| □如何用NBAR和ACL控制CODE RED 2 的扩散 |
详细信息 |
| This advisory provides a method for blocking the "Code Red" worm at network ingress points using
Network−Based Application Recognition (NBAR) and Access Control Lists (ACLs) within Cisco
IOS ® Software on Cisco routers. This solution should be used in conjunction with the recommended patches
for IIS servers from Microsoft. |
| □如何处理由于蠕虫引起的路由器CPU的 高负载问题 |
详细信息 |
| "Code Red" 蠕虫感染主机后,将导致该系统大范围的IP地址扫描,引起网络流量的急剧上升。 本文描述Code Red 以及它对cisco路由环境的影响,并讨论了预防技术。 |
| □如何保护你的网络防止尼姆达蠕虫(Nimda)的攻击 |
详细信息 |
| 本文描述如何减轻Nimda对网络的影响,针对以下话题:
我的网络被感染了,如何把损失降到最小?
我的网络还没有感染,怎样控制他向我的网络的扩散?
|
| □站点安全手册(rfc2196) |
详细信息 |
| 这本手册是对位于internet上的站点的处于发展中的计算机安全政策和措施的指南。本手册的目的是对想要努力保障信息和服务安全的管理员提供实用的指导。覆盖的主题包括政策的内容和构成,许多系统和网络安全技术主题,和安全事件响应。 |
| □Potential Strategies for High Speed Active Worms:A worst case analysis |
详细信息 |
| ctive worms, malicious programs which spread in a completely autonomous manner,
have the potential to repidly spread across the internet.
two important questions wich must be answered when constructing defenses is
how fast a worm can spread and how long a given worm can remain a significant
threat on the Internet, as these answers dictate requirements for defenses.
There are multiple ovvious strategies, such as hitlist scanning, topologically
aware scanning, and local subnet scanning, which result in very fast worms,
able to completely spread through the Internet in under an hour.
Other strategies would greatly enhance a worm's a worm's staying power,
including permutation scanning and an upgradeable design.
By understanding these strategies, it is possibe to specify requirements for defenses to try to prevent future outbreaks.
|
