当前位置:网站首页>[principle and technology of network attack and Defense] Chapter 7: password attack technology Chapter 8: network monitoring technology
[principle and technology of network attack and Defense] Chapter 7: password attack technology Chapter 8: network monitoring technology
2022-07-07 18:02:00 【Godams】
7.1 summary
(1) static password
According to whether it is necessary to contact ⽹, It is divided into
- Online cracking -
Offline cracking
According to whether it is beneficial ⽤ individual ⼈ Information , It is divided into
- Ramble attack : It's not off ⼼ Information of the attack object ,⽽ Only focus on the number of guesses allowed , Guess more ⼝ Make . be based on PCFG Algorithm and Markov The algorithm is ⽬ Pre mainstream 2 A wandering attack algorithm
- Directed against : Guess the given as quickly as possible ⽬ mark ( Such as ⽹ standing 、 individual ⼈ The computer ) Of ⼝ Make . therefore , The attacker will benefit ⽤ Related to the attack object ⼈ Information (⼈⼝ Learn relevant information ), Enhance the pertinence of speculation ;⽤ Household in other ⽹ Leaked in the station or system ⼝ It can also be benefited by attackers ⽤ Come on in ⾏ Directed against .
Major security threats :
- Password monitoring : The main reason is that it may leak during transmission
- Intercept / replay
- Strike out at ( Brute force )
- Simple password guessing
- Dictionary attack
- Forge server attack
- Password disclosure : Attackers through society ⼯ Engineering, etc ⼿ Segment theft ⽤ Household ⼝ Make
- Directly crack the system password file
(2) One-time password
⼜ be called ⼀ Secondary ⼝ Make . stay ⽤ During user login , be based on ⽤ Household ⼝ Lingjia ⼊ Cause of uncertainty ⼦, Yes ⽤ Household ⼝ Cause of order and uncertainty ⼦ Into the ⾏hash Transformation , Submit the result as authentication data to the authentication server . The authentication server is receiving ⽤ After the authentication data of the user , take ⽤ Authentication data and ⾃⼰⽤ alike hash The value calculated by the algorithm advances ⾏⽐ Yes , from ⽽ Realize to ⽤ Authentication of household identity . bring ⽤ Every time a user logs in, they make ⽤ The authentication data of are all different , carry ⾼ The security of login process . dynamic ⼝ Ling Cai ⽤⼀ Time ⼀ Secret mechanism , It is indestructible in principle .
According to the generation principle, it can be divided into asynchronous and synchronous authentication technologies : Asynchronous response based on challenge ( Take the number of challenges as the variable ) Realization , Synchronization authentication technology includes time-dependent clock synchronization authentication technology ( Take time as the uncertainty factor , The clock is required to be strictly synchronized ) And time independent event synchronization authentication technology ( Take the password of the last authentication as the parameter of the default challenge )
Security Analysis
- ⽹ Network eavesdropping : Because in ⽹ Transmitted on the network ⼝ The order is passed hash Transformed data . Even if it is overheard ,⿊ Keye ⽆ Method obtains by hashing values ⽤ Household ⼝ Make .
- ⼝ Let out : Can only effectively resist . Because if ⽤ Improper storage , Or will it be passed by the attacker ⾮ technology ⼿ Segment theft .
- Dictionaries / Strike out at : Because of make ⽤ Double cause ⼦ Into the ⾏ Hash transformation ⽣ become . Dictionaries / Exhaustion becomes difficult . But if ⼝ Make ⻓ Too short , It is still easy to be broken .
- Intercept / replay : Because of plus ⼊ The cause of uncertainty ⼦,⽤ Users submit different data every time . The data intercepted before is meaningless in the next authentication .
- Forge server attack :⼤ In most modes, only server pair ⽤ Certification of customers , No access to the server ⾏ authentication . Within the validity period , The attack still worked .
8.1 summary
Refers to the computer ⽹ Collaterals ⼝ Intercepted ⽹ Data communicated between computers on , Also known as ⽹ Network sniffing
The original intention of network monitoring technology is to facilitate network management to monitor data communication , convenient 、 Effectively discover all kinds of anomalies and unsafe factors in the network .
Network monitoring mainly solves two problems : Network traffic hijacking 、 Collect and analyze data at the monitoring point
8.2 Network traffic hijacking
The network can be divided into shared network environment 、 Switched network environment
Network eavesdropping is mainly in the non shared network environment
Switched network traffic hijacking
End ⼝ Mirror image : Put the switch ⼀ One or more ends ⼝ Data is mirrored to a certain end ⼝ Of ⽅ Law
MAC flooding : In the local area ⽹ Sending in is deceptive MAC Address source data .CAM The table will be filled with forged MAC Address record . As records increase , And CAM The switch memory associated with the table will be exhausted , At this time, the switch is in a mode similar to the hub ⼯ do , To all other physical terminals ⼝ Forward data .
ARP cheating
- benefit ⽤ARP request
host A With “ host B Of IP And host A Of MAC Address ” send out ARP Requesting this fraudulent request will refresh the local ⽹ Of all hosts in ARP cache . Make all sent to B All packets are sent to A.
But it's time to ⽅ Law affects ⾯⼤, Easy to find , host B Will pop up IP Address conflict prompt . - benefit ⽤ARP Respond to
host A With “ host B Of IP And host A Of MAC Address ” send out ARP Respond to the host C, Even if the host C It has not been sent to the host B Of ARP request .ARP Agreement is ⽆ Status agreement , The host does not check ⾃⼰ Have you sent ARP request , Will receive ARP Respond to . So at this time, the host C issue B All requests will be sent to A host . targeted , Except for the cheated host C, Other hosts are not affected ⼲ Disturb , Forged host B There will be no warning messages on
- benefit ⽤ARP request
End ⼝ Pirate ⽤: Use switches MAC Address table self-learning mechanism , Make the victim MAC Point to the port address of the attacker switch
DHCP cheating :( Dynamic Host Configuration Protocol ) The hacker is simulated as DHCP The server
DNS hijacked
CDN⼊ Invade
WIFI Traffic hijacking
边栏推荐
- [tpm2.0 principle and Application guide] Chapter 1-3
- 【4500字归纳总结】一名软件测试工程师需要掌握的技能大全
- What skills can you master to be a "master tester" when doing software testing?
- mui侧边导航锚点定位js特效
- DatePickerDialog and trimepickerdialog
- Introduction to OTA technology of Internet of things
- Deep learning - make your own dataset
- 讨论| 坦白局,工业 AR 应用为什么难落地?
- Native JS verification code
- js拉下帷幕js特效显示层
猜你喜欢
JS pull down the curtain JS special effect display layer
【4500字归纳总结】一名软件测试工程师需要掌握的技能大全
Mobile app takeout ordering personal center page
Functions and usage of viewswitch
datepicket和timepicket,日期、时间选择器的功能和用法
漫画 | 宇宙第一 IDE 到底是谁?
zdog.js火箭转向动画js特效
仿今日头条APP顶部点击可居中导航
[distributed theory] (II) distributed storage
Understanding of 12 methods of enterprise management
随机推荐
[distributed theory] (II) distributed storage
zdog.js火箭转向动画js特效
Robot engineering lifelong learning and work plan-2022-
Examen des lois et règlements sur la sécurité de l'information
Define menus using XML resource files
swiper左右切换滑块插件
Use onedns to perfectly solve the optimization problem of office network
Pytorch中自制数据集进行Dataset重写
Management by objectives [14 of management]
Chapter 3 business function development (user login)
利用七种方法对一个文件夹里面的所有图像进行图像增强实战
Self made dataset in pytoch for dataset rewriting
Win11C盘满了怎么清理?Win11清理C盘的方法
手机版像素小鸟游js戏代码
JS pull down the curtain JS special effect display layer
Yarn capacity scheduler (ultra detailed interpretation)
mui侧边导航锚点定位js特效
原生js验证码
青年时代历练和职业发展
SD_DATA_SEND_SHIFT_REGISTER