思科：2020年国际互联网协会思科NTW 2000网络安全报告（英文版）（169页）.pdf

《思科：2020年国际互联网协会思科NTW 2000网络安全报告（英文版）（169页）.pdf》由会员分享，可在线阅读，更多相关《思科：2020年国际互联网协会思科NTW 2000网络安全报告（英文版）（169页）.pdf（169页珍藏版）》请在三个皮匠报告上搜索。

1、1 2000, Cisco Systems, Inc. NTW 2000 Network SecurityNetwork Security ISOC NTW 2000ISOC NTW 2000 2 2000, Cisco Systems, Inc. NTW 200022000, Cisco Systems, Inc. IntroductionIntroduction 3 2000, Cisco Systems, Inc. NTW 2000 Network Security ComponentsNetwork Security Components 4 2000, Cisco Systems,

2、Inc. NTW 2000 ISP ExampleISP Example . . . Customer Site ISP Management Plane. . . T1 WWW DNS1 Pub1TFTPDNS2Pub 2 ISP Service Plane Foreign Site Internet 5 2000, Cisco Systems, Inc. NTW 2000 Enterprise ExampleEnterprise Example Protected Network Engineering Admin Finance Dial-Up Access Business Partn

3、ers DNS Server WWW Server Internet 6 2000, Cisco Systems, Inc. NTW 2000 Current Threats and Current Threats and Attack MethodsAttack Methods 62000, Cisco Systems, Inc. 7 2000, Cisco Systems, Inc. NTW 2000 Attack TrendsAttack Trends Exploiting passwords and poor configurations Software bugs Trojan ho

4、rses Sniffers IP address spoofing Toolkits Distributed attacks 8 2000, Cisco Systems, Inc. NTW 2000 Attack TrendsAttack Trends High Low 19882000 Attack Sophistication Attacker Knowledge 9 2000, Cisco Systems, Inc. NTW 2000 Vulnerability Exploit Cycle Advanced Intruders Discover Vulnerability Crude E

5、xploit Tools Distributed Novice Intruders Use Crude Exploit Tools Automated Scanning/Exploit Tools Developed Widespread Use of Automated Scanning/Exploit Tools Intruders Begin Using New Types of Exploits Source: CERT Coordination Center 10 2000, Cisco Systems, Inc. NTW 2000 Increasingly Serious Impa

6、ctsIncreasingly Serious Impacts $10M transferred out of one banking system Loss of intellectual property - $2M in one case, the entire company in another Extensive compromise of operational systems - 15,000 hour recovery operation in one case Alteration of medical diagnostic test results Extortion -