主机安全检测系统的研究与实现
|
摘要
随着计算机网络技术的高速发展,网络开始渗透到社会的各个领域。在这个巨大的网络当中,支撑着系统正常运行的基本节点就是网络主机。这些主机包括服务器,路由器,交换机,个人计算机等等。然而这些主机存在着不同程度的安全隐患。为了更好的保护网络主机的安全,首先需要检测主机的安全性,发现主机存在怎样的安全问题。
目前,主机安全检测方式主要有利用自动化漏洞扫描工具进行检测和人工检测两种。扫描工具检测的范围有限,而人工检测方式往往依赖检测人员的技术、经验,且效率低。
因此,本文研究了主机安全检测的方法,以B/S模式,设计并实现了一种半自动化的主机安全检测系统,系统针对终端主机的安全脆弱性检查,完成针对主机系统配置、系统参数、用户访问权限、帐户/口令、文件访问权限、日志文件等方面存在的安全脆弱性测试。
本文全面描述了主机安全检测系统从设计到实现的过程,具体工作如下:
1.调研主机安全检测的背景
2.设计主机安全检测系统的检测内容库
3.主机安全检测系统的总体设计
4.主机安全检测系统关键模块详细设计和实现
5.主机安全检测系统测试
本系统已经通过审核并交付使用,取得了良好的效果。本文的工作率先提出了主机安全检测系统的概念,对于主机安全检测系统的设计和实现有着借鉴意义。
With the rapid development of computer network technology, network began to permeate all areas of society. Among this vast network, the basic node that supports the normal operation of the system is the network host. These hosts include servers, routers, switches, personal computers and so on. However, these hosts have varying degrees of security risk. In order to better protect the security of the network hosts, we need to detect the host's security first, and find out what kind of security problem existing in the hosts.
At present, there are two main methods of host security detection. One is detection by using automated vulnerability scanning tools, the other is manual detection. Automated scanning tools are limited in scope; while artifical detection ofter relays on the inspectors'technology, experience, and it has low efficiency.
Therefore, we study the host security detection methords, design and implement a semi-automated host security detection system. This system is based on Browser/Server structure. The system can complete the inspection of the host's security vulnerability that exist in operating system configuration, system parameter, user access permissions, account/password, file access, log files and other aspects of the security vulnerability.
This paper gives the comprehensive description of the host security detection system from designing to implementation. The specific work is as follow:
1. Investigate the background of host security detection;
2. Design the Content Library of host security detection system;
3. Design the host security detection system;
4. Host security detection system detailed design and implementation of key modules;
5. Functional testing of host security detection system.
The system has been approved, and deliverd, and achieved good results. This work pioneered the concept of host security detection systems, and it can provide a reference for the host security detection system design and implemention.
目前,主机安全检测方式主要有利用自动化漏洞扫描工具进行检测和人工检测两种。扫描工具检测的范围有限,而人工检测方式往往依赖检测人员的技术、经验,且效率低。
因此,本文研究了主机安全检测的方法,以B/S模式,设计并实现了一种半自动化的主机安全检测系统,系统针对终端主机的安全脆弱性检查,完成针对主机系统配置、系统参数、用户访问权限、帐户/口令、文件访问权限、日志文件等方面存在的安全脆弱性测试。
本文全面描述了主机安全检测系统从设计到实现的过程,具体工作如下:
1.调研主机安全检测的背景
2.设计主机安全检测系统的检测内容库
3.主机安全检测系统的总体设计
4.主机安全检测系统关键模块详细设计和实现
5.主机安全检测系统测试
本系统已经通过审核并交付使用,取得了良好的效果。本文的工作率先提出了主机安全检测系统的概念,对于主机安全检测系统的设计和实现有着借鉴意义。
With the rapid development of computer network technology, network began to permeate all areas of society. Among this vast network, the basic node that supports the normal operation of the system is the network host. These hosts include servers, routers, switches, personal computers and so on. However, these hosts have varying degrees of security risk. In order to better protect the security of the network hosts, we need to detect the host's security first, and find out what kind of security problem existing in the hosts.
At present, there are two main methods of host security detection. One is detection by using automated vulnerability scanning tools, the other is manual detection. Automated scanning tools are limited in scope; while artifical detection ofter relays on the inspectors'technology, experience, and it has low efficiency.
Therefore, we study the host security detection methords, design and implement a semi-automated host security detection system. This system is based on Browser/Server structure. The system can complete the inspection of the host's security vulnerability that exist in operating system configuration, system parameter, user access permissions, account/password, file access, log files and other aspects of the security vulnerability.
This paper gives the comprehensive description of the host security detection system from designing to implementation. The specific work is as follow:
1. Investigate the background of host security detection;
2. Design the Content Library of host security detection system;
3. Design the host security detection system;
4. Host security detection system detailed design and implementation of key modules;
5. Functional testing of host security detection system.
The system has been approved, and deliverd, and achieved good results. This work pioneered the concept of host security detection systems, and it can provide a reference for the host security detection system design and implemention.
引文
[1]廖建国.网络安全测评系统设计实现与标准研究[D].福建:福州大学.2003.5:1-3
[2]肖新光.主机安全检查与风险评估[J].信息安全.2008.5:10-11
[3]陆余良.主机安全量化融合模型研究[J].计算机学报.2005.5:914-915
[4]崔蔚.主机网络安全防护技术的研究与应用[J].成都信息工程学院学报.2005.4:164-166
[5]胡道元.网络安全[M].北京:清华大学出版社.2003.5:309-350
[6]杜虹.涉密信息系统安全风险评估[J].信息网络安全.2006.1:66~68
[7]叶翔.主机安全防护系统研究与实现[D].湖北:华中科技大学.2004.5:1-4
[8]张晓婷.涉密计算机审计与监控系统的设计与测试[D].北京:北京交通大学.2006.5:7-8
[9]蒋显岚.计算机信息系统安全风险评估标准与方法的研究[D].吉林:吉林大学.2007.10:13-16
[10]林杨毅.主机安全漏洞扫描系统的研究与实现[D].浙江:浙江大学.2006.11:4-5
[11]刘宝旭.网络安全评估方法的研究与实践[J].计算机工程.2007.8:133-138
[12]邱宏.网络安全评估方法综述[J].电脑知识与技术.2008.2:680-683
[13]Stephen F. Bush. Network Vulnerability Analysis Tool. General Electric Corporate Research and Development Center.1993.3
[14]Lawrenee R.Rogers.. Home Computer and Internet User Security. CERT/CC.2005.2
[15]Robert B. Computer and network security. The Journal of Computing in Small Colleges.2001.4
[16]MattBisho. Computer security. Art and science.2004.
[2]肖新光.主机安全检查与风险评估[J].信息安全.2008.5:10-11
[3]陆余良.主机安全量化融合模型研究[J].计算机学报.2005.5:914-915
[4]崔蔚.主机网络安全防护技术的研究与应用[J].成都信息工程学院学报.2005.4:164-166
[5]胡道元.网络安全[M].北京:清华大学出版社.2003.5:309-350
[6]杜虹.涉密信息系统安全风险评估[J].信息网络安全.2006.1:66~68
[7]叶翔.主机安全防护系统研究与实现[D].湖北:华中科技大学.2004.5:1-4
[8]张晓婷.涉密计算机审计与监控系统的设计与测试[D].北京:北京交通大学.2006.5:7-8
[9]蒋显岚.计算机信息系统安全风险评估标准与方法的研究[D].吉林:吉林大学.2007.10:13-16
[10]林杨毅.主机安全漏洞扫描系统的研究与实现[D].浙江:浙江大学.2006.11:4-5
[11]刘宝旭.网络安全评估方法的研究与实践[J].计算机工程.2007.8:133-138
[12]邱宏.网络安全评估方法综述[J].电脑知识与技术.2008.2:680-683
[13]Stephen F. Bush. Network Vulnerability Analysis Tool. General Electric Corporate Research and Development Center.1993.3
[14]Lawrenee R.Rogers.. Home Computer and Internet User Security. CERT/CC.2005.2
[15]Robert B. Computer and network security. The Journal of Computing in Small Colleges.2001.4
[16]MattBisho. Computer security. Art and science.2004.