信息安全专业科技英语

1、1)A hacker is someone who creates and modifies computer software and computer hardware,including computer programming,administration,and security-related items,In computer programming,a hacker is a softwere designer and computer who builds elegant,beautiful programs and systems.2)Attrack is an assau

2、lt against a computer system or network as a result of deliberate,intelligent action;for example,denial of service attacks,penetration and sabotage,Such as brute force attack,dictionary attack,denial of service attack,replay attack,piggybacking,penetration and sabotage.3)Although the activities of t

3、he blackhat hacker can be seen as a single shot in the night,the script kiddies scan will appear as a series of shotgun blasts,as their activity will be loud and detectable.4)Privilege escalation can best be described as the act of leveraging a bug or vulnerability in an application or operating sys

4、tem to gain access to resources that normally would have been protected from an average user.5)Network Scanning is the use of a computer network for gathering information on computer systems,which may be used for system maintenance,security assessment and investigation,and for attack.1)最初的黑客是指具有熟练的编

5、写和调试计算机程序的技巧，并使用这些技巧来获得非法或未授权的网络或文件访问，入侵企业内部网的人。随着各种强大的黑客工具的广泛传播，对计算机技术了解很少的人也可以实施黑客攻击行为，因此网络系统受到黑客攻击的可能性大大增加了。2）主动攻击会造成网络系统状态和服务的改变。主动攻击包括试图阻断或攻破保护机制、引入恶意代码、偷窃或篡改信息。主动攻击可能造成数据资料的泄露和散播，或导致拒绝服务以及数据的篡改，包括大多数的未授权用户企图以非正常手段和正常手段进入远程系统。3）一般完整的攻击过程都是先隐藏自身，在隐藏好自己后在进行预攻击探测，检测目标机器的各种属性和具备的被攻击条件；然后采取相应的攻击方法进行

6、破坏，达到自己的母的之后攻击者会删除自己的行为在目标系统中的日志。4）缓冲区溢出攻击已成为目前较为主流的攻击方法，但缓冲区溢出的类型有多种，有针对操作系统的溢出，如windows rpc dcom溢出、windows lsass.dll溢出等；也有针对应用服务的溢出，如 IIS SSL PCT溢出、 SERV-U mdtm溢出、 Exchange Server NNTP溢出等。5）拒绝服务（Denial of servive，简称DoS攻击），就是通过非法独占受攻击的目标系统的服务，最终试图阻止合法用户使用受攻击目标提供的网络服务。拒绝服务攻击最常见的就是攻击者通过产生大量流向受害网络的数据包

7、，消耗该网络所有的可用宽带。1)Until modern times,cryptography referred almost exclusively to encryption,the process of converting ordinary information(plaintext)into something unintelligible;this is a ciphertext.Decryption is the reserve,moving from unintelligible ciphertext to plaintext.2)In cryptography,a crypt

8、ographic hash function is a hash funtion with certain additional security properties to make it suitable for use as a primitive in various information security applications,such as authentication and message integrity.3)Before the modern era,cryptography was concerned solely with message confidentia

9、lity(i.e,encryption)-conversion of messages from a comprehensible form into an incomprehensoble one,and back again at the other end,rendering it unreadable by interceptors or eavesdroppers without secret knowledge (namely,the key needed for decryption).4)Symmetric-key cryptography refers to encrypti

10、on methods in which both the sender and receiver share the same key(or,less commonly,in which their keys are different,but related in an easily computable way).5)In addition to encryption ,pubblic-key cryptography can be used to implement digital signature schemes.A digital signature is reminiscent

11、of an ordinary signature;they both have the characteristic that they are easy for a user to produce,but difficult for anyone else to forge.1)现代密码学的一个基本原则是：一切秘密都会存在于密钥之中。其含义是，再设计加密系统时，总是假设密码算法是公开的，真正保密的是密钥。这是因为密码算法相对密钥来说更容易泄露。2）对称密码体制的密码需要实现经过安全的密码通道由发方传给收方。这种密码体制的优点是：安全性高，加密速度快。缺点是：随着网络规模的扩大，密钥的管理成为

12、一个难点；无法解决消息确认问题；缺乏自动检测密钥泄露的能力。3）密码协议具有以下特点：协议自始至终是有程序的过程，每一个步骤必须执行，在前一步没有执行完之前，后面的步骤不可能执行；协议至少需要两个参与者；通过协议必须能完成某项任务；协议必须满足一定的安全需求。4）由于密码学为通信提供强大的安全性，攻击这把目光转向了系统漏洞。系统漏洞是软件系统、网络协议等在设计编写时出现的安全缺陷，攻击者可以利用这些漏洞对系统进行攻击。对于这类攻击，目前有多种不同的应对技术，而密码学也是在一定程度上可以发挥作用。5）公开密钥密码也称为非对称密钥密码。使用公开密钥密码的每一个用户都分别拥有两个密钥：加密密钥和解密

13、密钥，它们两个并不相同，并且由加密密钥得到解密密钥在计算机上是可行的。每一个用户的加密密钥都是公开的（因此，加密密钥也称为公开密钥）1)A firewall sits at the junction point or gateway between the two networks,usually a private network and a public network such as the Internet.the earliest firewalls were simply routers.2)Professional firewall products catch network

14、packet before the operating system does ,thus, there is no direct path from the internet to the operating systems TCP/IP stack.3)Circuit level gateways work at the session layer of the OSI model,or the TCP layer of TCP/IP. They monitor TCP handshaling between packets to determine whether a reuested

15、session is rmation passed to remote computer thought a circuit level gateway appears to have originated from the gateway.4)Stateful multilayer inspection firewalls combine the aspects of the other three types of firewalls.they filter packets at the network layer ,determine whether ses

16、sion packets are legitimate and evaluate contents of packets at the application layer .5)Whereas a dual-homed host architecture provides services from a host thats attached to multiple networks(but has routing turned off),a screened host architecture provides services from a host thats attached to o

17、nly the internal network,using a separate router.1)如果对Internet的往返访问都通过防火墙，那么，防火墙可以记录各次访问，并提供有关网络使用率的有价值的统计数字。如果一个防火墙能在可疑活动中发生时发出音响报警，则还提供防火墙和网络是否受到试探或攻击的细节。2）目前防火墙只提供对外部网络用户攻击的防护，对来自内部网络用户的攻击只能依靠内部网络主机系统的安全性。防火墙无法禁止变节者或公司内部存在的间谍将敏感数据复制到软盘或PCMCIA 上，并将其带出公司。3）防火墙并不能防止数据驱动式攻击。如果用户抓来一个程序在本地运行，那个程序很可能就包含

18、一段恶意的代码。随着Java、JavaScript和Active X控件大量使用，这一问题变得更加突出和尖锐。4）数据包过滤技术，顾名思义是在网络中适当的位置对数据包实施有选择的通过，选择依据，即为系统内设置的过滤规则（通常称为访问控制表-Access Control List)，只是满足过滤规则的数据包才被转发至相应的网络接口，其余数据包则被从数据流中删除。5）不同类型的防火墙均提供标识和认证功能，内网中的用户通常认为是可信的，外网用户在访问内网资源时通常要经过认证。口令认证从目前技术来看，不是一种很强的认证方式，基于口令的攻击是一种常用的攻击方式，在防火墙中，其他过滤访问的认证方式有：一次

19、时间口令、基于时间的口令和挑战响应方案等。1)An Intrusion Detection System is used to detect all types of malicious network traffic and computer usage that cant be delected by a conventional firewall.This includes network attacks such as privilege escalation ,unauthorized logins and acess to sensitive files,and malware(v

20、iruses,trojan horses,and worms).2)An IDS is composed of components:Sensors which generate security events,a Console to monitor events and alerts and control the sensors,and a central Engine that records events logged by the sensors in a database and a system of rules to generate alerts from security

21、 events received3)In a passive system,the IDS sensor detects a protential security breach,logs the information and signals an alert on the console.In a reactive system,also known as an Instrusion Prevention System(IPS),the IDS responds to the suspicious activity by resetting the connection or by rep

22、rogramming the firewall to block network traffic from the suspected malicious source.4)The Philosophy of an APS is to collect information about all these anomalies only one time,and use powerfull techniques of correlation and various algorithms of detection(protocol analysis,behavior analysis.)to pr

23、ocess the data.5)Most of the network based IDS work in what is known aspromiscuous mode.this means that they examine every packet on the local segment,whether or not those packets are destined for the IDS machine.1)入侵检测是防火墙的合理补充，帮助系统对付网络攻击，扩展了系统管理员的安全能力（包括安全审计、监视、进攻识别和响应），提高了信息安全基础结构的完整性。它被认为是防火墙之后第

24、二道安全闸门，在不影响网络性能的情况下能对网络进行监测，从而提供对内部攻击、外部攻击和误操作的实时保护。2）入侵检测，即Intrusion Detection,是对入侵行为的发觉，通过对计算机网络或计算机系统中若干的若干关键点收集信息并对其进行分析，从中发现网络或系统中是否有违反安全策略的行为和被攻击迹象。3）IDS系统主要两大职责：实时检测和安全审计。实时监测实时地监视、分析网络中所有数据报文，发现并实时处理所捕获的数据报文；安全审计通过对IDS系统记录的网络事件进行统计分析，发现其中的异常现象，得出系统的安全状态，找出所需要的证据。4）大多数传统入侵检测系统（IDS）采取基于网络或基于主机

25、的办法来辨认并躲避攻击。在任何一种情况下，该产品都要寻找“攻击标志”，即一种代表恶意或可疑意图攻击的模式。当IDS在网络中寻找这些模式时，它是基于网络的。而当IDS在记录文件中寻找攻击标志时，它是基于主机的。5）由于基于主机的IDS（HIDS）使用的数据源主要是审计日志、系统日志、应用日志和网络连接数据，这些数据是已经发生的成功/失败的事件信息，因此可以比基于网络的IDS更加准确地判断攻击是否成功。1）There are other types of cryptographic protocols as well,and even the term itself has various dif

26、firent readings;Cryptographic application protocols often use one or more underlying key agreement methods,which are also sometimes themselevs referred to as cryptographic protocols.2)Kerberos is a computer network authentication protocol,which allows indevidualscommunicating over an insecure networ

27、k to prove their identity to one another in a secure manner .Kerberos prevents eavesdropping or replay attacks,and ensures the integrity of the data.3)Secure Sockets Layer (SSL)and its successor,Transport Layer Security(TLS),are cryptographic protocols which provide secure communications on the Inte

28、rnet for such things as wel browsing,E-mail,Internet faxing,and other data transfers.4)The SSL protocol includes two sub-protocols:the SSL record protocol and the SSL handshake protocol.The SSL record protocol defines the format used to transmit data.The SSL handshake protocol involves the SSL recor

29、ed protocol to exchange a series of messages between an SSL-enabled serve and an SSL-enabled client when they first establish an SSL connection.5)Secure Electronic Transaction (SET)is a standard protocol for securing credit card transactions over insecure networks,specifically,the Internet.SET was d

30、eveloped by VISA and MasterCard(involing other companies such as GTE ,IBM,Microsoft and Netsape)staring in 1966.1)对开放式系统的认证需求导致了 Kerberos的产生。Kerberos是一种为网络通信提供可信第三方服务的面向开放系统的认证机制。每当客户端申请服务器的服务时，客户端和服务器会首先向Kerberos要求认证对方的身份，认证建立在客户端和服务器对Kerberos信任的基础上2）当用户登陆到工作站时，Kerberos对用户进行初始认证，通过认证的用户可以在整个登陆期间得到相

31、应的服务。Kerberos既不依赖于用户登陆的终端，也不依赖于用户所请求的服务安全机制，它本身提供了认证服务器来完成用户的认证工作。3)SET是针对用卡支付的网上交易而设计的支付规范，对不用卡支付的交易方式，像先送货货到付款方式、邮局汇款方式则与SET无关。另外像网上商店的页面安排，保密数据在购买者计算机上如何保存等，也与SET无关。4）SSL 协议也是国际上最早应用于电子商务的一种网络安全协议，至今仍然有许多网上商店在使用。SSL协议在点对点的网上银行业务中也经常使用。在电子商务交易过程中，由于有银行参与，按照SSL协议，客户的购买信息首先发往商家，商家再将信息转发给银行，银行验证客户信息的

32、合法性后，通知商家付款成功，商家再通知客户购买成功，并将商品寄送客户。5）IPsec在网络层上实施安全保护，其范围几乎涵盖了TCP/IP协议簇中所有IP 协议和上层协议，如TCP、UDP、ICMP，也包括在网络层发送数据的客户自定义协议。在第三层上提供数据安全保护的主要优点就在于所有使用IP协议进行数据传输的应用系统和服务都可以使用IPsec，而不必对这些应用系统和服务本身做任何修改。一1)黑客是那些创建和修改计算机软件和硬件，包括计算机编程，行政，和与安全有关的项目，在计算机程序设计中，一个黑客是计算机软件设计师和建筑典雅，美丽的程序和系统2)攻击是一种攻击的计算机系统或网络由于故意，智能行

33、为；例如，拒绝服务攻击，渗透和破坏活动，例如蛮力攻击，字典攻击，拒绝服务攻击，重放攻击，捎带，渗透和破坏。3)虽然活动的黑帽黑客可以被视为一个单一的镜头在夜间，脚本小子扫描将会出现一系列猎枪爆炸，他们的活动会响和探测。4).特权升级才能最好地描述为法利用一个错误或漏洞的应用程序或操作系统获取资源，通常会得到保护，从一个普通用户。5)网络扫描是利用计算机网络收集信息的计算机系统，可用于系统维护，安全评估和调查，并攻击。1)Initially the hacker is a skilled writing and debugging of computer programming skills,

34、and the use of these techniques to obtain illegal or unauthorized network or file access, invasion of Intranet for the people. With a variety of powerful hacking tools are widely spread, the computer technology to understand very few people can also implement of hacker attack behavior, so the networ

35、k system hacking attacks significantly increased the likelihood of.2）Active attack can cause network system status and service change. Active attacks include attempting to stop or break protection mechanism, introduce malicious code, theft or tamper with the information. Active attack may cause data

36、 disclosure and dissemination, or cause a denial of service and data tampering, including most of the unauthorized user attempts to abnormal means and the normal means of access to the remote system.3）General complete attack process is to hide themselves, hiding yourself after the attack detection,

37、detection of target machines with various properties and have been attack condition; then take corresponding attack methods were destroyed, achieve their mother after the attacker will delete their own behavior in the target system log.4）Buffer overflow attack has become the mainstream method of att

38、acking, but there are many types of buffer overflow, the operating system such as windows RPC DCOM overflow, overflow, windows lsass.dll spillovers; there are apps such as IIS SSL PCT overflow, overflow, SERV-U mdtm, Exchange Server NNTP overflow overflow.5）Denial of service ( Denial of servive, DoS

39、 attack ), is through illegal monopoly target system services, ultimately trying to prevent legitimate users target to provide network services. Denial of service attack is the most common attack through the resulting in a large number of flows to the victim network packet, the network consume all a

40、vailable broadband.二1)直到近代，加密提到几乎完全加密，普通的转换过程的信息（明文）成了一些莫名其妙的话；这是一个密文解密。是储备，从难以理解的密文的明文。2)在密码学中，加密散列函数是一个哈希函数与某些额外的安全性能使它适合作为原始的各种信息安全中的应用，如认证和消息完整性。3)在当今时代，加密只涉及信息保密性（即，加密）-消息转换成一个incomprehensoble从理解的形式，并再次在另一端，使之不可读的拦截或窃听没有秘密知识（即，关键需要解密）。4)对称密码的加密方法是指在双方的发送者和接收者共享相同的密钥（或，很少，其关键是不同的，但相关的一个容易可计算的方式）

41、5)除了pubblic-key密码加密，可用于实现数字签名方案。数字签名是想起一个普通的签名；他们都有他们的特点是容易为用户生产，但其他人伪造困难。1)Modern cryptography is one of the basic principles are: all secrets will exist in the keys. Its meaning is, to design encryption system, always assume the cipher algorithm is disclosed, the real security is the key. This is

42、because the cipher algorithm is easier to reveal the relative key.2）Symmetric cipher password required to achieve through the security code channel by sender to receiver. The password system s advantages are: high safety, fast encryption speed. The shortcoming is: with the expansion of network scale

43、, key management becomes a difficulty; cannot solve the message confirmation problems; lack of automatic detection of key leakage ability.3）Cryptographic protocol has the following characteristics: agreement from first to last is a program process, every step must be performed in the previous step,

44、not performed before the end, the following steps are not possible; protocol requires at least two participants; through the protocol must be able to complete a certain task; protocol must meet certain security requirements.4）As a result of cryptography for communication to provide strong security,

45、attack this turn to loopholes in the system. Loopholes in the system is a software system, network protocols such as in the design of writing occurs when a security flaw, the attacker can use these flaw carries on the attack to the system. For this type of attack, there are a variety of different co

46、ping techniques, and cryptography is to a certain extent, can play a role in.5）Public key cryptography is also known as asymmetric key cipher. Using public key cryptography each user separately has two key: encryption keys and decryption keys, two of them are not the same, and the encryption key dec

47、ryption keys on the computer is feasible. Each users encryption key are open (and hence, also known as the public key encryption key )三1)防火墙位于交界处的点或网关之间的网络，通常是一个专用网络和公共网络如internet.the最早的防火墙只是路由器。2)专业的防火墙产品捕获网络数据包之前，操作系统，因此，不存在直接的路径从互联网操作系统的协议栈。3)电路级网关工作在会话层的互连模型，或传输层协议。他们监视传输控制协议数据包之间的handshaling以确定

48、是否reuested会话rmation传递到远程计算机思维电路级网关似乎已经从最初的网关。4)状态检测防火墙的多层结合方面的其他三种类型的firewalls.they包过滤在网络层数据包，确定是否是合法的会议和评价内容的数据包在应用层。5)而双宿主主机架构提供服务的主机，连接多个网络（但路由关闭），一个屏蔽主机体系结构提供服务的主机，连接到只有内部网络，使用一个单独的路由器。1) If the Internet and are accessed through the firewall, then the firewall, can record various

49、visits, and provides information about network utilization value statistics. If a firewall in suspicious activity occurred when the alarm, it also provides the firewall and network are affected by the trial or attack details.2）The present firewall only on the external network user attack protection,

50、 to come from internal network users attacks can only rely on the internal network host system security. The firewall cant forbid apostates or company spy sensitive data is copied to a floppy disk or PCMCIA, and carry it out of the company.3）Firewall does not prevent data driven attack. If the user

51、is grasping a program on the local operation, the program is likely to include a malicious code. With the Java, JavaScript and Active X control used in great quantities, this problem becomes more and more sharp.4）Packet filtering technology, as the name suggests is in proper position on the network

52、data packets carried out selectively by, selection basis, namely system within a set of filter rules ( often referred to as the access control list - Access Control List ), just meet the filter rule packets to be forwarded to the corresponding network interface, the remaining data package is removed

53、 from the data stream.5）Different types of firewall provides identification and authentication functions, the network user is usually considered credible, outside the network of users in access network resources are usually certified. Password authentication from the technical point of view, is not

54、a very strong authentication, password based attack is a common attack, firewall, other filter access authentication method: one time password, the password based on time and challenge response scheme.四1)入侵检测系统是用来检测所有类型的恶意的网络通信和计算机的使用，不可选择由传统的防火墙。这包括网络攻击等特权升级，未经授权的登录和访问敏感文件，和恶意软件（病毒，特洛伊木马，蠕虫）。2)入侵检测

55、系统是由元件：传感器产生的安全事件，一个控制台监视事件和警报和控制的传感器，和一个中央引擎，记录所记录的事件传感器在一个数据库和一个系统的规则生成警报安全事件3)在被动系统，入侵检测传感器检测到潜在的安全漏洞，日志信息和信号警报控制台上。在一个反应系统，也称为入侵预防系统（IP），入侵检测响应的可疑活动的重置连接或重新防火墙阻止网络流量的怀疑恶意代码。4)哲学的黄芪多糖是收集有关信息，所有这些异常的时间只有一个，并利用强大的技术，相关的各种算法检测（协议分析，行为分析数据的过程）。5)大多数的基于网络的工作，被称为“混杂模式”。这意味着，他们检查每个分组的局部片段，不管这些数据包运往入侵检测机

56、。1) Intrusion detection is the rational supplement of the firewall, the help system against network attack, extends the system administrators security capability ( including safe audit, surveillance, attack recognition and response), improve the integrity of the information security foundation struc

57、ture. It is thought to be behind a firewall second security gate, without affecting the network performance situations can monitor the network, providing for internal attacks, external attack and wrong operation real time protection.2）Intrusion detection, Intrusion Detection, is on the intrusion beh

58、avior found, through the computer network or computer systems in a number of key point of collecting and analyzing the information, found from the network or system of violating security policy behavior and attacked signs3）The IDS system s two major functions: real-time detection and safety audit. R

59、eal time monitoring of real time monitoring network, analysis of all the data in the message, and real time processing the captured data packets; security audit based on IDS system records the networking event for statistical analysis, found that the abnormal phenomenon, that the security state of the system, find out the evidence required.4）Most of the trad