Upload
jania
View
109
Download
3
Embed Size (px)
DESCRIPTION
實驗五 監控與偵測網路蠕蟲攻擊與電腦病毒. 前言. 本實驗整合多個網路設備來偵測 Worms 、 Spyware/Adware 、 Network Viruses 等事件,即時阻擋上述非法之封包,並產生警告及記錄。 本實驗用來分析網路異常的硬體設備為 NUSOFT 的 NUS-MS2800 , NUS-MS2800 是網路型的整合式威脅管理系統 (Unified Threat Management) ,可有效防止電腦病毒、特洛依木馬 ... 的威脅,並能偵測及阻擋網路惡意攻擊程式 ( 蠕蟲、緩衝溢位 ... ) 以及產生警告及記錄。 下圖為本實驗的網路連結示意圖。. - PowerPoint PPT Presentation
Citation preview
WormsSpyware/AdwareNetwork Viruses
NUSOFTNUS-MS2800 NUS-MS2800(Unified Threat Management)... ( ... )
5 *LAN(NAT):192.168.1.2/24 ~ 192.168.1.254/24MS-2800 WAN:140.125.32.240/24
5
Unified Threat Management(UTM) Unified Threat Management(UTM) ( http://tw.juniper.net/) UTM 2003 IDC DoS / DDoS (/)UTM UTM
UTM URL IT
UTM IT
UTM UTM IT UTM
5 *
5
Unified Threat Management(UTM) UTM UTM VPN IM ControlP2P Control UTM ( http://www.sti.com.tw/)
UTM NAT VPN Port,HTTPHTTP UTM IPS()IDS(),,UTM UTM ,,PC UTM ,,UTM UTM 5 *
5
NUS-MS2800MS2800 MS-2800 :( http://www.nusoft.com.tw/)VPNVPNSSL VPNPPTP VPNIPSec VPN...Anti-Virus ClamAVSophos24ClamAV IDPOSI 47 IDP RFC / MSNICQYahooQQSkype...e-MuleBTWINMXe-DonkeyFoxy...DoSDDoSNUS-MS2800Anti-Spam Spam FingerprintBayesian FilteringSpam Signature Personal Rule5 *
5
NUS-MS2800 NUS-MS2800
NUS-MS2800 IPIP IP DMZ IP DMZDMZDMZ DMZDMZ DMZDMZ
5 *
5
VPN Trunk,IDP IPQuota Per Session Quota Per Day
IDP5 *
5
NUS-MS2800 30 Clam E-mail
5 *
5
5 *
5
5 *
5
NUS-MS280016 5 *
5
NUS-MS2800Attack Responses, Backdoor, Bad Traffic, Chat, DDoS, Deleted, DNS, DoS, Exploit, Finger, FTP, ICMP, IMAP, Info, Misc, Multimedia, MySQL, NetBIOS, NNTP, Oracle, P2P, Policy, POP2, POP3, Porn, RPC, Rservices, Scan, Sellcode, SMTP, SNMP, Spyware, SQL, Telnet, TFTP, Web Acctacks, Web CGI, Web Client, Web Coldfusion, Web Frontpage, Web IIS, Web Misc, Web PHPX11 5 *
5
TCP, UDP, ICMPIP 0~65535 0~65535 (InboundOutbound)5 *
5
5 *
5
UTM5 *
5
http://www.sti.com.tw/ http://tw.juniper.net/company/presscenter/features/2007/0119.html UTMMS2800_Manual_v4.06_tw.pdfNUS-MS2800
5 *
5
*