北大网络安全教程.pptVIP

Web Security Practices xlli@ Recent Security Exploits Web site break-in, web pages defaced jacking Hotmail Security Breach (to steal passwds) E-mail virus (Melissa) Y2K Count Trojan Horse (to steal passwds) Internet Worm (Explore.zip) What Do Hackers Exploit? Poor Design Poor Implementation Poor Configuration Poor Management and Training Denial of Service Attacks Poor Design syn flood used to hijack TCP session Poor Implementation Teardrop attack: buffer overflow Poor Configuration SMURF attack: targe at router with broadcast ON, send a ping packet with forged victim’s address for bro