軟件工程專業(yè)英語(yǔ)-Networking And Security_第1頁(yè)
軟件工程專業(yè)英語(yǔ)-Networking And Security_第2頁(yè)
軟件工程專業(yè)英語(yǔ)-Networking And Security_第3頁(yè)
軟件工程專業(yè)英語(yǔ)-Networking And Security_第4頁(yè)
軟件工程專業(yè)英語(yǔ)-Networking And Security_第5頁(yè)
已閱讀5頁(yè),還剩59頁(yè)未讀, 繼續(xù)免費(fèi)閱讀

下載本文檔

版權(quán)說(shuō)明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請(qǐng)進(jìn)行舉報(bào)或認(rèn)領(lǐng)

文檔簡(jiǎn)介

我們畢業(yè)啦其實(shí)是答辯的標(biāo)題地方軟件工程專業(yè)英語(yǔ)SOFTWAREENGINEERINGESSENTIALS2023/10/212023/10/21..24.1LOCALAREANETWORK

4.2TCP/IP4.3

SECURITYSUMMARYCHPTER4

NETWORKINGANDSECURITY2023/10/21COMPETENCIESAfterreadingthischapter,youshouldbeableto:1.ExplaintheInternet.2.DiscussthetwokindsofLAN:EthernetLAN,andWi-Fi.3.Describehowthedataaretransferred.4.DescribehowtosendonepacketthroughEthernet.5.ExplainTCP/IP.6.DescribetheEthernetdesignprocessandhowtodealwithcollision.7.Discusssecurity.2023/10/21.32023/10/21Inthischapter,wewillfirstelaborateonhowthecomputernetworkworks.Thebasic

principlesofhowthecomputernetworkworksaresurprisinglysimplealthoughthedetailsarefairlycomplicated.We’llstartfromthesmall-scale,LocalAreaNetwork,orshortlyaLAN.Andtheninthenextsectionwe’llexplainhowtheInternetcoverstheentireearth.Finallyinthischapter,wewilldiscusscomputersecurity.2023/10/21.42023/10/212023/10/21..54.1LOCALNETWORKAREA2023/10/214.1LOCALAREANETWORK

Thedetailsofnetworkingcanbequitecomplicated.Butthebasicideasofhowitallworksaresurprisinglysimple,andthat'swhatwe'regoingtostudy.TheInternetislikeaglobalphonesystemforcomputers:acomputercan"call"anothercomputerontheinternettogetorsendalittleinformation.Supposeyourlaptopisconnectedtotheinternet,andyoutype""intoyourbrowser--whathappens?Yourcomputercontactsthecomputer""--placinga"call"ineffect--andsendsarequestforthemainwebpage.Themachinesendsbackalargeresponsewhichisthewebpageandendsthecall.Yourbrowsergetsbackallthisdataandformatsitforyourscreensoyoucanreadthetext,clicklinksetc.We'lllookatthisfetch-webexampleafewdifferentwaystoseehowtheinternetworks.2023/10/21..2023/10/214.1LAN

ItstandsforaLocalAreaNetwork.Theseareverycommon.ALANisanetworkthatwouldbeusedtocovermaybeonefloorofabuildingormaybejustwithinahouseorsomethinglikethat.TwoverycommonexamplesofLANtechnologyareEthernet.whichiswired,useswires,it'swiredLANtechnology,andWi-Fi,whichisthewirelessradiosortofanalogtoEthernet.Thoseareincrediblycommon.2023/10/21..2023/10/214.1LAN4.1.1EthernetLAN4.1.2Packets-DataTransmission4.1.3Ethernet--SendingOnePacket4.1.4Wi-Fi--SameStrategy4.1.5EthernetDesignSummary2023/10/21..2023/10/214.1.1EthernetLANWiresaboutasthickasadrinkingstraw100metermaxwirelength,soit’slocalWiresoftenyelloworblueRJ-45plug,likeabigphoneplug2023/10/21..2023/10/21Figure4-1EthernetRJ-45plug

2023/10/21..2023/10/21Figure4-3datafromcomputer1tocomputer22023/10/21..4.1.2Packets-DataTransmission2023/10/214.1.3Ethernet--SendingOnePacket2023/10/21..Figure4-4SendingonepacketonEthernet2023/10/21READING1NETWORKING

PacketErrors--ChecksumRe-Send

2023/10/21..Figure4-9checksum2023/10/21READING1NETWORKING

MultipleComputers--EthernetDesign

2023/10/21..Figure4-10EthernetDesign2023/10/21READING1NETWORKING

EthernetCollision2023/10/21..Figure4-11

EthernetCollision2023/10/214.1.4Wi-Fi--SameStrategy2023/10/21..2023/10/214.1.5EthernetDesignSummary1.Shared:there'sjustonewiresharedbyeveryone,soit’scheap;2.DistributedandCollaborative:thereisnocentralcontrol,dependingoneachcomputerfollowingthecollaborativeprotocolingoodfaith;3.Insecure:it’snottoohardtolistentoorpickuppacketsnotintendedforthereceiver;4.Performancedegrades:

itsperformancedoesnotbreakasmorecomputersusethesharedmedium

2023/10/21..2023/10/212023/10/21..184.2

TCP/IP2023/10/214.2TCP/IP

ThepreviousLANexamplesareaboutconnectingcomputersonthesameLAN.Nowwewillscaletheproblemuptosendpacketsbetweenanytwocomputersontheearth.TheworldwideInternetisbuiltontheTCP/IPfamilyofstandards(TransmissionControlProtocol/InternetProtocol)whichsolvestheproblemofsendingpacketsbetweencomputersacrossthewholeinternet.Thesearefreeandopen,vendor-neutralstandardswhichisprobablythereasontheyhavebeensoincrediblysuccessful.2023/10/21..2023/10/214.2TCP/IPTheworldwideInternetisbasedactuallyonsomeGovernment-fundedresearchinthe70sfromtheUnitedStates,andsomestandardscalledTCP/IParecreated.TheTCP/IPisafamilyofstandards(TransmissionControlProtocol/InternetProtocol)whichsolvestheproblemofsendingpacketsbetweencomputersacrossthewholeinternet.Thesearefreeandopen,vendor-neutralstandardswhichisprobablythereasontheyhavebeensoincrediblysuccessful.2023/10/21..2023/10/214.2TCP/IP4.2.1IPAddress4.2.2DomainNames4.2.3Router4.2.4WhatDoesitMeantoBeOntheInternet?4.2.5Ping2023/10/21..2023/10/214.2.1IPAddress2023/10/21..Figure4-6IPaddress2023/10/214.2.2DomainNameDomainnamesareessentiallyalternatenamesforIPaddresses.Wehavedomainnamessuchas,.Domainnamesareeasyforpeopletorememberandtype.DomainsystemcanlookupanIPaddressfromadomainname.Sowhenyouuseadomainname,itislookeduptogetanIPaddressfortheactualpackets2023/10/21..2023/10/214.2.3Router2023/10/21..Figure4-7Router2023/10/214.2.4WhatDoesitMeantoBeOntheInternet?OntheInternet—e.g.connecttoaWi-Firouter1.computerconnectstoanupstreamroutertohandletraffic.MostWi-FiaccesspointscombineWi-Fi-radiosandarouter.2.TheroutertypicallygivesthecomputeranIPaddresstouseThecomputercannotpickanarbitraryIPaddress,sincetheleftpartoftheaddressdependsonthelocationontheInternet…detailknownbytherouter3.DHCP“DynamicHostConfigurationProtocol”—automaticallyconfigurenetworksettingstoworklocally.Computersveryoftenusethisfeaturetogetneedednetworkconfigurationfromtherouterautomatically.2023/10/21..2023/10/214.2.5Ping"ping"isanoldandverysimpleinternetutility.Yourcomputersendsa"ping"packettoanycomputerontheinternet,andthecomputerrespondswitha"ping"reply(notallcomputersrespondtoping).Inthisway,youcancheckiftheothercomputerisfunctioningandifthenetworkpathbetweenyouanditworks.Asaverb,"ping"hasnowenteredregularEnglishusage,meaningaquickcheck-inwithsomeone.Experiment:

Mostcomputershaveapingutility,oryoucantry"ping"onthecommandline.Trypinging.2023/10/21..2023/10/21Traceroute

Tracerouteisaprogramthatwillattempttoidentifyalltheroutersinbetweenyouandsomeothercomputeroutontheinternet-demonstratingthehop-hop-hopqualityoftheinternet.Mostcomputershavesomesortof"traceroute"utilityavailableifyouwanttotryityourself(notrequired).Someroutersarevisibletotracerouteandsomenot,soitdoesnotprovidecompletelyreliableoutput.However,itisaneatreflectionofthehop-hop-hopqualityoftheInternet.2023/10/21..2023/10/21READING2TCP/IP

HowDoesaPacketGetAcrosstheInternet?2023/10/21..Figure4-12:aPacketGetAcrosstheInternet2023/10/21READING2TCP/IP

RouterAnalysis?Eachrouterknowsenoughtofigurethenexthop,notthewholeroute.Theoriginalcomputerdoesnottypicallyknowmuch,delegatingtorouters“Core”routers,towardsthemiddleRoutersmeasureconnectionfunctionality/breakageallthetime.RoutearoundRoutersareanotherdistributed,collaborativesystem2023/10/21..2023/10/21READING2TCP/IP

Special"Local"IPAddressesNotethat10.x.x.xand192.168.x.xaddressesarespecial"local"IPaddressesTheseaddressesarenotvalidoutontheinternetatlargeThesearetranslatedtoarealIPaddressasapacketmakesitswayFrequentlygivenoutbyWi-Firouters2023/10/21..2023/10/212023/10/21..314.3

SECURITY2023/10/214.3SECURITYComputersecurityisabigandkindofdramaticarea,anditcanlookscary.Butitdoesn'tneedtobe.Wegoingtotalkaboutsomeofthemostimportantcases.Andinparticular,stayingsafeisnotthathard.Itdoesn'tneedtobethatcomplicated.We'lltalkaboutthemostimportantandinterestingideas.Keepingsafeisnotthathard.2023/10/21..2023/10/214.3SecurityNow,computersecurityisascarytopicandadramaticarea.Wearegoingtotalkaboutsomeofthemostimportantcasesandinterestingideas.Infact,stayingsafeisnotthathardandcomplicated.2023/10/21..2023/10/214.3Security4.3.1Computer--TheCastle4.3.2PasswordAttacks4.3.3PhishingAttacks4.3.4MalwareAttacks4.3.5SafetyRecap2023/10/21..2023/10/214.3.1Computer--TheCastle2023/10/21..Figure4-8Badguyoutsideacomputer2023/10/214.3.2PasswordAttacksThebadguycouldtrytoguessyourpasswordonasiteTrytologinagainandagainWorksifthepasswordiscommonAlsoknownas“dictionaryattach”.TryallthewordsinadictionaryThisfailmostly,butsuccesshereandtherewithanaccountwithapoorpasswordisgoodenoughforthebadguysTherefore:avoidhavinganobviousorcommonlyusedpassword2023/10/21..2023/10/21BadPasswordsDonotneedtobesuperelaborate(somesitesgocrazywiththis).Herewelistsomecommonpasswords-donotusethese!Commonpasswords:password,password1,123456789,12345678,1234567890,abc123,computer,tigger,1234,qwertyBesides,avoidapasswordthatthousandsofothersouttherehavealsochosen2023/10/21..2023/10/21GoodPasswordsWhatIdoforsecurepasswords,forexampleforabanksite,startwithaword,addmisspelling,thenaddsomerandomletters.Couldaddsomedigitsand/orpunctuationandmaybesomeuppercaseletters.

mottens,erx--fine

Mottens,9erx--better

MotenX,97erx--probablymorecomplexthannecessary2023/10/21..2023/10/21Herewelistsomesuggestions:

Thelistofcommonpasswordscontainspasswordsthatarejustawordorawordplusatinyvariation,like"jane","secret1","mittens123",ortwowordslike"catmittens",soit'svitalthatyourpassworddoesnotlooklikethat.It'soktohaveawordfragment,butitshouldalsoincludesignificantnonsenseletters.Personally,Ilikestartingwithaword,sinceitiseasytorememberandfasttotype,butthenrandomjunkneedstobeaddedinandaroundit.Somesitesgocrazy,requiringmanyuppercaseletters,digits,andpunctuationletters.Ithinkthat'snotnecessary.It's"securitytheater":addingmorecomplexityandtheappearanceofactionbutwithoutactuallyaddingtosecurity.2023/10/21..2023/10/214.3.3PhishingAttacks“Phishing”,i.e.thebadguyis“fishing”foryouBadguytricksyouintoexposingyourpasswordorwhateverNodoubtyouhavereceivedmanyphishingemailsNote:notrelatedtoanactualtransactionoraccount,badguysjustspewtheseout,hopingtofoolsomeoneAlternatelycouldhaveaphishingwebsitethatimitatestherealeBaysiteBadguysemailsoutorinsomeotherwaydistributestheurltophishingsiteBadguyswantpasswordsforsitesthathavesomethingtodowithmoney2023/10/21..2023/10/21HerearesomesuggestionsabouthowtoavoidPhishing:

Don'ttrustURLsinemailsorrandomsites,especiallywhenleadingtoaloginpageScrutinizetheURLasshowninyourbrowseroremailprogram.BadguyURLwilltrytolooklegit,like

www.ebay.bad-guy.rumoresecure)TypetheURLinyourself.IfitclaimstobefromeBay,typeinyourselfinyourbrowser.It'sasimplerule.Firefoxetc.candoextragreenhighlightingof"real"site.e.g.Lookfor

https

intheURL2023/10/21..2023/10/214.3.4MalwareAttacks"Malware"isthegeneraltermforaprogramwrittenbythebadguytodobadthingstoyourmachine-breakintothemachine,stealpasswords,sendspam,etc.Howcanthebadguygettheirprogramonacomputerandgetittorun?HerewewilldiscusstwokindsofMalware:TrojanandVulnerability,andtheirintrusiontechniques.2023/10/21..2023/10/21Malware1TrojanA"Trojan"isamalwaredisguisedassomethingelse,like"awesome-cursors.exe"or"fun-game.exe"or"JustinBeiber.JPEG.exe“Sotheuserdownloadsitoraccessesit,notawarethatitwilldosomethingbad.E.g.SuperAntivirus.exe—thisisactuallyacommonTrojanruse!Trytomakeitlikeharmlesscontent,notaprogramClaimtobeaprogramthatdoessomethingmanypeoplewant,butreallyit’smalwareTherefore:Don’trunprogramsfromrandomsources(googleitfirst,seewhatpeoplesay)Ifsomethingisfromawellknowndomainandhaslotsofdownload,someonewouldhaveflaggeditifitwasmalware2023/10/21..2023/10/21Malware2-VulnerabilitySupposethereisabugintheFlashanimationdisplayprogramWhenfedcertainpathologicanimationbytes,theprogrambreaksandgivesaccesstothemachineSothebadguyputamaliciousFlashanimation,andthensendslinkstoitinspamJustvisitingthepagewiththebadcontentisenoughtocompromisethemachineifitisvulnerable.Thisisprobablythemostscarycase,astheuserdoesverylittle.2023/10/21..2023/10/21Malware2-VulnerabilitySolution:Keepweb-facingsoftwareuptodateAllbrowsersnowhavestrongauto-updatechannels,sobydefaulttherightthingtendstohappenAside:thisisalsowhyhavingaproprietaryformatlikeFlashbeakeypartoftheinternetismaybenotagoodarchitecture.PeoplewereverydependentonAdobetofixthesoftwareveryquickly,andAdobe’srecordwasveryuneven.2023/10/21..2023/10/214.3.5SafetyRecap1.PasswordattacksDon'tuseabadpasswordforanimportantsite(e.g.bank)

Don'tre-usepasswordsacrossimportantsites2.PhishingAttacksProceedcarefullywithcontentfromemail,orwithprovocativetitles

LookatthebrowserURL-areawhentypinginpassword

Orjusttypeinwebaddressyourselfinthebrowserinsteadofclickingintheemail3.MalwareAttacks

ToavoidTrojan,beverywaryofdownloadingandrunningcode(Googlethenameorsource).

ToavoidVulnerability,keepinternet-facingsoftwareonauto-updatetostayatthelatest.2023/10/21..2023/10/212023/10/21..474.1LANLANethernetpacketdigitaltransmissionNocentralcontrolMACaddressTEXT4.2TCP/IP4.3SECURITY7.TCP/IPStandards8.domainnames9.router10.DHCP11.ping12.traceroute13.passwordAttacks14.PhishingAttacks15.HTTPS16.malwareattacks17.Trojan18.vulnerabilityTermss2023/10/212023/10/21..48CONCEPTS1.WhatisLAN?2.WhatisEthernet?3.Howthedataaresentfromonecomputertoanother?4.WhatisthepatternofsendingonepacketonEthernet?5.WhatisWi-Fi?6.WhatisthedifferencebetweenEthernetLANandWi-Fi?2023/10/212023/10/21..49CONCEPTS7.WhatarethefeaturesoftheEthernetDesign?8.WhatisIPaddress?9.Whatisdomainname?10.Whatisrouter?11.Whatdoesitmeanforacomputertobeontheinternet?12.Whatis“ping”?13.Whatis“traceroute”?2023/10/212023/10/21..50CONCEPTS14.Whatdoesacomputerlikefromoutside?15.Whatisthesuggestionsofagoodpassword?16.WhatisPhishing?17.WhatisMalwareAttack?Howtoavoidit?18.WhatisTrojan?Howtoavoidit?19.WhatisVulnerability?Howtoavoidit?2023/10/21MultipleChoice1.SupposeacomputerwantstosendapacketonEthernet.whatdoesthecomputerfirstwaitfor?a.Waitsforitsscheduledtimeinthepredeterminedtransmissionschedule.b.WaitsforthecentralEthernetcontrollertosignalthattransmissionisnowpermitted.c.Waitsfortherecipientcomputertosignalthatitisready.d.WaitsfortheEthernetwiretobequiet.2023/10/21..2023/10/212.WhichoneisnotthefeatureofEthernet?a.Sharedb.DistributedandCollaborative.c.Secure.d.Performancedegrades.2023/10/21..2023/10/213.WhichoneofthefollowingisnotavalidIPaddress?a.b.c.00d.42.257.99.112023/10/21..2023/10/214Whichofthefollowingisgenerallynottrueaboutrouters?a.Routerscheckthecentralinternet-mapwhichshowsroutesforallpackets.b.Routersgetpacketsfromcomputers,forwardthemon.c.Routerscontinuouslymonitorthestatusoftheirconnections.d.Routersforwardeachpacketonehopclosertoitsfinaldestination.2023/10/21..2023/10/215.Whatdoespingdo?a.Notifiesthelocalrouterthatthecomputerwantsmorepackets.b.Sendsa“areyouthere”packettoacomputer,gettingbacka“yes”packet.c.Notifiesthelocalrouterthatthecomputerdoesnotwantanymorepackets.d.Sendsa“whoisthere”packet,gettingbackadescriptionoftherecipient.2023/10/21..2023/10/216.Whichoneofthefollowingistheworstpassword?a.snyrk34b.XXagflib1c.Xxagflibd.password2023/10/21..2023/10/217.Again,whichoneofthefollowingistheworstpassword?a.hygyslb.ipludtc.secretd.ahtygx2023/10/21..2023/10/218.Whichofthefollowingbestdescribesaphishingattack?a.Trytoobtainthepasswordbytrickingthevictimintologgingintoafakebutrealisticlookingwebsite.b.Trytofigureoutthepasswordbycontinuouslyattemptingtologinwithpasswordguesses.c.Trytofigureoutthepasswordbyinterceptingthepacketsoftheloginnetworktransaction.d.Trytoobtainthepasswordbybreakingintothevictim’shouseandlookingforitwrittendownsomewhere.2023/10/21..2023/10/219.WhichoneofthefollowingE-MailslookslikeaTrojanattack?a.Pleasevisitwww.scwhab.bad-guy.ruandloginwithyourregularpassword—thestandardlog-inpageisbrokentoday.b.Wehavedetectedavirusonyourcomputer.Pleasedownloadandrunthisprogramtocheck:SuperVirusChecker.exec.Ihave27milliondollarshereinSpain.Ifyouwillsendmeyour

溫馨提示

  • 1. 本站所有資源如無(wú)特殊說(shuō)明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請(qǐng)下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請(qǐng)聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁(yè)內(nèi)容里面會(huì)有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫(kù)網(wǎng)僅提供信息存儲(chǔ)空間,僅對(duì)用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對(duì)用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對(duì)任何下載內(nèi)容負(fù)責(zé)。
  • 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請(qǐng)與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對(duì)自己和他人造成任何形式的傷害或損失。

評(píng)論

0/150

提交評(píng)論