Đang chuẩn bị liên kết để tải về tài liệu:
computer network internet security phần 2

Không đóng trình duyệt đến khi xuất hiện nút TẢI XUỐNG Tải xuống

ược thực hiện bằng cách giả mạo địa chỉ, hoặc bằng các phương tiện nghe. Một phát lại liên quan đến việc chụp một phiên họp giữa người gửi và người nhận, và sau đó phát lại tin nhắn đó (hoặc với tiêu đề và nội dung tin nhắn mới, hoặc tin nhắn toàn bộ). | be done by masquerading the address or by means of a playback. A playback involves capturing a session between a sender and receiver and then retransmitting that message either with the header only and new message contents or the whole message . The spoofing of LAN traffic or the modification of LAN traffic can occur by exploiting the following types of vulnerabilities transmitting LAN traffic in plaintext lack of a date time stamp showing sending time and receiving time lack of message authentication code mechanism or digital signature lack of real-time verification mechanism to use against playback . 2.2.3 Disruption of LAN Functions A LAN is a tool used by an organization to share information and transmit it from one location to another. A disruption of functionality occurs when the LAN cannot provide the needed functionality in an acceptable timely manner. A disruption can interrupt one type of functionality or many. A disruption of LAN functionalities can occur by exploiting the following types of vulnerabilities inability to detect unusual traffic patterns i.e. intentional flooding inability to reroute traffic handle hardware failures etc configuration of LAN that allows for a single point of failure unauthorized changes made to hardware components reconfiguring addresses on workstations modifying router or hub configurations etc. improper maintenance of LAN hardware improper physical security of LAN hardware. 2.2.4 Common Threats A variety of threats face today s computer systems and the information they process. In order to control the risks of operating an information system managers and users must know the vulnerabilities of the system and the threats which may exploit them. Knowledge of the threat environment allows the system manager to implement the most cost-effective security measures. In some cases managers may find it most cost-effective to simply tolerate the expected losses. The following threats and associated losses are based on their .