Безопасность сетей на базе TCP/IP (RTF)
10
.
:
TCP/IP
-74
: ..
1999
TCP/IP
TCP/IP
Internet,
.
-
,
,
.
, ,
, ,
. ,
TCP/IP,
Internet.
,
.
, ,
-
, (17%)
(16%), -
(67%).
TCP/IP
.
, TCP/IP :
IP (Internet Protocol) ,
;
UDP (User Datagram Protocol) ,
IP
;
TCP (Transmission Control Protocol) ,
IP
;
ICMP (Internet Control Message Protocol)
,
IP, ,
, ;
ARP (Address Resolution Protocol) ,
;
, Internet,
IP-.
-
,
, , .
- ,
.
, - ,
,
.
-
, .
,
, . ""
"" "".
,
. ,
, -
.
,
. ,
,
, ,
. , .
()
,
.
,
( ,
, . .) .
,
,
.
, , ()
, ,
,
. (
) (remote network attacks). ,
-, ,
, , -, ,
, ,
.
,
, ,
.
,
:
: ,
(
);
: ,
, ;
: ,
( )
;
: ,
, ;
: ,
, , ,
, ;
: ,
,
;
: ,
;
(sniffers): ,
.
, ;
;
( )
().
,
.
,
;
1998 NIST (http://csrc.nist.gov/) 237
, .
:
29% - Windows.
: Unix.
" ".
. , ,
.
20%
(, , , ).
: ,
.
3% web- .
: WWW
.
4%
.
: ,
.
( -
).
5%
.
: (,
,
.)
1999
, 57% ,
",
". 30% ,
, 26% ,
.
FedCIRC (http://www.fedcirc.gov)
, 1998 130000
1100000 .
Internet
Internet .
pp-p
(sniffer), , ,
,
.
, .
,
FTP TELNET ( ), HTTP
( WEB- ,
web- ), SMTP, POP3,
IMAP, NNTP ( ) IRC (online-,
chat).
web-,
,
.
,
(,
SSL TLS, SKIP, S-HTTP ..). ,
.
. -
, (
), ,
.
ARP- Internet
IP- Internet IP-
Ethernet- (
), Ethernet- (
).
Ethernet- , ,
Ethernet- . ,
,
.
Internet ARP
(Address Resolution Protocol). ARP
IP- Ethernet- ,
. :
ARP-, IP- (
) Ethernet-.
, ,
. ,
ARP-, ARP-
Ethernet-. ARP- Ethernet-
ARP-, .
- ,
"
"
:
ARP-;
ARP-
ARP-,
( ARP-) Ethernet-,
ARP-;
, ,
( );
ARP- ,
,
.
DNS- Internet
, Internet
32- IP-,
. IP-
.
,
IP-,
, IP-.
, Internet ,
(
hosts-),
IP-. .
Internet, ,
.
,
IP-, ,
- (DNS-).
Domain Name System (DNS
). DNS.
DNS- :
1. IP- DNS- DNS-,
, IP- .
2. DNS-
. IP- ,
DNS- DNS-, .
, DNS-
DNS-
DNS-. ,
.
, , DNS,
DNS-
DNS UDP,
, TCP, ,
.
DNS-:
1. DNS-.
2.
DNS- ( IP-)
DNS- IP- DNS-.
3. IP-
IP- IP- DNS- .
DNS- .
4. IP-
IP- DNS- .
DNS- .
.
DNS-,
,
DNS-.
DNS- .
Internet DNS
DNS-.
hosts,
DNS,
.
TCP UDP, ,
, TCP
.
ICMP
Internet
, .
Internet (IP-).
, .
Internet
. , ,
, , ,
IP-,
.
, Internet
ICMP,
.
ICMP- Redirect Message.
ICMP- Redirect Datagrams for the Host, ,
, IP- .
.
,
, ,
.
ICMP- Firewall.
, ICMP-
Redirect.
TCP- Internet (hijacking)
TCP (Transmission Control Protocol)
Internet.
, ,
.
,
,
,
. TCP
TCP/IP,
.
TCP- TCP-
32- , .
- Sequence Number ( )
Acknowledgment Number ( ).
TCP-
. , ,
TCP-
TCP-
,
.
,
.
,
.
,
. SSL,
S-HTTP, Kerberos ..
TCP-
TCP-
ISN
. ,
Internet ( IPv4) IP-
, ,
IP-, , ,
,
.
" ",
TCP-
.
,
( ).
- ,
, -,
, -,
. , ""
: ,
.
. Denial
of Service
, -.
3 (44.736
/c) .
,
VPN -.
, .
-
IP-. "-"
.
, .
IPv4 ,
.
,
.
,
,
. :
Land IP-,
.
Windows Windows NT 4.0 Service Pack 4 .
.
teardrop bonk ,
IP-.
, ,
.
Windows95/NT Service Pack 4 Linux
(2.0.0).
WinNuke Windows- TCP/IP Out
Of Band (OOB) ( 139-) TCP-.
. Windows95/NT .
,
.
WWW
World Wide Web
Web. Web
:
1.
2.
,
.
,
.
,
(plug-ins), ActiveX, Java,
JavaScript, VBScript, PerlScript, Dynamic HTML.
,
-
, , html-
( VBScript ActiveX-).
. Cult
of the Dead Cow BackOrifice 2000,
WindowsNT
,
, , ,
.
:
: , ;
, ,
.
2000 Internet
, 2000
TCP/IP, - ,
Y2K ,
, .
:
.
,
.
.
.
.
,
.
.
.
2000
.
- ,
.
Internet
,
,
ARP-, hosts DNS-,
.
-. :
- ;
Firewall;
;
(IDS Intrusion Detection
Systems ICE Intrusion Countermeasures Electronics);
(SATAN Security Analysis
Network Tool for Administrator, SAINT, SAFEsuite, RealSecure .);
.
Firewall :
1. ;
2. Proxy-
Firewall-. proxy-
proxy- Firewall;
3. IP-.
IP-.
.
,
.
:
1. .., .., .. Internet 2-
., . . .: , 1999.
2. ., ., ., .. UNIX:
: . . .: BHV, 1996
3. . . M.: ABF, 1996
4. (http://www.computerra.ru)
5. Server/Workstation Expert, August 1999, Vol. 10, No. 8.
6. , 01/1998, 06/1998
7. FidoNet: RU.NETHACK, RU.INTERNET.SECURITY
8. BugTraq (BUGTRAQ@SECURITYFOCUS.COM)
9. HackZone (http://www.hackzone.ru)
10. (http://security.tsu.ru)
11. Internet Security Systems (http://www.iss.net)
12. . .: ; 1997