September 2021
Beginner to intermediate
392 pages
12h 13m
Chinese
book
Google系统架构解密: 构建安全可靠的系统
by Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, Adam Stubblefield
Content preview from Google系统架构解密: 构建安全可靠的系统
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
调查系统
|
247
同,它很快就会转向这样的问题:提交作业的用户有哪些行为?该用户还有哪些活动?系
统中是否有活跃的攻击者?攻击者下一步会做什么?简而言之,调试更侧重于代码,而安
全调查可能会很快聚焦于攻击者。
在安全调查期间,使用前文推荐的问题调试步骤可能会适得其反。添加新代码、废弃系统
等操作可能会带来意想不到的副作用。我们曾经对一系列实践做了响应,调试人员删除通
常不属于系统的文件,以此来解决错误行为,结果发现这些文件是由攻击者引入的,攻击
者因此收到告警,发现了正在进行的安全调查。曾经有过一个案例,攻击者的回应方式甚
至会是删除整个系统!
一旦怀疑发生了入侵事件,也可能会给调查增添新的紧迫感。当一个系统可能被蓄意入侵
时,会引发一系列严肃而紧迫的问题。对手的意图是什么?还有哪些系统可能被入侵了?
需要打电话给执法部门或监管机构吗?当组织着手解决运维安全问题时,安全调查的复杂
性随之增长(第
17
章
进一步讨论了该主题)。其他团队的专家在调查开始前可能会介入,
如法务部门。简而言之,当怀疑被入侵时,应从安全专家那里寻求帮助。
安全性和可靠性的交集
:
发现入侵
安全调查过程中,可能会遇到许多与预期不符的地方,它们属于系统中的不正确之处,
只需要纠正即可。但是,如果这些与预期不符之处越来越多,而且越来越没办法解释,
则可能是恶意攻击者在篡改系统。以下列举了一些不符之处,需要对其提高警惕,因
为它们可能意味着潜在入侵。
•
调试所需的日志和数据丢失、截断或损坏。
•
当着手调查系统行为时,发现开始怀疑某
账户
或
用户
的恶意系列行为。 ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.