2017

GZ-2017028

Information Security Management and Evaluation

1.

2.

3.

4.

5.

6.

7.

VLSMCIDR

VLANWLANSTPSVIRIPV2OSPF

DOSDDOSURLIPQOS

VPN

L2L IPSec VPN

GRE Over IPSec

L2TP Over IPSec

IKEPSK

IKEPKI

SSL VPN

MAC

DHCP

ARP

STP

VLAN

(RIPV2OSPF)

WindowsLinux

Web

SQL InjectionSQL

Command Injection

File Upload

Directory Traversing

XSSCross Site Script

CSRFCross Site Request Forgeries

Cookie StoleCookie

Session Hijacking

WAFWebWeb

Windows/Linux

Web/

8.

30%

9%

300

21%

30%

30%

40%

40%

60

1.1312

2.

1169:00-15:00

2

20:00

1

09:00-12:00

09:00-12:00

13:00-14:30

15:00-16:00

16:00

16:00

07:30

08:00-08:30

08:30-08:50

08:50-09:00

,

09:00-09:15

09:15-13:30

13:30-14:00

14:00-14:15

14:15-15:00

15:00

1

1330-1400

1330

1

http://www.chinaskills-jsw.org

3201725201751

10

220V6(500lux)

7

1

GB 17859-1999

2

GB/T 20271-2006

3

GB/T 20270-2006

4

GB/T 20272-2006

5

GB/T 20273-2006

6

GA/T 671-2006

7

GB/T 20269-2006

WindowsOffice

1

Windows

2

Microsoft Office

3

VMware

4

1

Windows 7\Windows XP

Windows

2

Windows Server 2003\2008

Windows

3

Ubuntu\Debian

4

Linux CentOS

Linux

1

1

CS6200

2

1

DCFW-1800E-N3002

3

1

DCST-6000B

4

WEB

1

DCFW-1800-WAF-LAB

5

1

DCBI-NetLog-LAB

6

1

DCWS-6028

7

1

WL8200-I2

8

PC

3

CPUCPU >=3.5GHZ,>=>=8GUSB

201721-214

3

2-35-6

30%

9%

2%

-

7%

-

21%

7%

-

7%

-

7%

-

30%

30%

10%

10%

web

10%

40%

40%

10%

12

30%

1. 1-52. 5-103. 0

1. 30%15%5%

2

10%20%30%

1

2

1.

2.

3.

4.

3

1.

2.

UPSUPS3KVA2230V5%V

3.

4.

5.

6.

7.

8.

9.

4

1.

2. /

3.

4.

5

1.

2.

3.

6

7

1.

2.

3.

4.

1.

2.

3.

4.

5.

6.

7.

8.

1.

2.

3.

4.

5.

6.

1.

2.

3.

4.

5.

6.

7.

8.

9.

10.

11.

12.

1.

2.

3.

4.

5. 30

6.

7.

8.

2

2

60

1.

2.

3.

4.

5.

6.

,,,

1.

1

2/

3///

2.

Flash/

1.DOCDOCXMicrosoft Office 2003

2.PPTPPTXMicrosoft Office 2003

3.MP4

1H.264(MPEG-4 Part10profile=main, level=3.0)256 Kbps25 fps7205764:3102457616:9

248 dB

3()

4FlashFlash 6.0

5/GIFPNGJPG24256102476872 dpi

6Microsoft IEGoogle ChromeMozilla FirefoxMicrosoft WordWPS

15

5

1.

2.

10

5

1. 9

2.

60

60

60

60

///

60

///

2017

60

///

2017

9:00-15:006

9:00-13:30

60

240

IIS

30

40

CSRF

40

XSS

40

40

40

SQL

40

linux

30

13:30-14:00

14:00-14:15

100

14:15-15:00

300

U

Uxxxx

08U0808

08

(1)

IP

1.

2.IP

IP

IP

DCFW

EthX

x.x.x.x/x

PC-3

IP

x.x.x.x/x

SSL VPN

IP

DCWS

EthX

x.x.x.x/x

DCRS

IP

webWAF

EthX

x.x.x.x/x

DCRS

IP

EthX

DCST

IP

DCRS

Vlan 2

x.x.x.x/x

DCWS

IP

Vlan 10

x.x.x.x/x

WAF

IP

Vlan 20

x.x.x.x/x

PC-1

IP

Vlan 30

x.x.x.x/x

PC-2

IP

Vlan 40

x.x.x.x/x

DCBI

IP

Vlan 100

x.x.x.x/x

IP

Vlan 110

x.x.x.x/x

IP

x.x.x.x/x

DCHP

IP

DCBI

EthX

x.x.x.x/x

DCRS

IP

EthX

DCRS

IP

DCST

EthX

x.x.x.x/x

WAF

IP

PC-1

x.x.x.x/x

DCRS

IP

PC-2

x.x.x.x/x

DCRS

IP

PC-3

x.x.x.x/x

DCFW

IP

-1

-2

-3

-4

-5

1.IPIP

2.

3.IP

4.IPIP2n-2

5.IPIP

6.IPIPIPU

3.

DCFW

http://192.168.1.1

ETH0

admin

admin

DCWS

https://192.168.1.254

ETH0

admin

Admin123

DCBI

https://192.168.5.254

ETH0

admin

123456

webWAF

https://192.168.45.1

ETH5

admin

admin123

DCST

http://192.168.1.100

Eth0Eth9

DCST

IP;

IP 0

(2) 300

X-X-

--.doc--.docx

60

DCRSshow runWORDDCFWDCWSWAFDCBIWORDWORD

1

IPWAFIP

2

IPDCRSIP

3

IPDCFWIP

4

IPDCWSIP

5

IPDCBIIP

6

IPDCRSVLANVLAN

7

8

IP

240

DCRSshow runWORDDCFWDCWSWAFDCBIWORDWORD5WORD

DCBI---DCBI.doc---DCBI.docx

1. DCFWSNMPIPIPIPcommunitypublicDCFW6

2. DCFWWANLANDCFWDDoS6

3. DCFWHTTPDCFWdcfw1234dcfw12346

4. DCFW9:00-17:006

5. DCFWDCFWWEB6

6. DCFWDCSTIPIPPC-3DCST6

7. DCFWDCFWIPPC-1IPIP6

8. DCFW1000ARP6

9. DCFW10005M6

10. DCFWSSL VPNVPNSSL VPNx.x.x.x/xIPIP6

11. DCBIadmindcbi1234dcbi12346

12. DCBI6

13. DCBIDCBIIPIPIP25testtest6

14. DCBIDCBIIPIPIPcommunitypublic6

15. DCBIPC-1URLxunleiHTTP6

16. DCBIPC-26

17. DCBI6

18. DCBIDCBIDCRSPCMACPCMAC6

19. DCRSenableenable6

20. DCRSSSHDCNwebconsolesshtelnet6

21. DCRSVLAN20400pps6

22. DCRSSNMPDCRSpublic , privateIPIPIP6

23. DCRSDCRSEthernet1/15-17ARPPCEthernet1/19MAC00-FF-51-BE-AD-32MACE1-B6-4C-25-6A-136

24. DCRS10IPIPIPradius key1234566

25. DCRSVLAN110DHCPIPDHCP Serverpool-vlan110DNS114.114.114.1148.8.8.82VLAN11020DHCPIP6

26. WAFWAFDCRSVLAN10VLAN10IP8080WEBsyslogsyslogIPIPIPUDP5146

27. WAFjiankongceshi@digitalchina.com(13812345678)6

28. WAFWEB6

29. WAFIP1030006

30. WAFIP218.240.143.219DCRSVLAN10VLAN10IP6

31. WAFDCRSVLAN10VLAN10IP

32. WAFHTTPWAF6

33. DHCPIP6

34. DCWSVLAN100VLAN, DHCP192.168.100.0/24DNS:8.8.8.82IPDCWS,ACDHCP6

35. 802.11n 2.4G6

36. SSID DCNwpa-personal,chinaskill6

37. SSID GUEST 6

38. 6

39. GUSET10GUEST1M2M6

40. APAP16

(3) 300

1DCSTIP

WindowsIP

DCST

administrator123456

ipconfig /allIP

LinuxIP

DCST

root123456

ifconfigIP

2word

3X-X-

--.doc--.docx

IIS30

IISIIS

Webwindows2003 server

/1WebIIS-6.0

/2FTPIIS-6.0

win-wiresharkwindows2003 server

/1wireshark

1. Windows IIS Web3

2. windows IIS WebWeb3

3. IIS Web3

4. IIS Web3

5. IISSSLwin-wiresharkWebcnIIS 3

6. IIS win-wiresharkWeb6

7. win-wiresharkCA6

8. win-wiresharkCAPCWeb3

40

MySQLMySQL

xserver-mysqlRedhat Linux AS5

/1WebApache 2.2.23

/2MySQL5.0.22

/3PHP5.0.48

/4Nmap4.11

1. xserver-mysql, MySQLmysqld 4

2. Linux MySQL4

3. xserver-mysqlIP8

4. 3PC-1grants 8

5. xserver-mysql4

6. MySQLroot admin4

7. MySQLmysqld 4

8. mysqld 4

CSRF40

CSRFCross-site request forgery

xserverRedhat Linux AS5

/1WebApache 2.2.23

/2MySQL5.0.22

/3PHP5.0.48

/4Nmap4.11

metas2-lab-1Redhat Linux AS5

/1WebApache 2.2.23

/2MySQL5.0.22

/3PHP5.0.48

/4Nmap4.11

/5telnet0.17-39-el5;

/6telnet0.17-39-el5

win-wiresharkwindows2003 server

/1wireshark

1. metas2-lab-1 "/"->"csrf"4

2. win-wiresharkcsrfpwiresharkWEB8

3. 8

4. csrf"csrf"4

5. xservercsrftest.php12erfgbntest.php8

6. PCcsrf4

7. win-wiresharkcsrpcheckmetas2-lab-14

XSS40

XSSWebXSSXSSXSS

xserverRedhat Linux AS5

/1WebApache 2.2.23