Professional Documents
Culture Documents
18 Atantt Present Th09 2012
18 Atantt Present Th09 2012
NGI TRNH BY: L TRUNG NGHA VN PHNG PHI HP PHT TRIN MI TRNG KHOA HC & CNG NGH, B KHOA HC & CNG NGH
Email: letrungnghia.foss@gmail.com Blogs: http://vn.myblog.yahoo.com/ltnghia http://vnfoss.blogspot.com/ Trang web CLB PMTDNM Vit Nam: http://vfossa.vn/vi/ HanoiLUG wiki: http://wiki.hanoilug.org/ ng k tham gia HanoiLUG: http://lists.hanoilug.org/mailman/listinfo/hanoilug/
Ni dung
A. Tng quan tnh hnh an ton an ninh thng tin. B. Gii thiu mt s tiu chun an ton an ninh thng tin. C. Cc gii php, cng c hin nay v cc l hng thng gp.
Mt s trch dn ng lu
- Barack Obama, 29/05/2009: S thnh vng v kinh t ca nc M trong th k 21 s ph thuc vo an ninh c hiu qu ca khng gian mng, vic m bo an ninh cho khng gian mng l xng sng m n lm nn vng chc cho mt nn kinh t thnh vng, mt qun i v mt chnh ph m, mnh v hiu qu. Trong th gii ngy nay, cc hnh ng khng b c th ti khng ch t mt t nhng k cc oan nh bom t st, m cn t mt vi ci g bn phm trn my tnh mt v kh hu dit hng lot. Vn bn gc ting Anh. Video. - TrendMacro: Nn cng nghip chng virus la di ngi s dng 20 nm nay. Kh nng chng virus hu nh l khng th vi s lng khng l cc virus hin nay; - McAfee: 80% tt c cc cuc tn cng bng phn mm c hi c ng lc l ti chnh..., 20% cc cuc tn cng cn li c cc mc ch lin quan ti tn gio, gin ip, khng b hoc chnh tr.
Mt s trch dn ng lu
T ti liu v ANKGM, xut bn thng 02/2012 - Isaac Ben-Israel, c vn v ANKGM ca Th tng Israel Benjamin Netanyahu: Mt cuc CTKGM c th ging mt thit hi y ht nh mt cuc chin tranh thng thng. Nu bn mun nh mt quc gia mt cch khc lit th bn hy nh vo cung cp in v nc ca n. Cng ngh khng gian mng c th lm iu ny m khng cn phi bn mt vin n no. - Phyllis Schneck ca McAfee: Cng ngh mi by gi c tp trung bn di cc h iu hnh. N giao tip trc tip vi phn cng my tnh v cc con chip nhn bit c hnh vi c hi v s thng minh khng cho php hnh vi c hi ... Giao tip vi phn cng l Hong Hu trn bn c - n c th dng k ch hu nh ngay lp tc hoc kim sot c cuc chi di hn. Cch no th chng ta cng s thng. Thng ip: An ninh h thng thng tin ph thuc trc ht vo kin trc ca h thng thng tin , c phn cng ln phn mm!
L do v mc ch tn cng
V chnh tr: khng ch gin ip thng tin, m cn ph hoi c s h tng - Xung t gia cc nc: Israel <> Syria, Palestine; M - Lin qun <> Iraq; Nga <> Estonia, Georgia; M - Hn <> Bc Triu Tin; M - Israel <> Iran. - Vo h thng cc lc lng v trang: CIA, MI6, FBI, NATO, Hi qun n... - Vo cc h thng an ninh nht th gii: LHQ, cc b ca nhiu nc. - Stuxnet ra i gia nm 2010 sm hn d bo. - Tn cng vo cc h thng c s h tng in, nc, ng st, du kh... Ti M nm 2009 c 9 v 198 v, c 17 v nghim trng. - Stuxnet, Duqu, Flame: v kh KGM khng th kim sot, nh nc bo tr. - WikiLeaks phi cc ti liu mt ca nhiu quc gia - Chy ua v trang trong KGM V kinh t: n cp thng tin s hu tr tu, n cp tin, tng tin... - Cc tp on ln b tn cng: Sony, Honda, Lockheed Martin, Mitsubishi... V Aurora vi hn 30 cng ty M nh Google, Adobe, - Gauss, c lin quan vi Stuxnet-Duqu-Flame, chuyn gim st cc giao dch, gin ip, n cp y quyn v d liu cc ngn hng trc tuyn. - Khu vc ti chnh, ngn hng: CitiBank, NASDAQ, Global Payments... - Cc c quan chng thc s CA: Codomo, Diginotar, GlobalSign, StartSSL... - Cc cng ty t vn an ninh: Startfor, Kaspersky, Symantec... - Cc dng la o n cp v tng tin
Mt vi hnh nh minh ha
Mt vi hnh nh minh ha
Tn cng gin ip thng tin qua th in t tng cha tng c vi tn sut khng l
Mt vi hnh nh minh ha
Tn cng qua th in t vi phng thc t 1 mt my ly nhim cho nhiu my khc
Mt vi hnh nh minh ha
Cc cuc tn cng khng gian mng ca Trung Quc vo cc quc gia trn th gii cho ti nm 2009.
An ninh khng gian mng nm 2009 qua cc con s Bo co ca Symantec ti Ngy An ton Thng tin VN 2010 ti H Ni, 23/11/2010
S lng cc virus mi lin tc tng thm hn 1 triu loi sau mi 6 thng, trong 99.4% - 99.5% l cho Windows. (G-Data).
Nm 2010, mi giy c 2 phn mm c hi c sinh ra. Nhanh nht phi 3 gi ng h mi c c 1 bn v. Bo co ca TrendMacro ngy 06/04/2011 ti H Ni Hi tho v trin lm quc gia v an ninh bo mt
Ngy 13/07/2010 dng phn mm c hi c nht v nh nh chim quyn kim sot h tng cng nghip Bo co ca Symantec ngy 23/11/2010 ti H Ni.
- K nguyn ca Stuxnet, s dng 4 li ngy s 0 trong Windows; 2 chng thc s b n cp v cc li trong SCADA ca Siemens nh qu chng trnh ht nhn ca Iran. - Khng ch l gin ip thng tin m cn l ph hoi cc c s h tng sng cn ca mi quc gia nh du/ kh/ in/ ha/ dc/ nguyn t/giao thng... - Tng t nh Stuxnet, Trojan Duqu c pht hin thng 9/2011, s dng Microsoft Word v 1 li ngy s 0 trong Windows gy ly nhim. - Cc h thng an ninh nht th gii u b tn cng! WikiLeaks! - Mi: Hng lot cc c quan chng thc (CA) b tn cng, DigiNotar ph sn.
Botnet:
Mua vo: 5USD/1000 ch Bn ra: 25USD/1000 chic Bo co ca Finjan "Cybercrime Intelligence" s 2 nm 2009.
1. Hng trm (ngn) website ca 2 bn b tn cng bi xu mt, trong c c cc site ca Chnh ph. 2. Cuc chin ca cng ng t pht?
Chng no cn xung t Bin ng, chng cn chin tranh khng gian mng VN!
Lch s v hin ti Vit Nam ng th 2/103 quc gia b tn cng vi 130/1295 my b tn cng trn ton th gii. V GhostNet 05/2007 - 03/2009.
Cnh gic vi tn cng dng Stuxnet Vit Nam! (1) Windows + (2) SCADA + (3) Stuxnet = THM HA! Pht hin 2 dng SCADA ca TQ c li - c th b tn cng DDoS hoc chy chng trnh ty .
* SCADA: Supervisory Control And Data Acquisition
i ph ca cc quc gia
Chnh sch chin lc, t chc v nhn s - C chin lc, hc thuyt, k hoch v ANKGM, c tn cng v phng th. - Cng c cc t chc, hp tc cc CERT, din tp chung cc quc gia. - u t nghin cu v ANKGM, cc v kh KGM, c tn cng v phng th. - Chnh ph c quyn khng gii hn vi m ngun phn mm/ h thng. - Pht trin cc cng ngh m - Cng ng trc, cng ngh sau! - Tuyn nhn ti v ANKGM, lp cc i qun chuyn v ANKGM - Nhiu hot ng v sng kin mi... Khu vc dn s - Chuyn sang cc h thng m cc th trng chng khon hng u. - Khuyn co khng s dng Windows khi giao dch ngn hng trc tuyn Vin cng ngh SAN, bang New South Wale - c, chuyn gia an ninh... - Khuyn co chuyn i sang PMTDNM, nhng nu phi s dng Windows, hy tun theo 10 li khuyn v an ninh.
M mi an ninh!!!
M mi an ninh!!!
M hnh an ninh ca phn mm ngun m l tt hn, c v l thuyt v thc tin (B Quc phng M).
1. Mt ANAT trong cc ng dng phn mm xy ra c vi cc PMTDNM v PMSHQ. 2. M ngun yu l im mu cht gy mt ANAT cho PM. 3. Site ca B Quc phng M [7]:
- Tin cy vo s cng ci, khng tin cy vo s ti tm (v m ngun). - Trung bnh khc phc 1 li phn mm, Mozilla cn 37 ngy, Microsoft cn 134,5 ngy
M mi an ninh!!!
- Ti liu B Quc phng M, xut bn 16/05/2012: Vi pht trin cng ngh m s khng tn ti phn mm s hu c quyn trong qun i / Chnh ph. - Nhm An ninh in t Truyn thng Anh CESG: PMNM nn c s dng m bo an ninh cho cc h thng khu vc nh nc. thnh cng trong pht trin cng ngh m, cn: 1. Cng ng trc, cng ngh sau; 2. M l mc nh, ng ch khi cn 3. Chng trnh ca bn khng c g c bit. ng l qun s c cc nhu cu v kh nng chin u, nhng (c bit trong CNTT) chng ta khng c...
M mi an ninh!!!
06/2001, Steve Ballmer: Linux l bnh ung th m n gn bn thn n vo trong thc s hu tr tu ti bt k th g n ng ti. 05/2002, Bill Gates nh ng giy php GPL vi ch ngha chng t bn ti mt Hi ngh cc lnh o ca Chnh ph ti Seattle, M. Con ln bit bay? Nhn Linux l GPL!
Ngun: Pht trin nhn Linux, Qu Linux xut bn, thng 01/2012
M mi an ninh!!! (Tip)
1. Chnh ph Canada tuyn b Chnh ph chuyn sang ngun m sau khi cc tin tc tn cng vo mt s b ca Chnh ph. 2. Th tng Nga Putin ra lnh cho cc c quan chnh ph Nga chuyn i ht sang PMTDNM. Bt u qu II/2012, kt thc qu III/2014. 3. Chnh ph Anh a ra hng lot cc vn bn chnh sch chuyn i sang PMTDNM v chun m. 4. Chnh ph M vi: Pht trin cng ngh m - nhng bi hc hc c v nhng thc tin tt nht cho cc phn mm h thng trong qun s - chnh ph. Khng nh s i mi sng to khng l ca PMTDNM i vi nc M. 5. Cc chnh ph khc: Bo co quc t v tnh hnh pht trin ngun m trn th gii nm 2010: 5 quc gia hng u trong pht trin PMTDNM v x hi thng tin: M, c, Php, Ty Ban Nha v c. 6. Quc hi ph chun lut, t 12/08/2012, tt c cc phn mm mi xy dng trong cc c quan nh nc u phi da vo PMTDNM.
An ninh ng dng
- Kin trc phn tng tch bch gia cc tng vi nhau. - m bo an ninh theo cc tng tng ng. - Chun v an ninh ng dng ISO/IEC 27034 (d tho).
An ninh TM l s chia s trch nhim gia nh cung cp v ngi s dng, ch khng phi ca ch mt mnh nh cung cp.
M hnh tham chiu khi nim kt hp: tch hp cc thnh phn h thng, t chc v qui trnh trong TM.
An ninh chui cung ng - thu ngoi khi c nhiu bn tham gia NSD phi nh gi ri ro vi d liu ca mnh, lun t cu hi: Liu c rt d liu ra chuyn sang m my khc c hay khng?
V d in hnh v chun m: Giao thc TCP/IP, c xut x t mng ARPANET ca B Quc phng M.
E. Tun theo hc thuyt dp tt la c tt nht. D. p dng tng phn cng c & cng ngh h tr i ph nhanh hn. C. H thng c tch hp nhm vo tnh tng hp v cc tiu chun trao i d liu v nhn thc bo an thng tin. B. Lanh l, on trc c tnh hung, ra chnh sch nhanh, chuyn nghip, lm r s vic, gip ngi vn hnh tm, sa v i ph li. A. D on trc c s vic, c lp v chu ng c thit hi nu c, m bo an ninh cho chui cung ng & bo v c h tng sng cn
Cc cng c an ninh
Nhiu cng c an ninh, bao gm c cc PMTDNM. Danh sch 65 PMTDNM s dng trong an ninh thng tin: 1. Chng spam: ASSP, MailScanner, SpamAssassin, SpamBayes, Nixory. 2. Chng virus: ClamAV, ClamTK, ClamWin Free Antivirus, P3Scan. 3. Sao lu: Amanda, Areca Backup, Bacula, Clonezilla, Partimage, Redo. 4. Trnh duyt: Chromium, Dooble, Tor. 5. B sung cho trnh duyt: Web of Trust (WOT), PasswordMaker. 6. Xa d liu: BleachBit, Eraser, Wipe, Darik's Boot and Nuke. 7. Chng mt d liu: OpenDLP, MyDLP 8. M ha: AxCrypt, Gnu Privacy Guard, GPGTools, gpg4win, PeaZip, Crypt, NeoCrypt, LUKS/ cryptsetup, FreeOTFE, TrueCrypt. 9. Truyn tp an ninh: WinSCP, FileZilla 10. iu tra php l: ODESSA, The Sleuth Kit/ Autopsy Browser 11. Gateway / Thit b qun l cc mi e da thng nht: Untangle Lite, ClearOS, Endian Firewall Community 12. D tm thm nhp tri php: Open Source Tripwire, OSSEC, AFICK, Snort 13. Tng la mng: IPCop, Devil-Linux, Turtle Firewall, Shorewall, Vuurmuur, m0n0wall, pfSense, Vyatta 14. Gim st mng: Wireshark, Tcpdump/ libpcap, WinDump 15. Ph mt khu: Ophcrack, John the Ripper, 16. Qun l mt khu: KeePass Password Safe, KeePassX, Password Safe 17. Xc thc ngi s dng: WiKID 18. Lc web: DansGuardian
Cc cng c an ninh
Nhiu cng c an ninh, bao gm c cc PMTDNM. Danh sch 12 PMTDNM khc s dng trong an ninh thng tin: 1. Xa c an ninh, khi phc d liu, nhi li, m ha: Darik's Boot and Nuke (DBAN) 2. Sa v phc hi tp: TestDisk and PhotoRec 3. Cu cc a hng: GNU ddrescue 4. Nhi a: Clonezilla 5. M ha: TrueCrypt 6. An ninh di ng: Master Password (iOS), Secure Chat, Rights Alert, Orbot, D n Guardian, Gibberbot, Droidwall
R sot li ngang hng c t nhng ngi duy tr v nhng ngi s dng mt cch lin tc lm m ngun cng cp yu t chnh gip nng mc ANAT ca cc ng dng PMTDNM.
Cng ng nhng ngi s dng tham gia vo tin trnh pht trin PMTDNM a ra cc yu cu tnh nng, bo co li...
Pht trin r nhnh, khng c ng gp ngc ln dng trn cho cy d n ngun m gc ban u.
Cm n! Hi p