摘要
在互联网安全中,网络钓鱼问题是至今都难以根治的一个问题。在普通的钓鱼问题尚未完好解决的情况下,2012年11月底又出现了一种全新的"基础认证钓鱼"漏洞,这种新型的网络钓鱼漏洞利用方法简单、传播途径多样、影响范围广泛,一时间给互联网造成了新一轮的危害。在此,基于"基础认证钓鱼"漏洞简单阐述了其与普通钓鱼攻击手段之间的差别,具体分析了"基础认证钓鱼"的原理与利用方法,最后给出了具体的防御措施。
With development of the network security, phishing problem is still a problem difficult to effect a radical cure. Ordinary phishing problems are not well-addressed, while at the end of November 2012, a new type of phishing vulnerability called "basic authentication phishing" appears. It is simple in use, diverse in propagation route, wide and deep in influence, and rapidly causes a new-round far-reaching impact on the Internet. The paper, based on the basic authentication phishing, discusses the differences between basic authentication phishing and current popular phishing, specifies the principle and use of basic authentication phishing, and finally gives the specific strategies and methods for preventing the phishing attack technically and socially.
出处
《信息安全与通信保密》
2013年第4期95-96,99,共3页
Information Security and Communications Privacy
关键词
网络安全
钓鱼攻击
基础认证
防范措施
network security
phishing attack
basic authentication
preventive measure
