امنیت شبکه

• 1. 3 6:7 7 "" : : .WWW.DATA-TCQ.IR1392 WWW.DATA-TCQ.IR

2. 2 54 .. ....................................................................................................................... ..................................................................................................................... ....... ............................................................................................................................ .................................................................................................. .............................................................. ................................................................................................................. ............................................................................................................................................. ......................................................................................................... : .......................................................................................................... WWW.DATA-TCQ.IR 3. Adware Spyware ................................................................................................. ) (Cookie ................................................................................................................ ........................................................................................................... - ........................................................................................................ ............................................................................................................ ............................................................................................ .............................................................................................................................................. WWW.DATA-TCQ.IR 4. . . ( LAN (Local-Area Networks Wide-Area ( WAN (Networks . LAN . WAN . : ) ( . bus , ring star . . "" . Ring Token IBM . . ) ( " . . TCP/IP . TCP/IP . OSI OSI . ) ( ) ( Application . WWW.DATA-TCQ.IR 5. TCP/IP OSI OSI Open Systems Interconnect . OSI . OSI IEEE . HP HP IBM . " ) ( . OSI . OSI . ) ( Application ) ( Physiacal . datagram ) ( Packet ) " ( twisted pair . WWW.DATA-TCQ.IR 6. " : Peer- Peer-To . Server - Client Peer-To-Peer workgroup . Server - Client ) Domain ( log on . Server - Client .WWW.DATA-TCQ.IR 7. . . ) ( . . . . " . . . WWW.DATA-TCQ.IR 8. . ) ... ( . ) ( . . . " . " " . .WWW.DATA-TCQ.IR 9. . ) (Confidentiality ) (Integrity )(Availability ) (CIA - - . : Confidentiality . . : Integrity : . . . . : Availability - " - . - - .WWW.DATA-TCQ.IR 10. . Identification Authentication Authorization Accountability ... .WWW.DATA-TCQ.IR 11. . . . . . " . " " . . . . : .WWW.DATA-TCQ.IR 12. . . . ) ) .) . ( : ) ( . ( )patches , service pack , hotfixes . . : IIS ,OutLook , Internet Explorer , BIND sendmail . . . ) " IIS SMS SQL ( .WWW.DATA-TCQ.IR 13. . TCP/UDP TCP/UDP . . . . )(Sample ) ( . . . Account Policy . . LOphtcrack john the Ripper Crack . ) ( . WWW.DATA-TCQ.IR 14. ) SAM ( . ) . ) : . Underline . . ) ( . .) ( . . . . ) PKI ) Public key infrastructure . . " " . . Outlook . WWW.DATA-TCQ.IR 15. . . . Outlook . ) Outlook Patch .( : . .bas .hta .msp .url .bat .inf .mst .vb .chm .ins .pif .vbe .cmd .isp .pl .vbs .com .js .reg .ws .cpl .jse .scr .wsc .crt .lnk .sct .wsf .exe .msi .shs .wsh . " . Access . . " ) !( . WWW.DATA-TCQ.IR 16. . . : account . account administrator . . . . . ,explorer.exe, regedit.exe, poledit.exe, taskman.exe, at.exe ,cacls.exe,cmd.exe, finger.exe, ftp.exe, nbstat.exe, net.exe ,net.exe,netsh.exe, rcp.exe, regedt.exe, regini.exe ,regsvr.exe,rexec.exe, rsh.exe, runas.exe, runonce.exe ,svrmgr.exe,sysedit.exe, telnet.exe, tftp.exe, tracert.exe usrmgr.exe,wscript.exe,xcopy.exe . account . . . WWW.DATA-TCQ.IR 17. . FTP,WEB Telnet . . Telnet FTP Bound servers . / . ( Simple Network Management Protocol ) SNMP SNMP ) ( .SNMP . . . SNMP . SNMP . SNMP . " SNMP . WWW.DATA-TCQ.IR 18. ) ( . .WWW.DATA-TCQ.IR 19. : ) ( Virus .Worm .Logic bomb .Trojan horse .)Backdoor(trapdoor Exploits Downloaders . . downloader . .Auto-rooter .)Kit (virus generator .Spammer programs .Flooders ) (dos .Keyloggers Rootkit . root-level .Zombie .WWW.DATA-TCQ.IR 20. . . : ( ( . ( . ( . ( . . : E-mail virus E-mail HTML ) ( word document .WWW.DATA-TCQ.IR 21. Marco virus ) (word document ) Ms office microsoft word ( Excel . : microsoft word Excel keystroke . ) (Excel , ms word . : . . . Download . )(worm . . .WWW.DATA-TCQ.IR 22. Boot sector . Boot Sector . . . . Master Boot Record -MBR . : A . ) Setup ( . . . Non-system disk or disk error Replace and press any key when ready Intel Boot Sector Partition Table . .WWW.DATA-TCQ.IR 23. ) HOAX ( . . . . Hoax Forward . . Magistre-A . SULFNBK ! (SULFNBK (SULFNBK.EXE . SULFNBK.EXE . HOAX SULFNBK.EXE SULFNBK.EXE . SULFNBK.EXE Command WWW.DATA-TCQ.IR 24. Magistre-A . . SULFNBK.EXE C . C. SULFNBK.EXE . Norton Mcafee SULFNBK.EXE SULFNBK.EXE . . . . HOAX . . . . . .WWW.DATA-TCQ.IR 25. , . Admin Yahoo Password Internet Connection Password IP. E-Mail . ; : , , ... . . CELLSAVER a.k.a CellSaver- Celcom Screen Saver HOAX . . . CELLSAVER.EXE Forward . Screen Saver . ! CELLSAVER.EXE Nokia Screen Saver . . . .WWW.DATA-TCQ.IR 26. . Multipartite virus . windows Win.Nt . . . . . . . . ) (multipartite . . . WWW.DATA-TCQ.IR 27. ) word (processing . HTMl . . . wav mp jpg gif . picture . . exe doc . . . . . . : . CPU .WWW.DATA-TCQ.IR 28. E-mail e-mail netpost . ) word document ( . e-mail word document . . . .) (. . . . . WWW.DATA-TCQ.IR 29. : - . - . . - ) a.v ( configuration .a.v . - excel Word . - Java script word macro ) (disable. - . - . : ) (worms .WWW.DATA-TCQ.IR 30. . . ( E-mail microsoft outlook out look express . security patch microsoft . outlook . cd . ( e-mail attachment . e-mail . ( show file extensions . Tools/folder option/view Hide file extensions for known file Types . ( attach SHS VBS PIF . . ( . email attachment Neme.BMP.EXE Name.TxT.VBS ( . . ( . WWW.DATA-TCQ.IR 31. ( . ( weblink . ( . porno.exe pamela-Nude.VBS . ( . . ( massenger ICQ IRC AOL on-line chat system ) (accept. ( Download .) (usenet news . CODERED Cert CODERED . NT . IIS IIS . ) . A ( codered II IIS WWW.DATA-TCQ.IR 32. Homepage start page . cert . . . . Codered . codered ) (Trojan . . . SARC : . . CERT Codered . CERT ) IIS ( ! WWW.DATA-TCQ.IR 33. Codered . . ! . . ((Mydoom worm . ) ( Melissa virus I LOVE YOU WWW.DATA-TCQ.IR 34. . . . BBC ) (Cheese worm. ! . . ! . ) Lion worm ( . WWW.DATA-TCQ.IR 35. . DoS . . . . CERT . . . . . . ! .WWW.DATA-TCQ.IR 36. . . . . . . . . . . . . WWW.DATA-TCQ.IR 37. ! . . ) zombie DoS ( ! . . ! . . . . . . CERT WWW.DATA-TCQ.IR 38. . . . . . . . . . ISP . ISP .WWW.DATA-TCQ.IR 39. . . . . : . .WWW.DATA-TCQ.IR 40. . . . . " . . ) ( . . . . . : WWW.DATA-TCQ.IR 41. ) . ( . . . . . . . . : WWW.DATA-TCQ.IR 42. : Logon Server . . : Network Services Server . : ( Dynamic Host Configuration Protocol ) DHCP ( Domain Name System ) DNS( Windows Internet Name Service) WINS( Simple Network Management Protocol) SNMP : Application Server Accounting . : File Server . : Print Server . : Web Server . : FTP Server Downloading Uploading . . : Email Server Gropuware .WWW.DATA-TCQ.IR 43. : News/Usenet (NNTP) Server newsgroup . : . . . " . " . . " . Clean . . ) .(WWW.DATA-TCQ.IR 44. . . . ) ( Desktop ) ( Desktop . TCP/IP . IP ) . ) DHCP IP DHCP DHCP . DHCP IP IP IP . WWW.DATA-TCQ.IR 45. . " Laptop . TCP/IP " " DNS . . NT DNS WINS . ) ( . . . . . " . . . . . . . WWW.DATA-TCQ.IR 46. . " " . . ) ( Attacks " . . . . . . :WWW.DATA-TCQ.IR 47. : Denial of Service (DoS) & Distributed Denial of )Service (DDoS Back DoorSpoofingMan in the MiddleReplayTCP/IP HijackingWeak KeysMathematicalPassword GuessingBrute ForceDictionaryBirthdaySoftware ExploitationMalicious CodeVirusesVirus HoaxesTrojan HorsesLogic BombsWormsSocial EngineeringAuditingSystem Scanning DoS DoS ) ( . . WWW.DATA-TCQ.IR 48. . . DoS . DoS . " FTP anonymous . . . . . DoS . . : Smurf/smurfing Reply )Internet Control Message Protocol) ICMP ping .( Ping Reply ICMP ( . Ping Broadcast Ping . . : Fraggle Smurf User )Datagram Protocol ) UDP ICMP . UDP ( Broadcast ) Smurf . UDP ) ( echo ) ( Chargen . WWW.DATA-TCQ.IR 49. : Ping flood Ping . ping of death ) ( . : SYN flood three-way handshake TCP . ) synchronization ) SYN )acknowledgment ) ACK . ( half-open TCP sessions ( . TCP reset " . : Land IOS . TCP/IP synchronization )) SYN . . : Teardrop UDP TCP/IP ( TCP ( . fragmented . fragmented . Crash .WWW.DATA-TCQ.IR 50. : Bonk . UDP DNS Crash . : Boink Bonk . . PortServiceEchoSystatNetstatChargen FTP-Data FTPSSHTelnetSMTP TACACS DNSHTTPPOPPortmap/SNMPHTTPSRADIUSWWW.DATA-TCQ.IR 51. DoS DoS DoS ) Distributed DoS ) DDoS . . . Zombie . . Zombie . DoS ) ( Zombie . DoS . ) ( . Back door Back door . " . . back door : WWW.DATA-TCQ.IR 52. : Back Orifice ) " ( . Cult of the Dead Cow Communications . : . . : NetBus Back Orifice .. ) NT ( : ) ( ) ( . . (Sub) SubSeven Back Orifice NetBus . . NetBus, Sub Back Orifice . . " " .WWW.DATA-TCQ.IR 53. : : (Virtual Network Computing)VNC AT&T . Desktop . . : PCAnywhere Symantec . . :Terminal Services . . Back doors . " . ) ) : Back Orifice, NetBus, and Sub . .WWW.DATA-TCQ.IR 54. . . " ) ( . ILOVEYOU . . : MSKernel.vbs LOVE-LETTER-FOR-YOU.vbs . WinDLL.vbs . . ) ( . HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrent VersionRunMSKernel HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrent VersionRunServiceWinDLLWWW.DATA-TCQ.IR 55. WinFAT.exe ) ( ) ( IE WIN-BUGFIX.exe www.skyinet.net . , angelcat , chu koichi . ) ( skyinet . . HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMainStart Page www.skyinet.net . . ILOVEYOU ) (Download directory WIN-BUGFIX.exe . RUN WIN-BUGFIX.exe . :HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunWINBUGFIXILOVEYOU LOVE-LETTER-FOR-YOU.HTM . Htm VBScript vbs .WWW.DATA-TCQ.IR 56. . -LOVE LETTER-FOR-YOU.vbs . ILOVEYOU . ) ) CDROM . vbs , vbe , sct , hta jpg , jpeg . . mp mp vbs . vbs . ILOVEYOU micr.exe , mlink.exe mric.ini mirc.hlp ) IRC)Internet Relay Chat Script.ini . IRC IRC . Melissa Melissa Word Word Microsoft Outlook . . WWW.DATA-TCQ.IR 57. . Mellissa( WM/Melissa ( . ) VBA)Visual Basic for Application Microsoft word .( VBA (. : Word word . . ) ( . Microsoft Outlook . Word Melissa Melissa NORMAL.DOT . Word . Melissa NORMAL.DOT Word . . Melissa . "... " by Kwyjibo.HKEY_CURRENT_USERSoftwareMicrosoftOfficeMelissaWWW.DATA-TCQ.IR 58. BubbleBoyBubbleBoy . IE . Html . Outlook Expree . Microsoft Outlook ) ( . VBScript UPDATW.HTA Startup . : Registered owner BubbleBoy Registered organization Vandelay Industries Outlook Express . ActiveX . scriplet , typelib Eyedog ActiveX . . Patch IE . . Outlook Express Microsoft Outlook " . WWW.DATA-TCQ.IR 59. ) ( . " ) ( . . ) ... ( . ! . . ) " " ( " ) ! ( !WWW.DATA-TCQ.IR 60. . . . . . . ) ( . . . . . ) " ( . WWW.DATA-TCQ.IR 61. . " ) (Outlook ) . ) ILOVEYOU . . . . . ) ( . : Melissa Word . . BubbleBoy ) ( . . . . ILOVEYOU Mellisa . Word ) . (vbs ) (Windows Scripting Host :WSH .WWW.DATA-TCQ.IR 62. . . : Patch ILOVEYOU Patch outlook outlook . Patch . . . . . . adeMicrosoft Access project extensionadpMicrosoft Access projectbasVisual Basic class modulebatBatch filechmCompiled HTML Help filecmdWindows NT Command scriptcomMS-DOS programcplControl Panel extensionWWW.DATA-TCQ.IR 63. Security certificatecrtProgramexeHelp filehlpHTMLhtaSetup InformationinfInternet Naming ServiceinsInternet Communication settingsispJScript Script filejsJScript Encoded Script filejseShortcutlnkMicrosoft Access programmdbMicrosoft Access MDE databasemdeMicrosoft Common Console documentmscWindows Installer packagemsiWindows Installer patchmspVisual Test source filesmstPhoto CD imagepcdShortcut to MS-DOS programpifRegistration entriesregScreen saverscrWindows Script ComponentsctShell Scrap ObjectshsInternet shortcuturlVBScript filevbVBScript encoded script filevbe zip ) ) " Patch . WWW.DATA-TCQ.IR 64. . . . ) ( . : " Exchange . pst . . " ( . doc ) word . : Regedit.exe . HKEY_CURRENT_USERSOFTWAREPoliciesMicrosoftSecurity key . ) (. Edit New String Value . LevelAttachmentAdd . WWW.DATA-TCQ.IR 65. new LevelAttachmentAdd value Enter . ) ";" ( :Example Name: LevelAttachmentAdd Type: REG_SZ Data: doc;xls ) Word ,Powerpoint ) Access ) ( . . .Patch Outlook Outlook ) CDO)Collaborative Data Objects . WWW.DATA-TCQ.IR 66. . Patch " Outlook outlook ) Outlook Express . ) : Internet Explorer / Outlook ./. Outlook Express ) (Zones IE ) ActiveX ( . IE . outlook IE :: Local Intranet zone Proxy . "" medium -low . : Trusted Sites zone . ) ( . "" low . : Restricted Sites zone . ) ( . "" high . : Internet zone . " " medium .WWW.DATA-TCQ.IR 67. . : low , medium-low , medium high . . outlook . ( Internet zone ) Restricted Zone . outlook . restricted . Tools/Options Security Restricted sites . Zone Settings Custom Level . . . IE . : WWW.DATA-TCQ.IR 68. DISABLEDownload signed ActiveX controlsDISABLEDownload unsigned ActiveX controlsDISABLEInitialize and script ActiveX controls not marked as safeDISABLERun ActiveX controls and plug-insDISABLEScript ActiveX controls marked safe for scriptingDISABLEAllow per-session cookies (not stored)DISABLEFile downloadDISABLEFont downloadDISABLE JAVAJava permissionsDISABLEAccess data sources across domainsDISABLEDon t prompt for client certificate selection when no certificates or only one certificate existsDISABLEDrag and drop or copy and paste filesDISABLEInstallation of desktop itemsDISABLELaunching programs within an IFRAMEDISABLENavigate sub-frames across different domainsHIGH SAFETYSoftware channel permissionsDISABLESubmit nonencrypted form dataDISABLEUserdata persistenceDISABLEActive scriptingDISABLEAllow paste operations via scriptDISABLEScripting of Java Appletslogon AnonymousLogon . . . " . WWW.DATA-TCQ.IR 69. IE ) ( . " Restricted" ) ( . . ) . ) BubbleBoy : WSH patch ILOVEYOU outlook outlook . outlook Express . ILOVEYOU outlook express . ) ( File Associations . ILOVEYOU ). ( vbs ) (Windows Scripting Host :WSH . WSH ) ( ILOVEYOU . WSH ) ( . . : ( double click . ) . vbs NT Windows Explorer .WWW.DATA-TCQ.IR 70. >== View | Folder Options>== Select VBScript Script File ==> Click Edit Highlight Edit ==> Click Set Default . vbs WSH ) " ( notepad . . WSH . . WSC , WSH ,WS ,WSF,VBS,VBE,JS,JSE outlook Express . . " . vbs Netscape messenger open Save . open .) ( : WSH . ) ) WSH ) wscript.exe ) csscript . NT %System%System ) . ) " C:WinntSystem ) ( command prompt . . .WWW.DATA-TCQ.IR 71. : WSH ) ( File Permission Wscript.exe CSscript.exe . . WSH . ILOVEYOU . . exe . . . : . " patch word . " . ) ( . " . Tools|options|General| Enable macro virus protection . XP WWW.DATA-TCQ.IR 72. . word , Powerpoint .Excel Tools|macro|Security . High . : ) ( . .)" : . )ILOVYOU.TXT.VBS ) ( . ) . ( ILOVEYOU.TXT : Windows Explorer . ) Options|View Hide file extensions . ) for known file types ) .( .lnkHKEY_CLASSES_ROOTlnkfileNeverShowExt.pifHKEY_CLASSES_ROOTpiffileNeverShowExt.scfHKEY_CLASSES_ROOTSHCmdFileNeverShowExt Shortcut Program information file (shortcut to a DOS )program Windows ExplorerWWW.DATA-TCQ.IR 73. Command file Shortcut into a document Shell Scrap ObjectHKEY_CLASSES_ROOTDocShortcutNeverShowExt.shbHKEY_CLASSES_ROOTShellScrap.shsHKEY_CLASSES_ROOTxnkfileNeverShowExt.xnkHKEY_CLASSES_ROOTInternetShortcutNeverShowExt.urlShortcut to anExchange folder Internet shortcut Shortcuts to elements of an MS Access database. Most components of an Access database can containan executable component.HKEY_CLASSES_ROOTAccess.Shortcut.DataAccessPage.NeverShowExt .maw HKEY_CLASSES_ROOTAccess.Shortcut.Diagram.NeverShowExt.magHKEY_CLASSES_ROOTAccess.Shortcut.Form.NeverShowExt.mafHKEY_CLASSES_ROOTAccess.Shortcut.Macro.NeverShowExt .mam HKEY_CLASSES_ROOTAccess.Shortcut.Module.NeverShowExt.madHKEY_CLASSES_ROOTAccess.Shortcut.Query.NeverShowExt.maqHKEY_CLASSES_ROOTAccess.Shortcut.Report.NeverShowExt.marHKEY_CLASSES_ROOTAccess.Shortcut.StoredProcedure.NeverShowExt.masHKEY_CLASSES_ROOTAccess.Shortcut.Table.NeverShowExt.matHKEY_CLASSES_ROOTAccess.Shortcut.View.NeverShowExt.mav Patch : . Bubbleboy " ( . IE ) . patch " WWW.DATA-TCQ.IR 74. patch . : . . . . . : " " " " . " . . . " . : . : WWW.DATA-TCQ.IR 75. . NT . - : ILOVEYOU RUN RUNSERVICES . ." . ) ( . : ) ILOVEYOU : ) Groups / UserControl FullAdministratorsRead, Write, Execute Authenticated UsersFull Control Full ControlMACHINESOFTWAREMicrosoftWindows OWNER CREATOR SYSTEM win MACHINESOFTWAREMicrosoftWindowsControl FullAdministratorsRead, ExecuteAuthenticated UsersFull ControlSYSTEMControl FullAdministratorsRead, ExecuteAuthenticated UsersFull ControlSYSTEMCurrentVersionRun . MACHINESOFTWAREMicrosoftWindows CurrentVersionRunOnce WWW.DATA-TCQ.IR 76. . MACHINESOFTWAREMicrosoftWindows CurrentVersionRunOnceExAdministrators Control FullAuthenticated UsersRead, ExecuteSYSTEMFull ControlAdministratorsControl Full. RunOnce . MACHINESOFTWAREMicrosoftWindows CurrentVersionShell ExtensionsAuthenticated Users OWNER CREATOR Shell Extebsion SYSTEMRead, Execute Full Control Full Control. NT : Hive: HKEY_LOCAL_MACHINE Key: SystemCurrentControlSetControlSecurePipeServerswinreg Name: RestrictGuestAccess Type: REG_DWORD Value: - : WWW.DATA-TCQ.IR 77. ( DLL(Dynamic lonk Library . DLL . :Hive: HKEY_LOCAL_MACHINE Key: SystemCurrentControlSetControlSession Manager Name: AdditionalBaseNamedObjectsProtectionMode Type: REG_DWORD :Value - : ( winnt/system ) winnt/system . ILOVEYOU . " Read . : Groups / UserControl Full Read, Execute Full ControlOWNER CREATORFull ControlSYSTEMControl FullAdministratorsRead, ExecuteAuthenticated UsersFull ControlOWNER CREATORFull ControlSYSTEM%%WINNTAdministrators Authenticated Users / %%WINNT/SYSTEM DLL WWW.DATA-TCQ.IR 78. %%WINNT/SYSTEM Control Full Read, Execute Full ControlAdministrators Authenticated Users OWNER CREATOR DLLFull Control SYSTEM ) ( - . . . . . "" . . . . ) plaintext ( ) WWW.DATA-TCQ.IR 79. ( . ) ciphertext ( . . ) ( ) (cryptanalysis. . . . . ) ( . . . . scrambling . hash function ) ( . hashed value . Hash function ) ( hash. ) (Message Authentication Check MAC . . )(digital signature. -WWW.DATA-TCQ.IR 80. . . ) (Shannon . .- . data encryption algorithm DEA DES . DES . . DES ) ( . . : . DES .WWW.DATA-TCQ.IR 81. DES . . DES DES . ) )( )( ( : . . Blowfish IDEA DES . ) (AES Rijndael DES . Twofish . Skipjack Fortezza . . ( ) (streaming encryption ( RC . RC RSA .- WWW.DATA-TCQ.IR 82. . ) ) public key ) )private key . . . . RSA ) Shamir Rivest Adlemen(. . . RSA : . . . . . RSA ): X = Yk (mod r WWW.DATA-TCQ.IR 83. X Y k r . . . RSA . ElGamal Diffie-Hellman . . RPK . RPK : ) ( . . RSA . RSA .WWW.DATA-TCQ.IR 84. . . . . Packet filter Stateful packet filter . WWW.DATA-TCQ.IR 85. Packet filter TCP/IP . IP header . . . header . . ) (State . Stateful packet filter . ) (State . TCP/IP . TCP/IP A ) SYN (synchronize B . B ((Acknowledgement SYN/ACK A ACK B . TCP (finish) FIN . . . ) (Reply . .I dont understand . WWW.DATA-TCQ.IR 86. . Stateful packet TCP/IP Reply packet . Stateful packet . . . . Application Gateways Application Gateways . . . header ActiveX ... . . . . . . . . . . . . WWW.DATA-TCQ.IR 87. : . . . . . . . WWW.DATA-TCQ.IR 88. . . . . . . . . )( . . - .WWW.DATA-TCQ.IR 89. . . . . . . . . . . WWW.DATA-TCQ.IR 90. . . . . . . ) (IRST . . WINK/OILS WORM Sniff packet . - . . . . WWW.DATA-TCQ.IR 91. . . . . . . . . . . . . WWW.DATA-TCQ.IR 92. . . . : . . . . . . . . . . . . . . WWW.DATA-TCQ.IR 93. . ) ( . . . . : : . : . : . . . . .WWW.DATA-TCQ.IR 94. OECDB .... . . . : : . : . . : . : . - . :WWW.DATA-TCQ.IR 95. .... - . : : : : : : . : : : : . :WWW.DATA-TCQ.IR 96. . . . . . . . . . . . . . WWW.DATA-TCQ.IR 97. :: - - - : - - - - : - - - - / - ) ) - : WWW.DATA-TCQ.IR 98. - - - : - - : - - - : . : . : WWW.DATA-TCQ.IR 99. : )( : - . - . . - . . . WWW.DATA-TCQ.IR 100. - . . - . . - . - . . - WWW.DATA-TCQ.IR 101. . - . . . IP . . . - . . . - WWW.DATA-TCQ.IR 102. . . . - . . . )( . - )( . . . WWW.DATA-TCQ.IR 103. . . . . . . : ftp ftp. . - . . : Packet Filtering . . Proxy Services . WWW.DATA-TCQ.IR 104. Stateful Inspection . . . . : . . . . WWW.DATA-TCQ.IR 105. . . . Amazon yahoo FBI . : : % GDP . Checkpoint . :WWW.DATA-TCQ.IR 106. . : . : AQL AQL Netscape - . . . WWW.DATA-TCQ.IR 107. . . . . . . . . . ISP . Sprint . . GTO . GTO ISP . Sprint . . Qtel ISP . WWW.DATA-TCQ.IR 108. . . . . . . . . . . . . . WWW.DATA-TCQ.IR 109. ) (. . . . . : )( . . WWW.DATA-TCQ.IR 110. . . : - . - . - . - . - . - . - . - . - . - .WWW.DATA-TCQ.IR 111. - . . . : - - - - - . WWW.DATA-TCQ.IR 112. . . - : . .WWW.DATA-TCQ.IR 113. . . . . . Adware Spyware File Sharing Kazza ... Spyware Adware Spyware Adware WWW.DATA-TCQ.IR 114. ! . . ware Spy . . Spyware . . . agreement License ) Kazza...( License . Spyware . . Online . http://www.spywareguide.com/txt_onlinescan.html . Desktop . http://www.palsol.com/spyrem_offer/index.html?hop=cyberwWWW.DATA-TCQ.IR 115. ) (Cookie ) (Text Temporary Internet Files Cashe . WWW.DATA-TCQ.IR 116. ) (Web Browsers . - - - . Welcome Back My MSN . WWW.DATA-TCQ.IR 117. . . .) ( : - ):(presistent Cookies . . ):(Temporary Cookies .WWW.DATA-TCQ.IR 118. Expire . )(Un$$$isfactory cookies ) (*SSL . ) (First Party )(Third Party First & third party : :First Party )(Policy Holder : Second party : Third Party WWW.DATA-TCQ.IR 119. : First Party . : Third Party ) (Third Party Third Party . . . .) *( . WWW.DATA-TCQ.IR 120. . !! . . . . . . . POP . WWW.DATA-TCQ.IR 121. . . . (EPO (Entry Point Obscuring PE . rootkit . !! . . . . API . .WWW.DATA-TCQ.IR 122. . . . !! . . . IT . . . - Firewall WWW.DATA-TCQ.IR 123. : Firewall . . Firewall . . . . . . . Firewall . . Server . Server . Firewall .WWW.DATA-TCQ.IR 124. Firewall . , , Telnet , Ftp , SMTP . Firewall Firewall . Firewall . Firewall , Hub , Switch , Router Cabling Firewall . ISO Reapter Hub , Switch Bridge Router , Firewall ) ( . Firewall . Firewall Web .The purpose of a Firewall Firewall Firewall .WWW.DATA-TCQ.IR 125. . Web Site Firewall . . Firewall UNIX , NT , Dos . . . Firewall .Firewall Role of Protection The Firewall Server : Firewall . Proxy Server . Firewalls Providing Access Control Mail , . .WWW.DATA-TCQ.IR 126. The Security Role of a Firewall Server Server Firewall Backup . . Server Firewall Firewall Firewall . Firewall Log .Advantages and Disadvantages of Firewalls Firewall . Firewall ) ( Back door .Access Restrictions Firewall Telnet , Ftp , Xwindow . . Back-Door Challenges: The Modem Threat Firewall WWW.DATA-TCQ.IR 127. SLIP , PPP Firewall . Risk of Insider Attacks . Firewall Components Policy Advanced Authentication Packet Filtering Application gateways Network Security Policy Firewall . Installation , Use of the System . . Flexibility Policy Web . . . WWW.DATA-TCQ.IR 128. .Service-Access Policy .Advanced Authentication Firewall . . . . TCP , UDP . IP . . IP Spoofing . Firewall.WWW.DATA-TCQ.IR 129. Packet Filtering IP Packet Filtering IP .Source ip address Destination ip address Tcp/Udp source port Tcp/Udp destination portWWW.DATA-TCQ.IR 130. . . . . SmoothWall . : .CD-ROM Ethernet : . Hub . . .WWW.DATA-TCQ.IR 131. : SmoothWall Express . http://www.smoothwall.org/get. . ISO CD Image. Image CD . Nero Burn image to disk Data .CD CD . ) ( BIOS CD . CD SmoothWall Express . . . .WWW.DATA-TCQ.IR 132. . . . . . HIJACKTHIS . X-RAYPC XBLOCK SYSTEMS . ONLINE ANALYSIS . . . . : VIRUSTOTAL.COM JOTTIWWW.DATA-TCQ.IR 133. HTTP://VIRUSSCAN.JOTTI.ORG . . . SPYCAR . : ) WINDOWS HOSTS ( FAVORITES INTERNET EXPLORER . . SPYCAR .WWW.DATA-TCQ.IR 134. : william atallings : . )(. . : . . )(. . . . )(. . : . )(. . : . . )( . . . )(. . . . )( . : . . )(. . . : . : www.biaamniat.com www.jjdownload.com www.srco.irWWW.DATA-TCQ.IR