目 录
第1章 网络信息安全概述...............................................................................1
1.1 网络信息安全简介 .............................................................................1
1.1.1 网络信息安全的重要性 .........................................................1
1.1.2 网络信息安全的现状 .............................................................2
1.1.3 网络信息安全的定义 .............................................................3
1.1.4 网络信息安全的主要威胁类型 .............................................4
1.1.5 影响网络信息安全的主要因素 .............................................5
1.2 网络信息安全涉及的内容 .................................................................6
1.2.1 物理和环境安全 .....................................................................7
1.2.2 网络和通信安全 .....................................................................7
1.2.3 设备和计算安全 .....................................................................7
1.2.4 应用和数据安全 .....................................................................8
1.2.5 管理安全 .................................................................................8
1.3 网络信息安全防护 .............................................................................9
1.3.1 PDRR模型 ..............................................................................9
1.3.2 安全策略设计原则 .................................................................9
1.3.3 网络信息安全保障技术 .......................................................11
1.4 网络信息安全标准 ...........................................................................12
1.4.1 美国的TCSEC准则 .............................................................12
1.4.2 我国的安全标准 ...................................................................13
1.5 网络安全等级保护 ...........................................................................14
1.6 网络信息安全法律法规 ...................................................................15
1.6.1 《中华人民共和国网络安全法》相关规定 .......................15
1.6.2 《中华人民共和国刑法》相关规定 ...................................17
1.6.3 《中华人民共和国计算机信息系统安全保护条例》
相关规定 ...............................................................................17
1.6.4 《计算机信息网络国际联网安全保护管理办法》
相关规定 ...............................................................................17
1.6.5 其他相关法律法规 ...............................................................18
1.7 网络信息安全相关从业道德 ...........................................................18
1.8 本章实训 ...........................................................................................18
�
1.8.1 任务1:系统安全“傻事清单” ..................................................................18
1.8.2 任务2:网络信息安全实训平台的搭建 ......................................................22
1.9 习题 ..............................................................................................................................29
第2章 Windows系统安全 .......................................................................................................31
2.1 操作系统安全的概念 ..................................................................................................31
2.2 服务与端口 ..................................................................................................................32
2.3 组策略 ..........................................................................................................................34
2.4 账户与密码安全 ..........................................................................................................35
2.5 漏洞与后门 ..................................................................................................................35
2.6 本章实训 ......................................................................................................................37
2.6.1 任务1:账户安全配置 ..................................................................................37
2.6.2 任务2:密码安全配置 ..................................................................................41
2.6.3 任务3:系统安全配置 ..................................................................................44
2.6.4 任务4:服务安全配置 ..................................................................................48
2.6.5 任务5:禁用注册表编辑器 ..........................................................................56
2.7 习题 ..............................................................................................................................57
第3章 网络协议与分析............................................................................................................59
3.1 计算机网络体系结构 ..................................................................................................59
3.1.1 OSI参考模型 ...................................................................................................59
3.1.2 TCP/IP参考模型 .............................................................................................61
3.2 MAC地址和以太网的帧格式 ....................................................................................62
3.2.1 MAC地址 ........................................................................................................62
3.2.2 以太网的帧格式 ..............................................................................................63
3.3 网络层协议格式 ..........................................................................................................63
3.3.1 IP格式 ..............................................................................................................63
3.3.2 ARP格式 ..........................................................................................................65
3.3.3 ICMP格式 .......................................................................................................66
3.4 传输层协议格式 ..........................................................................................................67
3.4.1 TCP格式 ..........................................................................................................67
3.4.2 UDP格式 .........................................................................................................68
3.5 三次握手机制 ..............................................................................................................69
3.6 ARP欺骗攻击 ..............................................................................................................69
3.6.1 ARP欺骗攻击的原理 ......................................................................................69
3.6.2 ARP欺骗攻击的防范 ......................................................................................71
3.7 网络监听与端口镜像 ..................................................................................................71
3.7.1 网络监听 ..........................................................................................................71
3.7.2 端口镜像 ..........................................................................................................73
�
3.8 本章实训 ......................................................................................................................73
3.8.1 任务1:Wireshark软件的安装与使用 ........................................................73
3.8.2 任务2:ARP欺骗攻击与防范 .....................................................................76
3.9 习题 ..............................................................................................................................84
第4章 计算机病毒与木马防护................................................................................................86
4.1 计算机病毒的概念 ......................................................................................................86
4.1.1 计算机病毒的定义 ..........................................................................................86
4.1.2 计算机病毒的产生与发展 ..............................................................................86
4.1.3 计算机病毒发作的症状 ..................................................................................88
4.2 计算机病毒的分类 ......................................................................................................89
4.2.1 按病毒存在的媒体分类 ..................................................................................89
4.2.2 按病毒传染的方法分类 ..................................................................................89
4.2.3 按病毒破坏的能力分类 ..................................................................................90
4.2.4 按病毒链接的方式分类 ..................................................................................90
4.2.5 按病毒激活的时间分类 ..................................................................................90
4.3 计算机病毒的特征 ......................................................................................................90
4.4 计算机病毒的特殊编程技术 ......................................................................................91
4.5 宏病毒和蠕虫病毒 ......................................................................................................91
4.5.1 宏病毒 ..............................................................................................................91
4.5.2 蠕虫病毒 ..........................................................................................................92
4.6 手机病毒 ......................................................................................................................94
4.6.1 手机病毒的传播途径 ......................................................................................94
4.6.2 手机病毒的危害 ..............................................................................................94
4.6.3 常见的手机病毒 ..............................................................................................95
4.6.4 手机病毒的预防 ..............................................................................................95
4.7 木马 ..............................................................................................................................96
4.7.1 服务端和客户端 ..............................................................................................96
4.7.2 木马程序的基本特征 ......................................................................................97
4.7.3 木马程序功能 ..................................................................................................97
4.7.4 木马的分类 ......................................................................................................98
4.7.5 木马的工作过程 ..............................................................................................99
4.8 勒索病毒 ....................................................................................................................100
4.8.1 勒索病毒的概念 ............................................................................................100
4.8.2 勒索病毒的分类 ............................................................................................100
4.9 反病毒技术 ................................................................................................................101
4.9.1 病毒检测原理 ................................................................................................101
4.9.2 反病毒软件 ....................................................................................................102
4.9.3 病毒的预防 ....................................................................................................102
�
4.10 本章实训 ..................................................................................................................103
4.10.1 任务1:360杀毒软件的使用 ...................................................................103
4.10.2 任务2:360安全卫士软件的使用 ...........................................................106
4.10.3 任务3:制作一个简单的宏病毒 ..............................................................109
4.10.4 任务4:利用自解压文件携带木马程序 ..................................................111
4.10.5 任务5:反弹端口木马(灰鸽子)的演示 ...............................................113
4.11 习题 ...........................................................................................................................116
第5章 密码技术......................................................................................................................119
5.1 密码学的基础知识 ....................................................................................................119
5.1.1 密码学的发展历史 ........................................................................................119
5.1.2 信息的加密和解密 ........................................................................................120
5.2 古典密码技术 ............................................................................................................121
5.2.1 滚筒密码 ........................................................................................................121
5.2.2 掩格密码 ........................................................................................................122
5.2.3 棋盘密码 ........................................................................................................122
5.2.4 恺撒密码 ........................................................................................................122
5.2.5 圆盘密码 ........................................................................................................123
5.2.6 维吉尼亚密码 ................................................................................................123
5.3 对称密码技术 ............................................................................................................124
5.3.1 对称密码技术原理 ........................................................................................124
5.3.2 DES算法 ........................................................................................................125
5.3.3 IDEA算法 ......................................................................................................126
5.3.4 AES算法 ........................................................................................................126
5.4 非对称密码技术 ........................................................................................................127
5.4.1 非对称密码技术原理 ....................................................................................127
5.4.2 RSA算法 .......................................................................................................128
5.4.3 Diffie-Hellman算法 .......................................................................................130
5.5 单向散列算法 ............................................................................................................130
5.6 数字签名技术 ............................................................................................................131
5.6.1 数字签名的基本原理 ....................................................................................131
5.6.2 数字签名的工作过程 ....................................................................................132
5.7 数字证书 ....................................................................................................................133
5.8 加密文件系统 ............................................................................................................134
5.9 密码分析技术 ............................................................................................................134
5.9.1 穷举分析 ........................................................................................................135
5.9.2 根据字母频率分析 ........................................................................................135
5.10 本章实训 ..................................................................................................................136
5.10.1 任务1:DES、RSA和Hash算法的实现 ..............................................136
�
5.10.2 任务2:PGP软件的使用 .........................................................................141
5.10.3 任务3:Windows 10加密文件系统的应用 ...........................................147
5.11 习题 ...........................................................................................................................151
第6章 网络攻击与防范..........................................................................................................155
6.1 网络攻防概述 ............................................................................................................155
6.1.1 黑客概述 ........................................................................................................155
6.1.2 网络攻击的步骤 ............................................................................................156
6.1.3 网络攻击的防范策略 ....................................................................................157
6.2 目标系统的探测 ........................................................................................................158
6.2.1 常用DOS命令 ..............................................................................................158
6.2.2 扫描器 ............................................................................................................160
6.3 网络监听 ....................................................................................................................162
6.4 口令破解 ....................................................................................................................163
6.4.1 口令破解概述 ................................................................................................163
6.4.2 SMBCrack口令破解工具简介 .....................................................................163
6.4.3 口令破解的防范 ............................................................................................164
6.5 IPC$入侵 ...................................................................................................................164
6.5.1 IPC$概述 .......................................................................................................164
6.5.2 IPC$入侵方法 ...............................................................................................165
6.5.3 IPC$入侵的防范 ...........................................................................................166
6.6 缓冲区溢出攻击 ........................................................................................................166
6.6.1 缓冲区溢出原理 ............................................................................................166
6.6.2 缓冲区溢出攻击的防范 ................................................................................167
6.7 拒绝服务攻击 ............................................................................................................167
6.7.1 拒绝服务攻击的定义 ....................................................................................167
6.7.2 拒绝服务攻击的目的 ....................................................................................167
6.7.3 拒绝服务攻击的原理 ....................................................................................168
6.7.4 常见拒绝服务攻击类型及防范方法 ............................................................168
6.8 分布式拒绝服务攻击 ................................................................................................170
6.8.1 分布式拒绝服务攻击的原理 ........................................................................170
6.8.2 分布式拒绝服务攻击的防范 ........................................................................170
6.9 分布式反射型拒绝服务攻击 ....................................................................................171
6.9.1 分布式反射型拒绝服务的攻击原理及特点 ................................................171
6.9.2 常见分布式反射型拒绝服务攻击的类型 ....................................................172
6.9.3 分布式反射型拒绝服务攻击的防范 ............................................................173
6.10 蜜罐技术 ..................................................................................................................174
6.10.1 蜜罐的定义 ................................................................................................174
6.10.2 蜜罐的功能与特点 ....................................................................................174
�
6.10.3 蜜罐的分类 ................................................................................................175
6.11 本章实训 ...................................................................................................................176
6.11.1 任务1:黑客入侵的模拟演示 ................................................................176
6.11.2 任务2:拒绝服务攻击的演示 ................................................................181
6.12 习题 ..........................................................................................................................183
第7章 防火墙技术..................................................................................................................185
7.1 防火墙概述 ................................................................................................................185
7.1.1 防火墙的定义 ................................................................................................185
7.1.2 防火墙的功能 ................................................................................................186
7.2 防火墙技术原理 ........................................................................................................187
7.2.1 包过滤防火墙 ................................................................................................187
7.2.2 代理防火墙 ....................................................................................................188
7.2.3 状态检测防火墙 ............................................................................................190
7.3 防火墙体系结构 ........................................................................................................191
7.3.1 包过滤路由器防火墙结构 ............................................................................191
7.3.2 双宿主主机防火墙结构 ................................................................................191
7.3.3 屏蔽主机防火墙结构 ....................................................................................192
7.3.4 屏蔽子网防火墙结构 ....................................................................................192
7.4 Windows防火墙 ........................................................................................................193
7.4.1 网络配置文件 ................................................................................................193
7.4.2 高级安全性 ....................................................................................................194
7.5 Cisco PIX防火墙 .......................................................................................................195
7.5.1 PIX防火墙接口 .............................................................................................195
7.5.2 PIX防火墙管理访问模式 .............................................................................196
7.5.3 PIX防火墙配置方法 .....................................................................................196
7.6 本章实训 ....................................................................................................................200
7.7 习题 ............................................................................................................................212
第8章 入侵检测技术..............................................................................................................214
8.1 入侵检测系统概述 ....................................................................................................214
8.2 入侵检测系统的基本结构 ........................................................................................215
8.3 入侵检测系统的分类 ................................................................................................216
8.3.1 基于主机的入侵检测系统 ............................................................................216
8.3.2 基于网络的入侵检测系统 ............................................................................217
8.3.3 分布式入侵检测系统 ....................................................................................219
8.4 入侵检测技术的分类 ................................................................................................220
8.4.1 误用检测技术 ................................................................................................220
8.4.2 异常检测技术 ................................................................................................221
�
8.5 入侵防护系统 ............................................................................................................222
8.5.1 入侵防护系统的工作原理 ............................................................................222
8.5.2 入侵防护系统的分类 ....................................................................................222
8.5.3 入侵检测系统和入侵防护系统的关系 ........................................................223
8.6 本章实训 ....................................................................................................................223
8.7 习题 ............................................................................................................................227
第9章 VPN技术 ....................................................................................................................229
9.1 VPN概述....................................................................................................................229
9.2 VPN的特点................................................................................................................230
9.3 VPN的处理过程........................................................................................................230
9.4 VPN的分类................................................................................................................231
9.5 VPN的关键技术........................................................................................................232
9.6 VPN隧道协议............................................................................................................233
9.7 本章实训 ....................................................................................................................234
9.7.1 任务1:在Windows Server 2016上部署VPN服务器 ............................234
9.7.2 任务2:在Windows 10客户端建立并测试VPN连接 ............................240
9.8 习题 ............................................................................................................................244
第10章 Web应用安全 ...........................................................................................................246
10.1 Web应用安全概述 ..................................................................................................246
10.1.1 Web应用安全的重要性 ............................................................................246
10.1.2 Web应用体系架构 ....................................................................................247
10.1.3 Web应用的安全威胁 ................................................................................247
10.2 IIS的安全设置 .........................................................................................................248
10.2.1 IIS安装安全 ..............................................................................................248
10.2.2 用户身份验证 ............................................................................................249
10.2.3 访问权限控制 ............................................................................................250
10.2.4 IP地址控制 ................................................................................................250
10.2.5 端口安全 ....................................................................................................250
10.2.6 SSL安全 ....................................................................................................251
10.3 SQL注入 ..................................................................................................................251
10.4 XSS跨站脚本 ..........................................................................................................253
10.4.1 XSS简介 ....................................................................................................253
10.4.2 XSS的分类 ................................................................................................253
10.5 Web传输的安全 ......................................................................................................255
10.6 Web浏览器的安全 ..................................................................................................255
10.6.1 Cookie及安全设置 ....................................................................................256
10.6.2 ActiveX及安全设置 ..................................................................................256
�
10.6.3 Java语言及安全设置 ................................................................................259
10.7 网络钓鱼 ..................................................................................................................260
10.7.1 网络钓鱼概述 ............................................................................................260
10.7.2 网络钓鱼的防范 ........................................................................................260
10.8 本章实训 ..................................................................................................................261
10.8.1 任务1:Web服务器的安全配置 ............................................................261
10.8.2 任务2:利用SQL注入漏洞实现网站入侵的演示 ..............................267
10.8.3 任务3:通过SSL访问Web服务器 ......................................................268
10.9 习题 ..........................................................................................................................279
第11章 无线网络安全 ............................................................................................................281
11.1 无线局域网基础 .......................................................................................................281
11.2 无线局域网标准 .......................................................................................................282
11.2.1 IEEE 802.11x系列标准 .............................................................................282
11.2.2 家庭无线网络技术.....................................................................................284
11.2.3 蓝牙技术.....................................................................................................284
11.3 无线局域网接入设备 ...............................................................................................285
11.3.1 无线网卡.....................................................................................................285
11.3.2 无线访问接入点.........................................................................................285
11.3.3 无线路由器.................................................................................................286
11.3.4 天线.............................................................................................................286
11.4 无线局域网的组网模式 ...........................................................................................287
11.4.1 Ad-Hoc模式 ...............................................................................................287
11.4.2 Infrastructure模式 ......................................................................................288
11.5 服务集标识SSID .....................................................................................................288
11.6 无线加密标准 ...........................................................................................................288
11.6.1 WEP加密标准 ...........................................................................................288
11.6.2 WPA加密标准 ...........................................................................................289
11.6.3 WPA2加密标准 .........................................................................................289
11.6.4 WPA3加密标准 .........................................................................................289
11.6.5 中国WAPI安全标准 .................................................................................290
11.7 无线局域网常见的攻击 ...........................................................................................290
11.8 提高无线网络安全的方法 .......................................................................................291
11.9 本章实训 ...................................................................................................................293
11.10 习题 .........................................................................................................................299
参考文献.....................................................................................................................................301