Information security

Would you like to write your robot?

Viber type of robot Diploma of a robot (Bachelor / Specialist) Part of a Diploma of a Robot of a Master's degree Diploma of a course in practice Course theory Abstract of Ese Control of a robot Head of a Robot attestation (VAR / VKR) Business-plan for nutrition before an MBA degree Robot, RGR On-line help. Sound about the practice. Information about the practice. PowerPoint presentation. Essay for graduate school.

Thank you, a sheet has been sent to you. Reverse mail.

Do you want a promotional code for a 15% discount?

edit sms
with a promo code

Successful!

?Change the promotional code for the hour of promotion with the manager.
The promo code can be registered once upon the first submission.
Robot type with a promotional code - " robot diploma".

Information security


1. Understanding information security

2.Information security and Internet

3. Methods of information security

literature


1. Understanding information security


For information security reasons, the seizure of information and infrastructure from any kind of evil or evil actions, as a result of which the infrastructure can be inflicted, is inflicted on the self-warrant

Organizational information security is the camp of the seizure of the information center of organizing, which will not preserve the form, victorious and development.

In the current social information sphere, there are two warehouses: information and technology (piece by piece of human knowledge of technology, technology, etc.) and information and psychological (natural light of living nature), including people. Apparently, the information security of a suspension (power) can be represented by two storage parts: information-technical security and information-psychological (psychophysical) security.

As standard safety models often produce a model in three categories:

Confidentiality is the standard of information, if only the subordinates have access to it, they may be entitled to a new right;

Purpose - to identify unauthorized modifications of information;

Accessibility - a unique time-based or post-term capture of information from people who have been denied access rights.

See and do not depend on the binding categories of the model of the safety model:

unfairness or appellability - the unwillingness of the type of authorship;

Pidzvitnist - securing the identification of the sub'єkta access and restoration of yogo action;

credibility - the authority of the credibility of the transmitted behavior to the result;

Authenticity or justice - power, as a guarantor, is a sub'єct or resource is identical to the statement.

Diy, which can create a school of information security of organization, can be divided into a number of categories:

2. "Electronic" methods injected by hackers. When hackers think about people, they are engaged in computer malignancies as a professional (including within the framework of a competitive struggle), as well as simply from tsikavosti. Prior to such methods, there are: unsanctioned penetration into computers; DOS attacks.

By the method of unauthorized penetration of information into the business of an enterprise, there can be inflicted shkodi (knowledge of tribute), theft of confidential information and protection of information for illegal purposes, the development of information for the third party to attack

An attack of the DOS type (speed. Від Denial of Service - "view in service") is the most common attack on the universities of an industrial enterprise, which appears to be a safe and effective robot (files, mail servers). The malevolent organizers will organize the mailing of packages of money to the central university, to the recipient, to the bag, at any time to send it to the university. Tse, as a rule, it is more difficult to follow oneself in the business processes of the company-victim, the loss of clients, the loss of reputation is too

3. Computer viruses. Orema category of electronic methods for pouring - computer viruses and іnshі shkіdlivі programs. The stench is a real concern for the day-to-day business, widely used computers, Internet and electronic mail. Penetration of a virus at a university of a corporate net can lead to a breakdown in its function, in a working hour, to waste money, to steal confidential information and to find direct losses of financial resources. The program is viral, since it has penetrated the corporate border, it is possible for the evil-minded people to gain partial control over the company’s business.

4. Spam. All for a bit of rocky spam, because of an insignificant drastic factor, it was re-created into one of the most dangerous threats to security: the electronic mail became the main channel of the extended shkidlivy programs for the last hour; spam takes away a lot of an hour for a peek і farther away, seemingly, wickedness from sportsmen for psychological discomfort; as private individuals, so and organizing become victims of Shakhrai schemes, implemented by spammers; At the same time, due to spam, it is not easy to see important correspondence, but you can lead to the loss of clients, see contracts and other unacceptable inheritances; Correspondence is not safe, especially with the victorious black lists of RBL and the other "rude" methods of filtering spam.

5. "Natural" pollute. On the information security of the company, there can be added special factors: the reason for the loss of these may be the wrong collection, theft of computers and equipment, force majeure furnishings, etc.

With such a rank, in the savvy minds, the obviousness of the developed system and information security has become one of the best minds of the competitiveness and welfare of any company.


2.Information security and Internet


Spіlkuvannya with victories of the newest thanks to the commune took over the Internet. All-time information on the hem is developing at a great pace, a number of participants are constantly growing. For deyakim tribute, in the fenestration, close to 1.5 milliard sides are registered. Deyakі "live" until pivrok, and deyakі work on their masters in renewed strength and bring great influx. Information in the net will love all sides of the living of the people and the suspension. Koristuvachi add the form to themselves and their own activity. However, advising robots in the field of computer technologies is responsible for the application of unscrupulous victories of Internet resources.

Fakhіvtsі seem to be the main reason for penetrating into the computer fringes - the lack of turbulence and lack of preparation of the corystuvachіv. The price is typical not only for the peasant koristuvachiv, but also for the fahivts in the area of ​​computer security. At the same time, the reason is not only negligence, but rather a small amount of information about the safety in the sphere of information technologies. It is tied with a quick development to the market of hemmed technologies and the very hem of the Internet.

According to Kaspersky's laboratory, close to 90% of the number of people penetrate the computer of high-profile programs to use the Internet, through e-mail and look at the Web sites. Especially the middle of such programs for the loan of the class is the Internet-worm. To expand itself, it is not obsolete to the mechanics of the robot, to identify its main enterprise, to fix the victim's computer, to steal the address book or to enter information into the man, to write down the addresses of the bookkeeper, to take the computer out of the computer. 'you can use a resource, or take away a part of the resources for your own purposes, or, in the worst case, self-erase, meaning all the files on all disks.

All the problems associated with them can be viewed for additional manifestation in the organization of the operative document, which reflects the policy of the information security of the company. Such a document clearly states the following:

how the robot is carried out from the information of the enterprise;

hto maє access;

system of copying and collecting money;

robot mode on PC;

the appearance of security and restoration documents for the possession of that security software;

Vykonannya vimog to ap_shennya, de-roztashovuyutsya PC and the work of mice koristuvach;

availability of instructions and technical documentation;

the appearance of work journals and the order of their conduct.

In addition, it is necessary to continually review the development of technical and information systems, to publish in periodic press, for example, the story behind the topics discussed at the related seminars.

So zgіdno Presidential Decree "On come in schodo zabezpechennya іnformatsіynoї BEZPEKA Russian Federation at vikoristannі іnformatsіyno-telekomunіkatsіynih trammel mіzhnarodnogo іnformatsіynogo obmіnu" zaboroneno broadband Internet іnformatsіynih systems іnformatsіyno-telekomunіkatsіynih trammel i zasobіv obchislyuvalnoї tehnіki scho zastosovuyutsya for zberіgannya, obrobki abo peredachі Informácie scho mіstit in order to become a state house, or information, to the authorities of such a state organization, and to take revenge on a house, to become a service department, before information and telecommu- nication information, so that it is allowed to the Russian Federation.

When neobhіdnostі broadband Internet zaznachenih іnformatsіynih systems іnformatsіyno-telekomunіkatsіynih trammel i zasobіv obchislyuvalnoї tehnіki to іnformatsіyno-telekomunіkatsіynih trammel mіzhnarodnogo іnformatsіynogo obmіnu TAKE broadband Internet carried tіlki of vikoristannyam spetsіalno priznachenih for tsogo zasobіv Zakhyst Informácie, in addition chislі shifruvalnih (kriptografіchnih) koshtіv, SSMSC proyshli in established According to the legislation of the Russian Federation, the procedure for certification from the Federal Service of the Security Service of the Russian Federation and (or) denied approval from the Federal Service for technical and export control.


3. Methods of information security


On the reconsideration of experts of "Kaspersky Lab", the security of information security is guilty systematically. This means that the business owner (hardware, software, physical, organizing, etc.) is responsible for the stasis immediately and for the centralized management. With a whole component of the system of guilt, the "nobility" is about the idea of ​​one of one, of intercourse and non-proverbiality, both from the outward and outward threats.

On this year's day, there is a great arsenal of methods for securing information security:

add identification and authentication of koristuvachiv (this is the title of complex 3A);

get encrypted information that can be stored on computers and transmitted by fencing;

mіzhmerezhevі screens;

virtual private hemlines;

add content filter;

tools for reconversion of integrity in place of disks;

add an anti-virus to the virus;

systems for detecting the inconsistencies of the hem and analyzers of the hem attacks.

Skin care can be taken independently as well as in integration with others. We should try to keep the system of information retrieval possible for framing, be it foldable and configurable, so that we do not lie down on the victorious platforms.

"Complex 3A" includes authentication (or identification), authorization and administration. Identification and authorization are all key elements of information security. When you try to access information assets, the identification function gives you the answer to the food: "Who are you?" I "De vie?" - we knew how we are authorized by us. The function of authorization is given for those, up to which resources, a specific koristuvach can access. The function of the administration of the field in the above-mentioned identifying features within the framework of the given measure and designation is permissible for a new project.

The encryption systems allow you to minimize the loss of access in case of unauthorized access to the data, which can be stored on a hard disk or even a nose, as well as the transfer of information when overridden by electronic protocols. Zavdannya given to zasobu zahist - security of confidentiality. The main benefits that are presented to encryption systems are a high level of crypto-security and legal status in the territory of Russia (or the other powers).

The cross-cut screen is a system of either a combination of systems, which can be used to create a combination of two or more hedgehog barriers, so that it is protected from unsanctioned consumption in a way or when it comes from a package of data.

The basic principle of multimedia screens is the conversion of the skin packet of data to the appearance of the input and output IP address and the basis of the allowed address. In such a rank, between the screens, it significantly expands the possibilities of segmenting information and control over the circulation of data.

Talk about cryptography and digital screens, and talk about stealing virtual private networks (VPN). Х vikorstannya allows the visibility of problems of confidentiality and integrity of the given data during transmissions via visible communal channels. Vikoristan VPN can be called up to the last three main sites:

1.Recognition of information streams between the company’s business offices (encryption of information is carried out only at the entrance to the new border);

2. seizure access from distant people to information resources of the company, as a rule, access through the Internet;

3. Capturing information streams between other companies in the middle of corporate fences (this aspect is also even more important, fewer attacks can be made from internal fences).

Effectively for the return of confidential information - filtering instead of the incoming and outgoing electronic mail. Revision of the individual items themselves and their contribution to them on the basis of the rules established in the organization, allowing the company to also ensure that the company is aware of the court calls and cleanse the spam in spam. Create content filtering allows you to convert files of all advanced formats, including styles and graphics. With a wide flow of space, it is practically not possible to change the size of the net.

All changes on the workstation, or on the server, can be seen by the administrator of the net, or the one who is authorized to set up the technology for changing the integrity of the hard disk (integrity checking). It does not allow the appearance of any files (a change that can be seen, or just a display) and identification of the activity of viruses, unauthorized access, or theft of given by authorized criminals. The control is based on the analysis of checksums of files (CRC sum).

The current anti-virus technologies allow you to see practically all of the virus programs through the appropriate code of the adult file and in a nutshell, which can be saved in the anti-virus database. In addition, the breakdown of behavioral modeling technology, allows you to display news and viruses in programs. When you see something, you can get away with it, you can get out of it (go to quarantine) or go away. Zahist vіd vіrusіv can be installed \ u200b \ u200b on workstations, files and post servers, different screens, so it can be practically used from extended operating systems (Windows, Unix) on Linux systems, Novell.

Filter spam significantly reduce unproductive labor, tied to spam picking, reduce traffic and server overload, reduce the psychological background in the team and change the risk of learning in the mining companies. In addition, spam may filter out the risk of new viruses, and some of the chances of revenge viruses (not yet entered the anti-virus databases) are often indicative of spam and filter out. True, the positive effect of filtering spam can be cross-referrals, as the filter can be seen as spam and it is normal for some people.

For the prevention of natural threats and information security, the company is responsible for the destruction and implementation of a set of procedures to protect the overwhelming situations (e.g. One of the main methods for collecting data is to back up with accurate pre-set procedures (regularity, tips, methods of copying, etc.).


literature


1. Decree of the President of the Russian Federation "About the security of the information security of the Russian Federation at the victorious information and telecommunications network of international information exchange" dated 17.03.2008 No. 351;

2. Galatenko, V.A. Basics of information security. Internet University of Information Technologies - ІNTUIT.ru, 2008;

3. Galatenko, V.A. Information security standards. Internet University of Information Technologies - ІNTUIT.ru, 2005;

4. Lopatin, V.N. Information security of Russia: Lyudina, support, power. Seriya: Bezpeka people and suspensions. M .: 2000. - 428 s;

5. Shangina, V.F. Zachist computer information. Effective and efficient methods. - M .: DMK Press, 2008 .-- 544 p.

6. Shcherbakov, A.Yu. Suchasna bezpeka computer. Theoretical basis. Practical aspects. - M .: Knizhkovy svit, 2009 .-- 352 p.

Similar abstracts:

Characteristics of information resources in the agricultural holding "Ashatli". Contaminate the information security characteristic of the enterprise. Come in, methods and help the information manager. Analysis of shortcomings and changes in new systems and safety.

Investments in information technology in the middle and small business sector to improve skin rock. The availability of a competently vibrated information system is becoming increasingly visible competitive challenge.

The main understanding for the information security and information security. Classification and zmіst, dzherela and causes of detection of possible threats to information. Basically, I am directly responsible for information security (injected), service of festoon security.

The zachist of tribute in computer fences becomes one of the most critical problems in current information-computational systems. On the current day, three basic principles of information security have been formulated.

Main aspects of information security, confidentiality and integrity of information. Apply threats, such as the deterioration of the integrity and availability of information. Sub'єkti, ob'єkti and operations in information systems, access rights.

Factors obstruct the information space. Sovereign-legal protection of the information space. Methods for securing the information space. Development of information technologies.

Safety of information systems and construction of anti-aging injections. See the computer threats, understand the unauthorized access. Viruses and shkidlive software security. Methods for helping the operator of information systems.

Authority and recognition of information. The problem, the day-to-day of the understanding, the basic knowledge of information security. See the threat, classification dzherel. The process of the introduction of viruses, unauthorized acts. The main direct and methods of preventing threats.

The essence and the main recognition of the Doctrine of Information Security of the Russian Federation (RF). Vidi and dzherela threats to the information security of the Russian Federation. The main provisions of the state policy of the information security of Russia.

Information security. Threat of information security. Classification of computer viruses. Zavantazhvalny viruses. File viruses. Merezhevі viruses. Macro-viruses. Resident viruses. Information security method.

Understanding, seeing information, the main methods of this method of storing. Set up the implementation and classification of software and technical methods. Psychological change is one of the types of information injected into the surrounding of a group of people.

Abstract "Information security and information". It’s infectious to talk about information security and new guise of guilt. The main thesis of the field is that it is possible to conduct more professionally and "civilized". Instead of introducing enemy tanks into the enemy's camp, you can weaken b ...

History and modernity of information security. Classification of educational programs and ways to capture all of them. Features of Trojan programs. National interests, pollution and methods of securing information security of Russia in other spheres.

The essence of the information security, the structure and the warehouses of the part, which is significant in the day-to-day suspension and business. Computers and non-requests for spam as the main burden for special information, which are available on the EOM, and ways to provide access to them.

An insider is a person who, by virtue of his service person, will have access to the confidential information about the company's information, and also a person who will add the confidentiality information about the company’s performance and history.

Information security of telecommunication systems. Problems related to information security. Technology for the analysis of abduction, detection of infiltrators, information stolen from unauthorized access, anti-virus stolen. Forming a bank of tribute.

Computers and information technologies are rapidly developing to bring new changes to our life. Information has become a commodity that can be bought, sold, exchanged. With a whole lot of information, often in a hundred times overturned the part of the computer system, in which you won’t be able to.

From the step of safety of information technologies, it is an hour to lay down well-being, and at the same time, the life of people. Such is the fee for the acceleration and widespread expansion of automated information processing systems.

pid information security Rise of the seizure of the information system in the form of a kind of abnormal involvement, which gives the Shkodi the owners of the information system.

In practice, we have found three aspects of information security:

  • availability(You can take out the necessary information service in a reasonable hour);
  • integrity(Relevance and inconsistency of information, and the seizure of a ruined and unsanctioned change);
  • confidentiality(Zakhist from unauthorized reading).

Loss of accessibility, integrity and confidentiality of information can be a vicious inflow to information computer systems.

Main load information security

The current information system is a collapsible system, which is composed of a great number of components of a different stage of autonomy, which are linked between themselves and exchange data. Practically, the dermal component can be used for a long time. The components of the automated information system can be broken on the offensive of the group:

  • hardware device- computers and storage parts (processors, monitors, terminals, peripheral attachments - disk drives, printers, controllers, cables, communication lines, etc.);
  • programmatically secure- add-on programs, wihіdnі, ob'єktni, zavantazhvalny modules; operating systems and system programs (compilers, linkers, etc.), utilities, diagnostic programs, etc .;
  • tribute- save time and time, on magnetic noses, handles, archives, system journals, etc .;
  • staff- service personnel і koristuvachі.

Inadequate supply to the computer information system can be connected to the display and the information system. An analysis of the progress of the design, preparation and operation of information systems, showing, and information is provided by the vivid, vaping inflows at all stages of the life cycle of the system. reasons vypadkovyh injections during operation, there are:

  • emergency situations through spontaneous forces and electrical connections;
  • vidmov and zboi apparatus;
  • pardons in programmed storage;
  • pardons for robotic staff;
  • Cross the lines in the lines through the inflows of the new middle.

navmisnі dії- tse tsіlespryamovanі dії porushnik. Yak porushnik can vistupati serviceman, vidviduvach, competitor, nayman. The heroes' diy can be reinforced with different motives:

  • dissatisfied with the service with their kar'єroi;
  • habarem;
  • tsіkavіstyu;
  • competitive fighting;
  • pragnennyam self-assertion be-like price.

It is possible to use a hypothetical model of a potential poroner:

  • qualification of a porner at the level of the roster of this system;
  • A thief can be an outside person, as well as a legitimate koristuvach system;
  • information about the principle of robotic systems;
  • poruzhnik vibiraє naybilsh weak lanka in zahist.

We will expand it with a versatile type of computer damage є unauthorized access(NSD). The NSD will be victorious, be it a pardon in the system for the siege and the mobility in the case of an irrational vibration, for the sake of the siege, for the incorrect establishment and adjustment.

The classification of the channels of the NSD is carried out, for which it is possible to get stolen, change or information:

  • Through people:
    • breaking up of information;
    • reading information from the screen or keyboard;
    • reading information from the file.
  • Through the program:
    • overloading passwords;
    • decryption of encrypted information;
    • copying of information from the nose.
  • Through hardware:
    • connection of specially disassembled hardware devices, so that you will not have access to information;
    • overloading of secondary electromagnetical viprominuvans in terms of equipment, line connection, netting, etc.

Varto okremo zupinitsya on thunderstorms, which can be used by computers. The main feature of whether a computer is a polygon is in the fact that it is a component of the growth in space. The link between the universities of the hemispheres is physically based on the additional hemlines and programmatically for the additional mechanism. At the same time, there is a lot of information and data, which are overridden by the nodes of the hemispheres, are transferred from the viewer packages to the exchange. Computers are characteristic of them, so called against them onward attacks... A thief can take thousands of kilometers to attack an object, when an attack is made, it is not only a specific computer that can be sent, but information, which is transmitted through the fancy channels.

Information security

Formation of the information security regime is a complex problem. The entrance for the її rіshennya can be taken by five rіvnіv:

  1. legislative (laws, regulations, standards, etc.);
  2. moral and ethical (all the norms of behavior, not being able to keep up with those things to the fall of the prestige of a particular people or a whole organization);
  3. administrative (for a zagalny character, which is obeyed by a critical organization);
  4. physical (mechanical, electro- and electronic-mechanical transitions on young ways of penetrating potential porters);
  5. hardware-software (electronic attachments and special programs for the information manager).

The unity of all these calls, straightened to the defense of threats, without special attention to the minimum of energy, the system will.

The necessary system is guilty of the offensive principles:

  • The part of the party to the enemy is guilty of being less than the smallest of the young.
  • Kozhen koristuvach is guilty of the mother of a minimal set of privileges, necessary for a robot.
  • Zakhist team is effective, which is simpler than koristuvachev with her pratsyuvati.
  • Possibility to connect in extra windows.
  • Fakhivtsi, I think that it’s possible to bring the system to the guilty point of the principle of functioning and in the development of difficult situations to adequately respond to them.
  • The whole system of information processing is known to be guilty.
  • The developers of the system will not be guilty of being among those who will be controlled by the system.
  • The system is guilty of trying to prove the correctness of its robots.
  • Individuals who are engaged in information security should be responsible for the responsibility of the specialist.
  • I will do the trick to completely distribute it to the groups so that the destruction of the taker in one of the groups did not pour into the security of the group.
  • The necessary system is guilty of but on the whole protested and the uzgodzhena.
  • The zachist becomes more effective and nasty, even though it allows a change of its parameters from the side of the administrator.
  • The system will be guilty of rooting out, going out of the way, so that the corysty will be robbed of the grave pomp and, vzagal, may naygirshi namiri.
  • Most important and critical decisions are taken by people.
  • Having learned the mechanics of the owner, he was guilty as far as possible from the koristuvachiv, the robot which is under control.

HARDWARE AND SOFTWARE

Uninvolved on those modern operating systems for personal computers, such as Windows 2000, Windows XP and Windows NT, the power of the system can be lost, the relevance of additional problems can be saved. On the right, in the fact that most of the systems are not built to cleanse the data, but to be located behind their boundaries, for example, when using a fancy information exchange.

The hardware and software can be split into five groups:

  1. Systems of identification (designation) and authentication (revision of information) of koristuvachiv.
  2. Disk tribute encryption system.
  3. The system of ciphering the tributes passed along the lines.
  4. Electronic data authentication systems.
  5. Set up management of cryptographic keys.

1. Systems of identification and authentication of coristuvachiv

To become stuck for access to the computer system resources. The basic algorithm of the robotics of such systems is to correct the information from the person who knows the person, to reconsider the ability of the robot to use the system.

When prompting cich systems, the problem is the choice of information, on the basis of which the procedure for identifying and authenticating a corystuvach should be established. You can see offensive tips:

  • secret information, such as volodya koristuvach (password, secret key, personal identifier, etc.); koristuvach is guilty of remembering information, or for her, it may be stuck in specials for zberigannya;
  • physiological parameters of people (wiggles of fingers, little ones of the rainbow shell of an eye) or the particularity of behavior (especially of robots on the keyboard).

Systems based on the first type of information can be used traditional... The system, which vikoristovuyut another type of information, is called biometric... This signifies a tendency towards the development of biometric identification systems.

2. Systems for encryption of disk tributes

In order to create information with a marnoy for the enemy, vikoristovuyut the supremacy of methods of re-enactment of cryptography[View of Greek. kryptos- ghosting і grapho- writing].

The encryption system can enable cryptographic conversions of the data on the same files or on the same disks. Up to the program type it is possible to bring the archivators to the ARJ and RAR types, which allow the use of cryptographic methods for retrieving archive files. Another type of application can be the Diskreet encryption program, which comes before the popular Norton Utilities software package, Best Crypt.

The most classifiable familiarity of disk data encryption systems є methods of their functions. The method of functioning of the system and encryption of disk tributes is divided into two classes:

  • system and "proprietary" encryption;
  • systems, specially wiklicans for encryption.

In systems of proprietary ciphering (ciphering "on advantage"), cryptographic reconfigurations are created in real time, which is inconceivable for a koristuvach. For example, koristuvach will write down the preparations in a text editor on the document on the object, the disk will be stolen, and the system will take over in the process of writing down the cipher.

The systems of another class are inviting to represent utilities, as it is necessary to have special victories for the ciphering. Prior to them, for example, the archivators are brought in with vbudovanim zasob pralny zakistu.

There are a large number of systems that can be used to set a password for a document, but not encrypt the information, but only save the password when accessing the document. Such systems include MS Office, 1C and a lot of them.

3. The system of encryption of the tributes, transmitted along the lines

There are two main encryption methods: channel encryption and encryption (subscriber) encryption.

In times channel encryption all information is stolen, transmitted over the channel, including the service. Tsei method of encryption I will come to gidnistyu - vbudovannya encryption procedures on the canal level, allowing the device to be encrypted, as well as increasing the productivity of the system. However, the given approach and sutta are short:

  • ciphering of service data faster routing mechanism of cut-and-paste packets and encryption of data in the annexes of the industrial commune (gateways, repeaters, etc.);
  • The encryption of service information can be triggered before the appearance of statistical regularities in the encrypted data, which injected into the reliability of the search engine and the imposition of interchange on the registration of cryptographic algorithms.

Kintseve (subscriber) encryption allowing you to secure the confidentiality of the data, which is transmitted between two subscribers. In all cases, only the zmist will be taken away, all service information will be left open. In short, there is the possibility of analyzing information about the structure of the exchange of information, for example, about the recipient of that owner, about the hour of the transmission of the tribute, and also about the exchange of the transmission of tribute.

4. Systems of authentication of electronic data

When exchanging data on the basis of the text, the problem of authenticating the author of the document and the document itself, so that the author's validity and the revision of the changes in the rendered document are established. To authenticate the data, you must use an authentication code (imitation insertion) or an electronic signature.

Imitation insert Vyroblyaєtsya from іncritical tributes for the addition of a special re-encryption of the secret key і send a call via the channel in encrypted tributes. The imitating insertion will be overridden by a secret key, by the way of repeating the procedure;

Electronic digital signatureє There is a relatively small amount of additional authentication information, transmitted at once with the written text. Vidravnik formє digital signature, vikoristovuchi secret key vidravnika. Oderzhuvach perevіryaє pіdpis, vikorystovyuchi vіdkritiyu key vіdravnika.

In such a rank, for the implementation of imitating insertion, the principle of symmetric encryption is used, and for the implementation of an electronic signature - asymmetric. The details of the two encryption systems will be kept in mind.

5. Set up management of cryptographic keys

Be sure to use a cryptosystem to start with vicarious cryptographic keys. In case of unreliable key management, the malicious person can control the key information and restore access to all information in the system, for example.

The development of such types of key management functions: generation, selection, and distribution of keys.

ways generations of keys for symmetric і asymmetric cryptosystems різні. For the generation of keys of symmetric cryptosystems, hardware and software must be used to generate a random number. Generation of keys for asymmetric cryptosystems of folding, which is why keys are responsible for the power of mathematics. More details on the whole power supply are available for implantation of symmetric and asymmetric cryptosystems.

function zberigannya transferring the organization of the bakeless zberigannya, the oblast and the visible key information. To secure the bakeless keys, secure the encryption for the additional help of alternative dzherels. Such a pidhid should be brought up to the concept of a hierarchy of keys. In the hierarchy of keys, you are asked to enter the head key (tobto the master key), the key for encrypting the keys and the key for encrypting the data. It means that the generation and recovery of the meister-key is for the critical nutrition of the crypto-security specialist.

rospodil- the most recent process in the control keys. The whole process is guilty of guaranteeing the secrecy of the keys, as well as being prompt and accurate. There are two ways between the keys and the keys:

  • for the additional direct exchange of session keys;
  • vikoristovuchi one or a number of centers in the keys.

Transfer of documents

  1. ABOUT THE PRESERVATION OF THE TAMNITSU. Law of the Russian Federation dated 21 December 1993 No. 5485-1 (as amended by the Federal Law dated 6 January 1997 No. 131-FZ).
  2. ABOUT INFORMATION, INFORMATIZATION AND TO CONSUMER INFORMATION. Federal Law of the Russian Federation from 20th February 1995 No. 24-FZ. Accepted by the State Duma on 25 September 1995.
  3. About the legal protection of programs FOR ELECTRONIC CALCULATING MACHINES І DANIKH BASES. Law of the Russian Federation dated 23 September 1992 No. 3524-1.
  4. ABOUT THE ELECTRONIC DIGITAL PIDPISU. Federal Law of the Russian Federation as of 10 September 2002 No. 1-FZ.
  5. ABOUT AUTHOR'S LAW І SUMIZHNI RIGHTS. Law of the Russian Federation dated 9 April 1993 No. 5351-1.
  6. About federal bodies URYADOVO ZVYAZKU TA INFORMATION. Law of the Russian Federation (as amended by the Decree of the President of the Russian Federation dated 24.12.1993 No. 2288; Federal Law dated 07.11.2000 No. 135-FZ.
  7. Regulations on the accreditation of viprobauval laboratories and bodies with certification in support of the information officer for information security / State technical committee under the President of the Russian Federation.
  8. Instructions on the procedure for the certification of certificates of evidence, copies and certificates of information to the information officer / State Technical Committee under the President of the Russian Federation.
  9. Regulations on attestation of informatization for vimogues of information security / State Technical Committee under the President of the Russian Federation.
  10. Regulations on the certification of information to the information officer for the information security committee: with additional information prior to the Resolution of the Russian Federation Council on the 26th worm of 1995 No. 608 "On certification" of the technical information
  11. Regulations on the state licensing of efficiency in the information manager / State technical committee under the President of the Russian Federation.
  12. Automated systems. Protection from unauthorized access to information. Classification of automated systems and in order to get the information: Current document / State technical committee under the President of the Russian Federation.
  13. Concept for the acquisition of the information technology and automation systems for unauthorized access to information: Key document / State Technical Committee under the President of the Russian Federation.
  14. Save the calculating technology. Mіzhmerezhevі screens. Protection from unauthorized access to information. Indicators of seizure from unauthorized access to information: Key document / State technical committee under the President of the Russian Federation.
  15. Save the calculating technology. Protection from unauthorized access to information. Indicators of seizure from unauthorized access to information: Key document / State technical committee under the President of the Russian Federation.
  16. Zakhist information. Special signs. Classification and foreign vimogues: A critical document / State Technical Committee under the President of the Russian Federation.
  17. Protection from unauthorized access to information. Terms and conditions: Current document / State technical committee under the President of the Russian Federation.

Information security

1. The essence of the understanding "information security"

Information security is the center of the seizure of the information center, the seizure of information is the activity of capturing the round of information, which is stolen, unsanctioned and hated processes on the seizure

Organizational information security is the camp of the seizure of the information center of organizing, which will not preserve the form, victorious and development.

Information security of the state - the stand of the preservation of the information resources of the state and the seizure of the legal rights of the specialty and support in the information sphere.

Information about the security of the state to start the building of the state, the support, the specialty:
without providing a sufficient and stolen information resources and information streams for the development of one's life and publishing, stylish functionality and development; against information security and threats, negative information injections on the individual and suspiciousness and psyche of people, as well as on computers and information technology;
viroblyaty specialty and group navichki and vynnya bezopasnoy behavior; Pidtrimuvati post-lane readiness before adequate entry into the informational fight, which was not imposed on them.

A special feature of information security is the abduction of people by factors of insecurity on the basis of their special interests and needs, and there is no need for them. The price is tied together with this, that specialty is a biosocial system and starts immediately in the role of people as a member of the suspension, and people as a living organism, as well as in the adjacent parameters of the midst.

2. Standard model without baking

As standard safety models often produce a model in three categories:

  • confidentiality - the standard of information, if only subscribers have access to it, they may be on the right;
  • integrity - unauthorized modification of information;
  • Availability - unique hourly abnormal capture of information from koristuvachiv, who denied access rights.

See and do not depend on the binding categories of the model of the safety model:

  • non-repudiation - the inability of the type of authorship;
  • accountability - securing the identification of the sub's access and restoration of the business;
  • reliability - the power of reliance on the transferred behavior to the result;
  • Authenticity or authenticity - authority, guarantor, sub'єkt or resource is identical to the statement.

Authenticity - the ability of the author of the information;
appellability - the ability to bring, but by the author of the statements itself, Lyudin, and not

3. Normative documents in the field of information security

In the Russian Federation, prior to the normative legal acts in the field of information security, the following shall be applied:

Federal Law Acts:

  • International treaties of the Russian Federation;
    • Constitution of the Russian Federation;
    • Federal laws (including federal constitutional laws, codes);
    • Decree of the President of the Russian Federation;
    • Decree to the Uryad of the Russian Federation;
    • Normative legal acts of federal ministries and departments;
    • Normative legal acts of the sub''ektiv of the Russian Federation, organs of the micro-self-assembly, etc. D.

Before the regulatory and methodological documents, you can bring

  • Methodical documents of state authorities of Russia:
    • Doctrine of information security of the Russian Federation;
    • Kerivni documents FSTEK (State Technical Commission of Russia);
    • Punish the FSB;
  • Information security standards, including the following:
    • International standards;
    • State (national) standards of the Russian Federation;
    • Recommendations for standardization;
    • Methodical instructions.

4. Organize, be sure to provide information security

In the fallowness, according to programs of activity in the region, to the originator of information, the activity itself is organized by special state bodies (subsidiaries), or by documents (services) of the enterprise.

State organizations of the Russian Federation, control activity in the region for information sources:

  • Committee of the State Council of Security;
  • Glad to be safe for Russia;
  • Federal Service for Technical and Export Control (FSTEK Russia);
  • Federal Security Service of the Russian Federation (FSB of Russia);
  • Service of the first development of the Russian Federation (NWR of Russia);
  • Ministry of Defense of the Russian Federation (Ministry of Defense of Russia);
  • Ministry of Internal Affairs of the Russian Federation (MVS of Russia);
  • Federal Service for Visibility in the Sphere of Communication, Information Technologies and Mass Communities (Roskomnadzor).

Services that organize information on the part of the enterprise

  • Economic security service;
  • Personnel security service (security service);
  • Viddil frames;
  • Service of information security.

6.Organizational and technical and regimes enter and methods

For the description of the technology for the establishment of the information of a specific information system, so called will be the Policy of Information Security or the Policy of Security of our Information System.

Security policy (Organizational security policy) - the prevalence of documented rules, procedures, practical principles, or basic principles in the field of information security, which are important for organizing in one's own activity.

Policy of security of information and telecommunication technologies (IST security policy) - rules, directives, as well as practice, that is, as in the boundaries of the organization and the information and telecommunications activities of

To encourage the Information Security Policy, it is recommended to look directly at the information system operator:

  • Zakhist ob'єktіv information system;
  • Zakhist processes, procedures and information processing programs;
  • Zakhist channels;
  • Suffocation of the slave electromagnet vipromynyuvans;
  • Controlling the system to get the job done.

At the same time, for the skin overwhelming, the policy of information security is guilty of describing the onset of the stage of development in the case of information:

1. The designation of information and technical resources, which will help the customer;

2. The emergence of a new and potentially deadly threat and channel in the flow of information;

3. Carrying out an assessment of the flow and information in the case of obvious no threats and channels in the flow;

4. Viznachennya vimog to the system and zahistu;

5. Adjust the selection to the owner of the information and characteristics;

6. Providing and organizing the registration of return visits, ways and means of acquiring;

7. Zdіysnennya control of integrity and keruvannya system zahistu.

The policy of information security is drawn up in the form of a documentary vimog on the information system. Documents call in order to describe (details) the process of acquiring.

document Verkhnyaya Rivnya Policies of information security reflect the position of the organization to the level of efficiency in the field of information security, the rationality of promulgation to the state, international standards and standards of the The area of ​​extended documents of the upper level is not interchangeable, the documents can be published in two editions - for the most recent and internal registration.

Before middle rivnya to deliver documents, about three aspects of information security. Tse vimogi to the end and operation of the information provider, organizing information and business processes in organizing in a specific direct way to the information provider. (Bezpeki danikh, Bezpeki komunikats_y, victorian to a cryptographic person, Content filter). Some documents are favored by the viewers of internal technical and organizational policies (standards) of the organization. All documents of the middle level of the policy of information security of confidentiality.

Policy and information security lower rivnya include regulations for robots, administrative regulations, instructions for the operation of additional services and information security.

7. Classification of hemstitch attacks

There are fewer attacks on the floor and on the versatile, as in the system, and against any stench that is straightforward. To assess the types of attacks, it is necessary to know the deyakis of the exchange, the power of the TPC / IP protocol. Merezha Internet was established for the connection between state institutions and universities with the aim of providing additional assistance to the initial process of scientific advances. As a result, in the specifics of early versions of the Internet Protocol (IP), the bullets of the Internet are safe. The very fact is rich in the implementation of IP є with a lot of teasing. Through a lot of rockets, sending free advertisements (Request for Comments, RFC), they have become available for IP security. However, I will look at those who have broken down to the Internet for the IP protocol, all of their implementations have become addi- tional to the versatile hemming procedures, services and products, and to reduce the risks that govern the protocol. There are shortly visible types of attacks, as you can get stuck against IP, and there are too many ways to fight them.

sniffer packages

Sniffer packages є I will apply the program, like a vicorist hemlock card, which can be used in promiscuous mode (in the whole mode, all packets, rejected by physical channels, the hemlock adapter is used for processing). At the same time, the sniffer will transfer all the blank packets, which are transmitted through the singing domain. In the Danish hour, sniffers work in fancywork on the whole legal exhibition. Smell vikoristovuyutsya for diagnostics of irregularities and analysis of traffic. However, I will look at those who do not have any additional data transferring data in text format (Telnet, FTP, SMTP, POP3, etc.), for an additional sniffer, you can know the correct information, and some of the information is confidential.

Overloading of names and passwords is very problematic, as it is often impossible for you to use the same login and password for unauthorized supplements and systems. As soon as the input is processed in the "client-server" mode, and the authenticated data are transmitted as they read in the text format, then the information from the great information can be retrieved for access to other corporate resources. Hackers are backed by the fact that they know well and be vicious against human weaknesses (attack methods are often based on methods of social engineering). It stinks miraculously when you know you are using one and the same password for access to powerless resources; For most people, the hacker will deny access to the resource designated for the koristuvach on the system level, and from this additional shedding of the new koristuvach, who can be victorious at any moment for access to the Merezha and up to the її resources.

Reducing the threat of sniffing packages can be done with the help of the following:

Authentication. Strong Authentication Could be the most convenient way to collect sniffing packages. Given the “strong” minds, there are such authentication methods that it is important to avoid. Application of such authentication є one-time passwords (One-Time Passwords, OTP). OTP is a two-factor authentication technology, when you see what you have, you know. A typical butt of two-factor authentication є of a robotic ATM machine, which recognizes you, according to your plastic card, and, in other words, you enter a PIN code. For authentication in the OTP system, you also need a PIN code and your special card. From the "card" (token), the device does not change, or the program is set, because it generates (based on the vypadkovy principle) a unique one-time one-time password. If a hacker knows the password for an additional sniffer, then the information will be sent out, and at the same time the password will be sent to you. Apparently, the best way to fight against sniffing is effective only in case of overwrite passwords. Sniffers, overwhelming information (for example, due to electronic mail), do not waste their efficiency.

Switched infrastructure. In one more way, you can fight against sniffing packets at your netting middle - the root of the commutated infrastructure. Also, for example, all organizations have Ethernet commutations, hackers can only restore access to traffic, go to that port, to whatever stench of connection. The switched infrastructure does not assimilate the pollution of sniffing;

Antisniffery. The third way to fight with sniffing polyagus is in the installation of hardware or software tools, such as developing sniffers, which work at your fancy. Because of the danger, there is no way to create a threat, ale, as well as a lot of them in a low-grade safety, the stench is included in the back-house system. Antisniffery give you an hour to respond to hosts and to avoid getting the hosts to process your traffic. One of these, supplied by LOpht Heavy Industries, is called AntiSniff.

Cryptography. The most effective way to deal with sniffing packages is to want and not to overwhelm and not to recognize the sniffer robot, but rather to use Marnoy for the robot. If the channel is cryptographically stolen, then the hacker will overwhelm the unknown, and the encryption text (so that the message is not sound). The other cryptographic protocols of the grid control are implemented using the SSH (Secure Shell) and SSL (Secure Socket Layer) protocols.

IP spoofing

IP spoofing is a problem if a hacker is in the middle of a corporation, or the pose of her, she looks like a sanctioned koristuvach. The price can be created in two ways: a hacker can speed up either by an IP address, or by being in the range of authorized IP addresses, or by using an additional address, which allows access to the singing fencing resources.
As a rule, IP spoofing is interconnected with the insertion of gratuitous information about high-profile commands from the kind of tribute that is transmitted between the client and server add-ons, or through the channel, the connection between peer-to-peer extensions. For a two-way call, a hacker is responsible for changing all routing tables to direct traffic to a pardonable IP address. Deyaky hackers, protest, do not get overwhelmed and do not think about what is displayed - if there is no way to see a file in a system and an important file, then it doesn’t mean anything.

As soon as the hacker can remember the routing tables and direct the traffic to the pardonable IP-addresses, he will reject all the packets and be able to display them in such a way as if they were sanctioned by the clerk.

The threat of spoofing can be relaxed (or don’t stick it) for the help of pererahovanih lower entry.

Access control. The easiest way to secure IP spoofing in the right way to control access. In order to reduce the effectiveness of IP spoofing, set up access control to the traffic of any kind of traffic, and to come from the most common traffic to the destination address, which is guilty of rooting out in the middle of your traffic. True, the process of additional assistance is fighting from IP-Spoofing, if only internal addresses are sanctioned; as well as sanctions and actions of addressing the most important hedge, the Danish method is becoming more effective.

Filtering RFC 2827. You can pinpoint spoofing of other people's fenders with your fancy fences (as a good footed footer). For all, it is necessary to reject any kind of on-site traffic, the address of which is not one of the IP-address of your organization. Danish filter type, see it as RFC 2827, maybe your ISP. As a result, all traffic will be discarded, which does not have a specific address, which is selected on the singing interface. For example, if the ISP sent it to the IP address 15.1.1.0/24, then you can set the filter in such a rank, so that only traffic is allowed on the ISP router's interface, but it can come from the address 15.1.1.0/24. Obviously, until quietly, as long as all providers do not match the type of filtering, its efficiency will be more efficient. In addition to the distance from the filtering outbuildings, it is more important to carry out accurate filtering. For example, the filtering of RFC 2827 on the router's level allows access to pass all traffic from the head fencing address (10.0.0.0/8), so on the same address (in the whole architecture) it is possible to interchange traffic.

The most effective method of fighting IP-Spoofing is the same as that of sniffing packets: it is necessary to launch an attack that is absolutely ineffective. IP spoofing can only function if you need to authenticate based on the IP address. In addition, additional authentication methods are used to prevent additional marnimis attacks. We will reduce the type of additional authentication є cryptographic. I'm not happy, good results can be achieved with two-factor authentication with one-time passwords.

Vidmova in service

Denial of Service (DoS), without sum, є the best in the form of hacker attacks. In addition, against attacks of this type, you will need to install a stovidstkovy zahist. In the middle of DoS hackers, it is a childish amusement, and when hackers are hungry, they need little knowledge and intelligence for organizing DoS. In addition to the very simplicity of the implementation and the great scale of the established Skodi, I get the respect of the administrators before DoS, and I see that they are safe for the grain. If you want to know more about DoS attacks, you should look at the best of them, but you should:

TCP SYN Flood

Ping of Death;

Tribe Flood Network (TFN) and Tribe Flood Network 2000 (TFN2K);

· Stacheldracht;

DoS attacks are known to be of a different type. Smell not aim at rejecting access to your fences, nor at rejecting from the whole lot, be it information, or a DoS attack to rob your grid that is inaccessible to the victorious victorious for dealing with the measure of permissible inter-combat systems. DoS attacks can be used by the development of some server extensions (such as a Web server or an FTP server), in order to take over all the information available for the number of information available for the number of additional information, and trimmings in the occupied ranks, which do not allow servicing. During DoS attacks, various Internet protocols such as TCP and ICMP (Internet Control Message Protocol) can be exploited.

The majority of DoS attacks are not rooted in software pills or breaches in security systems, but in the back of the weakness of the system architecture. The attacks can bring the productivity of the hedge to zero by re-equipping it with non-required and non-required packages, or, in addition, pomilkov information about the thread mill of the hedge resources. The Danish type of attacks is important to be protected, as it is necessary to coordinate with the provider. If you don’t zupiniti from the provider of traffic, signs for re-equipping your net, then you will not be able to change the price at the entrance to the net and you will not be able to, because all the smog will be taken over. If an attack of this type is carried out one hour through a powerless attachment, we are talking about a distributed DoS (DDoS) attack.

The threat of DoS attacks can be mitigated in three ways:

Anti-spoofing functions. Configuring anti-spoofing functions on your routers and mid-sized screens is correct, and you can also reduce DoS risk. This functionality is minimized to include RFC 2827 filtering. If a hacker cannot disguise his specialty, he is unlikely to dare to launch an attack.

Anti-DoS functionality. Correct configuration of anti-DoS functions on routers and interconnected screens is designed to intervene the effectiveness of attacks. These functions often encircle the number of such critical channels at any moment of the hour.

Traffic rate limiting. The organization can ask the ISP to interchange the traffic. This type of filtering allows you to wrap around uncritical traffic to pass through your hedge. Typical butt є obmezhenya obsyag_v traffic ICMP, which vikorystovutsya only for diagnostics purposes. (D) DoS attacks often exploit ICMP.

password attacks

Hackers can conduct password attacks using a variety of methods, such as brute force attacks, Trojan horses, IP spoofing and sniffing packets. If you want a login and password, you can often reject it as an additional IP spoofing and sniffing of packets, hackers do not easily get a password and a login, which is used for a wide range of access. This is called a brute force attack.

Often, for such an attack, a special program is victorious, as it is necessary to restore access to the resource of the zalny koristuvannya (for example, to the server). If, as a result, the hacker will get access to the resources, then we will deny him with the rights of an extravagant koristuvach, the password of which will be written. As long as the keystroke is able to grant access, the hacker can open his or her "pass" for the possible access, whatever the action, if the keystroke can change his password and login.

Another problem is, if you have to use one and the same (don't forget to find a good one) password for accessing your systems: corporate, personal and Internet systems. Because of the strength of the password, the strength of the weakest host is obtained, then the hacker, who has given the password through the whole host, will deny access to all of the other systems, and will receive the same password.

Pralny attacks can be unique, as long as you don't use passwords in text form. One-time passwords and / or cryptographic authentication can be practical to prevent such attacks. Unfortunately, not all the programs, the hosts and the add-ons adapt to the best methods of authentication.

In case of victorious passwords, you must think of such a thing, which will be important for you. The minimum amount of password is guilty of at least eight characters. The password is guilty of including upper register characters, digits and special characters (#,%, $, etc.). Brush passwords is important to write and remember to remember what you write on the porch. In order to uniquely unite, creepy and administrative, there can be victorious a number of the remaining technological achievements. So, for example, there is an application program, a cipher list of passwords, which can be stored in an intestinal computer. As a result, only one folding password is required to remember all of them, so that all of them will be hopelessly stolen by the add-on. For the administrator, there are a number of methods for fighting with the selection of passwords. One of them is the help of L0phtCrack, which is often used by hackers to pick passwords in the Windows NT middleware. Tse will quickly show you how easy it is to accept the password, we will vibrate with you. Dodatkova information can be edited for the address http://www.l0phtcrack.com/.

Man-in-the-Middle Attacks

For a Man-in-the-Middle attack, a hacker needs access to packets, which are transmitted as they go. Such access to all packets, which is transmitted from the provider, whether it’s a net, maybe, for example, a special provider. For attacks of this type, it is common to pick up packet sniffers, transport protocols and routing protocols. Attacks are carried out using the method of stealing information, overriding the flowing session and denying access to private grid resources, for analyzing traffic and denying information about the extent and for introducing attacks like DoS, for introducing attacks like DoS.

You can effectively fight Man-in-the-Middle attacks only with additional cryptography. As a hacker rewrite the data of the encrypted session, it will not appear on the screen of a hacker, but a bezel-less set of symbols. Apparently, if a hacker can deny information about a cryptographic session (for example, a session key), then a possible Man-in-the-Middle attack can be launched into the encrypted middle.

Attacks on Rivne Dodatkiv

Attacks on pre-requisites can be carried out in a number of ways. The most common of them is a victorious view of the weaknesses of server software security (sendmail, HTTP, FTP). Vikoristovuchi ci weaknesses, hackers can deny access to the computer from the name of the koristuvach, which is right with the addon (call the tse buva not just koristuvach, but entice the administrator with the system access rights). Seemingly about attacks on new additions is widely published, so that administrators can fix the problem behind additional corrective modules (patches). Unfortunately, a lot of hackers can also get access to all kinds of buildings that allow them to get comfortable.

The main problem with attacks on polygons is that hackers often use ports that allow them to pass through the middle screen. For example, a hacker who exploits the weakness of a Web server is often victorious in the course of an attack on TCP port 80. Oscillations of the web server are given to Web servers, then the middle screen is guilty of securing access to a certain port. From the point of view of the firewall, the attack looks like standard traffic for port 80.

I will increase the ability of attacks to be carried out on the same level as before. Hackers are constantly displaying and publishing on the Internet a new infusion of applications. Naygolovnishe here is a garne of system administration. Axis deyakі go in, as it is possible to destroy, to reduce the variability for attacks of this type:

Read the log files of operating systems and log files and / or analyze them for additional special analytical programs;

Merezheviy development is called a collection of information about the hemispheres of available data and supplements. When preparing an attack against a hacker, as a rule, he will be able to reject more information about it. Merezheva development is carried out in the form of DNS power supplies, moon testing and scanning of ports. Powering up the DNS will add to the intelligence, which will help you with the same domain and addressing the domain in question. Vіdlunnya-testuvannya address, opened for additional DNS, allows you to poke, as hosts really work in this environment. Having trimmed the list of hosts, the hacker will pick up the scanned ports, then put a new list of services that can be nadajustsya by the host. I nareshty, the hacker analyzes the characteristics of the data, scho work on the hosts. As a result of the information, you can be victorious for the evil one.

Increasingly, it’s unwise to get involved in the low-hanging fruit. If, for example, turn on the ICMP moon and the moon-see on the peripheral routers, then you will be able to see the moon-test, but take in the data that is necessary for diagnosing the hedgehogs. Besides, it is possible to scan a port without a forehand moon-testing - it’s just a loan of more than an hour, so you can get an unclear IP address. IDS systems on equal heights and hosts make sure to cope well with the administrator's advice about the development of hedges, so that it allows you to get more information up to the future of the ISP.

Correct yourself with the most recent versions of operating systems and additional updates and the latest correction modules (patches);

In addition to system administration, use attack detection systems (IDS) - two mutually complementary IDS technologies:

Merezheva IDS (NIDS) system displays all packets passing through the singing domain. If the NIDS system backs up a packet or a series of packets, which is triggered by the signature of an attack, it will generate a alarm signal or a message;

Host-system IDS (HIDS) captures the host behind the help of software agents. The system fights only attacks against a single host.

In its own robotic systems, IDS detects attack signatures, which represent the profiles of specific attacks or types of attacks. Signatures visnachayut umovi, for any traffic, hackers are involved. Analogs of IDS in the physical light can be used to use a forwarding system or a warning camera. The biggest shortcoming of the IDS is that the alarm signals are generated. In order to minimize the number of possible alarm signals and to require correct functioning of the IDS system in the grid, it is necessary to set up the whole system.

sinister dovіroyu

Vlasne it seems, the whole type is not є in the main reasoning of words by attack or by assault. Win is a wicked victoriousness of all kinds of doviri, who are in the nether. The classic butt of this evil is the situation in the peripheral part of the corporate net. In a whole segment, DNS, SMTP and HTTP servers are often rooted. Oscillations of all the stinks lie down to one and the same segment, be it evil from them to make all of them evil, so as the servers entrust their systems to their hedge. With a small butt, a system is installed from the outer side of the firewall, which can be used from the system installed from the inner side. In case of an evil calling system, a hacker can vikoristovuvuyuyuyuyuyuyu to penetrate into the system, stolen by the firewall.

Rizik ominous doviri can be reduced for greater control of rivniv doviri in the fringes of his fences. Systems that have been rooted from the calling side of the firewall, but for any minds, are not guilty of absolute trust from the side of the systems seized by the screen. As soon as possible, you should be able to authenticate yourself not only by IP addresses, but by the specified parameters.

port forwarding

Port redirection is a kind of evil to do so, if the host's malicious messages are sent to transmit traffic via the multi-screen, which is in the same type of buv bi as a rule of thumb. There are three different interfaces, up to the skin connection of the host. The called host can connect to the DMZ host, but not before installing from the inside of the firewall. The host can be connected to an internal or external host. If a hacker grabs a host for outside access, you can install it on a new software server, redirecting traffic from the outside host directly to the internal one. If I do not want to break the rule at all, the order is on the screen, the called host, as a result of the redirection, will deny direct access to the stolen host. For an application program that can provide such access, є netcat.
The main way to deal with the redirection of ports is to pick up the top models of doviri (div. In addition, if the hacker is transferred to the host of his software, he can also host an IDS (HIDS) host system.

Unauthorized access

Unauthorized access can not be seen in the third type of attack, fragments of a large number of hedgehog attacks are carried out in order to discourage unauthorized access. Please accept the Telnet login, the hacker is guilty of trying to read the Telnet message on his system. When you connect to the Telnet port, the screen will appear as “authorization required to use this resource”. As long as the hacker tries to continue trying to access, the stench will be taken into account by unauthorized people. Dzherelo of such attacks can be overwhelmed by the middle of the hedge or the call.

Ways to fight against unauthorized access to complete downtime. Let's head here є speedy, because of the liquidation of the hacker's abilities to deny access to the system for an additional unauthorized protocol. Yak butt can be seen to prevent hacker access to the Telnet port on the server, which is necessary for the Web-services to call them. Do not let access to this port, a hacker cannot attack. Well, if a firewall is a problem, then the main employees will be able to prevent the most unauthorized access.

Viruses and additions to the "Trojan Kin" type

Working stations of Kintsev koristuvachiv are even more challenging for Viruses and Trojan horses. Viruses are called shkіdlivі programs, as they are used in programs for singing non-requested functions at the work station of the Kintsev koristuvach. As a butt, you can bring a virus that is registered in the command.com file (the main interpreter of Windows systems) and deletes files, and also infects all versions of command.com that are known to it.

The Trojan horse is not a program insert, but a help of the program, as for the first glance it will be a crimson supplement, and on the case of a vison, a shkidlivu role. With the butt of a typical Trojan horse є a program, a yak viglyadє, which is a simple game for the working station of a koristuvach. However, leave the koristuvach gra in the group, the program will send its copy by e-mail to the skin subscriber entered in the address book of the koristuvach. All subscribers can be found by the order of the group, more widespread.

Software and technical tools and ways of securing information security

Proceed with the onset of the classification in favor of the owner of the information:

Help the person get unauthorized access (NSD)

Access control models
- Viborche access control;
- Mandatory access control;
- Authentication systems:
- Password;
- Certificate;
- Biometrics;
- Get authorization;
- Role-based access control;
- Mіzhmerezhevі screens;
- Anti-virus zasobi;
- Zhurnaluvannya (so called Audit itself).

Make sure to increase the amount of time you need to use technical channels

Give yourself a chance to get out of the acoustic information;
- Make sure that the unsanctioned connection is secured before the connection is made;
- Get the fixes out of the annexes;
- Give yourself a chance to see the visual knowledge of the information;
- Give me a chance to get through the round of information on PEMVN.

Systems and monitoring

Intrusion detection system (IDS / IPS).
- Systems for detecting and detecting information loops.

Systems for the analysis and modeling of information (CASE-systems).

Analyzer protocols.

cryptographic data

encryption;
- Digital signature;
- Steganography.

Backup systems

Systems of uninterrupted living

Dzherela without interruption;
- Reserves navantazhennya;
- Generator naprugi.

Zachist from physical injection

Help the evil corps and steals of the establishment to be protected;
- Assign control over access to the community.

Instrumental analysis of systems

Monitoring software product;
- Base knowledge for auditing the system and obtaining information on compliance with standards.

9.viznachiti rivn zahistu

GOST R 50922-2006

For vnnachennya rіvnya zahistu needs to create a model of risikіv.
Rizik \ u003d asset value * contaminate * spillage.
Eagerness-tse as the power of the system, as it can be a vicious malefactor in his own purposes.

variability (information system); break: The power of the information system, which summarizes the possibility of realizing the threat of safety in the new information.

For example, open ports on the server, filter visibility in the feed field (field for SQL-injection), wake-up input, etc.
The threat is the fact that the evil-doer is vicious and infiltrating the system. Threat (security of information): The number of minds and factors that increase the potential, but actually, there is a need for the loss of security of information.

Contaminate and variability of the value of imovirnisny, estimate from 0 to 1.

At the same time, all the risks are possible:
1) Accept (just the nobility і all)
2) Reduce to def. rivnya and accept
3) Escape from her (for example, connect all servers)
4) Transfer її (for example. Get insured from her).

List of literature:

http://www.polyset.ru/GOST/all-doc/GOST/GOST-R-50922-96/

http://www.internet-technologies.ru/articles/article_237.html

Kalinin I.O. , Samilkina M.M.
Fundamentals of Information Security in Telecommunications Networks. 2009. Vidavnistvo: Intellect-Center

Shepitko G.I., Gudiv G.N., Loktyev A.
An integrated system for obtaining information at the enterprises. 2008
Vidavnitstvo: International Finance Academy

Read also

Did you get it? Like us on Facebook