Creation time: 2005-01-10
Root (webmaster_at_xfocus.org)
2004 · Network security ring
Network security focus <07/01/2004>
Into 2005, let's look back, the wind and rain in the network security ring in the past year, which we just listened to a sound? Which is what we really touch and feel?
Outside the circle, safety has been fully integrated into our lives ...
First, network security circle · trend
1.1 More network crimes directly with economic interests
The most attractive national eye should be Tencent. In 2004, the QQ large-scale QQ was unable, especially after this, the shadow of the shadow, some exclaimed: China's network terrorism was born.
After all, the rumors are just a rumor. In contrast, a group of Brazilian online banking hackers can make you really feel that online crimes are close to you. Just more than a year, they steal about $ 27.58 million from the bank. ......
We can see people who can see commercial spies, military spies or a group of people who only assain their attack on the night ...
Reference link:
Http://news.xinhuaet.com/world/2004-10/21/content_2120490.htm
http://news.xinhuaet.com/it/2004-06/30/content_1555907.htm
Http://news.xinhuaet.com/legal/2004-09/26/content_2024331.htm
Xfocus Comments:
No doubt, what we can see is just a hoss of the iceberg. Technological progress plus the lack of morality, the hackers began to see what they want.
1.2 Refusal service attack is flooding
The refusal service we have seen is not just a one or several machines, and the attackers control hundred thousand zombie computers (Zombie), even by worms to spread and attacked. DOS has attracted a lot of enthusiasts, so it is thus flooding such garbage traffic on the Internet.
Reference link:
http://news.xinhuaet.com/world/2004-07/29/content_1674840.htm
Http://www.chinabyte.com/busnews/216485043416072192/20040923/1857545.SHTML
Http://www.nsfocus.net/index.php?act=sec_news&d =View&news_id=4051
Xfocus Comments:
In addition to routine denial of service attacks, DOS is fraudulent, we are facing more intentional DOS more and more, for example, mail worms send emails, generated DNS query packets, generating DOS, etc. Wait, the event is getting more frequent.
1.3 The struggle between spam and anti-spam is more intensified
Netizens and people from all walks of life are increasingly concerned that online service providers and email operators have proposed their own technical solutions: Yahoo's "DomainKeys", which uses public / private key encryption technology to generate each email address A unique signature to realize authentication of mail senders; Microsoft's "electronic stamp" is paid for a mail solution; AOL is experimenting with a new email protocol called "Sender Permitted from" (SPF), which is forbidden to pass the modification domain name. System (DNS) forged email address ...
Spam senders are not sitting, but take the initiative to deny the anti-spam website.
It is LYCOS, they launched a screen saver, when the screen saver is started, the data packet of the spam sender is sent, the more users of the screen, the more sad the spam server. But ... and more, this is the anti-spam screen saver, actually met Li Gui: There is a virus to disguise into a screen saver, but the virus will monitor the keystroke process to steal password and bank account information. Waiting for personal information. Reference link:
Http://anti-spam.org.cn/news/index.php?action=show&id=57
Http://it.sohu.com/2003/12/03/22/Article216382286.shtml
Http://tech.sina.com.cn/s/s/2004-12-10/0850473870.shtml
Http://www.chinabyte.com/homepage/219001851301855232/20030927/1732497.shtml
Xfocus Comments:
Taoism is one foot, the magic is one feet, the world will always develop in this long, in 2003, the anti-spam market is not shocked. At the end of 2004, the anti-spam manufacturer certified by the Ministry of Public Security has exceeded 40. Spam vendors and anti-spam vendors, they are making money together, or can spell out a high, but they have not known, but they can be clear that in 2005, anti-spam market will be very lively.
1.4 worms, viruses, spyware rampant, frequent network fishing events
MYDOOM / NETSKY / BAGLE / STO / SCO Bomb / QQ Tail / MSN Shooting and other series of new viruses and worms have caused huge economic losses. And the diversification of viruses and worms is obvious, and even worm preparation organizations begin to fight each other, and new versions are frequently launched.
According to the survey, the average of 28 spyware per household, they have been used by more companies and individuals, and their purpose is also from the initial simple receipt of information. It may collect passwords, accounts, etc. Information. Do you still remember the online banking thief? ?
As for the network fishing, do not talk about the eBay that is more troublesome, only to see the online fishing passengers to pay Bank of China with "fake websites", and the ICBC users can imagine their level.
Reference link:
http://www.donews.com/donews/Article/59549.html
http://www.southcn.com/it/itzt/yinghang/200412091190.htm
Http://tech.china.com/en_cn/news/safe/895/20041223/12029275.html
http://www.jiangmin.com/exec/zhuanti/zhuang_0424.asp
Http://news.xinhuaet.com/it/2004-12/08/content_2308519.htm
Xfocus Comments:
There have been worms before, but there are so many this year. So frequent, especially newly used instant messaging tools such as QQ, MSN to spread viruses, making people more dare not believe in the network.
I have also had spyware, but I haven't been so busy this year to come ...
There are also online fishing, but it is not like this year.
1.5 Increased threat to non-PC equipment (such as mobile phones)
In May 2004, the Symantec Safety Response Center analysis found the first worm -epoc Cabir, EPOC.cabir, who attacked mobile phones. The infected mobile phone will repeatedly send this worm to the first Bluetooth device it. On July 16, according to BitDefender, Romania, the company discovered a virus that was called WinCe4.dust's infected Windows CE operating system, although it is a conceptual virus, but the key technologies of viruses have already have , Including API search, file transmission. It is only a moral bottom line. If you use KernelioControl to bring your system into the bootloader mode, you can only be repaired for most PDA users. In addition, Wince4.dust and Cabir's source code has been disclosed, so the more powerful viruses that are more powerful and the lower virus will appear.
Reference link:
http://www.nsfocus.net/index.php?act=sec_news&d =view&news_id=4434
http://xfocus.net/articles/200201/327.html
Xfocus Comments:
In 2002, Xfocus researchers conducted research on mobile phones, but mobile phone viruses never like this year, 2005 we may see the large-scale spread of mobile worms.
Second, the network security circle · Event · China
2.1 National strengthening information security, promulgation series documents
After the Second Year No. 27, the country attaches great importance to information security. In January 2004, the National Information Security Work Association has held a strong defense, comprehensive prevention security policy. Start implementation level protection law in China.
Xfocus Comments:
Since then, a series of standards and technologies are carried out, which directly triggers a positive response to the security market, which is undoubtedly the Dongfeng in the entire information security industry.
2.2 WAPI certification
On December 1, 2003, the State Certification and Accreditation Regulatory Commission issued Announcement No. 113 of 2003. Since June 1, 2004, it is mandatory to implement a wireless local area network product. However, due to foreign manufacturers' opposition, after a period of game, the final WAPI was unlimited without restriction.
Xfocus Comments:
Although it is an announcement made in 2003, it has been a series of struggles around this, and its wind wave even gave the national leadership, led to the game of the international political level. The influence is far-reaching, and has already exceeded the information security industry and even the category of the IT industry, so it is worth a big book.
2.3 Electronic Signature Law
The "People's Republic of China Electronic Signature Law" has passed the 11th meeting of the Tenth National People's Congress of the People's Republic of China on August 28, 2004, which is issued since April 1, 2005.
Xfocus comments:
The law is considered to be legislation in China's first real e-commerce. It has greatly promoted the development of e-commerce and e-government, which can be said to be a long-awaited initiative, called a sound.
2.4 Networking Yellow Special Action
China has set off a campaign porn website, illegal and bad information reporting center, officially officially facing society on June 10. Taking the opening of the reporting center, the Party Central Committee, the State Council decided to carry out special actions against obscene pornographic websites. So far, there have been received more than 95,000 times of public reports. According to the public report, the state law enforcement and administrative organs closed the illegal website according to law, including 1129 obscene pornographic websites, providing gambling channels, engage in superstition activities And promote the cultural website of 114 websites.
Xfocus Comments:
To shape security in the form of the people's war, this is a new idea. This special action also opened the infinite business opportunities - at least content filtration manufacturers tasted the sweetness. 2.5 MD5 safety reveals
In September 2004, at the 2004 International Cryptographic Conference held in the United States, Professor Wang Xiaomun, Professor Shandong University, to successfully crack the MD5's sensation. It is said that her research results as a major discovery in the field of cryptography announced that the World Password Standard MD5 was seriously challenged.
Xfocus Comments:
Breakthrough in the core technology of information security. She won the audience of the International Cryptographic Conference Crypto'2004, the most important thing is that this news gave us confidence, let us pay tribute to the scholars of these domestic solid foundations.
2.6 Security issues in network financial services
A series of viruses such as online banking thieves I, online banking thief II, securities thieves have proven to appear on the public vision with financial crimes as the only destination virus.
Xfocus Comments:
Typical information brings problems, such Trojans have become a very effective financial crime through software technology and network.
Third, network security circle · event · world
More than 3.1 large international companies Product source code leakage
On February 12, Microsoft discovered a part of the incomplete Windows2000 and WindowsNT4 product code that illegally spread on the Internet. After investigating, the Some of Windows 2000 source code that the leakage found that it was not from Microsoft, but Microsoft's long-term partner MAINSOFT. In May, a Russian security website reported the source code of the Cisco IOS 12.3 operating system. According to reports, some malicious molecules entered the internal network of Cisco and stealing at least 800m source code, and theft was released on the IRC on the IRC. Overview. Last year, "Half-stop 2" source code was broken by the hacker and the Microsoft vulnerabilities, and the FBI finally arrested the hacker.
Xfocus Comments:
If you have a certain resource, you can see the source code of more famous enterprises well-known products in the accepted underground trading.
More than 3.2 companies strengthen integration, mergers and acquisitions
Cisco acquired a secure software developer TWINGO system with $ 5 million, acquired develops anti-DOS (reject service) attack software for US $ 39 million, and develops network security software in October in October. Business Perfigo. This is not very eye-catching in front of Juniper, because Juniper acquires NetScreen with $ 4 billion.
All of this was shocked by the end of 2004, because Symantec spent $ 13.5 billion and returned Veritas, soon, Symantec had just acquired the predecessor to organize L0PHT @stake.
Xfocus Comments:
This year seems to be a merger year, here is not a complete list of mergers, such as McAfee acquire Foundstone, etc. Compared with these companies, China's security companies are too small to be too fragile, and we need to grow rapidly.
3.3 Client safety attaches importance, fire fox bites Microsoft
The market share of the IE browser has dropped below 90%, and the foreign military projected Firefox!
Browser vulnerabilities become the latest popular network virus attack path, which is also very much in Microsoft IE, and IE is frequently issued in 2004, and the computer emergency response center is a announcement of CERT (
http://www.kb.cert.org/vuls/id/713878) gave the excellent opportunity for Firefox, so the fire fox broke into the public's sight.
Xfocus Comments:
As the company and individual pay attention to server security, the vulnerability available in this area is gradually decreasing, and the hackers began to pay attention to browser, applications, and clients. We need to pay attention may be not only browser, what is the next one? ? ? 3.4 Using the Search Engine Attack Etenna
At the Blackhat conference held in Las Vegas, two security experts have been named you Found That on Google and Google Attacks, and the hackers use the search engine skills to formally surface. After a worm called Santy first uses Google, then use Yahoo shakes to spread (http: //www.pconline.com.cn/pcedu/softnews/bingdu/0412/524786.html). As for Google's newly launched Desktop search software, it was also found in November to have security vulnerabilities ...
Xfocus comments:
After searching for the king's 2004, what kind of tricks will hackers still think of? Can only be said, creative is unlimited.
