7.1 summary

（1） static password
According to whether it is necessary to contact ⽹, It is divided into

• Online cracking -
  Offline cracking

According to whether it is beneficial ⽤ individual ⼈ Information , It is divided into

• Ramble attack ： It's not off ⼼ Information of the attack object ,⽽ Only focus on the number of guesses allowed , Guess more ⼝ Make . be based on PCFG Algorithm and Markov The algorithm is ⽬ Pre mainstream 2 A wandering attack algorithm
• Directed against ： Guess the given as quickly as possible ⽬ mark （ Such as ⽹ standing 、 individual ⼈ The computer ） Of ⼝ Make . therefore , The attacker will benefit ⽤ Related to the attack object ⼈ Information （⼈⼝ Learn relevant information ）, Enhance the pertinence of speculation ;⽤ Household in other ⽹ Leaked in the station or system ⼝ It can also be benefited by attackers ⽤ Come on in ⾏ Directed against .

Major security threats ：

• Password monitoring ： The main reason is that it may leak during transmission
• Intercept / replay
• Strike out at （ Brute force ）
• Simple password guessing
• Dictionary attack
• Forge server attack
• Password disclosure ： Attackers through society ⼯ Engineering, etc ⼿ Segment theft ⽤ Household ⼝ Make
• Directly crack the system password file

（2） One-time password
⼜ be called ⼀ Secondary ⼝ Make . stay ⽤ During user login , be based on ⽤ Household ⼝ Lingjia ⼊ Cause of uncertainty ⼦, Yes ⽤ Household ⼝ Cause of order and uncertainty ⼦ Into the ⾏hash Transformation , Submit the result as authentication data to the authentication server . The authentication server is receiving ⽤ After the authentication data of the user , take ⽤ Authentication data and ⾃⼰⽤ alike hash The value calculated by the algorithm advances ⾏⽐ Yes , from ⽽ Realize to ⽤ Authentication of household identity . bring ⽤ Every time a user logs in, they make ⽤ The authentication data of are all different , carry ⾼ The security of login process . dynamic ⼝ Ling Cai ⽤⼀ Time ⼀ Secret mechanism , It is indestructible in principle .

According to the generation principle, it can be divided into asynchronous and synchronous authentication technologies ： Asynchronous response based on challenge （ Take the number of challenges as the variable ） Realization , Synchronization authentication technology includes time-dependent clock synchronization authentication technology （ Take time as the uncertainty factor , The clock is required to be strictly synchronized ） And time independent event synchronization authentication technology （ Take the password of the last authentication as the parameter of the default challenge ）

Security Analysis

• ⽹ Network eavesdropping ： Because in ⽹ Transmitted on the network ⼝ The order is passed hash Transformed data . Even if it is overheard ,⿊ Keye ⽆ Method obtains by hashing values ⽤ Household ⼝ Make .
• ⼝ Let out ： Can only effectively resist . Because if ⽤ Improper storage , Or will it be passed by the attacker ⾮ technology ⼿ Segment theft .
• Dictionaries / Strike out at ： Because of make ⽤ Double cause ⼦ Into the ⾏ Hash transformation ⽣ become . Dictionaries / Exhaustion becomes difficult . But if ⼝ Make ⻓ Too short , It is still easy to be broken .
• Intercept / replay ： Because of plus ⼊ The cause of uncertainty ⼦,⽤ Users submit different data every time . The data intercepted before is meaningless in the next authentication .
• Forge server attack ：⼤ In most modes, only server pair ⽤ Certification of customers , No access to the server ⾏ authentication . Within the validity period , The attack still worked .

8.1 summary

Refers to the computer ⽹ Collaterals ⼝ Intercepted ⽹ Data communicated between computers on , Also known as ⽹ Network sniffing

The original intention of network monitoring technology is to facilitate network management to monitor data communication , convenient 、 Effectively discover all kinds of anomalies and unsafe factors in the network .

Network monitoring mainly solves two problems ： Network traffic hijacking 、 Collect and analyze data at the monitoring point

8.2 Network traffic hijacking

The network can be divided into shared network environment 、 Switched network environment
Network eavesdropping is mainly in the non shared network environment

Switched network traffic hijacking

• End ⼝ Mirror image ： Put the switch ⼀ One or more ends ⼝ Data is mirrored to a certain end ⼝ Of ⽅ Law

• MAC flooding ： In the local area ⽹ Sending in is deceptive MAC Address source data .CAM The table will be filled with forged MAC Address record . As records increase , And CAM The switch memory associated with the table will be exhausted , At this time, the switch is in a mode similar to the hub ⼯ do , To all other physical terminals ⼝ Forward data .

• ARP cheating

  • benefit ⽤ARP request
    host A With “ host B Of IP And host A Of MAC Address ” send out ARP Requesting this fraudulent request will refresh the local ⽹ Of all hosts in ARP cache . Make all sent to B All packets are sent to A.
    But it's time to ⽅ Law affects ⾯⼤, Easy to find , host B Will pop up IP Address conflict prompt .
  • benefit ⽤ARP Respond to
    host A With “ host B Of IP And host A Of MAC Address ” send out ARP Respond to the host C, Even if the host C It has not been sent to the host B Of ARP request .ARP Agreement is ⽆ Status agreement , The host does not check ⾃⼰ Have you sent ARP request , Will receive ARP Respond to . So at this time, the host C issue B All requests will be sent to A host . targeted , Except for the cheated host C, Other hosts are not affected ⼲ Disturb , Forged host B There will be no warning messages on

• End ⼝ Pirate ⽤： Use switches MAC Address table self-learning mechanism , Make the victim MAC Point to the port address of the attacker switch

• DHCP cheating ：（ Dynamic Host Configuration Protocol ） The hacker is simulated as DHCP The server

• DNS hijacked

• CDN⼊ Invade

• WIFI Traffic hijacking