No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

ME60 V800R010C10SPC500 Configuration Guide - Security Hardening 01

This is ME60 V800R010C10SPC500 Configuration Guide - Security Hardening
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Potential Security Risks Caused by the Openness of IP Networks

Potential Security Risks Caused by the Openness of IP Networks

An open IP network has clear network architecture but also causes great potential security risks.

The IP network does not provide an authentication and authorization mechanism for terminal access, and therefore any terminal can access the IP network at will. Attackers can easily access the IP network and probe the IP address of a ME device, and then initiate attacks. In addition, they can easily simulate mass source IP addresses through address spoofing to initiate attacks on the ME device.

In the Transmission Control Protocol/Internet Protocol (TCP/IP) suite, Layer 3 and lower layers have no security defense capabilities. Therefore, the application layer needs to ensure message integrity, authentication and authorization, and protocol consistency. As a result, attacks at Layer 4 or a lower layer usually target at the ME device.

The Ethernet network itself lacks identity authentication capabilities, which may easily cause MAC address spoofing attacks.

The IP stack is not designed with a security policy structure and therefore is susceptible to attacks.

The preceding potential security risks may expose networks to a variety of attacks, such as address spoofing attacks, replay attacks, malformed packet attacks, network viruses, message tampering, and traffic flooding, and therefore cause security problems.

Translation
Download
Updated: 2019-01-04

Document ID: EDOC1100059445

Views: 7417

Downloads: 9

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next