Lack of physical Boundary 物理边界的缺少
Traditional network security places a great deal of emphasis on physical security of the network components. Data on the network travels over well-defined pathways, usually of copper or fiber, and the network infrastructure is protected by strong physical access control. Equipment is safely locked away in wiring closets, and set up so that it cannot be reconfigured by users. Basic security stems from the (admittedly marginal) security of the physical layer. Although it is possible to tap or redirect signals, physical access control makes it much harder for an intruder to gain surreptitious access to the network.
传统的网络安全是着重于大量的物理元件的安全。数据在网络中传输,通常是通过铜或光纤有明确路径而传输的,网络的基础结构受到物理接入控制强有力的保护。设备放在配线柜中锁藏起来,以至于用户不能重新设置。基本的安全来源于物理层的安全。物理访问控制使一个入侵者鬼祟的接入到网络中更难了,虽然可能需要重传信号。
Wireless networks have a much more open network medium. By definition, the network medium in a wireless network is not a well-defined path consisting of a physical cable, but a radio link with a particular encoding and modulation. Signals can be sent or received by anybody in possession of the radio techniques, which are of course well known because they are open standards. Interception of data is child's play, given that the medium is open to anybody with the right network interface, and the network interface can be purchased for less than $50 at your local consumer electronics store. Careful shopping online may get you cards for half of that.
无线网路有更多开放的网络媒介。根据定义来看,无线网络中的网络媒介没有物理电缆组成的那么明确的路径,但是无线通信线路有特殊编码和调制。数据的拦截是很容易干的事情,媒介对网络接口的每一个人开放,网络接口可以在当地用户的电子商店以少于50美元的价格买到。网上购物请小心你的卡片被他人用作其他。
Furthermore, radio waves tend to travel outside their intended location. There is no abrupt physical boundary of the network medium, and the range at which transmissions can be received can be extended with high-gain antennas on either side. When building a wireless network, you must carefully consider how to secure the connection to prevent unauthorized use, traffic injection, and traffic analysis. With the maturation of wireless protocols, the tools to authenticate wireless users and properly encrypt traffic are now well within reach.
此外,无线电波倾向于传播到超出他们预期的地点。那里没有突然的网络媒介的物理边界,被接收被扩大到另一边高增益天线的传输。建立无线网络,你必须小心的考虑怎样安全的连接无认证的使用,流量注入和流量分析。由于无线协议的成熟,认证无线用户的工具和适当的流量加密现在是触手可及的。
扫一扫
4763
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
