1、打开IE,地址栏输入www.google.cn。
2、搜索栏后面高级搜索。
3、搜索框输入你要的文献题目,当然最好是英文的,下面文件格式选择pdf、doc格式。
4、回车
5、在搜索结果标题中右击使用迅雷下载,或者目标另存为。下载下来大多数是很好的英文文献。。。。。
外事问google,内事问百度。
然后呢,你要一份现成的吧
去毕业论文之类的网上百度一下。很多是翻译中英文都有的。
还有个方法就是照片中文类似的文章 用金山词霸 或者 灵格斯反映成英文。
一般老师只看中文 不看英文的。
当要维护网络安全的时候,需要加以了解的关键问题就是网络漏洞可能存在于位于何处。只有了解攻击者会从何处入手,才能采取相应的措施加强系统的安全。下面部分针对可能存在的安全漏洞进行了简单的概括,这些地方都是网络安全需要注意的方面。
物理安全性:网络窃听与地址欺骗
物理安全性的安全性非常重要,但这个问题中的大部分内容与网络安全无关,例如如果服务器被盗窃了,其上面的硬盘就能被窃贼使用物理读取的方式进行分析读取。这只是一个极端的例子,更一般的情况可能是非法使用者接触了系统的控制台,重新启动计算机并获得控制权,或者通过物理连接的方式窃听网络信息。
最近国内报告了几例 “黑客” 事件,攻击者通过将物理线路连接到目的线路上,并利用对这些专有的计算机系统的了解来窃取信息。事实上这种攻击方式不能算一个真正的网络攻击,并不用说网络黑客了。
在物理安全方面,与网络相关的问题主要在于传输数据的安全性。由于TCP/IP协议是一种包交换网络,各个数据包在网络上都是透明传输的,将经过各个不同的网络,由那些网络上的路由器转发,才能到达目的计算机。由于数据包都是直接经过这些网络,那么这些网络上的计算机都有可能将其捕获,从而窃听到正在传输的数据。这个物理上的传输安全问题对网络安全非常重要,因为当前的TCP/IP协议本身并没有对安全传输进行考虑,很多应用程序,如telnet、ftp 等,甚至使用明文来传递非常敏感的口令数据。获取网络上流过全部数据的方法通常被称为网络分析(sniffing)。
由于物理网络的传输限制,并不是在网络上的任意位置都能捕获数据包信息的。对于最常用的以太网,较老的共享式以太网能在任意一个位置窃听所有流经网络的信息包,而新式的交换式以太网能够在交换机上隔离流向不同计算机的数据,因此安全性更高。然而无论怎样的网络,路由器总是一个非常关键的位置,所有流入流出网络的数据都经过这个特殊的计算机,如果攻击者在路由器上进行窃听就会造成非常严重的安全问题。
交换式以太网并不能保证不能百分之百不被窃听,高明的窃听者能通过欺骗以太网交换机来完成窃听的任务,然而这需要针对具体交换机的弱点进行攻击,事实上很难进行。
防范窃听的方法是对传输的数据进行加密,最简单的情况下就不要使用明文来传输重要的认证信息。在FreeBSD 下可以使用Kerberos认证保证口令传输不被窃听。更进一步,可以使用支持加密传输的应用程序传输重要的数据,如ssh。在数据要通过的不安全网络上设定虚拟专用网也能解决这个问题。当前,从IP层支持数据安全的协议为IPSec ,FreeBSD下也有一个开发组KAME是支持IPSec的(KAME的网址位于http://www.kame.net/ )。以后会有越来越多的应用程序支持IPSec,不再有传输安全的问题。
涉及物理安全性的另一个问题是网络地址欺骗,很多网络服务将安全性依赖于区分不同计算机的方式,可信任的计算机能够访问网络资源,不可信任的计算机被拒绝访问。然而非法入侵者可以通过欺骗的方式,使得目的计算机认为它是可信任的计算机,从而达到入侵的目的。
网络地址欺骗可以分为两种,一种为假冒其他计算机网卡的硬件MAC地址,这样就能使得这台计算机能完全冒充另外那台计算机,突破依赖于MAC地址的访问限制。很多网卡可以通过驱动程序更改MAC地址,操作系统也能通过软件的方法更改其驱动程序中保存的MAC地址。因此MAC地址是不可靠的,不能依赖于它来保护具备敏感性的数据信息。显然,假冒MAC地址方法只能存在于同一个局域网之中,不能跨越网络。
然而对TCP/IP来讲,通信还是主要依赖于IP地址,因此更普遍的地址欺骗还是要通过假冒IP地址的方法进行的。对于任何操作系统来讲,更改IP地址非常简便。在同一个子网当中,更改IP地址之后,它就能假冒那台被信任计算机。然而在同一个子网之外,假冒IP地址就需要更复杂的技术,首先它需要了解假冒的IP数据包是否能发送到目的计算机上,这需要依赖于它和目的计算机的路由器的设置,很多的路由器不能分辨IP数据包是否是从正确的子网发送出来的(或者没有屏蔽这些非法的IP数据包),这样假冒的IP数据包就能到达目的计算机。由于假冒的IP数据包中的IP地址与发送的计算机不相符,因此回应的数据包不会返回假冒IP地址的计算机,这样就需要假冒的计算机只能依靠猜测来攻击目的计算机。
在地址欺骗中,如果要被假冒的计算机正在运行,势必要发生冲突。入侵者为了避免出现这些问题,可能会首先攻击要被假冒的计算机,使其当机或超负荷运行,而不能响应服务请求。然后才能无妨碍的进行攻击过程。
----------
下面是英语版本-
-----------
When network security to protect when the need to understand the key problem is the loopholes that may exist on the network location. An attacker would only know where to start, to take corresponding measures to strengthen system security. For the following part of the security vulnerabilities that may exist for a simple generalization, where are the network security needs attention.
Physical security: the network address spoofing and eavesdropping
Physical security of the security is very important, but the problem most of the content and network security has nothing to do, for example, if the server was stolen, and its hard drive above the thief will be able to be read the way the use of physical analysis to read. This is just an extreme example, but in general may be illegal users from accessing the system console, restart the computer and control, or by way of physical connection eavesdropping network information.
Recently reported several cases of domestic "hacker" incident, the attacker physical line by line to connect to the purpose and use of such proprietary computer systems to steal information. In fact such attacks could not be a real network attack that hackers do not use the.
In physical security, and network-related problem lies mainly in data security. Since the TCP / IP protocol is a packet-switched networks, all packets are transparent on the network transmission will be different after the network, from network routers that forward, to reach the objective of the computer. As the packets are a direct result of these networks, then the computer on the network are likely to be caught, thus tapping into the data being transmitted. The physical transfer of security issues is very important to network security, because of the current TCP / IP protocol itself does not consider the transfer of security, many applications such as telnet, ftp, and even the use of express delivery is very sensitive to the password data. Access to the upper reaches of all the network data is commonly referred to as network analysis (sniffing).
Physical network as a result of transmission constraints, not anywhere on the network can capture packets of information. The most commonly used for Ethernet, older shared Ethernet to eavesdropping at any one location all the information packets through the network, and exchange of new Ethernet switches to isolate the flow of data in different computer, therefore more secure. However, no matter how the network, the router is always a very critical position, all the inflow and outflow of data networks have been this particular computer, if an attacker eavesdropping on the router will cause a very serious security issues.
Switched Ethernet does not guarantee that can not be 100% not tapped, tapping those clever deception through Ethernet switch to complete the task of tapping, but this specific switches need to attack the weakness, in fact, very difficult.
Ways to guard against eavesdropping is to encrypt the data transmission, the most simple use cases do not specifically certified to transmit important information. FreeBSD can be used in the Kerberos password authentication to ensure that transmission is not tapped. Furthermore, encryption can be used to support the transmission of the important applications of data transmission, such as ssh. In the data through the insecure network Virtual Private Network settings can also solve the problem. There will be more and more applications that support IPSec, the security no longer have transmission problems.
Related to the physical safety of another problem is the network address spoofing, a lot of network security services will be dependent on the way to distinguish between different computers, the computers have access to trusted network resources, the computer can not be trusted to be denied access. However, the intruder can be illegal to deceive a manner so that the purpose of the computer that it is a trusted computer, so as to achieve the purpose of the invasion.
Network address can be divided into two kinds of deception, a fake card in other computer hardware MAC address so we can make this computer able to impersonate the other computers, a breakthrough depends on the MAC address of the access restrictions. Card can be a lot of drivers to change the MAC address, operating system software, the method can also change the driver of the MAC address of the depositary. MAC address is therefore unreliable and can not rely on it to protect sensitive data with. Obviously, the fake MAC address can only exist in the same LAN, and not across the network.
However, TCP / IP, the communication is still mainly rely on IP addresses, and more generally to address spoofing or fake IP address through the method. For any operating system, the IP address is very easy to change. In the same subnet, the IP address changes, it will be able to fake confidence that Taiwan was the computer. However, in the same subnet, the fake IP address on the need for a more complex technology, first of all, it needs to know a fake IP can send packets to the destination computer, which need to rely on the computer on it and the purpose of the router settings, Many routers can not distinguish whether the IP packet from the correct subnet send out (or did not shield these illegal IP packet), this fake IP packet will be able to reach our destination computer. IP as a result of counterfeit packets of the IP address and send the computer does not match, it will not respond to packets of fake IP address back to the computer, this computer will need to rely on fake guess the purpose of the computer to attack.
Deception in the address, if you want to be fake and the computer is running, it is bound to conflict. Intruders in order to avoid these problems, first of all, the attack may be fake computer to crash or overload operation, and not to respond to service requests. Before they can attack without prejudice to the conduct of the process.
-----
希望可以符合您的要求呃--
登QQ 端口不通
啊 老大我是中国人
内容全部来源于网络收集,如有侵权,请联系网站删除:QQ:24596024