【正文】 樣做是讓該公司集 中 保護(hù)政策。 防火墻 防火墻運行于 Windows NT Server 和 上 ，包括強(qiáng)大的記錄功能。防火墻已經(jīng)可以處理它們 了 。和 SecurIT審計可以檢查多個平臺，包括 Linux， Solaris 和 SunOS中， Windows NT和 Windows 95 中的漏洞?？雌饋碓诰W(wǎng)絡(luò)上的基本漏洞，如無密碼 的 共享資源，光掃描，并要求只有幾分鐘的運行。在網(wǎng)絡(luò)上建立一個認(rèn)證服務(wù)器，并配備遠(yuǎn)程用戶認(rèn)證令牌或智能卡。 1） 6 安全的共同威脅的解決方案 這里有六種常見的網(wǎng)絡(luò)安全問題及其解決方案列舉在 PC雜志， 1997年 出 版。 VPN 能提供任何網(wǎng)絡(luò)功能，如分享數(shù)據(jù)、訪問網(wǎng)絡(luò)資源、打印、數(shù)據(jù)庫、網(wǎng)站等等。 濱州學(xué)院畢業(yè)設(shè)計 (專業(yè)外文翻譯 ) 14 2）解密過程： 解密過程基本上是加密過程的逆向。 4． 加密 隨著辦公室和組織連接到網(wǎng)絡(luò)， 許多人考慮把以廉價的方式廣域和遠(yuǎn)程連接互聯(lián)網(wǎng)基礎(chǔ)設(shè)施。 令牌是遠(yuǎn)程用戶能隨身攜帶的，信用卡或者計算器大小的設(shè)備。 濱州學(xué)院畢業(yè)設(shè)計 (專業(yè)外文翻譯 ) 13 在性能方面的情況，如果有 10Mbps 或者 100Mbps 以太網(wǎng)連接，組織就不應(yīng)該擔(dān)心使用應(yīng)層網(wǎng)關(guān)，如果公司內(nèi)部使用網(wǎng)絡(luò)應(yīng)用程序代理，他們可以考慮基于硬件的快速解決方案，例如思科公司的 PIX Firewall 或者西雅圖軟件公司的Firebox。 應(yīng)用層網(wǎng)關(guān)防火墻評估有效地網(wǎng)絡(luò)數(shù)據(jù)包，使代理比數(shù)據(jù)包過濾器更安全。下面是幾種以不同方式運轉(zhuǎn)的防火墻。企業(yè)想網(wǎng)羅這個進(jìn)程處于該組織最高水平的人才?！边@篇文章描述了多種類型的網(wǎng)絡(luò)威脅和可以保護(hù)個人以及公司的解決方案 。 a corporate central office for example. 6. Analyzing Other Security Threats: Java and ActiveX Even after one has done all possible to block unauthorized users from accessing a work, there is still the danger of viruses, which can enter through attachments, and malicious Java and ActiveX applications that e into a work as users browse the Net. When dealing with hostile Java and ActiveX applets, Finjan Software offers 濱州學(xué)院畢業(yè)設(shè)計 (專業(yè)外文翻譯 ) 6 SurfinShield X tra for desktop users as well as Surfin Gate for servers. These unique packages actually maintain a database of known Java and ActiveX problems and monitor ining and existing applets. Both products block only applets that misbehave, letting all others through. 1） Solutions to 6 Common Threats to Security Here are six mon Inter security problems and their solutions cited in PC Magazine, 1997. Reprinted by permission December 1998 2） Interception of Encrypt using desktop or server encryption hardware or software. Use digital signatures and certificates to authenticate senders and verify that has not been tampered with. 3） Theft or alteration of corporate information Use the same procedures as for intrusion. Also use encryption hardware or software to encrypt traffic flowing from office to office across the Inter. 4） Macro viruses from attachments Install an antivirus gateway to filter ining messages. 5） Corporate work intrusion Protect the perimeter with firewalls. If you want remote users to access sensitive internal data, set up an authentication server on the work and equip remote users with authentication tokens or smart cards. 6） Disruption of work devices and services Protect the perimeter with firewalls. Set up an authentication server on the work and equip remote users with authentication tokens or smart cards. 7） Misbehaved Java and ActiveX applets Configure firewalls to block Java and ActiveX applets, or install a Java and ActiveX gateway to filter out bad applets. Inter Security Products Security Auditing SAFEsuite Inter Scanner for Windows NT 濱州學(xué)院畢業(yè)設(shè)計 (專業(yè)外文翻譯 ) 7 SA FEsuite is designed to test security implementation for protection against inside and outside attacks, Inter Security Systems’ SA FEsuite Inter Scanner for Windows NT looks for hundreds of vulnerabilities, provides a list of possible holes and suggests corrective actions. SA FEsuite has three ponents: the Intra Scanner, Firewall Scanner, and Web Scanner. The program runs on a single PC loaded with Windows NT or and es with a license key based on a single range of IP addresses. To scan multiple works or segments, multiple licenses are needed. SA FEsuite’s tests covers known weak spots that internal or external intruders can exploit. Each of the tests es with three different settings: light, medium and heavy scan. The light scan looks at the basic vulnerabilities on your work, such as shared resources without passwords, and requires only a few minutes to run. The medium scan looks for the same holes as the light scan, plus a few more. For example, in a light scan of FTP, the test looks for just anonymous connections. A medium scan looks for anonymous and trivial FTP connections. The heavy scan looks for all vulnerabilities and requires the most time. After all scans have been run, SA FEsuite creates an HTML based report listing the results by level of importance and even provides you with some ideas of how to correct the problem. SecurIT from Milkyway Networks Corp SecurIT, among others, is a product that can identify work holes and, like ISS’s SA FEsuite, provide instructions on how to fix them. The product can scan all of a work’s devices, including: firewalls, mail servers, UNIX hosts and Windows NT and Windows 95based PCs. And SecurIT Audit can check for vulnerabilities on several platforms, including Linux, Solaris, SunOS, Windows NT and Windows 95. Firewalls ON Guard by ON Technology Corp Protecting a work from hacker tricks is easier with ON Guard, a 濱州學(xué)院畢業(yè)設(shè)計 (專業(yè)外文翻譯 ) 8 hardware/software bination, which makes the usually difficult process of installing firewalls easy. This package is designed for administrators who aren’t security gurus and don’t want to be. ON Guard includes dozens of services, powerful event logging, and a utility that tests one’s security plan. It is also one of the few firewalls currently on the market that can block both IP and