Network Architecture and Security Vulnerabilities網絡體系結構和安全漏洞
Architecture is the blueprint or the core idea on which any model or application is made.Talking about network or internet today we will talk about whats wrong with this aspect.This is the second post in建築藍圖或核心理念上任何模型或申請made.Talking有關網絡或互聯網今天,我們將談論什麼錯與此aspect.This是第二個職位 Security Vulnerabilities series.一系列安全漏洞。
Internet was never meant to be secure (echo from last post ) but then we made it big and we made it random.互聯網從來就安全(迴聲從去年後) ,但我們了,我們大了隨機的。
Imagine a old time fortress.It had a big wall outside and then a water filled ditch and then the fortress.Application and Internet became the same thing with time.Still when things was not secure we placed guard over the fortress wall, like our archers which can kill enemies from a distance.But then it has big disadvantages.想像一下,一個老時間fortress.It了大牆內外,然後充滿水溝渠,然後fortress.Application和互聯網成為同樣的事情時有time.Still事情是不能保證我們把看守著山城,像我們射箭這可以殺死敵人從distance.But那麼它有很大的弊端。
- If somebody makes a hole in the wall, there is no way to stop him, so if a hacker can bypass a firewall you cant do anything.如果有人提出了一個洞在牆上,就沒有辦法阻止他,因此,如果一個黑客可以繞過防火牆,你不能做任何事情。
- This disadvantage came with the technique of encryption, Guards on the fortress wall can not differentiate between friend and enemy if they have same color, so if encrypted data us coming security will fail to recognize if its a virus pretending useful data.這是不利的技術加密,衛隊的山城不能區分的朋友和敵人,如果他們有相同的顏色,因此,如果加密的數據我們未來的安全將不承認其病毒假裝有用的數據。
- If a site is hacked it is very late by the time you know it actually happened.如果一個網站是黑客是非常晚的時候,你知道實際情況。
Web (in) Security:網站( )的安全性:
Lets take two example and analyze them quick.可以採取兩個例子,並分析它們快。
- We start a telephone company which is automated by computers.We have signals and control panel.So if you get hold of the signal (control panel are always made secured) and mess with it, You can make free calls…right?我們開始電話公司是自動化的computers.We有信號和控制panel.So如果你掌握的信號(控制面板中總是取得擔保)和食堂與它,您可以撥打免費電話...對不對? Similarly on web applications codes and data (information) are mixed, you get hold of the code you get the data at your doorstep.!!!!同樣的Web應用程序代碼和數據(信息)有好有壞,你掌握的代碼你的數據在你家門口.!!!!
- We start a site like amazon and we forgot to make checks for negetive numbers, resulting people can order “-3 books” they pay “-150$” and you still get the books delivered to them.( Now thats awesome!!!)我們開始像亞馬遜網站,我們忘了,使檢查negetive號碼,導致人們可以以“ -3書” ,他們付出代價“ -150 $ ” ,你仍然可以獲得的書籍交付給他們。 (現在多數民眾贊成可怕! )
Concluding this post , We start designing well but then we forgot our lessons of software engineering, we forgot the concepts.Its really amazing that we have come so far and so good….I wont say its so bad but I would say it could have been hell lot better.!!!這一結論後,我們開始設計很好,但我們忘記了我們的教訓,軟件工程,我們忘記了concepts.Its確實驚人,我們已經走到這一步,因此良好的... 。我習慣表示,其如此糟糕,但我要說它可以被地獄好多了。 !
We have one more post in this series, where I will talk about one new security vulnerability.我們有一個更後的這一系列,我將談論一個新的安全漏洞。
Tags:標籤: firewalls防火牆 , , firewall_bypass , , Security安全 , , web_applications
 |  |  |  |  |  |  |  |  |  |  |  |  |  |
Ashish Mohta Ashish Mohta is A tech blogger who writes about solving day to day problems of people who use computer.是A科技博客誰寫了關於解決日常問題的人誰使用計算機。 He also writes on How to use the applications like Office, PC tips, Online tools,Browsers and more. All posts by他在書中還對如何使用應用軟件,如辦公室,電腦提示,在線工具,瀏覽器和更多。 所有職位 Ashish Mohta Ashish Mohta | Connect with me @ |與我聯繫@ Twitter 嘰嘰喳喳 | | Linkedin LinkedIn的 | | Facebook 臉譜 | | Stumble 失敗 | Need more help? |需要更多的幫助? Ask your Questions at our 問問你的問題在我們的 Support Center 支援中心
Quote: If somebody makes a hole in the wall, there is no way to stop him, so if a hacker can bypass a firewall you cant do anything.報價:如果有人提出了一個洞在牆上,就沒有辦法阻止他,因此,如果一個黑客可以繞過防火牆,你不能做任何事情。
Not quite true.不太現實。 Even if an intruder bypasses your firewall, there are a few things that you can do, like blocking specific ports, but for that you need to know that you’re under attack in the first place, and any intruder smart enough to get around your firewall will probably be smart enough to hide the attack until it’s over.即使入侵者繞過你的防火牆,有幾件事,你可以做,比如阻止特定的端口,但你必須知道,你受到攻擊擺在首位,任何入侵者的智能足以讓你的防火牆可能會聰明,隱藏的攻擊,直至它的結束。
@Basu: I agree with you to a certain point.But thats not just the only way.There are two many gaps and we add check on check and more security feature which in turn contains more bugs (chances are high) .If we could have a secure architecture which would have been updated from time to time, rather than getting patched, it would have been lot better @巴蘇:我同意你一定point.But多數民眾贊成不只是只有兩個way.There許多差距和我們新增檢查檢查和更高的安全性功能,又包含了更多的錯誤(機率高) 。如果我們能有一個安全架構,它本來會不時更新,而不是補丁,這已經好多了
Welcome to technospot.net!!!歡迎technospot.net !
I agree with Basu, Specific down the network port that required then the chances attack or hack by hacker is lot….我同意巴蘇,具體下降的網絡端口,然後需要的機會攻擊或攻擊的黑客是很多... 。 if your firewall is smart enough.如果您的防火牆是足夠聰明。 it can acknowledge when the attack occur on your firewall.它可以確認的襲擊發生在你的防火牆。
@KM: I agree with you both.Firewalls are pretty safe but then who configures it ? @公里:我同意你的both.Firewalls很安全,但當時誰配置呢? We right!!!我們的權利! Now if some zero day attack comes up your firewall are not smart enough to catch them.All internet securities are based on predefined data.If we would have made a smart firewall which was based on intentional hacking, it would have caught even the unknown attacks.Even the anti viruses have same problem, they are based on signatures, if you dont have it you cant catch it.現在,如果一些零時差攻擊達到您的防火牆沒有足夠聰明趕上them.All互聯網證券是根據預先確定的data.If我們會作出一個聰明的防火牆是基於故意黑客攻擊,它就會陷入甚至未知攻擊。即使是反病毒同樣的問題,他們簽名的基礎上,如果你不要了,你不能趕上它。
Thanks for the comment謝謝您的評論
Leave your response!離開你的答复!
Subscribe for Daily Updates
Free Feed Subscription
Weekly Podcast
Topics
What others are Saying ?