电子商务网络安全毕业设计英文原文及翻译-论文

电子商务网络安全毕业设计英文原文及翻译电子商务网络安全毕业设计英文原文及翻译 论文论文 电子商务网络安全毕业设计英文原文及翻译 计算机专业全套免费毕业设计论文 网 任务书 本科毕业设计课题目作品下载 附录 英文原文 Web Security Privacy Mazu Networks of Cambridge Mass and Asta Networks in Seattle Mazu s solution to distributed DoS attacks works via intelligent traffic analysis and filtering across the network A monitoring device such as a packet sniffer or packet analyzer evaluates packets on the network at speeds up to 1G bit sec A monitoring device then determines which traffic needs to be filtered out The good the bad and the ugly The good news about all of these new security techniques is that they theoretically offer companies additional layers of security protection providing better overall security What this ultimately means to businesses is that additional security mechanisms can succeed where others have failed Another plus about some of the new products is that they are optimized for a particular application such as integrity of the Web servers However as with any technology there are pros and cons to consider In fact there are some downsides to implementing these new security products For example They are all incremental solutions not replacements They require a certain amount of expertise Many vendors are start ups and there a risk as to how long theyl be around There a concern in many IT shops about adding preventive controls because of associated overhead a concern that can be easily remedied by investing in additional horsepower What too much When does a company run the risk because of having too many products to manage The bottom line is that security is never a done deal It a continuing process that a new crop of innovative vendors are making more interesting Benevolent Worms Although the prospect of using virus technology to simplify the task of delivering patches and software updates is tempting the dangers can outweigh the benefits when the process is too automated For example the improved Windows Update feature in Windows XP now allows patches and updates to be downloaded automatically although installation is still at the user s discretion Trojan horses worms and other malicious code forms have proven to be incredibly successful at paralyzing e mail systems and Internet providers It is therefore only logical to conceive of ways to use them for productive purposes much as the Bible exhorts its readers to beat their swords into plowshares and their spears into pruning hooks Granted it would be wonderful if IT administrators could distribute patches and software updates to desktops and servers as quickly as an e mail virus can spread from one machine to the next But is such a magic wand really a good idea Well maybe not exactly After all unlike the human immune system which produces defenses or antibodies automatically the computer must wait for a human to analyze samples of a computer virus prepare antidotes and vaccines for that specific situation and only then apply the cure This observation alone would seem to discredit the idea of a digital immune system that the security community has tossed around during the past few years but there s an even more important point to consider Similar to the way that autoimmune diseases turn the body s own defenses against itself so could one turn a viruslike software delivery system against its own computers Although it would be difficult to monkey with the digital certificates that would conceivably be used to identify trusted patches it s not impossible to subvert the certificate issuing system as Microsoft and VeriSign found to their dismay last March Ultimately a viruslike software delivery system would require software publishers to deliberately put a back door into their systems and few customers will tolerate that practice even under shrinkwrap licensing terms Because there s no guarantee that such a tempting target wouldn t be exploited by hackers any IT manager deploying such a system would be foolhardy in the extreme Virus behavior that standpoint go to see from the operate system is some normal behaviors and say for the operate system that don t break the law therefore at kill the virus software to check to kill the virus usually meeting because operate system of obstruction the document was take upped by system and can t change the code at system virus the inside to circulate etc reason but can t clean the virus clearance Therefore we at kill the virus of time also want to speak to investigate some techniques and go to the round over the operate system s obstruction from success of virus is from the system Speak here of kill the virus method is Kill the virus with the tool under the safe mode to kill the virus under the pure DOS mode Why want the pure DOS mode to down kill the virus Because the virus procedure is under the operate system explain the mode to circulate o such as Script virus new and happiness time virus etc they can t circulate in the inside memory and system also argue all legal procedures but as to it s take in to protect and guarantee it continue to circulate prohibition against in the movement procedure right proceed modification this result ined virus can t quilt the clearance s reason But result for aegis for having under the pure DOS mode connecting the Windows operate system all don t can quilt circulating virus more impossible movement for this reason this hour as to it s checking killing round over system attaining cleanly killing the virus The usage special tool under the safe mode to kill the virus The each of Windows operate system for edition all contain a safe mode to circulate the way and here circulate the way bottom can only circulate the most basic procedure again this mode bottom you can cancel all of from start the item avoid the virus s movement Its special tool is small and very shrewd and use it can under the safe mode normal movement Its weakness is a result for can aim atting the popular virus of some comparisons can t attaining completely killing the virus For attain to kill the clean virus result we can synthesize to use these two kinds of methods Kill the virus not equal to defend the virus and hard work should be protected Privacy Protecting techniques In this chapter we will look at some proven techniques to protect your privacy when you use the Internet Most of these techniques are simple commonsense rules that you can put into effect immediately choosing a good service provider using good password cleaning up after yourself online avoiding Spam and junk email and protecting yourself from identity theft Choosing a good service provider The first and most important technique for protecting your privacy is to pick service providers who respect your privacy Here are some things to consider when you choose an ISP Unless you take special measures to obscure the content and destinations of your Internet usage your ISP can monitor every single web page that you visit every email message that you send every email message that you receive and many others about your Internet usage If you have a dialup ISP your ISP can also infer when you are at home when you go on vacation and other aspects of your schedule If you check your email from work your ISP can learn where you work Many ISPs routinely monitor the actions of their subscribers for the purposes of testing equipment learning about their user population or collecting per user demographics Some ISPs will monitor the web sites that you visit and sell this information for the purpose of increasing their revenue In some cases the ISPs clearly state this policy and in fact use the sale of the data as a way of subsidizing the cost of Internet access Other ISPs silently engage in this practice Equipment is now on the market that allows ISPs to monitor the advertisements that are downloaded to your computer and in some case replace the advertisements with different ones This equipment is also capable of generating detailed user level statistics Some ISPs have strict policies regarding which employees have access to user data and how that data must be protected Other ISPs have no policies at all Many policies that are in use basically say we can monitor anything that we want However not all ISPs that have these policies actually monitor their users Picking a Great Password Passwords are the simplest from of authentication Passwords are a secret that you share with the compurter When you log in you type your password to prove to the computer that you are who you claim to be The computer ensures that the password you type matches the account that you have specified If they match you allowed to proceed Using good passwords for your Internet service is a first line of defense for your privacy If you pick a password that is easy to guess then somebody who is targeting you will find it easier to gain access to your personal information If you use the same password on a variety of different services then a person who is able to discover the password for one of your services will be able to access other services Good Passwords locked Doors Good passwords are passwords that are difficult to guess The best passwords are difficult to guess because they Have both uppercase and lowercase letters Have digits and or punctuation characters as well as letters May include some control characters and of spaces Are easy to remember so they do not have to be written down Are at least seven of eight characters long Can be typed quickly so somebody cannot determine what you type by watching over your shoulder It is easy to pick a good password Here are some suggestions Take two short words and combine them with a special character or a number like robot4my or eye con Put together an acronym that is special to you like Notfsw None of this fancy stuff works auPEGC All Unix programmers eat green cheese or Ttl Hiww Twinkle twinkle little star How I wonder what Cleaning Up After Yourself When you use the Internet you leave traces of the web sites that you visit and the information that you see on your computer Another person can learn a lot about the web sites that you have visited by examining your computer for these electronic footprints This process of computer examination is called computer forensics and it has become a hot area of research in recent years Special purpose programs can also examine your computer and either prepare a report or transmit the report over the Internet to someone else Although it can be very hard to remove all traces of a web site that you have seen or an email message that you have downloaded you can do a good job of cleaning up your computer with only a small amount of work There are also a growing number of programs that can automatically clean up your computer at regular intervals as we will see in the next chapter Avoiding Spam and Junk Email Unwanted electronic mail is the number one consumer complaint on the Internet today A 1999 study by BrightMail a company that develops antispam technology found that 84 percent of Internet users had received Spam 42 percent loathed the time it takes to handle Spam 30 percent found it to be a significant invasion of privacy 15 percent found it offensive and ISPs suffered account churn rates as high as 7 2 percent as a direct result of Spam Protect Your Email Address To send you junk mail a spammer must have your email address By understanding how spammers get email addresses you can keep your mailbox relatively Spam free Do not put your email address on your home page Take your name out of online directories Do not post to public mailing lists Do not post to Usenet Pick an unusual username 附录 中文翻译 网络上的个人和商业安全 原文见于 黑客与网络安全专业人士之间方兴未艾的战斗已经超出了防火墙的范围 进入 了在各个网站和公司服务器上面对面的格斗 利用独创的方法保护网站和公司网络不受外部和内部的安全威胁的新颖安全武 器已经出现 下面是几个最新的 安全 工具 供您选用 无出口 Gilian公司的G Server不管黑客是如 何攻入的或者对您的网站可能做了哪些修改 Gilian公司的出口控制技术防止外 界看到安全漏洞的后果 Gilian公司的G Server位于网站服务器和将网站服务器与因特网相连的路由器或防火墙之间 它 检查送出的每一条内容 采用出口控制技术的G Server含有数字签名的集合 这些签名是在发表过程中从批准的网站内容中产生 的 每次网站的内容生成者发表新的或修改的对象 G Server就对该对象和数字签名一起做一个数字备份 签名不匹配就亮出一面红旗 并触发G Server马上用原件存档的安全副本替换虚假页面 同时立即向有关人员报警 Tripwire公司的Tripwire for Servers是一个类似的数据与网络完整性产品 但它采用了不同的方法 软件被装载到您要保护的服务器中 它监视所有文件的变化 不管这些文件最初 是来自公司的内部还是外部 如果一个变化破坏了预定的政策 还将 向有关人 士 报告 蜜罐或诱饵 蜜罐是设计来引诱和捉住网上的入侵者的 蜜罐是诱饵装置 能使攻击脱离开生 产系统 并让安全管理员研究或了解网络上正在发生什么事 Recourse公司的ManTrap是一个强有力的蜜罐产品 如果它是用来转移内部攻击 就部署在数据服务器的旁边 如果用来对抗外部威胁 则放在非军事化区的防 火墙的外面 大多数用户将它部署在内部 使可疑活动得到控制 在这种情况下 设立的ManTrap服务器看上去像一台文件服务器 存储知识产权 或业务计划 成功部署ManTrap与多个因素有关 包括品质 命名方案 设置和安 全方针等 例如 当部署的数量等于或大于生产系统时 欺骗式防御最有效 蜜 罐很贵 这就是为什么公司必须挑选关键的服务器加以保护 吸引攻击者对ManTrap进行攻击的方法 是将它配制成比其他的服务器更易受到 攻击 一旦黑客上了诱饵服务器 安全管理者就能记录黑客的行为 了解入侵者 想要达到什么目的 落入空缺 空缺技术是在可信赖的和不可信赖的网络之间提供一个物理的空缺 为在外部 的服务器和公司内部的网络和系统之间建立了一个隔离的通道 供应商包括RV T技术公司 先锋技术公司和鲸鱼通信公司 鲸鱼公司的e Gap网站快车是一种非可编程装置 它在两台计算机主机之间转换内存库 e Gap网站快车在因特网和公司的后台办公系统之间设立一个空缺 公司可以在运 行电子商务应用程序的一个外部服务 如在线银行 和可能被外部用户查询的内 部数据库之间使用e Gap网站快车 e Gap系统由附加在两台PC主机上的e Gap设备组成 其中一台是内部主机 另一台是外部主机 内部主机接到公司的 内部网 而外部主机置于防火墙前面的非军事化区 网站页面的所有URL 网址 都指向外部主机的一个假的位置 页面实际上不在 此台主机上 外部主机撕开协议报头 只抽出安全套接字层 SSL 信息流的内容 并把它传送给e Gap网站快车 e Gap网站快车把加密数据传给使用捆绑e disk的内部主机 e Gap内部主机对SSL信息流解密 进行用户认证和过滤URL内容 然后将URL请 求送给公司生产用的网站服务器 而该服务器位于后台办公网络上 内含修正功能 设计供内部使用的安全和易损性评估工具 在出现问题之前就能够检测到一个 组织的系统内的弱点 并能修正它们 eEye公司的Retina 3 0能扫描 监视 警告和自动修正网络安全隐患 该产品在Windows NT 4 0 SP3或更高版本以及Windows 2000上工作 该软件安装在网络内的任何一部机器上 网管员敲入一组IP地址以便扫描 按一 下按钮 该产品就对网络进行扫描 找出隐患 软件缺陷和政策问题 并报告任 何隐患 该产品 修正 功能为网管员提供了对发现的隐患的描述 如何修正它的信息或者 访问能本地或远地修理隐患的修正按钮 粉碎拒绝服务 DoS 攻击 也许最新的一类安全产品是针对拒绝服务 DoS 攻击和其他攻击的 根据定义 DoS攻击是利用软件的漏洞或者造成服务器或网络过载而不让合法用户访问计 算机系统资源 此类产品非常新 以至于有的产品还在做beta测试 或者处于即 将投放市场的当口 针对最有恶意的破坏计算机方式之一的拒绝服务攻击 提供 保护 产品的供应商 有麻省沃尔瑟姆市的Arbor网络公司 麻省坎布里奇市的Mazu网络公司和西雅图 的Asta网络公司 针对分布式拒绝服务攻击的Mazu解决方案 是通过智能流量分析和整个网络过 滤而起作用的 监视设备 如包嗅探器或包分析器 以高达每秒1吉位的速度鉴定 网上的包 然后 监视设备决定哪些流量需要被过滤掉 好的 坏的和丑的 有关所有这些新颖的安全技术的好消息是 它们在理论上为公司提供了又一层 的保护 提供更好的整体安全 对商界来说 这终将意味着 在其他手段失败的 地方 增加的安全机制能取得成功 另外一个有利之处是 有些新产品对特定的 应用 如网站服务器的完整性 是优化的 然而 对任何技术都要考虑正反两方面 事实上 使用这些新的安全产品有负面 作用 例如 它们都是增加的解决方案 而不是替代方案 它们需要某些专门技能 很多供应商是新组建的公司 对于它们能存在多久 是有一定风险的 很多IT机构担心增加的预防控制会带来 巨大的 开销 一种观点认为通过增加人员投资就能很容易解决 降低开销 是不是太多 由于有太多的产品要管理 何时公司会有风险 底线是安全是永远做不完的 这是一个持续的过程 新的一批革新公司会做得更 有意义 蠕虫病毒 虽然利用病毒技术来简化提交补丁和软件升级任务的前景很诱人 但当这个过程过于自动化时 危险性可能超过好处 例如 Windows XP改进的Windows更新功能允许自动地下载补丁和更新 虽然是否安装仍由用 户决定 特洛伊木马 蠕虫和其他恶性程序代码形式 业已证明在瘫痪电子邮件系统和因 特网供应商方面是非常成功的 因此 设想为提高生产率而使用它们仅仅只是逻 辑上的 这非常像圣经告诫读者要化干戈为玉帛 当然 IT管理员若能像电子邮件病毒从一台机器传播到另一台机器那样 快速地 把补丁和软件更新分发给台式机和服务器 那就再好不过了 但是这样的魔杖真 的是一个好主意吗 可能不完全是这样 毕竟计算机和人的免疫系统不一样 不能自动产生防御 即 抗体 计算机必须等待人来分析计算机病毒的样本 为这个特定的病毒制备解毒 剂和疫苗 然后才能用于治病 此看法好像在怀疑 数字免疫系统 的设想 而在过去几年里安全界已经在争论这 种数字免疫系统 但是 还有更重要的一点要考虑 与使疾病自动免疫的方法很 类似 即调动体内自己的防御抵抗疾病 人们也能调动像病毒那样的软件提交系 统针对自己的计算机 虽然乱用识别是不是可信的补丁的数字认证是困难的 但 毁坏认证颁发系统也不是不可能的 正如去年三月Microsoft和VeriSign公司惊讶 地发现的那样 最终 像病毒那样的软件提交系统需要软件发行商故意在其系统中设置后门 即 使是在撕开包装就生效的使用许可条款下 很少有客户能容忍这种做法 因为不 能保证这样一个诱人的目标不被黑客利用 所以极端地讲 任何一个要部署这种 系统的IT经理是鲁莽的 病毒的行为从操作系统的观点去看 是一些正常的行为 对于操作系统来说是不 违法的 是被允许的 因此在杀毒软件查杀病毒时 往往会因为操作系统的阻挠 文件被系统占用不能更改 病毒代码在系统的解释器中运行 等等原因 而不 能将病毒清除干净 所以 我们在杀毒的时候也要讲究一些技巧 去绕过操作系 统的阻挠 从而成功的将病毒从系统中清除干净 这里要讲的杀毒方法是 在纯DOS模式下杀毒和使用专杀工具在安全模式下杀毒 为什么要到纯DOS模式下杀毒呢 因为病毒程序是在操作系统解释模式下运行的 如 脚本病毒 新欢乐时光 批 处理命病毒 玛姆 等 它们运行时在内存中是不可见的 而系统也会因为它们都 是合法的程序而对其加以保护 保证它能继续运行 禁止对正在运行程序进行修 改 这就造成了病毒不能被清除的原因 而只有在纯DOS模式下 连Windows操 作系统都没能被运行 病毒就更不可能运行 因此这时对其查杀 就绕过了系统 的保护 达到干净杀毒的效果 使用专杀工具在安全模式下杀毒 Windows各个版本的操作系统都有一个安全模式运行方式 在此运行方式下仅能 运行最基本的程序 再此模式下 您可以取消所有的自启动项目 终止不必要系 统进程和服务 从而绕过操作系统的阻挠 避免病毒的运行 其专杀工具的短小 精悍 使用它能够在安全模式下正常运行 因此 在这个时候 使用专杀工具来 杀毒就能达到干净杀毒的效果 其缺点是只能针对一些比较流行病毒 不能达到全面杀毒的效果 为了达到杀净病毒效果 我们可以综合使用这两种方式 杀病毒不如防病毒 认真做到应有的防护工作 保护隐私的技术 在这章中 当你使用英特网的时候 我们将会看到一些可靠的技术保护你的隐私 大多数的这些技术很简单 通常的做法是你立刻可以选择一个好的服务供商 使 用好的密码 在上网之后清扫你自己的记录 避免垃圾信息和垃圾电子邮件 和使你自己免于被窃 选择一个好服务供给者 对保护你的隐私最重要的窍门是选则一个能尊重你隐私的服务供给商 当你在选择一个Internet服务商的时候这些是要考虑的因素 除非你采取特殊的措施去隐藏目录和英特网上的目的文件 你的Internet服务商 能查看你访问的每个网页 你发送的每个电子邮件 你接受的每个电子邮件 和些其他的关于你使用英特网而留下的信息 如果