摘要
内网的优势在于其内部的机器并不直接暴露在互联网中,外网的机器不能直接连接内网的机器,由于信任关系,内网包含的信息更多、更敏感,因此内网中的信息是很多网络黑客觊觎的目标。但是因内部网络起到了一层保护作用,导致人们对内网安全重视不足,防御机制普遍薄弱。通过分析内网中ARP欺骗、DNS欺骗与技术型社会工程学攻击,以案例分析的方式,阐述一种内网中较主动的信息窃取方式——内网钓鱼,最后提出相应防御措施。
The advantage of LAN(local area network) is that the machines in it are not directly exposed to the Internet,a machine outside the LAN can not directly connect to the LAN's machines.Because of the relationship of trust,information contained within the LAN is more sensitive,which is what many hackers desire.However,due to the protection of the LAN,it results in insufficient attention to internal network security and weak defense mechanisms.Through the analysis of network ARP spoofing,DNS spoofing and technology-based social engineering attack,a case study approach to explain a more proactive approach to steal information in the LAN- phishing within the network,and finally present serval solutions against such attacks.
出处
《电脑知识与技术》
2014年第4X期2718-2720,2729,共4页
Computer Knowledge and Technology
