English  |  正體中文  |  简体中文  |  Items with full text/Total items : 2737/2828
Visitors : 341784      Online Users : 32
RC Version 4.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Adv. Search
LoginUploadHelpAboutAdminister

Please use this identifier to cite or link to this item: http://ir.lib.stu.edu.tw:80/ir/handle/310903100/2131

Title: 大規模網路安全檢查系統之研究
The Study of Large-scale Network Security Auditing Mechanism
Authors: 林柏宇
Po-Yu Lin
Contributors: 鄭進興
Jinn-Shing Cheng
資訊管理研究所
Keywords: 網際網路;大規模掃描;網路安全;網路服務
Internet;Large-scale scanning;Network Security;Network Services
Date: 2002
Issue Date: 2011-05-26 11:11:13 (UTC+8)
Publisher: 高雄市:[樹德科技大學資訊管理研究所]
Abstract: 近年來網際網路和資訊技術發展快速,各項網路服務帶給人們更為便利的生活環境,並開啟資訊社會的新時代。但隨著網路的蓬勃發展和其不受時空限制的特性,也引起人們對於網路安全的重視。因此,為了維持網路服務的可靠性、持續性及品質,網域管理者必須有效掌握網域內各節點最新資訊,才能在安全事件發生前進行預防措施或事件發生後即時提出因應之道。本論文的主要目的就是建置大規模網路掃描系統,協助網域管理者能夠快速取得網路節點資訊和自動化分析掃描所得到的資料。本研究以主動掃描(Active Scanning)和被動掃描(Passive Scanning)的方式對目標網域的網路節點進行探索,收集Web Server、FTP Server、Mail Server、DNS Server、作業系統等版本資訊及SSL資訊,將所獲得的網路節點資訊存入資料庫,作為進一步統計分析的基礎,以利獲得各類伺服器的數量比。另外可透過CVE(Common Vulnerabilities and Exposures)弱點資料庫找尋相關網路服務的弱點資訊,並評估被掃描網域各類伺服器的整體弱點比。本系統可以定期和持續對特定網路區域進行掃描,並將數據以HTML方式呈現給網域管理者作為查詢之用。在系統驗證方面,本研究以台灣網域作為實測目標網域,針對目前普遍使用的伺服器作一探索,並獲得台灣網域中各類伺服器的數量比和整體弱點比,另外也提出維護網路安全的相關建議。
Internet services are becoming more popular and convenience as the information technology and network applications advance daily in the last few years. To ensure the quality and accessibility of Internet, the network security is an important concern. In order to maintain the reliability, continuity and its quality of Internet services, domain administrators must have access to the most updated information of every node within the network domain, so that they can take any precautionary steps or provide immediate solutions to decrease damages of network security incidents. The purpose of this thesis is to establish a Large-scale network security scanning system, which assists domain administrators in obtaining network nodes information efficiently, and analyzes the scanning data automatically. The research evaluate the targeted network nodes by using both Active Scanning and Passive Scanning methods; and collecting version information of Web Server, FTP Server, Mail Server, DNS Server, Operational System, and SSL. Furthermore, store those networks nodes information into the database for further analysis and comparison. Moreover, collecting the vulnerabilities of Internet service by using Common Vulnerabilities and Exposures (CVE) Information database, and then the vulnerabilities ratings of various Internet services can be obtained. The network security scanning system can be used to scan the targeted network domain periodically and consistently, and the scanning reports are available to domain administrators in HTML format. This research used Taiwan network domain for evaluation purpose, the study covers the most common used servers, obtained the version information and overall vulnerabilities rating of various server in this domain. At the same time, the recommendations for insuring network securities are provided.
Appears in Collections:[資訊管理系(所)] 博碩士論文

Files in This Item:

File Description SizeFormat
大規模網路安全檢查系統之研究__臺灣博碩士論文知識加值系統.htm國圖103KbHTML386View/Open


All items in STUAIR are protected by copyright, with all rights reserved.

 


無標題文件

著作權政策宣告:

1.

本網站之數位內容為樹德科技大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
 
2. 本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本校護人員(clairhsu@stu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
 
DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback