资源描述:
《浅析局域网安全技术》由会员上传分享,免费在线阅读,更多相关内容在工程资料-天天文库。
1、浅析局域网安全技术Localareanetwork(LAN)isgenerallyadoptedbasedonthetechnologyofradioEthernet,thecommunicationbetweenanytwonodespackets,notonlyforthetwonodesofthenetworkcardreceived,atthesametimeforanyonenodeinthesameEthernetnetworkcardinterception.Hackers,therefore,aslongasanynodelistensaccess
2、Ethernet,youcancapturealloccurredintheEthernetpacketstotinpacktheanalysis,soastostealthekeyinformation,whichisinherentintheEthernetsecurityhiclclenclanger・Infact,manyfreehackertoolsontheInternet,suchasSATAN,ISS,NETCAT,andsoon,alllistentoEthernetasitsmostbasicmeans.Currently,thesolutio
3、nofLANsecurityisthefollowing:NetworksegmentationNetworksegmentationisgenerallyregardedasabasicmeansofcontrollingthenetworkbroadcaststorm,butitisalsoanimportantmeasuretoensurenetworksecurity・Itspurposeistoillegalusersandsensitivenetworkresourcesmutualisolation,topreventpossibleillegall
4、istening,networksegmentationcanbedividedintophysicalsegmentandlogicsectionintwoways・Atpresent,thelocalareanetwork(LAN)ofthecustomsisusedmostlycenteredonswitchesandroutersforboundarynetworkpattern,shouldfocusonminingcenterswitches,accesscontrolandthelayer3switchingfunctions,integrateda
5、pplicationofphysicalsegmentandlogicsection,twomethodstoimplementthesafetycontrolofthelocalareanetwork(LAN)・Forexample,inthecustomssystemusedwidelyinDECMultiSwitch900intrusiondetectionfunction,isactuallyakindofaccesscontrolbasedonMACaddress,namelythephysicalsegmentationbasedonthedatali
6、nklayer・ReplacetheSharedhubwithswitchedhubsThedangerofEthernetlisteningisstillthereafternetworkfragmentationoftheLAN'scentralswitch・Thisisbecausethenetworkendusersaccessisoftenthroughthebranchhub,ratherthancentralswitch,andthemostwidelyusedbranchofthehubisusuallyShared・Inthisway,whenu
7、serscommunicatewiththehostbydata,datapacketsbetweentwomachines(referredtoasUnicastPacketUnicastPacket)willbethesametolistenbyotherusersonthehub・Isaverydangeroussituation:userTELNETtoahost,becauseoflackofencryptionTELNETapplicationitself,eachcharacteroftheuser'stype(includingtheusernam
8、e,pas
