Month: August 2010

摘自《Java加密与解密的技术》 CA三巨头： VeriSign, GeoTrust, Thawte  –都很贵，但会提供一些Trial Version 一个免费组织： www.cacert.org 中国各省均设有CA机构，如北京市数字证书认证中心

PBE = Password Based Encryption 可以认为这种算法的KEY由两部分组成：   1.口令   — 人类可读的字符串，较恒久   2.盐     — 一个随机信息，相同的随机信息极不可能使用两次。

待完善…. KeyGenerator    — 用于生成Symmertric Key KeyPairGenerator   –用于生成Public/Private Key对 SecretKeyFactory — 把代表对称密钥的byte[] 变回 Key对象 KeyFactory  — 把代表非对称密钥的byte[] 变回 Key对象 KeyStore  —  in-memory collection of keys and certificates

1.修改JDK的配置文件：%JDK_HOME%\jre\lib\security\java.security //加上 security.provider.10=org.bouncycastle.jce.provider.BouncyCastleProvider   2.在代码里直接添加 Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());

这个Sniffer可以帮你打印在网络上输入/输出的数据报，支持整个协议栈；并且它是免费的，界面也非常好。  在SSL相关开发时使用这个东西可以帮到很大的忙。 Some useful filters:  1. tcp.port==8080 && http.request.method == "POST" 

Firewall’s Goals   1. All traffic must pass through the wall   2. Only authorized traffic is allowed to pass   3. Immune to penetration Techniques   1.Service Control    — "This IP is blocked"   2.Direction Control  — "Currently we only allow outside traffic"   3.User Control       — "You are not allowed to get in" …

Network Security Essentials — Notes10. Firewall Read More »

1.Distributed DoS: Attacker recrits a number of hosts to simulataneouly or coordinately launch an attack upon the target 2. What is it?   a. Classification of DDOS in terms of resource type:    i. Attack the host (SYN attack e.g.)    ii. Attack the network (ICMP EHCO attack e.g.)     b. SYN flood attack …

Network Security Essentials — Notes9. DDOS Read More »

Malicious Software: Virus, Worm, Tojon …. 1.Division of Malicious Software     a.Division Method #1      i. Software that needs a host program, viruses, logic bombs, backdoors e.g.     ii. Software that is independent, worms, zombie programs e.g.   b.Division Method #2      i. Software that replicates, such as viruses and worms     ii. Software …

Network Security Essentials — Notes8. Malicious Software Read More »