计算机安全防范解决方案研究毕业论文设计

1长沙理工大学2011本科毕业设计（论文）题目：计算机安全防范解决方案研究——个人电脑安全学生姓名：郭小静班级：08计算机二班学号：2008AJH2指导教师：2011年11月技术支持：计算机安全防范解决方案研究——个人电脑安全摘要在计算机没有大规模普及之前，人们会将重要的文件资料锁到文件柜或保险柜保管。随着计算机以及因特网的迅速发展而趋向于利用计算机和网络实现信息的数据化管理。各种重要的信息（如商业秘密、技术专利等）如果存放在没有安全防范措施的计算机中，这就像用不上锁的文件柜来存放机密文件。由于计算机的开放性和标准化等结构特点，使计算机信息具有高度共享和易于扩散的特性，导致计算机信息（如重要密码）在处理、存储、传输和应用过程中很容易被泄露、窃取、篡改和破坏，或者受到计算机病毒感染、后门程序、漏洞和网络黑客的攻击，给企业带来极大的风险。这时候，计算机的安全性就凸显出它的重要性了。每个计算机用户或多或少地都亲身体验过病毒或者木马、黑客的骚扰。针对个人来说所带来的损失可能还不算大，但对于企业来说，可能会是灭顶之灾。关键词：网络安全；信息；攻击；后门程序；漏洞；密码；病毒；技术支持：(likebusinesssecret,techniquepatent...etc.)ofvariousimportancedepositinthereisnosafetyguardingagainstthecalculatorofmeasurein,thisisliketousenotlockofdocumentcabinettodepositsecretdocument.Becausethecalculatoropensexandstandardizeanetc.structurecharacteristics,makethecalculatorinformationhaveheightsharewithbeeasytoproliferationofcharacteristic,causethecalculatorinformation(suchasimportancepassword)isintheprocessing,savingly,deliverwiththeapplicationtheprocessveryeasyisreveal,steal,distortwithbreak,perhapsbesubjectedtocalculatorvirusinfection,backdoorprocedure,loopholeandthenetworkblackguestofattack,bringbusinessenterprisebiggestofrisk.Bythistime,thesafetyofcalculatorhighlightofimportance.Eachcalculatorcustomerormanyorlittlelyandallandpersonallytheexperienceleadvirusperhapswoodhorse,blackguestofharassment.Aimatpersonaltosaybringofthelossmaystillnotcalculatebig,butsayforthebusinessenterprise,mayisdrownofdisaster.Keyword:Thenetworksafety；information；attack；backdoorprocedure；loophole；password；virus；技术支持：章计算机端口及服务安全防范····································································11.1端口的概述·························································································11.2常用的端口和服务·················································································21.3端口的安全防范·································································································31.4计算机常用服务防范··············································································4第2章计算机系统漏洞···················································································52.1漏洞分析·····························································································52.2漏洞解决方案······················································································6第3章计算机共享资源及本地策略安全防范························································73.1共享资源安全分析················································································73.2共享资源安全防范················································································83.3本地策略安全防范················································································93.4DIY在本地策略的安全选项···································································10第4章计算机病毒及木马防范·········································································114.1病毒及木马的概述················································································114.2病毒及木马的种类················································································124.3病毒及木马防范技巧·············································································134.3.1巧用命令行彻查电脑中的恶意软件···············································164.3.2网银木马病毒原理与防杀办法····················································184.3.3查杀IMG病毒的常用方法及防范措施········································21第5章总结与展望··························································································255.1本研究工作总结··················································································255.2计算机安全防范展望············································································25参考文献······································································································26致谢······································································································27技术支持：端口的概述计算机“端口”是英文port的义译，可以认为是计算机与外界通讯交流的出口。其中硬件领域的端口又称接口，如：USB端口、串行端口等。软件领域的端口一般指网络中面向连接服务和无连接服务的通信协议端口，是一种抽象的软件结构，包括一些数据结构和I/O（基本输入输出）缓冲区。端口号有两种基本分配方式：第一种叫全局分配这是一种集中分配方式，由一个公认权威的中央机构根据用户需要进行统一分配，并将结果公布于众，第二种是本地分配，又称动态连接，即进程需要访问传输层服务时，向本地操作系统提出申请，操作系统返回本地唯一的端口号，进程再通过合适的系统调用，将自己和该端口连接起来（binding，绑定）。TCP/IP端口号的分配综合了以上两种方式，将端口号分为两部分，少量的作为保留端口，以全局方式分配给服务进程。每一个标准服务器都拥有一个全局公认的端口叫周知口，即使在不同的机器上，其端口号也相同。剩余的为自由端口，以本地方式进行分配。TCP和UDP规定，小于256的端口才能作为保留端口。按端口号可分为3大类：（1）公认端口（WellKnownPorts）：从0到1023，它们紧密绑定（binding）于一些服务。通常这些端口的通讯明确表明了某种服务的协议。例如：80端口实际上总是HTTP通讯。（2）注册端口（RegisteredPorts）：从1024到49151。它们松散地绑定于一些服务。也就是说有许多服务绑定于这些端口，这些端口同样用于许多其它目的。例如：许多系统处理动态端口从1024左右开始。（3）动态和/或私有端口（Dynamicand/orPrivatePorts）：从49152到65535。理论上，不应为服务分配这些端口。实际上，机器通常从1024起分配动态端口。但