待完善…. KeyGenerator — 用于生成Symmertric Key KeyPairGenerator –用于生成Public/Private Key对 SecretKeyFactory — 把代表对称密钥的byte[] 变回 Key对象 KeyFactory — 把代表非对称密钥的byte[] 变回 Key对象 KeyStore — in-memory collection of keys and certificates
1.修改JDK的配置文件:%JDK_HOME%\jre\lib\security\java.security //加上 security.provider.10=org.bouncycastle.jce.provider.BouncyCastleProvider 2.在代码里直接添加 Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
这个Sniffer可以帮你打印在网络上输入/输出的数据报,支持整个协议栈;并且它是免费的,界面也非常好。 在SSL相关开发时使用这个东西可以帮到很大的忙。 Some useful filters: 1. tcp.port==8080 && http.request.method == "POST"
Firewall’s Goals 1. All traffic must pass through the wall 2. Only authorized traffic is allowed to pass 3. Immune to penetration Techniques 1.Service Control — "This IP is blocked" 2.Direction Control — "Currently we only allow outside traffic" 3.User Control — "You are not allowed to get in" …
1.Distributed DoS: Attacker recrits a number of hosts to simulataneouly or coordinately launch an attack upon the target 2. What is it? a. Classification of DDOS in terms of resource type: i. Attack the host (SYN attack e.g.) ii. Attack the network (ICMP EHCO attack e.g.) b. SYN flood attack …
Malicious Software: Virus, Worm, Tojon …. 1.Division of Malicious Software a.Division Method #1 i. Software that needs a host program, viruses, logic bombs, backdoors e.g. ii. Software that is independent, worms, zombie programs e.g. b.Division Method #2 i. Software that replicates, such as viruses and worms ii. Software …
Network Security Essentials — Notes8. Malicious Software Read More »
Three Approaches for Web Security: 1.IP-Level Security 2.SSL/TLS between TCP layer and Application Layer 3.Application-Level Security, such as PGP over SMTP and SET Over HTTP SSL/TLS 1.History: SSL is originated by Netscape. But TLS is the Internet standard version of it. TLS is essentially SSLv3.1 and it’s compatible with SSLv3 …
Network Security Essentials — Notes7. Web Security Read More »
Two major schemes for Email Security: PGP and S/MIME 1.PGP: A package of five services a.Authentication — Digital Signature by HASH + RSA b.Confidentiality i.Generate a one-time symmertric key for each msg ii.Distribute this key by encrypting it with receiver’s public key c.Compression d.Email Compatibility e.Sementation 2.S/MIMIE: Let’s …
Network Security Essentials — Notes6. Email Security Read More »
1. Kerberos a. Suitable for an distributed architecture consisting several servers and some clients b. Based on symmertric key scheme c. A 3rd-party provides authentication service d. Fundamentals: It’s too complicated. Let’s forget it for now 2.X.509 Authentication Service a. Overview i.Related to directory service ii.A framework of …
Network Security Essentials — Notes5. Authentication Applications Read More »
待完善… The output may look like, Operation | Options | Object Name | Cost | Cardinality | Bytes Operation, Options: 数据库在这一步采取的操作及其使用的参数. 请参考 所有操作的集合 Object Name: Name of the table or index. Cost: a function of the CPU_COST and IO_COST. 它是无量纲的,仅用于各步操作的代价比较 Cardinality: the number of rows accessed by the operation Bytes: the number of bytes …