摘要
渗透测试是一种常用的网络安全测试手段。测试人员从互联网对目标网络内的设备进行扫描、渗透,检测内网设备及信息是否安全。安全域则是巨型网络下安全防护的一种手段。为了保护各个系统及网络子域的信息安全,借助防火墙把不同作用的区域分割成多个逻辑独立的子网,设定不同的防护级别以限制之间的数据流通。通过对安全域下的网络关键设备进行渗透测试,并对被渗透成功的案例进行归纳及分析。总结公司内部网络安全漏洞的原因、渗透路径及基本特征,并详细阐述了安全域划分的必要互通策略及具体实施建议。
Penetration testing is a commonly used means of network safety testing. Testers run network scan and penetration test on the target devices from the Internet. It could be verified whether network equipment and information are safe. Network safety do- main is a means of giant network safe protection. In order to protect the information of web system of network sub-domain, local area networks are divided into multiple logical independent subnets with the different firewall. It sets the different level of protection to limit the data flow between any local networks. After penetration testing on the key equipment in network safety domain is completed, all cases which are run successfully via penetration test are summarized. The reasons for internal net- work safety vulnerabilities are summarized, and vulnerability characteristics are found out. Finally it presents some experiences and suggestions which can be used for the necessary protection strategies of network safety domain.
出处
《邮电设计技术》
2016年第1期1-5,共5页
Designing Techniques of Posts and Telecommunications
关键词
安全域
渗透测试
安全漏洞
Network safety domain
Penetration test
Safety loopholes
