Professional Documents
Culture Documents
I HC
CNG NGH THNG TIN
(INFORMATION TECHNOLOGY)
LI NI U
Cng vi s pht trin nhanh chng ca nn kinh t. Vn ng dng h thng
Mng thng tin vo iu hnh v sn xut trong doanh nghip ngy cng c y
mnh. Nh qun l mong mun Qun tr vin mng thng tin phi nm c hu ht
cc cng ngh mng nhanh chng trin khai, ng dng nhng cng ngh mng
tin tin vo phc v iu hnh sn xut cng nh lp k hoch xy dng v bo v
h thng thng tin ni b ca doanh nghip trnh khi mi nguy c tn cng.
Vi cun gio trnh ny, ti c gng tp trung i su vo cc cng ngh mi nht
hin ang c p dng trong doanh nghip ti thi im hin ti.
Gio trnh ny gm 16 bi trong c 09 bi ging, 06 bi thc hnh v 01 bi tho
lun. Mc tiu cun sch i vo cc vn chnh sau:
Thit k lc a ch IP cho doanh nghip
C bn v cng ngh mng khng dy
Vn nh tuyn v chuyn mch trong mng doanh nghip
Trin khai cc dch v my ch (Mail Server, Web Server, DNS, DHCP)
C bn v bo mt
Mong mun th nhiu nhng trong thi gian 3 tn ch ca mn hc ny chng ta
cha th bao qut ton b cc cng ngh mng p dng cho doanh nghip m ch c
th i vo nhng cng ngh chnh. Hi vng t sinh vin t nghin cu, hc hi
c th lm ch c cc cng ngh v p dng tt kin thc hc vo cng vic
mai sau.
Mi kin ng gp ca sinh vin v cc bn ng nghip xin gi v theo a ch
sau
http://www.ebook.edu.vn
a ch lin h:
V Khnh Qu - B mn Mng my tnh v Truyn thng - Khoa Cng ngh
Thng tin, i hc S phm K thut Hng Yn
Tel: (03213) 713153
Email: quyvk@utehy.edu.vn
URL: http://www.utehy.edu.vn
http://www.ebook.edu.vn
Module ny gip ngi hc pht trin cc nng lc: Phn tch (2); T vn (2); Thc
hin (3); Thit k (3) v Bo tr (2).
3. M t module:
Module ny nhm cung cp cho ngi hc cc kin thc Thit k c cc h thng
mng LAN/WAN; Kim tra, nh gi hiu nng hot ng ca h thng; X l c
cc s c xy ra; C k nng c bn v bo mt trong h thng mng doanh nghip
nh.
http://www.ebook.edu.vn
4. Ni dung module:
Bi 1: Tng quan v mng doanh nghip
1.1.Gii thiu mn hc, phng php hc
1.2.Cch s dng cc phn mm thit k gi lp VMWare, Boson
1.3.Gii thiu h thng mng thc t ca mt s doanh nghip
Bi 2: a ch mng
2.1.a ch IP v Subnetmask
2.2.Cc loi a ch IP
2.2.1.a ch IP Private, Public
2.2.3.a ch IP Unicast, Multicast, Broadcast
2.3.Nguyn l dch chuyn a ch IP (NAT)
2.4 Nguyn l cp pht DHCP
Bi 3: Cng ngh Wireless
3.1. Tng quan v Wireless
3.2. Cc chun Wireless
3.3. Cu hnh mng Wireless
3.3.1. Cc thnh phn thit lp mng mng WLAN
3.3.2. WLAN v SSID
3.3.3. Cu hnh mt mng WLAN n gin
Bi 4: C bn v cu hnh nh tuyn
4.1. Cc giao thc nh tuyn
4.2. Giao thc nh tuyn ni vng RIP
4.3. Giao thc nh tuyn ng OSPF
Bi 5:Thc hnh v nh tuyn
Cu hnh nh tuyn cho cc mng
Bi 6:Cu hnh NAT trn Router
6.1. Khi nim v NAT
6.2. Nat tnh Static NAT
6.3. Nat ng Dynamic NAT
http://www.ebook.edu.vn
6. Hc liu:
Gio trnh lu hnh ni b, sch tham kho, h thng bi tp mu, bi tp t lm, my
tnh, ti nguyn trn Internet, Projector.
7. nh gi:
Hnh thc nh gi:
- Kim tra gia k (Trin khai trn mi trng gi lp): 20%
- nh gi qu trnh (kt qu cc bui thc hnh): 10%
- Kim tra cui k: 70%
Tiu ch nh gi:
- K nng thit k, xy dng bi ton
- K nng ci t bi ton
Ngi nh gi: Gio vin ging dy v ngi hc.
8. K hoch hc tp
B tr ging dy module Mng doanh nghip (3 tn ch) nh sau:
27 tit l thuyt (thc hin trong 9 bui, mi bui 3 tit), 36 tit sinh vin lm tiu lun
(gio vin t b tr lch gp, hng dn sinh vin), 18 tit thc hnh (thc hin trong 6
bui, mi bui 3 tit) v 90 gi chun b c nhn ( cng 130 trang)
http://www.ebook.edu.vn
http://www.ebook.edu.vn
8. K hoch hc tp:
Bi
Mc tiu
- Xc nh c v tr, vai tr
v ni dung ca Module
trong chng trnh o to
- Xy dng c k hoch v
phng php hc tp ph
hp.
- La chn c ngun hc
liu phc v cho mn hc
- Trnh by c nhng li
ch em li cho doanh nghip
khi c h thng mng.
- Trnh by c cc bc
tr thnh mt nh qun tr
mng trong doanh nghip
- Trnh by cu trc a ch
IP v4
- Mi quan h gia
Subnetmask v a ch IP.
SG
GV
http://www.ebook.edu.vn
3h
3h
- Lnh hi v t cc cu hi
thc mc
- La chn c phng
php hc tp v ngun hc
liu phc v cho Module
- Tho lun cc ni dung
trong phiu yu cu
- Ghi ch nhng vn c
bn
- Nu cc cu hi thc mc
- Trnh by c cu trc IP
v4
- Hiu r mi quan h gia
a ch IP v Subnetmask
SG
SV
4h
4h
iu kin thc
hin
Phng hc l
thuyt c trang
b my tnh,
my chiu.
Phng hc l
thuyt c trang
b my tnh,
my chiu.
- Phn tch c cc u
nhc im ca mng khng
dy v mng c dy
- Trnh by c cc m
hnh ng dng mng khng
dy
- Trnh by c cc chun
mng 802.11a,b,g v c
im ca mi chun.
- Trnh by c chc nng
ca cc thit b c bn trong
mng WLAN
- Trnh by c khi nim
knh truyn v SSID trong
mng WLAN
http://www.ebook.edu.vn
4h
Phng hc l
thuyt c trang
b my tnh,
my
chiu,
AccessPoint,
Card
mng
khng dy.
- Trnh by c cc giao
thc nh tuyn
- So snh nh tuyn tnh v
ng, Distance Vector v
Link State
- c im ca nh tuyn
Rip v1
- Cu hnh nh tuyn h
thng s dng Rip v1
3h
- Tho lun v cc ch do
gio vin hng dn
- Quan st v thc hin cu
hnh LAB nh tuyn vi
giao thc Rip V1
- Quan st cch gi v phn
tch ca gio vin t
a ra nhng nhn nh v
kin ca mnh v vn tho
lun.
4h
Phng hc l
thuyt c trang
b my tnh,
my chiu.
- Thit k c lc a
ch IP cho doanh nghip
- Thc hin cu hnh nh
tuyn cho cc mng bng
nh tuyn tnh v nh tuyn
ng vi Rip v1, Rip v2
- nh gi c u nhc
im gia nh tuyn tnh v
nh tuyn ng
3h
6h
Phng hc thc
hnh c trang b
my tnh, my
chiu.
http://www.ebook.edu.vn
- Trnh by c cc khi
nim v NAT tnh, NAT
ng
- So snh u nhc im ca
cc loi NAT
- Trnh by nguyn l hot
ng ca PAT
- Cu hnh PAT trn Router
cho php cc IP trong LAN
ra IP Public
tho lun
http://www.ebook.edu.vn
3h
Phng hc l
thuyt c trang
b my tnh,
my chiu.
4h
- So snh u nhc im mi
loi NAT
- Cu hnh PAT trn Router
NAT cc IP trong LAN ra
IP Public
- Phn tch c nguyn l
hot ng chuyn i a ch
IP
http://www.ebook.edu.vn
3h
3h
Phng hc thc
hnh c trang b
my tnh, my
chiu.
6h
Phng hc l
thuyt c trang
b my tnh,
my chiu.
4h
10
http://www.ebook.edu.vn
3h
6h
Phng hc thc
hnh c trang b
my tnh, my
chiu, Switch
h tr VLAN v
Router.
Phng hc l
thuyt c trang
b my tnh,
my chiu
11
12
3h
3h
Phng hc l
thuyt c trang
b my tnh,
my chiu.
4h
Phng hc l
thuyt c trang
b my tnh,
my chiu.
6h
13
14
http://www.ebook.edu.vn
3h
3h
Phng hc l
thuyt c trang
b my tnh,
my chiu.
4h
Phng hc thc
hnh c trang b
my tnh, my
chiu.
6h
15
16
- So snh u nhc im v
nguyn l hot ng ca mi
loi Firewall
- Xy dng m hnh h thng
mng doanh nghip v thit
lp h thng tng la bo
v h thng mng doanh
nghip
3h
3h
Phng
thc
hnh
Ti liu tham
kho
6h
Phng l thuyt
c trang b my
chiu
Ti liu tham
kho
4h
Gio vin
http://www.ebook.edu.vn
http://www.ebook.edu.vn
http://www.ebook.edu.vn
19
http://www.ebook.edu.vn
20
http://www.ebook.edu.vn
21
http://www.ebook.edu.vn
22
http://www.ebook.edu.vn
23
Boson Netsim Design l tin ch cho php chng ta thit k cc m hnh mng o
khi khng c iu kin tip xc vi thit b tht. D vy Boson Design c th
cho php gi lp n 90% cc m hnh tht.
Boson Netsim c thc hin sau khi bn thit k h thng gi lp. Nhim v
ca n l to ra mi trng gi lp thc hin cc cu lnh cu hnh h thng
c thit k bi Boson Design trn mi trng CLI (Conmand Line
Interface).
http://www.ebook.edu.vn
24
http://www.ebook.edu.vn
25
Bi 2: a ch mng
2.1.a ch IP v Subnetmask
Kin thc v a ch IP v cc kin thc lin quan n M hnh TCP/IP,
Subneting c trang b ti Module Mng c bn, y l mt khi kin thc
nn tng rt quan trng, sinh vin cn xem li ti liu hc. n tp li khi
kin thc ny sinh vin cn hon tt bi tp sau:.
H thng mng ca cng ty ABC nh hnh v, cng ty c cp pht di a ch
192.168.0.0/16. Thc hin chia di a ch trn thnh cc Subnet tho mn iu
kin s host trong mi Subnet nh trn hnh vi iu kin ti u ho khng gian
a ch IP.
2.2. Cc loi a ch IP
2.2.1. a ch IP Private, IP Public
IP private l nhng IP khng c nh tuyn trn Internet, bao gm cc di a
ch sau:
10.0.0.0 --> 10.255.255.255
172.16.0.0 --> 172.16.31.255
192.168.0.0 --> 192.168.255.255
http://www.ebook.edu.vn
26
http://www.ebook.edu.vn
27
http://www.ebook.edu.vn
28
192.168.1.3 <-->58.187.168.41:2413
192.168.1.4 <-->58.187.168.41:2414
192.168.1.5 <-->58.187.168.41:2415
192.168.1.6 <-->58.187.168.41:2416
....
Cc ch s port thng dng t 1024 n 65535 (not well-known port), v
well-known port l ch yu dng cho server, s port ny p ng c hu ht
cc mng LAN.
http://www.ebook.edu.vn
29
http://www.ebook.edu.vn
30
http://www.ebook.edu.vn
31
http://www.ebook.edu.vn
32
http://www.ebook.edu.vn
33
Bridge mode
Trong Bride mode, AP hot ng hon ton ging vi mt Bridge khng dy (s
c tho lun phn sau). Tht vy, AP s tr thnh mt Bridge khng dy khi
c cu hnh theo cch ny. Ch mt s t cc AP trn th trng c h tr chc
nng Bridge, iu ny s lm cho thit b c gi cao hn ng k. Chng ta s
gii thch mt cch ngn gn Bridge khng dy hot ng nh th no, nhng
bn c th thy t hnh di rng Client khng kt ni vi Bridge, nhng thay
vo , Bridge c s dng kt ni 2 hoc nhiu on mng c dy li vi
nhau bng kt ni khng dy.
http://www.ebook.edu.vn
34
Repeater Mode
Trong Repeater mode, AP c kh nng cung cp mt ng kt ni khng dy
upstream vo mng c dy thay v mt kt ni c dy bnh thng. Nh bn thy
trong hnh di, mt AP hot ng nh l mt root AP v AP cn li hot ng
nh l mt Repeater khng dy. AP trong repeater mode kt ni vi cc client
nh l mt AP v kt ni vi upstream AP nh l mt client. Vic s dng AP
trong Repeater mode l hon ton khng nn tr khi cc k cn thit bi v cc
cell xung quanh mi AP trong trng hp ny phi chng ln nhau t nht l
50%. Cu hnh ny s gim trm trng phm vi m mt client c th kt ni n
repeater AP. Thm vo , Repeater AP giao tip c vi client v vi upstream
AP thng qua kt ni khng dy, iu ny s lm gim throughput trn on
mng khng dy. Ngi s dng c kt ni vi mt Repeater AP s cm nhn
c throughput thp v tr cao. Thng thng th bn nn disable cng
Ethernet khi hot ng trong repeater mode.
http://www.ebook.edu.vn
35
http://www.ebook.edu.vn
36
http://www.ebook.edu.vn
37
Vic thay i cng sut pht cho php admin iu khin cng sut (miliwatt) m
AP s dng truyn d liu. Vic iu khin cng sut pht ra c th l cn
thit trong mt s trng hp khi cc node xa khng th xc nh c AP. N
cng cho php bn iu khin vng ph sng ca mt AP. Khi cng sut pht ra
trn mt AP tng ln, client c th di chuyn xa AP hn m khng mt kt ni
vi AP. Tnh nng ny cng hu ch trong vic bo mt bng cch cho php thay
i kch thc ca cell RF lm cho cc k xm nhp khng th kt ni vi mng
t bn ngoi ta nh ca cng ty.
Ngoi AP c cng sut pht thay i th ta cng c th s dng AP c cng sut
pht c nh. Vi AP c cng sut pht c nh th bn c th s dng cc b
khuch i, b suy hao, cable di, hay anten c li cao. iu quan trng trong
vic iu khin cng sut pht ra trn c AP v Anten l phi tun theo qui nh
ca FCC
Varied Types of Connectivity
Cc ty chn kt ni cho mt AP c th bao gm 10BaseTx, 100BaseTx,
10/100BaseTx, 100BaseFx, Token Ring, Bi v AP thng l thit b m
client kt ni vo v giao tip vi backbone mng c dy, v th admin phi hiu
lm th no kt ni AP vo mng c dy. Thit k v kt ni AP chnh xc s
gip ngn chn vic nghn c chai AP hoc xa hn c th l trc trc thit b.
Hy xt vic s dng mt AP chun trong mng WLAN. Nu trong trng hp
ny AP c xc nh l s t v tr cch 150m t wiring closet gn nht,
th vic s dng cable CAT5 ethernet s khng th hot ng c. y l mt
vn bi v ethernet qua cable CAT5 ch hot ng c trong phm vi 100m.
Trong trng hp ny vic mua mt AP c kt ni 100BaseFx v chy cable
quang t wiring closet n AP lm trc ri th vn s d dng hn.
Configuration and Management
Cc phng php c s dng cu hnh v qun l AP s khc nhau ty nh
sn xut. Hu ht h u cung cp t nht l console, telnet, USB, hay web
server. Mt s AP cn c phn mm cu hnh v qun l ring. Nh sn xut cu
hnh AP vi mt IP address trong cu hnh khi to. Nu admin cn thit lp li
V Khnh Qu Khoa CNTT H S phm K thut Hng Yn
http://www.ebook.edu.vn
38
Thm ch cc tnh nng chun trn cc AP tng thch Wi-Fi i khi cng khc
nhau ty nh sn xut. V d 2 dng SOHO AP khc nhau c th h tr MAC
filter nhng ch mt trong s chng cho php bn permit hay deny c th mt
trm no . Mt s AP h tr kt ni c dy full-duplex 10/100Mbps, trong khi
mt s khc ch c kt ni 10BaseT half-duplex.
Vic hiu tnh nng no l cn thit cho AP trong mi trng SOHO, mid-range,
hay enterprise-level l mt iu quan trng nu bn mun tr thnh mt nh
qun tr mng khng dy. Di y l danh sch cc tnh nng cn c cho mt
AP trong mi trng SOHO v Enterprise. Danh sch ny khng c ngha l y
bi v mt s nh sn xut c nhiu tnh nng mi. Danh sch ny ch cung
cp mt im bt u chn AP cho SOHO.
Small Office, Home Office (SOHO)
+ Mac filter
+ WEP (64 hay 128 bit)
+ Giao din cu hnh USB hay console
+ Giao din cu hnh Web n gin
+ Cc phn mm cu hnh n gin
Enterprise
+ Phn mm cu hnh cao cp
+ Giao din cu hnh web cao cp
V Khnh Qu Khoa CNTT H S phm K thut Hng Yn
http://www.ebook.edu.vn
39
+ Telnet
+ SNMP
+ 802.1x/EAP
+ RADIUS client
+ VPN client v server
+ Routing (dynamic hoc static)
+ Chc nng Repeater
+ Chc nng Bridge
Vic s dng sch hng dn ca nh sn xut s cung cp nhiu thng tin chi
tit cho mi dng sn phm. Nu bn l mt nh qun tr mng WLAN th bn
nn bit mi trng hot ng ca bn tm kim nhng sn phm tha mn
nhu cu s dng cng nh bo mt, sau hy so snh cc tinh nng ca 3 hay 4
nh sn xut khc nhau chn c thit b ti u. Qu trnh ny c th tn
nhiu thi gian, nhng thi gian s dng hc v cc sn phm khc nhau trn
th trng l rt hu ch. Cc ngun ti nguyn tt nht tm hiu v dng sn
phm no trn th trng chnh l website ca nh sn xut. Khi chn mt
AP, hy nh chn nh sn xut c h tr ngoi cc tnh nng v gi c.
http://www.ebook.edu.vn
40
Yu cu thit b
Mt Modem ADSL
Mt ng Internet
Mt AccessPoint
PC c card Wireless
Cu hnh h thng
Cu hnh s h thng theo hnh
Cu hnh AccessPoint Wireless cho cc PC c card mng khng dy kt
ni c Internet
http://www.ebook.edu.vn
41
Bi 4: C bn v cu hnh nh tuyn
4.1. Cc giao thc nh tuyn
Trong ngnh mng my tnh, nh tuyn (ting Anh: routing hay routeing) l qu
trnh chn la cc ng i trn mt mng my tnh gi d liu qua . Vic
nh tuyn c thc hin cho nhiu loi mng, trong c mng in thoi,
lin mng, Internet, mng giao thng.
Routing ch ra hng, s di chuyn ca cc gi (d liu) c nh a ch t
mng ngun ca chng, hng n ch cui thng qua cc node trung gian;
thit b phn cng chuyn dng c gi l router (b nh tuyn). Tin trnh
nh tuyn thng ch hng i da vo bng nh tuyn, l bng cha nhng
l trnh tt nht n cc ch khc nhau trn mng. V vy vic xy dng bng
nh tuyn, c t chc trong b nh ca router, tr nn v cng quan trng
cho vic nh tuyn hiu qu.
Routing khc vi bridging (bc cu) ch trong nhim v ca n th cc cu trc
a ch gi nn s gn gi ca cc a ch tng t trong mng, qua cho php
nhp liu mt bng nh tuyn n m t l trnh n mt nhm cc a ch.
V th, routing lm vic tt hn bridging trong nhng mng ln, v n tr thnh
dng chim u th ca vic tm ng trn mng Internet.
Cc mng nh c th c cc bng nh tuyn c cu hnh th cng, cn nhng
mng ln hn c topo mng phc tp v thay i lin tc th xy dng th cng
cc bng nh tuyn l v cng kh khn. Tuy nhin, hu ht mng in thoi
chuyn mch chung (public switched telephone network - PSTN) s dng bng
nh tuyn c tnh ton trc, vi nhng tuyn d tr nu cc l trnh trc tip
u b nghn. nh tuyn ng (dynamic routing) c gng gii quyt vn ny
V Khnh Qu Khoa CNTT H S phm K thut Hng Yn
http://www.ebook.edu.vn
42
bng vic xy dng bng nh tuyn mt cch t ng, da vo nhng thng tin
c giao thc nh tuyn cung cp, v cho php mng hnh ng gn nh t tr
trong vic ngn chn mng b li v nghn.
nh tuyn ng chim u th trn Internet. Tuy nhin, vic cu hnh cc giao
thc nh tuyn thng i hi nhiu kinh nghim; ng nn ngh rng k thut
ni mng pht trin n mc hon thnh t ng vic nh tuyn. Cch tt
nht l nn kt hp gia nh tuyn th cng v t ng.
Nhng mng trong cc gi thng tin c vn chuyn, v d nh Internet,
chia d liu thnh cc gi, ri dn nhn vi cc ch n c th v mi gi c
lp l trnh ring bit. Cc mng xoay vng, nh mng in thoi, cng thc
hin nh tuyn tm ng cho cc vng (v d nh cuc gi in thoi)
chng c th gi lng d liu ln m khng phi tip tc lp li a ch ch.
nh tuyn IP truyn thng vn cn tng i n gin v n dng cch nh
tuyn bc k tip (next-hop routing), router ch xem xt n s gi gi thng tin
n u, v khng quan tm ng i sau ca gi trn nhng bc truyn cn
li. Tuy nhin, nhng chin lc nh tuyn phc tp hn c th c, v thng
c dng trong nhng h thng nh MPLS, ATM hay Frame Relay, nhng h
thng ny i khi c s dng nh cng ngh bn di h tr cho mng IP.
Thut ton vector (distance-vector routing protocols)
Thut ton ny dng thut ton Bellman-Ford. Phng php ny ch nh mt
con s, gi l chi ph (hay trng s), cho mi mt lin kt gia cc node trong
mng. Cc node s gi thng tin t im A n im B qua ng i mang li
tng chi ph thp nht (l tng cc chi ph ca cc kt ni gia cc node c
dng).
V Khnh Qu Khoa CNTT H S phm K thut Hng Yn
http://www.ebook.edu.vn
43
http://www.ebook.edu.vn
44
http://www.ebook.edu.vn
45
http://www.ebook.edu.vn
46
http://www.ebook.edu.vn
47
http://www.ebook.edu.vn
48
Giao thc nh tuyn trong mng Ad-hoc xut hin nhng mng
khng c hoc t phng tin truyn dn.
Interior Gateway Protocols (IGPs) trao i thng tin nh tuyn trong
mt AS. Cc v d thng thy l:
o IGRP (Interior Gateway Routing Protocol)
o EIGRP (Enhanced Interior Gateway Routing Protocol)
o OSPF (Open Shortest Path First)
o RIP (Routing Information Protocol)
o IS-IS (Intermediate System to Intermediate System)
Ch : theo nhiu ti liu ca Cisco, EIGRP khng phn lp nh giao thc trng
thi kt ni.
Exterior Gateway Protocols (EGPs) nh tuyn gia cc AS. EGPs gm:
o EGP (giao thc c ni mng Internet trc y, by gi li
thi)
o BGP (Border Gateway Protocol: phin bn hin ti, BGPv4, c t
khong nm 1995)
http://www.ebook.edu.vn
49
http://www.ebook.edu.vn
50
http://www.ebook.edu.vn
51
http://www.ebook.edu.vn
52
Nhn update :
Lc ny debug ip rip ngay trn router 2 th ta thy nh th ny
http://www.ebook.edu.vn
53
http://www.ebook.edu.vn
54
http://www.ebook.edu.vn
55
http://www.ebook.edu.vn
56
http://www.ebook.edu.vn
57
http://www.ebook.edu.vn
58
Point-to-Point PPP,HDLC
Khng
Khng
http://www.ebook.edu.vn
59
http://www.ebook.edu.vn
60
http://www.ebook.edu.vn
61
Yu cu
S dng giao thc nh tuyn tnh cu hnh nh tuyn gia cc LAN
Su dng giao thc IGRP vi AS=100 cu hnh nh tuyn gia cc LAN
Kt qu
Cc PC thuc cc LAN ping c n nhau
http://www.ebook.edu.vn
62
http://www.ebook.edu.vn
63
http://www.ebook.edu.vn
64
http://www.ebook.edu.vn
65
Nat tnh hay cn gi l Static NAT l phng thc NAT mt i mt. Ngha l
mt a ch IP c nh trong LAN s c nh x ra mt a ch IP Public c
nh trc khi gi tin i ra Internet. Phng php ny khng nhm tit kim a
ch IP m ch c mc ch nh x mt IP trong LAN ra mt IP Public n IP
ngun trc khi i ra Internet lm gim nguy c b tn cng trn mng.
V d: chuyn i mt a ch IP ring 165.10.1.2 255.255.255.0 sang di a ch
IP cng cng t 169.10.1.50 dn 169.10.1.100. Dng (Netsim) cu hnh. Sau
khi cu hnh song ta dng lnh show ip nat translations s c k qu nh sau.
http://www.ebook.edu.vn
66
http://www.ebook.edu.vn
67
Nat overload PAT l gii php c dng nhiu nht c bit l trong cc
Modem ADSL, y l gii php mang li c hai u im ca NAT l:
n a ch IP trong h thng mng ni b trc khi gi tin i ra Internet
gim gim thiu nguy c tn cng trn mng
Tit kim khng gian a ch IP
Bn cht PAT l kt hp IP Public v s hiu cng (port) trc khi i ra Internet.
Lc ny mi IP trong LAN khi i ra Internet s c nh x ra mt IP Public kt
hp vi s hiu cng
V d:
http://www.ebook.edu.vn
68
Thc hin
1. Cu hnh cc a ch IP trn cc router theo s trn, kim tra cc kt ni
trc tip bng lnh show cdp neighbor. Kim tra bng cch ping gia cc
workstation v router NAT, gia WebServer v router ISP1.
http://www.ebook.edu.vn
69
Cu hnh cc thng s c bn cho Catalys Switch vi giao din dng lnh CLI.
Cc tc v cn thc hin bao gm t tn cho switch, cu hnh cc interface vlan,
cu hnh telnet vo switch.Dng my trm kt ni vi switch qua kt ni
console, giao din tng tc ngi dng s dng trnh HyperTerminal. y l
mt cng c uc MS Windows h tr.
Thc hin
Khi ng ngun ca switch.
Trn giao din Hyper Terminal hin ra cc thng s khi to trong qu trnh khi
ng Switch.
Would you like to enter the initial configuration dialog? [yes/no]: no
http://www.ebook.edu.vn
70
http://www.ebook.edu.vn
71
Vnpro#show line
Cu hnh password cho cc line vty
Vnpro#config terminal
Vnpro(config)#line vty 0 4
Vnpro(config-line)#password cisco
Vnpro(config-line)#login
Cu hnh trn thit b Cisco, mi dng lnh do ngi dng g vo. Sau khi nhn
phm enter cu hnh h thng s lp tc thay i. V vy, i vi cc h thng
mng tht, trc khi thay i mt thng s no ca thit b, cn phi sao lu
li cu hnh ban u c th khi phc li khi cn thit.
Cu hnh Vlan.
Kim tra cu hnh Vlan mc nh trn Switch
Vnpro#show vlan
Mc nh trn Switch ch c Vlan 1 vi tt c cc port u nm trong Vlan ny,
Vlan 1002 dnh ring cho FDDI, Vlan 1003 dnh ring cho TOKEN-RING
C hai cch to thm Vlan
Cch 1:Thao tc trn Vlan database
Vnpro#vlan database
Vnpro(vlan)#vtp domain Chuyenviet
Vnpro(vlan)#vtp server
Vnpro(vlan)#vlan 10 name Admin
Vnpro(vlan)#vlan 20 name User
Cch 2: Tong tc trc tip n Vlan cn to ra
Vnpro(config)#interface vlan 10
V Khnh Qu Khoa CNTT H S phm K thut Hng Yn
http://www.ebook.edu.vn
72
Vnpro(config-if)#exit
Vnpro(config)#
Vnpro(config)#interface vlan 20
Vnpro(config-if)#exit
Vnpro(config)#
gn cc port vo cc Vlan, thc hin cc bc sau:
V d ta cn gn cc port fastethernet 2 vo Vlan 10, port fastetehnet 3 vo Vlan
20
Vnpro(config)#interface fastethernet0/2
Vnpro(config-if-range)#switchport access vlan 10
Vnpro(config-if-range)#exit
Vnpro(config)#interface fastethernet0/3
Vnpro(config-if-range)#switchport access vlan 20
Vnpro(config-if-range)#exit
Kim tra li cu hnh Vlan
Vnpro#show vlan
Cu hnh IP cho interface Vlan: cc interface Vlan c cu hnh IP ch mang
tnh cht lun l. IP ny phc v cho vic qun l, a ch IP lun l ny cn c
th dng telnet vo Switch t xa v chy cc ng dng SNMP.
Vnpro#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
Vnpro(config)#interface vlan 10
Vnpro(config-if)#ip address 10.0.0.1 255.255.255.0
Vnpro(config-if)#no shutdown
Lu cu hnh vo NVRAM
Vnpro#copy running-config startup-config
V Khnh Qu Khoa CNTT H S phm K thut Hng Yn
http://www.ebook.edu.vn
73
http://www.ebook.edu.vn
74
http://www.ebook.edu.vn
75
http://www.ebook.edu.vn
76
http://www.ebook.edu.vn
77
http://www.ebook.edu.vn
78
http://www.ebook.edu.vn
79
http://www.ebook.edu.vn
80
http://www.ebook.edu.vn
81
http://www.ebook.edu.vn
82
http://www.ebook.edu.vn
83
http://www.ebook.edu.vn
84
Chn Next.
http://www.ebook.edu.vn
85
http://www.ebook.edu.vn
86
http://www.ebook.edu.vn
87
http://www.ebook.edu.vn
88
http://www.ebook.edu.vn
89
http://www.ebook.edu.vn
90
http://www.ebook.edu.vn
91
http://www.ebook.edu.vn
92
Nhp a ch IP ca my ch vo mc IP nu nh bn mun ch nh cc my
khc a ch web c ch ti l a ch no.
Chn cng truy cp trn my ch, thng thng chng ta cng 80 nhng tu
vo ngi qun tr mng m chng ta c th chn cng bt k trnh s dm
ng t bn ngoi.
Chn Next.
http://www.ebook.edu.vn
93
http://www.ebook.edu.vn
94
http://www.ebook.edu.vn
95
http://www.ebook.edu.vn
96
http://www.ebook.edu.vn
97
http://www.ebook.edu.vn
98
Description: M t tn ca Website.
Ip Address: Phn ny cho php chng ta gn a ch IP cho Website.
TCP Port: Cng cho php kt ni vo Website mc nh l cng 80
Unlimited: Cho php kt ni khng gii hn thi gian.
Limited To: Gii hn thi gian kt ni vi Website.
Th tip theo l Home Directory.
http://www.ebook.edu.vn
99
Directory Browsing: Chc nng cho php hin th Browser khi khng c trang
ch mc nh.
A redirection a URl: L tnh nng cho php ta chuyn tip n mt trang no
(dng bng URL)
Th tip theo l Document.
http://www.ebook.edu.vn
100
http://www.ebook.edu.vn
101
http://www.ebook.edu.vn
102
http://www.ebook.edu.vn
103
http://www.ebook.edu.vn
104
http://www.ebook.edu.vn
105
http://www.ebook.edu.vn
106
Bo v trong SMTP v th rc
Mt trong nhng gii hn ca bn thit k SMTP gc l vic n khng cung cp
mt phng tin no chng thc (authentication) ngi gi khi chng ta cn.
Chnh v th m phn m rng SMTP-AUTH c thit k v b sung.
Mc du c phn chng thc ngi gi b sung, nhng lm th in t vn
cn l mt vn ln, kh gii quyt. Vic sa i giao thc SMTP mt cch
trit , hoc thay th giao thc ton bng mt ci khc, l mt vic khng d g
thc hin c, v s thay i s gy nh hng n mng li truyn thng ca
nhng my ch SMTP khng l, v ang c dng. Internet Mail 2000 l
mt trong nhng bn d tho cp n vn ny.
V l do trn, mt s ngh v vic dng cc giao thc bn l h tr hot
ng ca SMTP c cng b. Nhm nghin cu chng th nhng lm (AntiSpam Research Group) ca Lc lng chuyn trch nghin cu lin mng
(Internet Research Task Force - vit tt l IRTF) hin ang lm vic trn mt s
d tho v chng thc th in t (E-mail authentication) v mt s nhng d
tho khc lin quan n vic cung cp mt c ch chng thc ngun gi vi tnh
nng: tuy n gin song linh hot, tuy mc hng nh song c kh nng
khuch trng. Nhng hot ng gn y ca Lc lng chuyn trch nghin
cu lin mng (Internet Engineering Task Force - vit tt l IETF), bao gm
MARID (2004) (cng vi s tin ti hai cuc th nghim c IETF chp thun
trong nm 2005 sau ), v DKIM (DomainKeys - tm dch l "Cha kha ti
vng") trong nm 2006.
http://www.ebook.edu.vn
107
POP3
Post Office Protocol phin bn 3 (POP3) l mt giao thc tng ng dng, dng
ly th in t t server mail, thng qua kt ni TCP/IP. POP3 v IMAP4
(Internet Message Access Protocol) l 2 chun giao thc Internet thng dng
nht dng ly nhn email. Hu nh cc my tnh hin nay u h tr c 2 giao
thc
Trc POP3, c 2 phin bn l POP1 v POP2. Khi POP3 ra i, ngay lp
tc thay th hon ton cc phin bn c. V vy, ngy nay, nhc n POP th
thng l m ch POP3.
Thit k ca POP3 h tr chc nng cho ngi dng c kt ni internet khng
thng trc (nh kt ni dial-up), cho php ngi dng kt ni vi server, ti
mail v, sau c th xem, thao tc vi mail offline. Mc d trong giao thc h
tr leave mail on server ( nguyn mail trn server), nhng hu ht ngi dng
u thc hin mc nh, tc l: kt ni, ti mail v, xa mail trn server ri ngt
kt ni.
IMAP
Internet Message Access Protocol (IMAP) cung cp lnh phn mm th in
t trn my khch v my ch dng trong trao i thng tin. l phng php
ngi dng cui truy cp thng ip th in t hay bng tin in t t my
ch v th trong mi trng cng tc. N cho php chng trnh th in t
dng cho my khch - nh Netscape Mail, Eudora ca Qualcomm, Lotus Notes
hay Microsoft Outlook - ly thng ip t xa trn my ch mt cch d dng nh
trn a cng cc b.
http://www.ebook.edu.vn
108
Chun v th in t c ng h
IMAP l c ch cho php ly thng tin v th in t ca bn, hay chnh cc
thng ip t mail server ca mi trng cng tc.
Giao thc th in t ny cho php ngi dng kt ni bng ng in thoi
vo my ch Internet t xa, xem xt phn tiu v ngi gi ca th in t
trc khi ti nhng th ny v my ch ca mnh.
Vi IMAP ngi dng c th truy cp cc thng ip nh chng c lu tr
cc b trong khi thc t li l thao tc trn my ch cch xa hng ki l mt.
Vi kh nng truy cp t xa ny, IMAP d c ngi dng cng tc chp nhn
v h coi trng kh nng lm vic lu ng.
Kh nng truy cp l cha kha
Ngi dng thng xuyn i li mun lu thng ip ca h trn my ch
n bt k u cui no cng c th c v lm vic c. IMAP cho php thc
hin iu .
IMAP khc vi giao thc truy cp th in t Post Office Protocol (POP). POP
lu tr ton b thng ip trn my ch. Ngi dng kt ni bng ng in
thoi vo my ch v POP s a cc thng ip vo in-box ca ngi dng, sau
xa th trn my ch. Hai giao thc ny c dng t hn 10 nm nay.
Theo mt nh phn tch th khc bit chnh gia POP (phin bn hin hnh 3.0)
v IMAP (phin bn hin hnh 4.0) l POP3 cho ngi dng t quyn iu khin
hn trn thng ip.
http://www.ebook.edu.vn
109
http://www.ebook.edu.vn
110
Ci t v cu hnh Mdaemon
http://www.ebook.edu.vn
111
http://www.ebook.edu.vn
112
http://www.ebook.edu.vn
113
To Account
http://www.ebook.edu.vn
114
http://www.ebook.edu.vn
115
http://www.ebook.edu.vn
116
Hnh 15.1
i vi cc nh cung cp dch v ng truyn internet:
-Do trn mng internet c lng thng tin rt phong ph, theo quan im ca
tng quc gia, ca tng chng tc hay a phng, cc nh cung cp dch v
internet khu vc s phi hp proxy vi k thut tng la to ra mt b
lc gi l firewall proxy nhm ngn chn cc thng tin c hi hoc tri thun
phong m tc i vi quc gia, i vi chng tc hay a phng . a ch cc
websit m khch hng yu cu truy cp s c lc ti b lc ny, nu a ch
khng b cm th yu cu ca khch hng tip tc c gi i, ti cc DNS
server ca cc nh cung cp dch v. Firewall proxy s lc tt c cc thng tin t
internet gi vo my ca khch hng v ngc li.
ngha ca proxy
Proxy khng ch c gi tr bi n lm c nhim v ca mt b lc thng tin,
n cn to ra c s an ton cho cc khch hng ca n, firewal Proxy ngn
chn hiu qut s xm nhp ca cc i tng khng mong mun vo my ca
http://www.ebook.edu.vn
117
http://www.ebook.edu.vn
118
http://www.ebook.edu.vn
119
http://www.ebook.edu.vn
120
http://www.ebook.edu.vn
121
http://www.ebook.edu.vn
122
http://www.ebook.edu.vn
123
http://www.ebook.edu.vn
124
L do s dng tng la
Mng internet ngy cng pht trin v ph bin rng khp mi ni, li ch ca n
rt ln. Tuy nhin cng c rt nhiu ngoi tc khng mong mun i vi cc c
nhn l cha m hay t chc, doanh nghip, c quan nh nc... nh cc trang
web khng ph hp la tui, nhim v, li ch, o c, php lut hoc trao i
thng tin bt li cho c nhn, doanh nghip... Do vy h (cc c nhn, t chc,
c quan v nh nc) s dng tng la ngn chn.
Mt l do khc l mt s quc gia theo ch c ti, c ng p dng tng
la ngn chn quyn trao i, tip cn thng tin ca cng dn nc mnh
khng cho h truy cp vo cc trang web hoc trao i vi bn ngoi, iu m
nh cm quyn cho rng khng c li cho ch .
Cch thc ngn chn
ngn chn cc trang web khng mong mun, cc trao i thng tin khng
mong mun ngi ta dng cch lc cc a ch web khng mong mun m h
tp hp c hoc lc ni dung thng tin trong cc trang thng qua cc t kha
ngn chn nhng ngi dng khng mong mun truy cp vo mng v cho
php ngi dng hp l thc hin vic truy xut.
Bc tng la c th l mt thit b nh hng (Router, mt thit b kt ni gia
hai hay nhiu mng v chuyn cc thng tin gia cc mng ny) hay trn mt
my ch (Server), bao gm phn cng v/hoc phn mm nm gia hai mng
(chng hn mng Internet v mng lin kt cc gia nh, im kinh doanh
internet, t chc, cng ty, h thng Ngn hng, c quan nh nc.
C quan nh nc c th lp bc tng la ngay t cng Internet quc gia hoc
yu cu cc nh cung cp dch v ng truyn (IXP) v cung cp dch v
Internet (ISP) thit lp h thng tng la hu hiu hoc yu cu cc i l kinh
V Khnh Qu Khoa CNTT H S phm K thut Hng Yn
http://www.ebook.edu.vn
125
doanh internet thc hin cc bin php khc nh Thng t lin tch s
02/2005/TTLT v qun l i l Internet c hiu lc vo u thng 8-2005
Vit Nam.
Vt tng la
Cc trang web b chn nht l cc trang web sex thng rt linh ng thay i
a ch trnh s nhn din hoc nhanh chng thng bo a ch mi mt cch
hn ch vi cc i tng dng nh.
Ngi dng cc nc c h thng tng la c th tip cn vi ni dung b
chn qua cc ng khc bng cch thay i a ch Proxy, DNS hoc qua vng
nh m cached ca trang tm kim thng dng nh Google, Yahoo..., hoc s
dng phn mm min ph Tor. Ni chung ngi dng mng hiu bit nhiu v
my tnh th bit nhiu k xo vt tng la.
Hiu qu khi s dng tng la
Bc tng la ch c hiu qu tt mt thi gian sau cc trang web b chn
cng nh ngi s dng dng mu mo, k xo, k thut n v vut tng, v
vy phi lun lun cp nht k thut, nhn in cc a ch mi thay i
phng thc hot ng, iu ny lm tc truy cp chung b gim v i hi
phi nng cp trang thit b, k thut.
Nhc im khi s dng tng la
S dng tng la cn phi x l mt lng ln thng tin nn vic x l lc
thng tin c th lm chm qu trnh kt ni ca ngi kt ni.
Vic s dng tng la ch hu hiu i vi nhng ngi khng thnh tho k
thut vt tng la, nhng ngi s dng khc c hiu bit c th d dng vt
qua tng la bng cch s dng cc proxy khng b ngn chn.
V Khnh Qu Khoa CNTT H S phm K thut Hng Yn
http://www.ebook.edu.vn
126
M t s h thng:
Gm 01 PC ng vai tr Domain Controller (DC)
Mng LAN thuc di IP 192.168.1.0/24
DMZ thuc di IP 172.16.1.0/24
External c di IP 10.0.0.0/30
Firewall c 03 Fast Ethernet tng ng 03 phn vng LAN (Internal),
DMZ v External
Yu cu:
Cc PC join vo Domain (DC)
File Server v Web Server thuc vng DMZ cho php cc PC thuc LAN
truy cp vo
Cc PC thuc LAN c th truy cp Internet theo s cho php ca Firewall
V Khnh Qu Khoa CNTT H S phm K thut Hng Yn
http://www.ebook.edu.vn
127
Bi 16: C bn v bo mt
http://www.ebook.edu.vn
128
Tin tc hin nay thng dng cc tp tin cha ng hng trm ngn ti khon
mc nh (username v password) ca cc thit b kt ni mng d tm quyn
hn truy xut kh nng ng nhp vo h thng mng. Nu cc ti khon, thit
lp mc nh khng c thay i, tin tc s d dng chim quyn iu khin ti
nguyn mng.
Mi trng mng ti gia khng an ton
i vi mt vi doanh nghip nh, cc nhn vin thng em my tnh xch tay
(laptop) ca mnh n vn phng lm vic. Trong mi trng mng ti gia
nh, ch bo mt thng rt km hay thm ch khng c nhng thit lp bo
v. Do , nhng chic laptop ca nhn vin c th l ngun gc pht tn virus,
malware hay tr thnh zombie trung gian tin tc tn cng vo h thng mng
ca doanh nghip.
Thiu cnh gic vi mng cng cng
Mt th on chung tin tc hay s dng dn d nhng nn nhn l t mt
thit b trung chuyn wireless access-point khng ci t mt khu (unsecured)
ri gn mt ci nhn nh "Mng Wi-Fi min ph" v rung i ngi ch nhng
kt ni "ngy th" ri vo by. Tin tc s dng cc cng c thu tm gi d liu
mng gip nhn bit c nhng vn bn hay bt k nhng g m nhn vin doanh
nghip g ri gi ra ngoi.
Mt mt thit b di ng
Rt nhiu doanh nghip, thm ch gn y cn c c mt vi hng ln b tht
thot d liu quan trng do mt cp my tnh xch tay, tht lc in thoi di ng
hay cc a flash USB lu tr. D liu trong cc thit b ny thng t c m
ha hay bo v bng mt khu, rt d dng x l mt khi s hu chng.
Li t my ch web
Hin cn kh nhiu doanh nghip khng coi trng vic t website ca mnh ti
my ch no, mc bo mt ra sao. Do , website kinh doanh ca doanh
nghip s l mi ngon ca cc t tn cng SQL Injection hay botnet.
Duyt web trn lan
V Khnh Qu Khoa CNTT H S phm K thut Hng Yn
http://www.ebook.edu.vn
129
Khng phi nhn vin vn phng no cng am hiu tng tn v nhng him
ha rnh rp trn mng Internet nh malware, spyware, virus, trojan... H c v
t truy cp vo cc website khng xc nh hoc b dn d click vo nhng
website c tin tc by c cho n v th l my tnh ca nhn vin s l cnh
ca gip tin tc xm nhp vo trong mng ca doanh nghip.
Email cha ng m c
Nhng cuc gii bom th rc s lm trn ngp hp th ca bn vi nhng tiu
hp dn nh nhng v scandal tnh i, hnh nh nng bng hay cc li mi cho
kinh doanh... ch mt c nhp chut sai lm th ngay lp tc my tnh s ti v
cc on m c lm tin cho hng lot phn mm c hi i sau xm nhp
vo my tnh.
Khng v li bo mt
Hn 90% cc cuc tn cng vo h thng mng u c gng khai thc cc li
bo mt c bit n. Mc d cc bn v li vn thng xuyn c nhng
hng sn xut cung cp ngay sau khi li c pht hin nhng mt vi doanh
nghip li khng coi trng vic cp nht li thng nht dn n vic cc li bo
mt m toang cng cho n nhng cuc tn cng.
http://www.ebook.edu.vn
130
Lc s ca virus
C nhiu quan im khc nhau v lch s ca virus in ton. y ch nu rt
vn tt v khi qut nhng im chung nht v, qua , chng ta c th hiu chi
tit hn v cc loi virus:
Nm 1949: John von Neuman (1903-1957) pht trin nn tng l thuyt t
nhn bn ca mt chng trnh cho my tnh.
Vo cui thp nin 1960 u thp nin 1970 xut hin trn cc my
Univax 1108 mt chng trnh gi l "Pervading Animal" t n c th ni
vi phn sau ca cc tp tin t hnh. Lc cha c khi nim virus.
Nm 1981: Cc virus u tin xut hin trong h iu hnh ca my tnh
Apple II.
Nm 1983: Ti i Hc min Nam California, ti Hoa K, Fred Cohen ln
u a ra khi nim computer virus nh nh ngha ngy nay.
Nm 1986: Virus "the Brain", virus cho my tnh c nhn (PC) u tin,
c to ra ti Pakistan bi Basit v Amjad. Chng trnh ny nm trong
phn khi ng (boot sector) ca mt da mm 360Kb v n s ly nhim
tt c cc da mm. y l loi "stealth virus" u tin.
V Khnh Qu Khoa CNTT H S phm K thut Hng Yn
http://www.ebook.edu.vn
131
http://www.ebook.edu.vn
132
Excel. Sau ny, virus Melissa, nm 1997, tn cng hn 1 triu my, lan
truyn bi mt tp nh km kiu Word bng cch c v gi n cc a
ch ca Outlook trong cc my b nhim virus. Virus Tristate, nm
1999, c th nm trong cc tp Word, Excel v Power Point.
Nm 2000: Virus Love Bug, cn c tn ILOVEYOU, nh la tnh hiu k
ca mi ngi. y l mt loi macro virus. c im l n dng ui tp
tin dng "ILOVEYOU.txt.exe". Li dng im yu ca Outlook thi by
gi: theo mc nh sn, ui dng .exe s t ng b du i. Ngoi ra,
virus ny cn c mt c tnh mi ca spyware: n tm cch c tn v m
nhp ca my ch v gi v cho tay hc o. Khi truy cu ra th l mt
sinh vin ngi Philippines. Tn ny c tha bng v Philippines cha c
lut trng tr nhng ngi to ra virus cho my tnh.
Nm 2002: Tc gi ca virus Melissa, David L. Smith, b x 20 thng t.
Nm 2003: Virus Slammer, mt loi worm lan truyn vi vn tc k lc,
truyn cho khong 75 ngn my trong 10 pht.
Nm 2004: nh du mt th h mi ca virus l worm Sasser. Vi virus
ny th ngi ta khng cn phi m nh km ca in th m ch cn m
l th l cho n xm nhp vo my. Cng may l Sasser khng hon
ton hy hoi my m ch lm cho my ch tr nn chm hn v i khi
n lm my t khi ng tr li. Tc gi ca worm ny cng lp mt k
lc khc: tay hc o (hacker) ni ting tr nht, ch mi 18 tui, Sven
Jaschan, ngi c. Tuy vy, v cn nh tui, nn vo thng 7 nm 2005
nn ta n c ch pht anh ny 3 nm t treo v 30 gi lao ng cng
ch.
Vi kh nng ca cc tay hacker, virus ngy ngay c th xm nhp bng cch b
gy cc ro an ton ca h iu hnh hay chui vo cc ch h ca cc phn mm
nht l cc chng trnh th in t, ri t lan ta khp ni theo cc ni kt
mng hay qua th in t. Do d, vic truy tm ra ngun gc pht tn virus s
cng kh hn nhiu. Chnh Microsoft, hng ch to cc phn mm ph bin,
cng l mt nn nhn. H phi nghin cu, sa cha v pht hnh rt nhiu
http://www.ebook.edu.vn
133
http://www.ebook.edu.vn
134
http://www.ebook.edu.vn
135
http://www.ebook.edu.vn
136
Khi hay tin CD nhc ca Sony ci t rookit giu file chng sao chp xut
hin vo thng 11 nm ngoi, gii tin tc hn hoan v nhanh chng khai thc ng
dng ca Sony. Phn mm ca Sony giu bt k file hay tin trnh bt u vi
"$sys$", nhng k vit phn mm c hi i tn file li dng c im
ny .
Vo thng 3, nh sn xut phn mm chng virus Ty Ban Nha l Panda
Software cho bit h ang tm bin th ca su Bagle cc k c hi c trang b
kh nng ca rootkit. Trm trng hn, tng t nh cc "nh sn xut" chng
trnh botnet, nhng k to phn mm rootkit cn bn hoc pht tn min ph cc
cng c, gip nhng tay vit phn mm c hi d dng b sung chc nng
rootkit cho cc virus c nh Bagle hay to loi mi. Mt d n do Microsoft v
cc nh nghin cu ca i hc Michigan thc hin tht s m ng cho
nghin cu rootkit, to ra mt phng thc mi gn nh "t" HH chy trn
phn mm c tn SubVirt (tn ca d n nghin cu). HH vn lm vic bnh
thng, nhng "my o" iu khin mi th HH nhn thy v c th d dng
giu chnh n.
May mn l k thut ny khng d thc hin v ngi dng d nhn ra v lm
chm h thng v lm thay i nhng file nht nh. Hin gi, loi siu rootkit
ny ch mi dng tng, cn nhiu thi gian trc khi tin tc c th thc hin
phng thc tn cng ny.
http://www.ebook.edu.vn
137
http://www.ebook.edu.vn
138
http://www.ebook.edu.vn
139
http://www.ebook.edu.vn
140
Theo s pht trin rng ri ca Internet trn th gii m hin nay cc hnh thc
ly nhim virus qua Internet tr thnh cc phng thc chnh ca virus ngy nay.
C cc hnh thc ly nhim virus v phn mm c hi thng qua Internet nh
sau:
Ly nhim thng qua cc file ti liu, phn mm: L cch ly nhim c in,
nhng thay th cc hnh thc truyn file theo cch c in (a mm, a USB...)
bng cch ti t Internet, trao i, thng qua cc phn mm...
Ly nhim khi ang truy cp cc trang web c ci t virus (theo cch v tnh
hoc c ): Cc trang web c th c cha cc m him c gy ly nhim virus
v phn mm c hi vo my tnh ca ngi s dng khi truy cp vo cc trang
web .
Ly nhim virus hoc chim quyn iu khin my tnh thng qua cc li bo
mt h iu hnh, ng dng sn c trn h iu hnh hoc phn mm ca hng
th ba: iu ny c th kh tin i vi mt s ngi s dng, tuy nhin tin tc
c th li dng cc li bo mt ca h iu hnh, phn mm sn c trn h iu
hnh (v d Winidow Media Player) hoc li bo mt ca cc phn mm ca
hng th ba (v d Acrobat Reader) ly nhim virus hoc chim quyn kim
sot my tnh nn nhn khi m cc file lin kt vi cc phn mm ny.
Bin th
Mt hnh thc trong c ch hot ng ca virus l to ra cc bin th ca chng.
Bin th ca virus l s thay i m ngun nhm cc mc ch trnh s pht hin
ca phn mm dit virus hoc lm thay i hnh ng ca n.
Mt s loi virus c th t to ra cc bin th khc nhau gy kh khn cho qu
trnh pht hin v tiu dit chng. Mt s bin th khc xut hin do sau khi
virus b nhn dng ca cc phn mm dit virus, chnh tc gi hoc cc tin tc
khc (bit c m ca chng) vit li, nng cp hoc ci tin chng tip
tc pht tn.
Virus c kh nng v hiu ho phn mm dit virus
http://www.ebook.edu.vn
141
http://www.ebook.edu.vn
142
Nhn din
US-CERT xc nh du hiu ca mt v tn cng t chi dch v gm c :
Mng thc thi chm khc thng (m file hay truy cp Website).
Khng th dng mt Website c th.
Khng c th truy cp bt k Website no
Tng lng th rc nhn c (nh mt trn "boom mail")
Khng phi tt cc cc dch v ngng chy,thm ch l kt qu ca
mt hot ng nguy hi, tt yu ca tn cng DoS.
V Khnh Qu Khoa CNTT H S phm K thut Hng Yn
http://www.ebook.edu.vn
143
http://www.ebook.edu.vn
144
http://www.ebook.edu.vn
145
http://www.ebook.edu.vn
146
http://www.ebook.edu.vn
147
http://www.ebook.edu.vn
148
http://www.ebook.edu.vn
149