1.修改JDK的配置文件:%JDK_HOME%\jre\lib\security\java.security //加上 security.provider.10=org.bouncycastle.jce.provider.BouncyCastleProvider 2.在代码里直接添加 Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
这个Sniffer可以帮你打印在网络上输入/输出的数据报,支持整个协议栈;并且它是免费的,界面也非常好。 在SSL相关开发时使用这个东西可以帮到很大的忙。 Some useful filters: 1. tcp.port==8080 && http.request.method == "POST"
Firewall’s Goals 1. All traffic must pass through the wall 2. Only authorized traffic is allowed to pass 3. Immune to penetration Techniques 1.Service Control — "This IP is blocked" 2.Direction Control — "Currently we only allow outside traffic" 3.User Control — "You are not allowed to get in" …
1.Distributed DoS: Attacker recrits a number of hosts to simulataneouly or coordinately launch an attack upon the target 2. What is it? a. Classification of DDOS in terms of resource type: i. Attack the host (SYN attack e.g.) ii. Attack the network (ICMP EHCO attack e.g.) b. SYN flood attack …
Malicious Software: Virus, Worm, Tojon …. 1.Division of Malicious Software a.Division Method #1 i. Software that needs a host program, viruses, logic bombs, backdoors e.g. ii. Software that is independent, worms, zombie programs e.g. b.Division Method #2 i. Software that replicates, such as viruses and worms ii. Software …
Network Security Essentials — Notes8. Malicious Software Read More »
Three Approaches for Web Security: 1.IP-Level Security 2.SSL/TLS between TCP layer and Application Layer 3.Application-Level Security, such as PGP over SMTP and SET Over HTTP SSL/TLS 1.History: SSL is originated by Netscape. But TLS is the Internet standard version of it. TLS is essentially SSLv3.1 and it’s compatible with SSLv3 …
Network Security Essentials — Notes7. Web Security Read More »
Two major schemes for Email Security: PGP and S/MIME 1.PGP: A package of five services a.Authentication — Digital Signature by HASH + RSA b.Confidentiality i.Generate a one-time symmertric key for each msg ii.Distribute this key by encrypting it with receiver’s public key c.Compression d.Email Compatibility e.Sementation 2.S/MIMIE: Let’s …
Network Security Essentials — Notes6. Email Security Read More »
1. Kerberos a. Suitable for an distributed architecture consisting several servers and some clients b. Based on symmertric key scheme c. A 3rd-party provides authentication service d. Fundamentals: It’s too complicated. Let’s forget it for now 2.X.509 Authentication Service a. Overview i.Related to directory service ii.A framework of …
Network Security Essentials — Notes5. Authentication Applications Read More »
待完善… The output may look like, Operation | Options | Object Name | Cost | Cardinality | Bytes Operation, Options: 数据库在这一步采取的操作及其使用的参数. 请参考 所有操作的集合 Object Name: Name of the table or index. Cost: a function of the CPU_COST and IO_COST. 它是无量纲的,仅用于各步操作的代价比较 Cardinality: the number of rows accessed by the operation Bytes: the number of bytes …
1. Public-key Cryptography The schem uses two keys, if one is for encryption, then the other is for decryption. "Truly revolutionary advance in cryptography" "Profound concequences in the areas of Confidentiality, key distrituion and Message Authentication" 2.Six Integriends a.Plaintext b.Encryption Algorithm (Not Secret) c.Public Key (Not Secret) d.Private …
Network Security Essentials — Notes4. Public-key Cryptography Read More »