網絡信息安全基礎(微課版)(第2版)
黃林國 沈愛蓮 解衛華 陳波 牟維文
相關主題
商品描述
目錄大綱
目 錄
第1章 網絡信息安全概述...............................................................................1
1.1 網絡信息安全簡介 .............................................................................1
1.1.1 網絡信息安全的重要性 .........................................................1
1.1.2 網絡信息安全的現狀 .............................................................2
1.1.3 網絡信息安全的定義 .............................................................3
1.1.4 網絡信息安全的主要威脅類型 .............................................4
1.1.5 影響網絡信息安全的主要因素 .............................................5
1.2 網絡信息安全涉及的內容 .................................................................6
1.2.1 物理和環境安全 .....................................................................7
1.2.2 網絡和通信安全 .....................................................................7
1.2.3 設備和計算安全 .....................................................................7
1.2.4 應用和數據安全 .....................................................................8
1.2.5 管理安全 .................................................................................8
1.3 網絡信息安全防護 .............................................................................9
1.3.1 PDRR模型 ..............................................................................9
1.3.2 安全策略設計原則 .................................................................9
1.3.3 網絡信息安全保障技術 .......................................................11
1.4 網絡信息安全標準 ...........................................................................12
1.4.1 美國的TCSEC準則 .............................................................12
1.4.2 我國的安全標準 ...................................................................13
1.5 網絡安全等級保護 ...........................................................................14
1.6 網絡信息安全法律法規 ...................................................................15
1.6.1 《中華人民共和國網絡安全法》相關規定 .......................15
1.6.2 《中華人民共和國刑法》相關規定 ...................................17
1.6.3 《中華人民共和國電腦信息系統安全保護條例》
相關規定 ...............................................................................17
1.6.4 《電腦信息網絡國際聯網安全保護管理辦法》
相關規定 ...............................................................................17
1.6.5 其他相關法律法規 ...............................................................18
1.7 網絡信息安全相關從業道德 ...........................................................18
1.8 本章實訓 ...........................................................................................18
1.8.1 任務1:系統安全“傻事清單” ..................................................................18
1.8.2 任務2:網絡信息安全實訓平臺的搭建 ......................................................22
1.9 習題 ..............................................................................................................................29
第2章 Windows系統安全 .......................................................................................................31
2.1 操作系統安全的概念 ..................................................................................................31
2.2 服務與埠 ..................................................................................................................32
2.3 組策略 ..........................................................................................................................34
2.4 賬戶與密碼安全 ..........................................................................................................35
2.5 漏洞與後門 ..................................................................................................................35
2.6 本章實訓 ......................................................................................................................37
2.6.1 任務1:賬戶安全配置 ..................................................................................37
2.6.2 任務2:密碼安全配置 ..................................................................................41
2.6.3 任務3:系統安全配置 ..................................................................................44
2.6.4 任務4:服務安全配置 ..................................................................................48
2.6.5 任務5:禁用註冊表編輯器 ..........................................................................56
2.7 習題 ..............................................................................................................................57
第3章 網絡協議與分析............................................................................................................59
3.1 電腦網絡體系結構 ..................................................................................................59
3.1.1 OSI參考模型 ...................................................................................................59
3.1.2 TCP/IP參考模型 .............................................................................................61
3.2 MAC地址和以太網的幀格式 ....................................................................................62
3.2.1 MAC地址 ........................................................................................................62
3.2.2 以太網的幀格式 ..............................................................................................63
3.3 網絡層協議格式 ..........................................................................................................63
3.3.1 IP格式 ..............................................................................................................63
3.3.2 ARP格式 ..........................................................................................................65
3.3.3 ICMP格式 .......................................................................................................66
3.4 傳輸層協議格式 ..........................................................................................................67
3.4.1 TCP格式 ..........................................................................................................67
3.4.2 UDP格式 .........................................................................................................68
3.5 三次握手機制 ..............................................................................................................69
3.6 ARP欺騙攻擊 ..............................................................................................................69
3.6.1 ARP欺騙攻擊的原理 ......................................................................................69
3.6.2 ARP欺騙攻擊的防範 ......................................................................................71
3.7 網絡監聽與埠鏡像 ..................................................................................................71
3.7.1 網絡監聽 ..........................................................................................................71
3.7.2 埠鏡像 ..........................................................................................................73
3.8 本章實訓 ......................................................................................................................73
3.8.1 任務1:Wireshark軟件的安裝與使用 ........................................................73
3.8.2 任務2:ARP欺騙攻擊與防範 .....................................................................76
3.9 習題 ..............................................................................................................................84
第4章 電腦病毒與木馬防護................................................................................................86
4.1 電腦病毒的概念 ......................................................................................................86
4.1.1 電腦病毒的定義 ..........................................................................................86
4.1.2 電腦病毒的產生與發展 ..............................................................................86
4.1.3 電腦病毒發作的症狀 ..................................................................................88
4.2 電腦病毒的分類 ......................................................................................................89
4.2.1 按病毒存在的媒體分類 ..................................................................................89
4.2.2 按病毒傳染的方法分類 ..................................................................................89
4.2.3 按病毒破壞的能力分類 ..................................................................................90
4.2.4 按病毒鏈接的方式分類 ..................................................................................90
4.2.5 按病毒激活的時間分類 ..................................................................................90
4.3 電腦病毒的特徵 ......................................................................................................90
4.4 電腦病毒的特殊編程技術 ......................................................................................91
4.5 宏病毒和蠕蟲病毒 ......................................................................................................91
4.5.1 宏病毒 ..............................................................................................................91
4.5.2 蠕蟲病毒 ..........................................................................................................92
4.6 手機病毒 ......................................................................................................................94
4.6.1 手機病毒的傳播途徑 ......................................................................................94
4.6.2 手機病毒的危害 ..............................................................................................94
4.6.3 常見的手機病毒 ..............................................................................................95
4.6.4 手機病毒的預防 ..............................................................................................95
4.7 木馬 ..............................................................................................................................96
4.7.1 服務端和客戶端 ..............................................................................................96
4.7.2 木馬程序的基本特徵 ......................................................................................97
4.7.3 木馬程序功能 ..................................................................................................97
4.7.4 木馬的分類 ......................................................................................................98
4.7.5 木馬的工作過程 ..............................................................................................99
4.8 勒索病毒 ....................................................................................................................100
4.8.1 勒索病毒的概念 ............................................................................................100
4.8.2 勒索病毒的分類 ............................................................................................100
4.9 反病毒技術 ................................................................................................................101
4.9.1 病毒檢測原理 ................................................................................................101
4.9.2 反病毒軟件 ....................................................................................................102
4.9.3 病毒的預防 ....................................................................................................102
4.10 本章實訓 ..................................................................................................................103
4.10.1 任務1:360殺毒軟件的使用 ...................................................................103
4.10.2 任務2:360安全衛士軟件的使用 ...........................................................106
4.10.3 任務3:製作一個簡單的宏病毒 ..............................................................109
4.10.4 任務4:利用自解壓文件攜帶木馬程序 ..................................................111
4.10.5 任務5:反彈埠木馬(灰鴿子)的演示 ...............................................113
4.11 習題 ...........................................................................................................................116
第5章 密碼技術......................................................................................................................119
5.1 密碼學的基礎知識 ....................................................................................................119
5.1.1 密碼學的發展歷史 ........................................................................................119
5.1.2 信息的加密和解密 ........................................................................................120
5.2 古典密碼技術 ............................................................................................................121
5.2.1 滾筒密碼 ........................................................................................................121
5.2.2 掩格密碼 ........................................................................................................122
5.2.3 棋盤密碼 ........................................................................................................122
5.2.4 愷撒密碼 ........................................................................................................122
5.2.5 圓盤密碼 ........................................................................................................123
5.2.6 維吉尼亞密碼 ................................................................................................123
5.3 對稱密碼技術 ............................................................................................................124
5.3.1 對稱密碼技術原理 ........................................................................................124
5.3.2 DES算法 ........................................................................................................125
5.3.3 IDEA算法 ......................................................................................................126
5.3.4 AES算法 ........................................................................................................126
5.4 非對稱密碼技術 ........................................................................................................127
5.4.1 非對稱密碼技術原理 ....................................................................................127
5.4.2 RSA算法 .......................................................................................................128
5.4.3 Diffie-Hellman算法 .......................................................................................130
5.5 單向散列算法 ............................................................................................................130
5.6 數字簽名技術 ............................................................................................................131
5.6.1 數字簽名的基本原理 ....................................................................................131
5.6.2 數字簽名的工作過程 ....................................................................................132
5.7 數字證書 ....................................................................................................................133
5.8 加密文件系統 ............................................................................................................134
5.9 密碼分析技術 ............................................................................................................134
5.9.1 窮舉分析 ........................................................................................................135
5.9.2 根據字母頻率分析 ........................................................................................135
5.10 本章實訓 ..................................................................................................................136
5.10.1 任務1:DES、RSA和Hash算法的實現 ..............................................136
5.10.2 任務2:PGP軟件的使用 .........................................................................141
5.10.3 任務3:Windows 10加密文件系統的應用 ...........................................147
5.11 習題 ...........................................................................................................................151
第6章 網絡攻擊與防範..........................................................................................................155
6.1 網絡攻防概述 ............................................................................................................155
6.1.1 黑客概述 ........................................................................................................155
6.1.2 網絡攻擊的步驟 ............................................................................................156
6.1.3 網絡攻擊的防範策略 ....................................................................................157
6.2 目標系統的探測 ........................................................................................................158
6.2.1 常用DOS命令 ..............................................................................................158
6.2.2 掃描器 ............................................................................................................160
6.3 網絡監聽 ....................................................................................................................162
6.4 口令破解 ....................................................................................................................163
6.4.1 口令破解概述 ................................................................................................163
6.4.2 SMBCrack口令破解工具簡介 .....................................................................163
6.4.3 口令破解的防範 ............................................................................................164
6.5 IPC$入侵 ...................................................................................................................164
6.5.1 IPC$概述 .......................................................................................................164
6.5.2 IPC$入侵方法 ...............................................................................................165
6.5.3 IPC$入侵的防範 ...........................................................................................166
6.6 緩沖區溢出攻擊 ........................................................................................................166
6.6.1 緩沖區溢出原理 ............................................................................................166
6.6.2 緩沖區溢出攻擊的防範 ................................................................................167
6.7 拒絕服務攻擊 ............................................................................................................167
6.7.1 拒絕服務攻擊的定義 ....................................................................................167
6.7.2 拒絕服務攻擊的目的 ....................................................................................167
6.7.3 拒絕服務攻擊的原理 ....................................................................................168
6.7.4 常見拒絕服務攻擊類型及防範方法 ............................................................168
6.8 分佈式拒絕服務攻擊 ................................................................................................170
6.8.1 分佈式拒絕服務攻擊的原理 ........................................................................170
6.8.2 分佈式拒絕服務攻擊的防範 ........................................................................170
6.9 分佈式反射型拒絕服務攻擊 ....................................................................................171
6.9.1 分佈式反射型拒絕服務的攻擊原理及特點 ................................................171
6.9.2 常見分佈式反射型拒絕服務攻擊的類型 ....................................................172
6.9.3 分佈式反射型拒絕服務攻擊的防範 ............................................................173
6.10 蜜罐技術 ..................................................................................................................174
6.10.1 蜜罐的定義 ................................................................................................174
6.10.2 蜜罐的功能與特點 ....................................................................................174
6.10.3 蜜罐的分類 ................................................................................................175
6.11 本章實訓 ...................................................................................................................176
6.11.1 任務1:黑客入侵的模擬演示 ................................................................176
6.11.2 任務2:拒絕服務攻擊的演示 ................................................................181
6.12 習題 ..........................................................................................................................183
第7章 防火牆技術..................................................................................................................185
7.1 防火牆概述 ................................................................................................................185
7.1.1 防火牆的定義 ................................................................................................185
7.1.2 防火牆的功能 ................................................................................................186
7.2 防火牆技術原理 ........................................................................................................187
7.2.1 包過濾防火牆 ................................................................................................187
7.2.2 代理防火牆 ....................................................................................................188
7.2.3 狀態檢測防火牆 ............................................................................................190
7.3 防火牆體系結構 ........................................................................................................191
7.3.1 包過濾路由器防火牆結構 ............................................................................191
7.3.2 雙宿主主機防火牆結構 ................................................................................191
7.3.3 屏蔽主機防火牆結構 ....................................................................................192
7.3.4 屏蔽子網防火牆結構 ....................................................................................192
7.4 Windows防火牆 ........................................................................................................193
7.4.1 網絡配置文件 ................................................................................................193
7.4.2 高級安全性 ....................................................................................................194
7.5 Cisco PIX防火牆 .......................................................................................................195
7.5.1 PIX防火牆接口 .............................................................................................195
7.5.2 PIX防火牆管理訪問模式 .............................................................................196
7.5.3 PIX防火牆配置方法 .....................................................................................196
7.6 本章實訓 ....................................................................................................................200
7.7 習題 ............................................................................................................................212
第8章 入侵檢測技術..............................................................................................................214
8.1 入侵檢測系統概述 ....................................................................................................214
8.2 入侵檢測系統的基本結構 ........................................................................................215
8.3 入侵檢測系統的分類 ................................................................................................216
8.3.1 基於主機的入侵檢測系統 ............................................................................216
8.3.2 基於網絡的入侵檢測系統 ............................................................................217
8.3.3 分佈式入侵檢測系統 ....................................................................................219
8.4 入侵檢測技術的分類 ................................................................................................220
8.4.1 誤用檢測技術 ................................................................................................220
8.4.2 異常檢測技術 ................................................................................................221
8.5 入侵防護系統 ............................................................................................................222
8.5.1 入侵防護系統的工作原理 ............................................................................222
8.5.2 入侵防護系統的分類 ....................................................................................222
8.5.3 入侵檢測系統和入侵防護系統的關系 ........................................................223
8.6 本章實訓 ....................................................................................................................223
8.7 習題 ............................................................................................................................227
第9章 VPN技術 ....................................................................................................................229
9.1 VPN概述....................................................................................................................229
9.2 VPN的特點................................................................................................................230
9.3 VPN的處理過程........................................................................................................230
9.4 VPN的分類................................................................................................................231
9.5 VPN的關鍵技術........................................................................................................232
9.6 VPN隧道協議............................................................................................................233
9.7 本章實訓 ....................................................................................................................234
9.7.1 任務1:在Windows Server 2016上部署VPN服務器 ............................234
9.7.2 任務2:在Windows 10客戶端建立並測試VPN連接 ............................240
9.8 習題 ............................................................................................................................244
第10章 Web應用安全 ...........................................................................................................246
10.1 Web應用安全概述 ..................................................................................................246
10.1.1 Web應用安全的重要性 ............................................................................246
10.1.2 Web應用體系架構 ....................................................................................247
10.1.3 Web應用的安全威脅 ................................................................................247
10.2 IIS的安全設置 .........................................................................................................248
10.2.1 IIS安裝安全 ..............................................................................................248
10.2.2 用戶身份驗證 ............................................................................................249
10.2.3 訪問權限控制 ............................................................................................250
10.2.4 IP地址控制 ................................................................................................250
10.2.5 埠安全 ....................................................................................................250
10.2.6 SSL安全 ....................................................................................................251
10.3 SQL註入 ..................................................................................................................251
10.4 XSS跨站腳本 ..........................................................................................................253
10.4.1 XSS簡介 ....................................................................................................253
10.4.2 XSS的分類 ................................................................................................253
10.5 Web傳輸的安全 ......................................................................................................255
10.6 Web瀏覽器的安全 ..................................................................................................255
10.6.1 Cookie及安全設置 ....................................................................................256
10.6.2 ActiveX及安全設置 ..................................................................................256
10.6.3 Java語言及安全設置 ................................................................................259
10.7 網絡釣魚 ..................................................................................................................260
10.7.1 網絡釣魚概述 ............................................................................................260
10.7.2 網絡釣魚的防範 ........................................................................................260
10.8 本章實訓 ..................................................................................................................261
10.8.1 任務1:Web服務器的安全配置 ............................................................261
10.8.2 任務2:利用SQL註入漏洞實現網站入侵的演示 ..............................267
10.8.3 任務3:通過SSL訪問Web服務器 ......................................................268
10.9 習題 ..........................................................................................................................279
第11章 無線網絡安全 ............................................................................................................281
11.1 無線局域網基礎 .......................................................................................................281
11.2 無線局域網標準 .......................................................................................................282
11.2.1 IEEE 802.11x系列標準 .............................................................................282
11.2.2 家庭無線網絡技術.....................................................................................284
11.2.3 藍牙技術.....................................................................................................284
11.3 無線局域網接入設備 ...............................................................................................285
11.3.1 無線網卡.....................................................................................................285
11.3.2 無線訪問接入點.........................................................................................285
11.3.3 無線路由器.................................................................................................286
11.3.4 天線.............................................................................................................286
11.4 無線局域網的組網模式 ...........................................................................................287
11.4.1 Ad-Hoc模式 ...............................................................................................287
11.4.2 Infrastructure模式 ......................................................................................288
11.5 服務集標識SSID .....................................................................................................288
11.6 無線加密標準 ...........................................................................................................288
11.6.1 WEP加密標準 ...........................................................................................288
11.6.2 WPA加密標準 ...........................................................................................289
11.6.3 WPA2加密標準 .........................................................................................289
11.6.4 WPA3加密標準 .........................................................................................289
11.6.5 中國WAPI安全標準 .................................................................................290
11.7 無線局域網常見的攻擊 ...........................................................................................290
11.8 提高無線網絡安全的方法 .......................................................................................291
11.9 本章實訓 ...................................................................................................................293
11.10 習題 .........................................................................................................................299
參考文獻.....................................................................................................................................301