For a long time I've always wanted to write this article, but a because of the chores, second may not want to hit a lot of people the confidence, so has been dragged in the hesitation, recently a little brother and me communication, aspire to do information security, I decided to write this article, hope he can see, for reference only.
"I don't know how of attack against the" this sentence come from difficult to textual research, but in domestic in recent years, some large and small security summit, always be some tall, director of the higher-ups to hang in the mouth, first of all, I want to ask: "do not know how attack prevention" was established? Also like to be true, but this and "know how" is a false proposition were not associated with this discussion,
On the discussion of "I don't know how prevent the attack" is correct before, I want to analyze the exact meaning of this sentence, estimate the higher-ups to tell our attack is important, or tell us how to do protection, so information security attack on protection is so important?
1 attack, protection and the relationship between the holes
From the system security architecture, not attack because of system protection, or vulnerability problems and loopholes, which give the attacker opportunity, so the problem is coming, in the attack, there is flawed as the intermediary between protection, this is the key, no loophole, attack and the eight pole also can not play, therefore, protection does not have to pay close attention to attack, accurate to say that directly protection should focus on vulnerabilities, system to produce the fragility, etc., which is to improve the core of the system protection,
2 attacks can only get fragmented information
Maybe someone said it is critical that attacks are to be found vulnerabilities, then attack, the attack must be the loophole, so said "I don't know how of attack against the" also makes sense, not artificial, then we again careful analysis, attacks emphasizes using tools to find loopholes, pry information included in the whole process, gathering information, sorting information, analyzing information, the judgment information, more is the use of loopholes in existing mining experience, the vulnerability of the homogeneous features found loopholes, looked from the whole process, restricted by the limitation of technology, from the Angle of attack analysis system vulnerabilities, forever only get scattered information system vulnerabilities, of course, if you want to system, the comprehensive analysis from the Angle of attack vulnerability information, in theory, through analysis of characteristics of the system is running, especially the runtime memory structure, process, the information such as thread processing analysis, or implement static analysis for the executable file, but obviously these are beyond the field of vision of research, the domestic many large coffee in addition, due to the limitation of the technology itself and the analysis object, estimates that even abroad and analysis of these problems can't say has a comprehensive grasp to the system vulnerabilities,
3 holes to a wide range of
Unlike attack to collect information, vulnerability research from requirements analysis, architecture design, algorithm design, the different angles such as coding, and from the user layer, configuration management, the application layer, logic layer, layer code, binary layers, such as different levels found in violation of the confidentiality, availability, non-repudiation, the principle of least privilege, separation principle, role authorization security theory, such as separation principle and even more in violation of the system designer, developer, user some problems of the original, obviously, from this point of view, theoretical basis of system security vulnerability research requires knowledge, analysis of feature modeling system have a thorough grasp, I think, to clear up these levels of hole formation, safety protection is easy,
4 what is make the core of the protection
From the protection technology, safety protection system is divided into two parts, one is the application logic function part of the system itself, the robustness of the protection, it requires from the analysis, design and implement the level as far as possible to reduce vulnerability problems, follow the principle of safety, and security enhancements logic function part, such as access control, encryption, authentication, signature, log management and so on,
Obviously, to do a good job of the protection of the key still lies in the grasp of the hole, if the attacker's way of thinking to do protection, if can list all controlled CVE vulnerability and one by one, I can only say so - so, after all, the method of systemic, comprehensive cannot assure, there could be a lot of loopholes in the protection, to put it bluntly, no set of system, the method of comprehensive guide protection, holes always emerge in endlessly, what this theory is that? Personally think that it is derived from the system safety theory and system analysis methodology, especially software analysis methodology, a typical security vulnerabilities such as master in the source code to write code to write normative theory, so as to meet the code level of vulnerability and fragility, without these, and focus on the "practice" and "ideas" (domestic some large Internet company recruitment information security requirements), the present situation of the domestic information security forever just the status quo,
5 conclusion
So far, I want to explain the relationship between the attack and defense has been made clear, good protection should know the attack, but should be more directly know the security features of the system itself, the safety theory, the vulnerability analysis system and its causes, this is the fundamental,
From the attacker's point of view, it is hard to imagine that, in the process of the attack characteristic analysis of the system itself is not enough, the principle of safety and protective theory is not deep, attacks are the elephant, such as a grave robbers want to open a tomb, he took the pick, sheath maerial of tapping on the east, west, and hope to find the entrance, but if the structure of the cemetery is not clear, may never be able to enter, on the contrary, such as in structure, may get twice the result with half the effort, even more, for craftsmen build cemetery, such as know the weaknesses of the cemetery, targeted reinforcement cemetery, attackers use any tool or means, how can I?
, on the other hand, from the perspective of the protection information and methods of the attacker and defender have means are vastly different, the attacker's application environment is generally don't understand the system analysis, design idea, generally no source code, etc., only the system can do some spying on sex when access to the information collection, protection, know the requirements analysis, design, algorithm, configuration, etc., obviously, the defender system has much more information about; Have means everything at the same time, in this context, guiding by means of the attack protection, like a civilian official guidance work, style, ideas, resources, starting each are not identical, to guide from? Maybe, for the state's way to shape is always isn't worth mentioning,
Here don't want to deny all kinds of hackers or red visitors, but to remind: (a) attack is not all of the information security; (2) the characteristic analysis of the system itself, the security principle of vulnerability study the root cause of the problem is the king of the information security protection, as for the other is the fact,
Lin Mengni
In January, 2016 in Beijing
From personal blog: http://blog.sina.com.cn/s/blog_14ecb0c6c0102w4cs.html
Welcome to discuss clap brick,