zfcg.ordos.gov.cnzfcg.ordos.gov.cn/zfcggg/201808/w020180806242071844892.docx · web view3.2...
TRANSCRIPT
+
CG2018FCS1445
20180803
2
4
16
19
20
21
26
52
+
+
.
1.
+
[2018]00486
CG2018FCS1445
2.
1
+
1
100000000
.
1.
.
20180803
1.http://www.nmgp.gov.cn
2.www.nmgggzyjy.gov.cn
3.http://zfcg.ordos.gov.cn
4.http://www.ordosggzyjy.org.cn
5.
.
0
.
201808140930
201808140930
.
808
017000
0477-8398613
017000
15204776199
20180803
.
1
15204776199
2
0477-8398613
808
3
4
100000000
5
6
7
8
9
33
10
11
12
90
13
201808140900--0930
14
201808140930
15
16
121
17
18
19
20
21
22
23
200
302205027520
309205804041
313205000010
0477-8398645
0477-3115005
0477-8340788
18604779160
.
1.
1.1
http://www.ordosggzyjy.org.cn
1.2
1.3
2.
2.120180803201808101730
2.2201808140930
3.
3.1
3.2
3.3
.
1.
2014214
2.
3.
4.
4.1
4.2
4.3
4.4
4.5
5.
5.13
5.2www.creditchina.gov.cnwww.ccgp.gov.cn
5.3
5.4
5.5
5.6
6.
6.1
6.2
6.3
6.4
6.5
6.6
6.7
7.
7.1
7.2
7.3
8.
8.1
8.2
8.3
9.
.
55
.
1.
2.
2.1
2.2
2.3
2.4
1
2
3
3.
3.1A4
3.2 PDFwordU
3.3
3.4
3.5
4.
4.1
4.2
5.
5.1
5.2
15
25
5.3
1
2
3
4
5
6
7
6.
7.
8.
.
1.
2.
2.1
1
2
3
4
5
6
2.2
.
1.
1.132/3
1.2
1,,,
2
3
2.
2.1
2.2
3.
3.1
3.2
4.
5.
1
2
3
4
5
6
6.
1
2
3
4
5
7.
8.
1
9.
.
1.
3
2.
2.1
7
2.2
2.3
2.4
2.5
2.4
3.
.
1.
1.130
1.2
1.3
1.4
1.52
20477-8390232
2.
2.1
2.2
.
20477-8390232
***
***
1
2
3
4
5
***
1
2
1
2
1
2
1
2
1
2
3
4
.
100000000/
6
APP+ 1
90
1
.
201540
()
1
1
1
2
2
1
3
3
1
4
4
1
5
5
1
6
6
1
7
APP
7
1
8
8
1
9
9
1
10
+
10
1
11
11
1
12
12
1
1 1) IT2) 3) IT4) IT5)
/
Windows
Linux
/
/
/
/
web
/
/
/
/
10/
/
/
/
60/
3/
/
/
11GB
12GB
14GB
24GB
28GB
216GB
48GB
416GB
432GB
816GB
832GB
864GB
1664GB
16128GB
32128GB
MySQL
SQLServer
1GB
SSD
1GB
1GB
1
1U
1
IP
1
100M
500M
1000M
100M
500M
1. ()
20Gbps4Gbps500FW&HTTP3
2U1RJ451GE1HA
license
802.1Q VLAN Trunk802.1Q VLAN accessVLANGRE
DNS
DNS
DNSDocting
ICMPTracerouteTCPHTTPDNS
/
WEBOSPFRIPBGP/
VPN
SSL VPNIPSec VPN
DNS
Bypass
bypassbypassbypass
bypass
CPU
IPIP
IPIP
IPIP
IPIP
IP/IP///IP
URLDLP
PPPQinQMPLS
DDOS
DDOSlandSmurfwinnuketcp_sscanip_optiontarga3SynfloodIcmpfloodUdpfloodPortscanipsweep
DNSDNS Query floodDNS Reply Flood
DHCPDHCP Flood
DDOS
WEB
webSQL
HTTP/SMTP/POP3/FTP/IMAP
ARP
ARPARP
APT
ziprargzipgztar7zbz2docdocxwpswptdotrtfpptpptxdpsdptxlsxlsxmpppdfexebatdllcomscrpif
Top10Top10
VPNVPN
URLhtmlexcelwordpdf
SNMPsyslogAPI
NTP
1. ()
10Gbps2Gbps300FW&HTTP15
2U1RJ451GE1HA
bypassbypassbypass
license
802.1Q VLAN Trunk802.1Q VLAN accessVLANGRE
DNS
DNS
DNSDocting
ICMPTracerouteTCPHTTPDNS
/
WEBOSPFRIPBGP/
VPN
SSL VPNIPSec VPN
DNS
Bypass
bypassbypassbypass
bypass
CPU
IPIP
IPIP
IPIP
IPIP
IP/IP///IP
URLDLP
PPPQinQMPLS
DDOS
DDOSlandSmurfwinnuketcp_sscanip_optiontarga3SynfloodIcmpfloodUdpfloodPortscanipsweep
DNSDNS Query floodDNS Reply Flood
DHCPDHCP Flood
DDOS
WEB
webSQL
HTTP/SMTP/POP3/FTP/IMAP
ARP
ARPARP
APT
ziprargzipgztar7zbz2docdocxwpswptdotrtfpptpptxdpsdptxlsxlsxmpppdfexebatdllcomscrpif
Top10Top10
VPNVPN
URLhtmlexcelwordpdf
SNMPsyslogAPI
NTP
1. Web
10Gbpshttp4GbpsHTTPS500MHTTP500HTTP5
2U1RJ451GE1HA
license
vlan
/
(Channel)Trunk
Bypass
bypassbypassbypass
CPU
Webtcp
HTTP 0.9/1.0/1.1HTTPS
HTTP
content-lengthbodyheadercookiesheaderheader
HTTPGETPOSTHEADPUTDELETE
HTTP
XMLXMLSchemaSOAP
WebWebapachetomcatlightpdNGINXIISdedecmsphpmuadminPHPWindshopexdiscuzechsopvbulletinwordpress
Web
XSSSSIWebshell
CSRF
CSRFtoken
Cookie
cookiecookieIP
IPIP
IPURL
MIME
IP
DDOS
IPTCPUDPHTTPDDoS
cc
getpost/
IP
()IPIPIPURL
IPIPID
IPURL
SNMPsyslogAPI
NTP
1.
10Gbpshttp5Gbps
2U1RJ451GE1HA
2
license
MPLS
CPU
Webtcp
4000DDOSSql
IP
1700IMP2P
400
DDOS
DoS/DDoSTCP/UDP/ICMP/ACK FloodingUDP/ICMP SmurfingDoS/DDoS
ExcelPDFPowerPointWordCABGZIPRARZIPJARBMPGIFJPEGMP3AVIMKVMP4MPEGWMVBATCMDWSFAPKDLLEXEJAVA_CLASS
IDSIPC&C
WEBMAILSMTPPOP3HTTPFTP
SNMPsyslogAPI
NTP
1.
10Gbps3/
2U1RJ451GE1HA
2
2TB4TB
license
MPLS
CPU
RDP
SMTPPOP3WEBMAILIPIPDOCPDFZIPRARTXT
HTTPIPIPURL
NFS
Telnet
FTP
IMIPIPURL
IPTOP10TOP10 IPIPTOP10IP TOP10IP
/IPIP
HTTPFTP/IPIP
WEBLDAPRADIUS
OracleSQL ServerMySQLDB2PostgreSQLsybaseDMkingbaseOscar
IP/
SQLSQLIPIPMAC
SQLSQL
WeblogictomcatWebsphereJboss
SQLgrantgrantsp_addrolemember websp_addrolemember
IPSQL
SQLSQLSQLSQL
IPSQL
SNMPsyslogAPI
NTP
1. SOC
>30000/
10000/
10:110000/M
BT10s
B/Sweb
license
SyslogSNMP TrapNetflowJDBCSSHSNMP GetWMIFTPSCP
CPU
Agent
SANNAS
IP
sshtelnethttps/http
;
IPIPIPExcel
top5 ip
top
URLIPURLIP
IDTOPN
/
HTMLPDFDOC
Syslog
CPU
SNMPsyslogAPI
NTP
1.
8003001000
2U1RJ451GE1HA
4SFP
2T
license
AD
MAC
SSHTELNETFTPSFTPVNCWINDOWS
FTPtelnetssh
+USB-KEYWindows ADRADIUSLDAP
IPIP
TELNETSSHroot
IP
TELNETSSHFTPSFTP
IP
webSSHFTPTELNET
TELNET,SSHRDP,VNC
SHRDP
webSecureCRTXshelldbvisNavicatSSH Secure Shell Client
SSHTELNETFTPSFTP
RDPVNC
RDPVNC
http/httpsX11VMware vSphere ClientRadmin
WEB
/
IP
CSVHTML
excle
cpu
NTP
1.
200
2U1RJ451GE
2SFP
license
WEB
OracleMySQLSQLserverSQL
XSS
CSRFShell
Web
WebIPCVE ID
HTTPDNSPING
4
WebShell
webshell
telnetsshftpsnmp30
Web
ExcelwordHTMLPDF
syslog
SSHConsole
1.
10
license
IISWeblogicWebsphereApacheTomcat
IISWeblogicWebsphereApacheTomcat
MSSQLOracleSybaseInformixDB2MySQL
CPU
CMS
IP
Excel
SNMPsyslogAPI
1.
IPABC100IP
WebWeb20
1RJ451GE1HA
2
license
CPU
TOP10
WebICPWeb
500002000
WindowsLinuxAIXHPUXIRIXBSDSolaris
CiscoJuniperF5Checkpoint
VMwareKVM
OralceSybaseSQLServerDB2PostgresMySqlMsSqlmongodb
Windows
SYSDBASYSOPERNORMALSID
SNMP
SMBTELNETFTPSSHPOP3TOMCATSQL SERVERMYSQLORACLESYBASEDB2SNMP
SNMPsyslogAPI
NTP
1.
IPABC100IP
1RJ451GE1HA
2
license
CPU
IP
30WLAN
WindowsLinuxAIXHP-UXSol aris
DB2InformixMySQLSQL serverSybase
ApacheBINDJbossTomcatTongWebWeblogicWebsphereNginxResin
Juniper
ASAPIXCheckPointFortigateJuniper NetScreenJuniper SRX
Hyper-VVMWare ESXiVMWare vCenterXENXenServer
IPTelnetSSHSMBRDP
ActiveXwindowsIE
SSHTELNET
****************
windowslinux
windowslinux
IP
HTMLEXCELWORDPDF
SNMPsyslogAPI
NTP
1.
350
Windowswindows server2003200820122016windows xp 710
linuxubuntucentosredhat
license
agent
agentWindows /Linux/ /
agentagent
Agent
OEM
(ISCCC)
IP6
CPU
IISApacheNginxMySQLSQLSever
Web
IP
Web
WebWebWebApacheIISJBossNginxTomcatWeblogic
CKEditorDedeCMSDiscuzPHPPHPMyAdminStruts2WordPressZabbix
HadoopMemcahedMySqlRedis
hash
RootShellSudo UID
Sudo
shell
Word
0-5960-8990-100
DiscuzDiscuz memcache+ssrf GETSHELLDedeCMSWordPress IP
WordpressDiscuzphpmyadminDedeCMSCMS
MySQLRedisDubboElasticSearchKafkaMemcachedNginxPHPHadoopJbossStruts2PostgresSQLJenkinsWeblogiczabbixfastJSONgitsvnIISjetty
sshRDPMySQLFTPRedisMongoDBMemcachedElasticSearchPostgreSQLSambaVSFTPProFTP
sudosuroot
WebWindows2003Windows2008Windows2012Windows2016Windows
MemcachedCentOSUbuntuDebianOpenSUSERedHatLinux
IISApacheNginxTomcatWeblogicTengineJBOSSWeb
RedisMongodbMemcachedElasticSearchPostgreSQLOracle
FTPSNMPSamba
shell
shellshell
IP5
3
IP
IP
TCPUDPICMPIGMP
FTPMySqlMSSQL
WebShell
IP
Windows2003200820122016linux(UbuntuCentosRedHatFedoraSuseDebian)linuxWEBNginxApacheWeblogicTomcatJbossWindowsWEBIISApacheTomcatMysqlMongoDBRedisElasticSearchHbasepostgresmongodbnginxapacheweblogictomcatJboss
Windows2003200820122016Linux(UbuntuCentosRedHatFedoraSuseDebian)
Windows
LinuxCVE
WINWODSlinuxIP
Top10Top10
VPNVPN
shellCPUIISApacheNginxMySQLSQLSever
SNMPsyslogAPI
NTP
2 1) 2) 3) 4) a)
APIAPI
API+
DAAS
API
DAAS
APIAPIKEY
1.
2.
3.
:
1
2
3
httphttps
4
5
6
7
8
9
10
11
12
13
14
15
16APIKey
APIKey
17APIKey
APIKey
18APIKey
APIKey
APIKeyAPIKey
19APIKey
APIKey
APIKey
20
API730
21
API730
22
730
23IP
IPIP730
24
730
25
730
b)
15
1
OracleSQLServerMySQLDB2
ExcelXMLTXT
OracleMySQLSQLServerDB2FTP
1
2
CPUIO
1 2 3
c)
/
apisdk
mysqloracleFTPDB2hive
(1-7)
(1-20)
SDK/Agent
mysqlES
shard(1-20)
shard1000record/
shard1MB/
/
bi
PB
SQL/PySpark/ScalaETL
udf
,
-
WEB/IDE/CLI/SDK
SQL, BISQL
, mysql, ES
()
(1-20)
:1000/s500/s
1
K
2D3DGIS
jsonapi
json/excel
olap
app
Y
HTML5
restfulapi
RBAC
d)
1.1.1
1)
1.
2.
3.
4.
5.
6.DBDB
7.
2)
1.
2.
3.
4.
3)
1.
2.
4)
1.
2.
3.
5)
1.
Excel
2.
6)
1.
2.
7)
1.
2.
3.
4.PowerDesignerEA
5.
8)
1.
2.ETLETLETLETLETL
3. ETLOLAP
4.
5.
6.ExcelwordPDF
7.
9)
1.
2.
3ERWinPowerDesigne
10)
1.
2.
11)
1.
2.
3.
4.
12)
1.
2.
13)
1.
2.
3.
4.
5.
6.
14)
1.
2.
15)
1.
2.
3.
16)
1.100
2.3
3.5
4.
1.1.2
1)
1.
2.
3.
4.
5.
2)
1.
2.
3.
3)
1.
2.
3.
4.
e)
f)
:
WebGL90%GPU3D
(1)webpack+Reactjs+Redux
(2)MVEModel-View-Eventhighchartsechartsd3jsthreejswebgl3D
Echarts/HighCharts/D33DK
Echarts/HighCharts/D3
MVEModel-View-Event
/
/
DQL
3 1) a)
GB17859-1999GB/T 22240-2008GB/T 22239-2008GB/T 25070-2010
b)
c)
d)
e)
f)
g)
h)
2)
a)
IT
b)
IaaSPaaS
c)
IT
d)
SSL VPN
500
Windowswindows server2003200820122016windows xp 710
linuxubuntucentosredhat
license
agent
agentWindows /Linux/ /
agentagent
Agent
OEM
(ISCCC)
IP6
CPU
IISApacheNginxMySQLSQLSever
Web
IP
Web
WebWebWebApacheIISJBossNginxTomcatWeblogic
CKEditorDedeCMSDiscuzPHPPHPMyAdminStruts2WordPressZabbix
HadoopMemcahedMySqlRedis
hash
RootShellSudo UID
Sudo
shell
Word
0-5960-8990-100
DiscuzDiscuz memcache+ssrf GETSHELLDedeCMSWordPress IP
WordpressDiscuzphpmyadminDedeCMSCMS
MySQLRedisDubboElasticSearchKafkaMemcachedNginxPHPHadoopJbossStruts2PostgresSQLJenkinsWeblogiczabbixfastJSONgitsvnIISjetty
sshRDPMySQLFTPRedisMongoDBMemcachedElasticSearchPostgreSQLSambaVSFTPProFTP
sudosuroot
WebWindows2003Windows2008Windows2012Windows2016Windows
MemcachedCentOSUbuntuDebianOpenSUSERedHatLinux
IISApacheNginxTomcatWeblogicTengineJBOSSWeb
RedisMongodbMemcachedElasticSearchPostgreSQLOracle
FTPSNMPSamba
shell
shellshell
IP5
3
IP
IP
TCPUDPICMPIGMP
FTPMySqlMSSQL
WebShell
IP
Windows2003200820122016linux(UbuntuCentosRedHatFedoraSuseDebian)linuxWEBNginxApacheWeblogicTomcatJbossWindowsWEBIISApacheTomcatMysqlMongoDBRedisElasticSearchHbasepostgresmongodbnginxapacheweblogictomcatJboss
Windows2003200820122016Linux(UbuntuCentosRedHatFedoraSuseDebian)
Windows
LinuxCVE
WINWODSlinuxIP
Top10Top10
VPNVPN
shellCPUIISApacheNginxMySQLSQLSever
SNMPsyslogAPI
NTP
3)
1.1
1.1.1
1
2
3B/S
4
5WebSphereWebLogicTomcat
6RadiusLDAPTCP/UDPSOAPHTTP
7MySQL/MSSQL/Oracle
8HA
9()/
10WEB
11WEB
12WEB
13WEB
14
15
16
17
18
19
20
21
22/
23
24
25
26web
27
28webservice,xmrpc
29
30
31
32
33
34
1.1.2
11212000
2
310000
41000
52s