國防科學技術大學計算機學院網絡工程系 長沙 410073
[摘 要]:目前大部分高校都開設了網絡安全課程�,對于網絡安全教學來說�����,由于其本身所具有的特殊性和破壞性���,開展實驗教學的網絡滲透測試技術內容非常有限 �����,實踐是檢驗理論正確與否的必要途徑����。本文提出了一個利用滲透測試工具來搭建的滲透測試實驗平臺���,設計了滲透測試環境和流程�����,解決了現實信息安全教學過程中出現的實際困難���,使得學生能夠更好地學習和掌握相關技術�����。
[關鍵詞]:Metasploit�����,滲透測試����,實驗平臺
中圖分類號:TP393 文獻標識碼:A 文章編號:
The development and application of penetration testing experimental platform
Zhao Wenzhe
Department of computer science network engineering, National University of Defense
Technology,410073,Changsha, P.R.China
Abstract: Network security is a necessary curriculum in most universities .For the network security teaching , it is limited to learn network penetration test technology by experimental study because of the particularity and damage of itself. But The practice is a necessary way to test the theory is correct or not. The experimental platform of penetration test, which built by penetration testing tools, was presented in this paper. Penetration test environment and process also were designed. Therefore the real difficulties in the network security teaching were solved and it is better for college student to learn and master the relevant technoloyies.
Key Words: Metasploit, Penetration testing, Tast platform
參考文獻:
[1] 沈昌祥,左曉棟.信息安全[B].浙江大學出版社.2007
[2] Metasploit網站http://www.metasploit.com
[3]諸葛建偉,陳力波,孫松柏,王洐,田繁等.Mtasploit滲透測試魔鬼訓練營.機械工業出版社.2013
[4] 李勻.網絡滲透測試——保護網絡安全的技術���、工具和過程[M].北京:電子工業出版社.2007
[5]張勇,李力,薛倩 web環境下SQL注入攻擊的檢測與防御,現代電子技術.2004.27(15):103-105
[6] 諸葛建偉,王洐,孫松柏等. Mtasploit滲透測試指南.電子工業出版社.2012
[7]徐正強.網絡信息安全滲透測試平臺研究[D].廣東工業大學.2008
[8] [印度]Abhinav Singh著,王一譯.Metasploit滲透測試手冊.人民郵電出版社.2013
[9] 《Metasploit The PenetrationTester's Guide》讀書筆記.http://www.t00ls.net/
[10]Metasploit Unleashed,http://www.offensive-security.com/metasploit-unleashed/Main_Page
[11]蒲石.WEB安全滲透測試研究.西安電子科技大學2010年碩士研究生畢業論文
[12]汪潔,何小賢,李敏.Metasploit框架在計算機攻擊與防御實驗教學中的應用.第21屆全國計算機新科技與計算機教育學術大會.2010
作者簡介:
趙文哲����,男���,1984年1月出生��,湖南張家界人����,國防科學技術大學計算機學院計算機科學與技術專業工程碩士��。主要研究方向是計算機網絡�����,信息安全����。
