Monthly Archives: August 2010

常用认证中心 (CA)

摘自《Java加密与解密的技术》 CA三巨头: VeriSign, GeoTrust, Thawte  –都很贵,但会提供一些Trial Version 一个免费组织: www.cacert.org 中国各省均设有CA机构,如北京市数字证书认证中心

基于口令加密 — PBE

PBE = Password Based Encryption 可以认为这种算法的KEY由两部分组成:   1.口令   — 人类可读的字符串,较恒久   2.盐     — 一个随机信息,相同的随机信息极不可能使用两次。

KeyPairGenerator, KeyFactory, KeyStore

待完善…. KeyGenerator    — 用于生成Symmertric Key KeyPairGenerator   –用于生成Public/Private Key对 SecretKeyFactory — 把代表对称密钥的byte[] 变回 Key对象 KeyFactory  — 把代表非对称密钥的byte[] 变回 Key对象 KeyStore  —  in-memory collection of keys and certificates

强烈推荐一个 Sniffer: Wireshark

这个Sniffer可以帮你打印在网络上输入/输出的数据报,支持整个协议栈;并且它是免费的,界面也非常好。  在SSL相关开发时使用这个东西可以帮到很大的忙。 Some useful filters:  1. tcp.port==8080 && http.request.method == "POST" 

Network Security Essentials — Notes10. Firewall

Firewall’s Goals   1. All traffic must pass through the wall   2. Only authorized traffic is allowed to pass   3. Immune to penetration Techniques   1.Service Control    — "This IP is blocked"   2.Direction Control  — "Currently we only allow outside traffic"   3.User Control       — "You are not allowed to get in" […]

Network Security Essentials — Notes9. DDOS

1.Distributed DoS: Attacker recrits a number of hosts to simulataneouly or coordinately launch an attack upon the target 2. What is it?   a. Classification of DDOS in terms of resource type:    i. Attack the host (SYN attack e.g.)    ii. Attack the network (ICMP EHCO attack e.g.)     b. SYN flood attack […]

Network Security Essentials — Notes8. Malicious Software

Malicious Software: Virus, Worm, Tojon …. 1.Division of Malicious Software     a.Division Method #1      i. Software that needs a host program, viruses, logic bombs, backdoors e.g.     ii. Software that is independent, worms, zombie programs e.g.   b.Division Method #2      i. Software that replicates, such as viruses and worms     ii. Software […]