercise 13
Chapter 2 Network Security Architecture and Protocol 14
2. 1 Overview of computer network protocols 14
2. 1. 1 network protocol 14
2. 1.2 protocol suite and industry standard 14
2. Interaction of1.3 protocol 15
2. 1.4 technology independence agreement 15
2.2 OSI reference model and its security system 16
2.2. 1 computer network architecture 16
2.2.2 introduction of OSI reference model 16
ISO/OSI security system 17
2.3 TCP/IP reference model and its security architecture 20
2.3. 1 TCP/IP reference model 20
2.3.2 security architecture of TCP/IP reference model 2 1
2.4 General network protocols and services 24
2.4. 1 Common network protocols 24
2.4.2 General network services 27
2.5 Windows Common Network Commands 28
2.5. 1 ping command 28
At command 30
2.5.3 netstat command31
Tracert command 32
Network command 32
Ftp command 34
Nbtstat command 35
Telnet command 36
2.6 Protocol Analysis Tool-Sniffer Application 36
2.6. 1 sniffer startup and setup 37
Decoding analysis 40
2.7 Training programs 42
2.8 Summary and Exercise 43
2.8. 1 summary 43
Exercise 43
Chapter 3 Computer Virus and Trojan Horse 44
3. 1 computer virus overview 44
3. 1. 1 definition of computer virus 44
3. 1.2 evolutionary history of computer viruses 44
3. 1.3 characteristics of computer viruses 46
3.2 computer virus and its classification,
Transmission path 46
3.2. 1 Common computer viruses 46
3.2.2 Computer virus classification
3.2.3 Transmission routes of computer viruses 48
3.3 Computer Virus Detection and Defense 49
3.3. 1 Detection and defense of common computer viruses 49
3.3.2 U disk virus detection and defense 54
3.3.3 ARP virus detection and defense 57
3.3.4 Detection and Prevention of Worm Virus 59
3.4 Computer Overview Trojan Horse 64
The definition of computer Trojan 65
3.4.2 Types and basic functions of computer Trojans 65
3.4.3 Working principle of computer Trojan Horse 66
3.5 Computer Trojan Detection and Defense 66
3.5. 1 detection and defense of common computer Trojan 66
3.5.2 Manually Remove the Trojan Horse 70, a typical computer
3.6 Training programs 74
3.7 Summary and Practice 74
3.7. 1 Summary 74
Exercise 75
Chapter 4 Encryption and Digital Signature 76
4. 1 encryption technology 76
4. 1. 1 Overview of encryption technology 76
4. 1.2 Common ways of data encryption 77
4.2 Encryption Algorithm 80
Classical encryption algorithm 80
4.2.2 Modern encryption algorithm 82
4.3 Digital signature technology 84
4.3. 1 Overview of digital signature technology 84
4.3.2 Working principle of digital signature technology 85
4.3.3 Algorithm of Digital Signature Technology
4.4 Public Key Infrastructure Technology 86
4.4. 1 PKI overview 86
4.4.2 Technical Principles of Public Key Infrastructure 86
4.4.3 Certification Authority
Digital certificate 88
4.5 PGP principle and application 89
4.5. Overview of1PGP
4.5.2 PGP key creation 89
4.5.3 PGP file encryption and decryption 93
4.5.4 PGP key export and import 94
4.5.5 PGP e-mail encryption, decryption and
Signature verification 95
PGP digital signature 97
4.6 EFS principle and application 98
EFS overview 98
EFS encryption and decryption 98
4.6.3 other applications of EFS101
4.7 SSL secure transmission and application 104
4.7. 1 SSL overview 104
Working principle of SSL 105
4.7.3 Installation certificate service 105
4.7.4 Certificate Application 107
4.7.5 Issue the Web server certificate 1 10.
4.7.6 Install the server certificate 1 1 1
4.7.7 SSL settings of web server 1 12.
4.7.8 SSL settings of the browser 1 13.
4.7.9 Visit SSL site 1 15.
4.8 training program 1 15
4.9 Summary and Practice 1 18
4.9. 1 Summary 1 18
4.9.2 Exercise 1 18
Chapter V Firewall Technology 1 19
5. 1 firewall overview 1 19
5. 1. 1 basic principle of firewall 1 19
5. Main functions of1.2 firewall 120
5. Restrictions of1.3 firewall 120
5.2 Implementation Technology of Firewall 120
5.2. 1 packet filtering 120
5.2.2 Application layer proxy 12 1
5.2.3 Condition Detection Technology 122
5.3 firewall 122 architecture
5.3. 1 dual-host/multi-host mode 122
5.3.2 Shielding host mode 123
Shielded subnet mode 123
5.4 working mode of firewall 124
5.5 Implementation of Firewall 126
5. 5. 1 firewall based on single host 126
5.5.2 Firewall based on network host 126
5.5.3 Hardware firewall 126
5.6 Application of Rising Personal Firewall 127
5.6. 1 interface and function layout 127
5.6.2 Common functions 128
5.6.3 Network Monitoring 130
5.6.4 Access Control 134
5.6.5 Advanced Settings 137
5.7 ISA Server 2004 Configuration 138
5. 7. 1 ISA Server 2004 overview 138
5.7.2 Install ISA Server 2004 139.
5.7.3 ISA Server 2004 Firewall Policy 142
5.7.4 Publish the server 147 in the internal network.
5.7.5 ISA Server 2004 system and
Network monitoring and reporting 152
5.8 iptables firewall 155
5.8. Rule table in1iptables 156
5.8.2 Introduction to iptables command 156
5.8.3 Linux firewall configuration 158
5.9 PIX firewall configuration 16 1
5.9. 1 PIX basic configuration command 162
5.9.2 PIX firewall configuration example 166
5. 10 Training Program 167
5. 1 1 summary and exercise 170
5. 1 1. 1 summary 170
5. 1 1.2 Exercise 170
Chapter 6 Windows Server 2003
Network security 17 1
6. 1 Windows Server 2003
Safety introduction 17 1
6. 1. 1 user authentication 17 1
6. 1.2 object-based access control 172
6.2 Windows Server 2003 System Security
Common configuration methods of 172
6.2. 1 installation process 172
6.2.2 Set up and manage accounts correctly 172
6.2.3 Set directory and file permissions correctly 173
Network service security management 173
6.2.5 Close useless ports 174.
6.2.6 Local safety policy 175
6.2.7 Audit Strategy 179
6. 2. 8 Windows log file protection 180
6.3 Windows Server 2003 Access
Control technology 18 1
6.3. 1 Introduction to Access Control Technology 18 1
Windows Server 2003 access
Use the control 18 1
6.4 Account Policy 187
6.4. 1 account policy configuration 187
Kerberos policy 190
6.5 Enable security template 190
6.5. Introduction to1safety template 190
6.5.2 Method of enabling security template 19 1
6.6 Training Program 193
6.7 Summary and Practice 196
6.7. 1 summary 196
6.7.2 Exercise 196
Chapter VII Port Scanning Technology 197
7. 1 port overview 197
7. 1. 1 TCP/IP working principle 197
7. Definition of1.2 port 199
7. 1.3 port classification 199
7.2 Port scanning technology 200
7.2. 1 Overview of port scanning
7.2.2 Universal port scanning technology 20 1
7.3 Common scanning software and its application 202
Overview of scanning software 202
7.3.2 Super Scanning Tool and Its Application 202
7.4 Port Scan Defense Technology Application 204
7.4. 1 View the status of port 204
7.4.2 Close idle and dangerous ports 207.
7.4.3 Hide Operating System Type 209
7.5 Training Project 2 1 1
7.6 Summary and Exercise 2 15
7.6. 1 summary 2 15
7.6.2 Exercise 2 15
Chapter 8 Intrusion Detection System 2 16
8. 1 Intrusion Detection Overview 2 16
8. 1. 1 Concept and function of intrusion detection 2 16
8. 1.2 intrusion detection system model 2 16
8. 1.3 Intrusion detection workflow 2 17
8.2 Classification of Intrusion Detection System 2 17
8.2. 1 is divided into 2 17 according to the detected object.
8.2.2 Divide 2 18 according to detection technology.
8.2.3 Divide 2 19 according to working mode
8.3 Deployment of Intrusion Detection System 2 19
8.3. 1 Host-based intrusion
Detection system deployment 2 19
8.3.2 Network intrusion
Detection system deployment 2 19
8.3.3 Common intrusion detection tools and their applications 22 1
8.4 Intrusion Prevention System 225
8.4. 1 Working principle of intrusion prevention system 226
8.4.2 Advantages of Intrusion Prevention System 227
8.4.3 Main Applications of Intrusion Prevention System 228
8.5 Summary and Practice 228
8.5. 1 Summary 228
Exercise 229
Chapter 9 Wireless Network Security 230
9. Introduction to1WLAN 230
9. 1. 1 Wireless LAN Common Terminology 230
9. 1.2 Wireless LAN component 23 1
9.1.3 Access mode of WLAN 232
9. 1.4 coverage area 233
9.2 General standards for wireless networks 233
IEEE 802. 1 1b 234
IEEE 802. 1 1a 234
IEEE 802. 1 1g 235
IEEE 802. 1 1n 235
9.3 Wireless Network Security Solutions 236
9.3. 1 wireless network access principles 236
Authentication 237
Encryption 238
9.3.4 Intrusion Detection System 240
9.4 Summary and Exercise 24 1
9.4. 1 Summary 24 1