Blogger's nickname ： Stair hopping Penguin
[ Blogger homepage link ]：https://blog.csdn.net/weixin_50481708?spm=1000.2115.3001.5343
The original intention of creation ： The original intention of this blog is to communicate with technical friends , Everyone's technology has shortcomings , Bloggers are the same , Ask for advice modestly , I hope all technical friends can give me guidance
Blogger's motto ： Find light , Follow the light , Become light , Diffuse luminescence
Bloggers' research interests ： Penetration test 、 machine learning
Blogger's message ： Thank you for your support , Your support is my driving force

One 、 Preface

In recent years, network information security has been paid more and more attention by the public , More and more enterprises have been exposed to the existence of nuclear bomb level loopholes , So do you really know what network security is ？ You really know the computer you use every day , The mobile phone used ？ I would like to write a special article on this issue to explain to you .

Two 、 Connect

A picture about the network architecture is attached below , I'm sure someone can't understand it , So I use the simplest way to explain .
picture source

1.wifi

The network we usually use is that major suppliers install a router in your home , In general, this router is ip, here ip Everyone has a different name （ Without considering repetition ）, When the router is turned on, you can enter the password to shake hands with the traffic .

picture source

In this interactive process, we have completed our electronic equipment and network ip The process of making contact , Then someone must have asked , Every family is independent, so it should be safe .
I can tell you exactly , Absolutely wrong ！ Let me explain it in three points

（1） password

We should have known each other very well a few years ago wifi What is a master key , So why WiFi Master key can be easily cracked wifi What about the code ？ So why can the master key only crack simple passwords , Very complicated ones are not allowed ？

It's not hard to understand , Let me explain to you slowly .
First of all, each staff member who installs the router is basically setting the password , Will communicate with the head of household , In most cases, the householder is also afraid to forget the password , So try to set it as simple as possible to prevent forgetting , Like cell phone number , Birthday , House number, etc , Omnipotence is the use of everyone's psychology , Talk about all the possibilities and summarize them in batches , Then test the password in batches when using the software , This is the process of shaking hands , If the password is correct , Just shake hands , Show the password to the user . I think you should know a little now , The simpler the password, the lower the security .

（2） The signal

wifi It belongs to signal , There was such a post on the hot search some time ago , Received cosmic signals from how many light years , I can tell you very responsibly , As long as there is a signal , You can try to hijack ; We often see spy movies , Hijacked the messages sent by the other party, which is the reason .

picture source

When we first connected wifi, Whether the mobile phone will automatically connect after entering this area for the second time , So this process is actually invisible to us , The mobile phone automatically sends a request to wifi,wifi By checking your signaling equipment cookie To determine if it is a previously connected device , In case of sending consent , If you disagree, the opposite is true . In this project , There is an obvious and well-known hazard .

2. Broadband

and WIFI Compared with broadband, it is much more cumbersome , Now every computer is WiFi Few have broadband installed , Generally, broadband is used to connect routers wifi There's a signal . But we usually use the case of directly plugging into the computer in many places , Is there a potential safety hazard in this ？

The answer is that there is
There is no absolute security in the world , I will explain it in the following aspects

（1） implant

Why don't we basically plug the hotel's Internet cable into our computer when we are on business or staying in a hotel ？
This is because many criminals add some Trojan files to the broadband protocol , When you plug in the network cable, your computer has been logged in by others , The most terrible thing is , You don't know anything yourself , Why do we not lack awareness ？
Because when some hackers enter your computer, they execute programs in the background in the form of commands , Who among the general public will use the backstage ？ We may not be able to imagine how our data and a lot of software information on the computer are leaked , This will be explained later

（2） limited

Why do our electronic devices have no sense of detecting Trojans ？ First of all, in recent years, national policy support has really made great efforts to vigorously develop network security , But at present, our technology has not reached the world's leader in network security . In every layer of Broadband , Many build processes and even some code support are basically the same , Just figure out how it works , It's not easy to find loopholes in it .

Two 、 Interaction

1. Mobile terminal

（1） Software

We usually download some APP, Will ask us to choose the location , Reading and writing , Visit album , Whether to turn on the camera and other options , At this time, our personal information has been APP Took away , To put it bluntly, as long as it matters , Then there will be security dedication , Especially in android It is easier to steal information on , After all, Android is open source , This gives anyone the opportunity to study the code , This will reduce the security .
Picture address

（2） Hardware

The boss in the physical level is the real boss , Progress of the times , All major manufacturers are eager to enlarge the functions of mobile phones infinitely , It will be accompanied by more and more like NFC, payment , Wireless charging and other technologies , These are all sources of danger .
I once saw a news , Develop your own hardware , Passing by you , Your information has been taken away , Even the balance in your account has been sucked away , These all have a common problem , You need to brush your mobile phone to operate . Some time ago, a famous automobile brand was exploded , The electronic car key was found to have a major problem , All you need is a physical device , Cut off when the signal is transferred , Then the lawless elements can drive away directly . Can you believe it ？

picture source

（3） try what you have devised against others

This is the world of psychology , Many times, when someone sends you a very bright picture in some chat software , You looked at it curiously , You are still drooling at the beauty in the picture , But I don't know that my mobile phone has been implanted with some malicious code , Your mobile phone even turned on the camera backstage and took two photos , You don't know anything yourself , You don't even know , The danger is brought into one's own electronic equipment by oneself .

（4） Passive cracking

Systems are common on mobile phones Android（ Open source ） and ios（ Not open source ）, Obviously, Android is not as secure as ios, After all, it is open source , So in the code , Find something that can be used , Then the security of your mobile phone can be easily cracked , There are even many hackers who directly explode your mobile phone system , Get the code .
picture source

2. Computer terminal

Computer security , Laymen will think it is safer , Only an expert knows , It's really full of holes , There was a saying that was very good , We are surfing the Internet now , In fact, everyone on the Internet is the same as streaking . It's really no exaggeration , In some data that the public can't understand , There is too much useful information .
picture source

（1） Website

Everyone knows that phishing websites , So I want to ask : Do you really think that phishing websites are just as simple as getting your mobile number ？
You'd be wrong ！
Phishing websites usually get your computer's first ip, Secondly, when you don't know , Maybe the terminal is downloading some files , You don't even know , In fact, this is normal , Generally, everyone is familiar with windows Graphical page of , I don't know the power of the terminal command line page , When your background has downloaded some files , Then the permissions of your entire computer , It's basically under control . Someone must have asked me to delete it , The key point is , You don't know where this file is on the computer , Who else would say , What about anti-virus software , Under normal circumstances, most of them will do the operation of no killing , If you were killed so easily , Then the talents of this industry in the world will be extinct .

picture source

（2） System

Is the system on our computer really safe ？
Let's have a look. I took a casual look window Risks in previous years , from 2000 Since the beginning of 3000 Multiple vulnerabilities have been caught , This is just tip of the iceberg , So in each version , There are many vulnerabilities in our system , This is an important way for us to get information .

Why do the authorities always issue system patches ？
If it's safe, I don't think any enterprise can spend human and material resources to make patches , To ensure the security of the computer system , You know the back door ？ When your system is invaded , Often left a back door , It is convenient for some lawless elements to continue to check next time . We can also think of , If our computer has been invaded , Left behind the back door , Will you be frequented in the future , We have no idea , It's really terrible to think about it carefully .
picture source

（3） Program

Each of us has the situation of downloading things from the Internet , Especially when there are some cracked versions of software , We need to download from a third-party platform , Then the third-party platform is very unstable , After all IT There are too many tools and procedures in the industry . A careless Trojan horse may have entered his own computer .

picture source

（4）URL With pictures

This is the website where I casually found a picture , We can see that there are many parameters , Including some very sensitive parameters , Blow up the links on this website , If you insert some malicious code , When you click on this picture , So congratulations , Your computer is likely to be compromised , So , We have a lot of links on the Internet that are not easy to mess up , There is a good chance that you will get caught

3、 ... and 、 Information

1. How information is lost ？

We often receive a lot of harassing calls , There are salesmen , There are Telecom scams and so on , So how did our mobile phone number leak ？

（1） First , The website we registered is not secure .

This is what Baidu found , My screenshot is as follows ：
such as , Some e-commerce 、 Recruitment 、 Take-out food 、 Real estate and other platforms have mastered user information , Internal employees may take the initiative to resell this information , This is the most important and common way of leakage in life .
According to relevant reports , The user information of the take away platform is being leaked crazily , The seller 、 Network operation companies and take out riders are involved in it . The leaked information includes the name 、 Telephone 、 Gender, address, etc .
The most terrible thing in the world is that you are , The thief is in the dark . For example, how many people are there in your family 、 Are you always at home 、 How old is the child 、 People know what they like to eat and drink .
According to the survey ,800 You can buy it for 1 Ten thousand personal information , What's worse , These data are updated every day 4 About ten thousand .

（2） secondly , We often leave cell phone numbers on some occasions

picture source

The first example ： For a month or two , I have been bombarded by all kinds of harassing phone calls , As soon as I got up, I asked if I wanted to join in and become rich . Go into it , It may be because I have called some brands as a franchisee .
At the thought of my name and phone number , Even gender 、 Photos and other private information are used by countless boring people and even criminals day after day 、 Year after year, search and filter , I will fall into deep fear .
How many people like me , Feel that your personal information is “ streaking ”？ There is no barrier ？
For example, you once wanted to buy a house , Registered for consultation on a real estate platform , After that, they will be called by countless real estate agents , It will last for five years and remain unchanged for ten years . For example, your child wants to get a free toy , Write your information in the registration book of the training institution , Since then, different training institutions have asked you whether you want to come to the free trial class every weekend .

The second example ：

Some time ago, a friend received a fraud call , Said there was a problem with express delivery , He needs to be shipped again , At that time I heard a strong southern accent , I told my friend that it might be a fraud and I should pay attention to it , My friend's express has already arrived , But the other party accurately said the phone number , Shop information , Even the card number of bank card payment , We didn't answer him when we knew he was a liar , Made fun of the liar , The opposite side began to spit fragrance

（3） Last , Our information has leaked too much

full name 、 cell-phone number 、qq Number 、 Micro signal and so on , General social workers dig out a person's comprehensive information step by step through these basic information , On some illegal websites abroad , Information data is being traded .

picture source

2. Is there any solution ？

（1） Personal sensitive information shall not be disclosed

Drying baby should pay attention to , Don't easily disclose your child's personal information on the Internet

The itinerary should be kept confidential , The name can be displayed when you go out 、 Ticket with ID number 、 passport 、 Air tickets, etc “ Bask in the sun ”

Protect your privacy , Don't show any obvious features in the sun , For example, your door key 、 license plate , And ID card 、 Driver's license, passport and other documents

（2） Secret free opening Wi-Fi Hidden leak trap

Public connection Wi-Fi Confirm with the merchant Wi-Fi name

Use security software to detect Wi-Fi, Refuse from unknown sources Wi-Fi

Do not use unfamiliar Wi-Fi Online shopping and payment

Watch out for multiple people with the same or similar names in the same area Wi-Fi

（3） Properly handle express information

Choose a regular express company when sending

Try to use alias for recipient information , Destroy the personal information on the express list after receiving

Online fraud is always prevented

Check and confirm by telephone before transfer

Mobile phones and computers should be installed with security software

When chatting online, you should pay attention to the anti fraud reminder popped up in the system

Encounter scale “ Scan QR code ” You can give away the goods for free “ salesman ”, Can't hold “ No white no ” The idea sweeps the code easily

（4） Remember password security

Do not use the same password for all accounts

Important accounts should use more secure passwords

Numbers + Symbol + The combination of upper and lower case letters is more secure

Working hours

（5） Phishing email is risky

Hackers disguise themselves as colleagues 、 friend 、 People trusted by users such as family members , Entice users to reply to messages 、 Click the malicious link embedded in the email or open the email attachment to implant the Trojan horse or malicious program , And then steal sensitive data of users .

Anti virus software should be installed , The login password should be kept confidential , The email account should be bound to the mobile phone , Public and private mailboxes should be separated , Important documents shall be well protected

Don't trust the sender's address “ Display name ”

Don't click on links in unfamiliar emails

Don't relax “ acquaintance ” Email vigilance

Attention should be paid to the office network environment

Strictly follow the network security management rules and regulations of the unit

Do not add network equipment and nodes without authorization , Switches, for example 、 Wireless router, etc

Do not connect non working equipment to the office network , Do a good job in personal information equipment management , Do not randomly access unknown networks and information equipment , Don't open strange emails at will 、 Internet links, etc

close Windows The hard disk is shared by default and artificially , for example C、D Waiting list . To prevent from being used maliciously , Cause data loss

（6） Personal office equipment should bear in mind

Turn off remote desktop , Open use must pay attention to password complexity

Install anti-virus software on personal work computer , Regularly check for upgrades

Set your computer to automatically lock the screen , When leaving the station , Make sure the computer is locked or hibernated

Cut off the network in time when you leave work without using the computer 、 Shut down the operating system 、 Disconnect the power supply

Improve network security awareness

Protect personal information 、 Enterprise information 、 National Information

Security vulnerabilities 、 Potential risks say no！

Four 、 Network security is national security

I believe every netizen wants to surf the Internet in an information security environment , Let's join hands to build a network security barrier . Aristotle said ：“ Law is order , Good law leads to good order .” Network security law is to maintain network security , Fight against cybercrime 、 An important legal weapon to protect the clean and healthy network , For such a good law , All citizens should fear it 、 Abide by it 、 Execute it , Make a Dharma 、 Abide by the law 、 Good netizens for usage , Jointly resist the illegal and criminal acts on the Internet , Carefully maintain network security ;

picture source