09 Bao ve mang

Bo mt mng my tnh

1

Bo mt mng my tnh

Bo mt mng my tnh vi cc thit b

Bo mt mng my tnh vi cc giao thc

Bo mt mng my tnh vi cc phn mm

Mt s quy tc v ch Mt s quy tc v ch

2

Thit b mng

M hnh s dng HUB, SWITCH

Thit b firewall cng

3

SWITCH - HUB

M hnh truyn tin trn HUB M hnh vt l dng hnh sao

M hnh logic l mng BUS Cc gi tin c truyn ln lt n cc u mng

Thit b mng t nhn dng gi tin cn x l

Nhng vn Tng lu lng mng

Kh nng b nghe ln trong mng

Gi mo a ch IP

Khng ngn chn c a ch, cng nghi ng

4

SWITCH HUB (t)

M hnh truyn tin trn SWITCH M hnh vt l dng hnh sao

M hnh logic l mng sao Mng t hc thng tin MAC, a ch IP, Port (physics)

To bng nh x truyn

Cho php cu hnh n tng cng (port)

Phn ti, lu lng

Nhng vn Gim bt lu lng mng

Xc nh ngun gi

To c cc VLAN

Vic t li cc bng SWITCH c th li dng tn cng 5

SWITCH HUB (t)

So snh SWITCH nhiu im li hn

Lu lng

Gim bt nghe ln

C th phn bit di a ch gim bt gi mo a ch IP C th phn bit di a ch gim bt gi mo a ch IP

Cu hnh gim bt cc tn cng trn cc cng mng

Nht k

Nguy c B nh chim bng SWITCH to nguy c tn cng man-

in-the-middle

Xu hng: s dng SWITCH thay th cho cc HUB

6

ROUTER

S dng chuyn mng Chuyn cc gii mng khc nhau

Thc hin tm ng cho cc gi tin

Tnh nng Tnh nng Gim lu lng mng khng cn thit

Kt ni gia cc mng, mng con

Thc hin v bng thng

Kt hp Kt hp vi log

Kt hp vi firewall7

Wireless Access point

Pht cc tn hiu mng khng dy Cung cp dch v

t mt khu

t cc iu kin lc t cc iu kin lc

Tch hp mt s dch v khc: firewall,

8

Wireless Access point (t)

9

Wireless Access point (t)

10

Firewall cng

Bn cht ca Firewall cng Kim sot c gi tin mc 1

Kim sot c cng (port mm)

Kim sot c a ch IP

Khng kim sot v mt ni dung truyn (m c) Khng kim sot v mt ni dung truyn (m c)

Log cc lu lng mng

Tc x l, s dng CPU ca thit b

Bo v ton b mng thng qua thit b Thit b chuyn bit

Tch hp vo cc router, switch trong h thng

11

Firewall cng (t)

Bo v Ngn chn cc a ch IP n, i nghi ng

Ngn chn mt s dch v (cng)

Chn thit b thng qua a ch MAC Chn thit b thng qua a ch MAC

Vi tch hp vi dch v mc cao hn c th: Qun l v ni dung n gin

12

Hnh nh router

13

Hnh nh router (t)

14

Hnh nh router (t)

15

Hnh nh router(t)

16

Hnh nh router

17

Hnh nh router

18

Thit b phn cng

Cc thit b mng C h thng nht k v phn tch

Thng tch hp thm firewalll

Tch hp thm cc chc nng xc thc v dch v Tch hp thm cc chc nng xc thc v dch vbo mt m rng

Phn tch v chng li mt s m hnh tn cng

Cn tm hiu v khai thc ph hp

19

Giao thc bo mt

Mt s giao thc S dng IPSec

S dng SSL

c im c im Thc hin to phin v m ha, xc thc theo

phin

C kim sot li theo thi gian

M ha thng tin gi

20

Giao thc bo mt (t)

Chng cc loi hnh tn cng phin

Chng tn cng nghe ln

21

Dch v bo mt

S dng VPN Thc t dch v IPSec

S dng h tng internet

22

Cc phn mm chuyn dng

Firewall

Anti virus

Internet security

23

Cc phn mm chuyn dng (t)

Firewall S dng cc tnh nng ca firewall c bn

Kt hp vi cc lp mc trn Kim tra c ni dung

Kim tra c tin trnh lin quan

C th kim sot c tn cng lin quan nfirewall

Kt hp kim sot trojan v backdoor

Ngn chn c mt s ni dung n gin

24


Phn mm dit virus anti virus M hnh pht hin

So snh mu

So snh thng minh

M hnh kim tra M hnh kim tra Kim tra th ng

Kim tra trc tuyn (kim tra thi gian thc)

25


Phn mm dit virus anti virus Kim tra cc loi m c

Virus

Worm

Trojan Trojan

Spyware

rookit

26


Phn mm dit virus anti virus Kim tra da c c d liu

Sc mnh da vo c s d liu

Ti u v thi gian thc hin

27


Phn mm dit internet security S kt hp gia mt s tnh nng

Firewall

Anti virus

V kim sot cc tin trnh mng V kim sot cc tin trnh mng

28

M hnh my ch xc thc

S dng proxy - ISA server (Internet Securityand Acceleration Server) Kt hp firewall cng vi proxy

Tng cng kh nng xc thc, xc nhn ngidng

Tng cng kh nng xc thc, xc nhn ngidng

Kim sot mng ni b v mng bn ngoi

Ngn chn c trao i trong ngoi trnh cctn cng trc tip

Kim sot c ni dung truyn ca

29

M hnh my ch xc thc (t)

S dng proxy - ISA server (Internet Securityand Acceleration Server) Chng c tn cng trc din vo my tnh

mng

m bo xc thc kt ni m bo xc thc kt ni

Ngn chn c nhng kt ni khng php: Back door, trojan

Ngn chn mt phn pht tn m c

Nht k v nht k ni dung Tn cng x hi

Nhn vin xu30


S dng proxy - ISA server (Internet Securityand Acceleration Server) H tr kt ni lm vic ngoi an ton hn

Nguy c b tn cng v kim sot proxy server Nguy c b tn cng v kim sot proxy server

31


http://nhatnghe.com/tailieu/nnlab/bai%20lab%206.htm

32


Thm quy tc

33


Cm mt s ni dung

34


Chuyn i trang

35


Pht hin tn cng

36

Cng c phn tch mng

S dng cc h thng log

S dng cc phn mm phn tch chuyndng

37

Cng c phn tch mng (t)

H thng log: firewall, internet security, proxy,router, Phn tch cc hot ng mng

Cc my tnh tin trnh Cc my tnh tin trnh

a ra nhn nh kim tra trn h thng

H thng phn mm Phn mm bt gi tin

Phn tch lu lng hot ng

Tin trnh hot ng

Ni dung hot ng

nh hng ca tn cng38


Phn mm bt gi tin wireshark

Mt s phn mm tn cng mng Nmap Nmap

Nessus

39


Hnh nh wireshark

40

S dng cc quy trnh

Quy tc v t mt khu

Quy tc v s dng mng

Quy tc v s dng my tnh

Quy tc v ng x trong tnh hung c nh Quy tc v ng x trong tnh hung c nh Nghi ng virus

Nghi ng tn cng

Nghi ng v mt mt d liu

Quy tc v thit lp thng s h thng mngcho cc thnh vin qun tr

41

Trnh by

Bo mt mng my tnh vi cc thit b

Bo mt mng my tnh vi cc giao thc

Bo mt mng my tnh vi cc phn mm

Mt s quy tc v ch Mt s quy tc v ch

42

Documents

09 Bao ve mang