《通用学术英语》是一本于2016年9月2日高等教育出版社出版的图书,作者是吕燕彬。以下是小编整理的通用学术英语课文翻译,欢迎阅读。
【课文】
How do computer hackers get into computers
It seems like a direct question, but the implications are complex and the answer is not simple. If you answer it casually, then the hacker enters the target computer system using the weakness. But to provide more details, let's start at the beginning.
The word "hacker" is controversial in meaning and interpretation. Some people say that hackers (open circuit) is a good man, they just push the boundaries of knowledge, and not for any damage (at least not intentionally), and crackers (smash) is really bad.
This argument has little effect, and if it is for the purposes of this discussion, the term "unauthorised user" (UU) is sufficient. The term includes all different types of people, from those involved in organized crime to those who are inside, who break through the authority granted in the system.
Now let's talk about what it means to "get into" the computer. This can mean something stored on a computer system.
Get the processing power of the system, or capture the information exchanged between the system. Each attack requires a different skill set, with different vulnerabilities.
So what are "unauthorised users" using? Weaknesses exist in every system, and there are two weaknesses:
Known and unknown. Known weaknesses usually exist because of the need for certain abilities. For example, for a business process, you need different people to use a system, and you have a known weakness: the user. Another example of a known weakness is the ability to communicate through the Internet. In order to have this ability, you have to open a path to the unknown and the untrusted entity. The unknown weakness is what the owner or operator of the system does not know, may be the result of shoddy engineering, or the unintended consequences of some of the required capabilities.
By definition, weaknesses can be exploited. These weaknesses can be low-level password protection, or it can be left to the computer to make use of the office visitors. As long as you sit at a receptionist's desk and use his computer to get the information you need, more than one technology is being used. Low-level code (for example, the user name "Joe Smith", the password is "Joe Smith") is close to the rich resources of a computer: password cracking program can be easily in a few minutes to confirm the word in the dictionary, name, or common phrases. By replacing letters with Numbers, these passwords are more complex. For example, replacing the letter O with 0 does not make the task more complicated. When an unauthorized user USES a valid user name - password combination, the entry system is simply logged in.
If the target system is well protected (through the technical control, such as a firewall or security software, control and management, clear policies and processes, for example), and remote into hard, unauthorized users may use low technology, these policies may include bribery authorized users, in the cleaning company do temporary workers, or to find information in the dump.
If the target system is not well protected, then unauthorized users can access it using technology.
Users who are not authorized to use technical means must first determine the specifications of the target system. For unauthorised users, there is no benefit to using technology that attacks Microsoft's weaknesses if the target system is a Macintosh. They have to know what the target system is, how it is configured, and what networking capabilities it has. Once you know these parameters (they can be obtained remotely from multiple methods), they can take advantage of the known vulnerabilities of these configurations. For common configurations, you can use the first set of attacks to make the task simple.
People who use these pre-set attacks are sometimes derided as "script kiddies". A skilled person can remotely determine the configuration of the target system, one of which is the ability to pass through the hypertext transfer protocol. People close to the web site send configuration information, such as the type of browser being used, to the requested address. Once the system is configured, you can choose the means.
Another type of attack is targeting a specific vulnerability, without any specific target to launch an attack - it
Like a shotgun attack, the aim is to attack as many potential targets as possible. The attack took a first step. But the results and effectiveness of any given target are less predictable.
It should be noted that the unauthorised access to its ultimate purpose is different from the motivation of the entrant, for example, if he
Want to collect a lot of zombies, but don't want to attack at the service, that his purpose is to make client secretly installed on the computer as much as possible, a effective way to do this is through the use of the so-called Trojan horse program, it is in the user without knowing or not install malicious programs, some of the more recent large-scale attacks, some of the more recent large-scale attacks, there are such a stance as the attack types of elements.
It is a multi-step process to protect yourself from attacks, with the goal of limiting and managing the weaknesses of the system (it is not likely to be complete
Eliminate these weaknesses. First, make sure you have the operating system and application of the latest patches - these patches often repair can take advantage of weaknesses, make sure your password is complicated enough: include letters, Numbers, and symbols, and meaningless.
Also, consider hardware firewalls and limit the flow of data to and from the Internet. When you really need a few carefully selected ports, such as email and web traffic, make sure your anti-virus software is the latest, check whether there is a new virus definitions (if you are using Windows, ideally you should upgrade virus definition) every day. Finally, back up your data so that if the bad situation does happen, at least you can recover the important things.
【翻译】
电脑黑客如何进入电脑
这好像是一个直接的问题,但是内涵很复杂,答案绝不简单,如果随便地回答,那么黑客通过利用弱点进入目标电脑系统。但是为了提供更多细节,我们还是从头说起。
“hacker” 这个词在意义和解释上都很有争议。有些人说hackers(开路人) 是好人,他们只是推动了知识的边界,并没造成什么伤害(至少不是故意的),而crackers (打砸者)是真正的坏蛋。
这种争论没有什么效果,如果是为了这种讨论的目的,术语“未授权的使用者”(UU)就足够用了。这个术语包含了所有不同类型的人,从那些参与有组织犯罪行为的人到那些内部人士,他们突破了在系统中被授予的权限。
接下来我们探讨一下“进入”电脑意味着什么。这可以指获得电脑系统储存的内容,
获得系统的处理能力,或者捕获系统之间交流的信息。每种攻击都需要不同的技巧,以不同的弱点为目标。
那么“未授权的使用者”利用的是什么?弱点存在于每个系统中,并且有两种弱点:
已知的和未知的。已知的弱点通常因为需要某些能力而存在。比如,为了某个商业过程,你需要不同的人使用一个系统,你就有一个已知的弱点:使用者。另一个已知弱点的例子是通过互联网交流的能力,为了具备这个能力,你要给未知和不被信任的实体开通一条路径。未知的弱点是系统的拥有者或操作者所不了解的,可能是劣质工程的结果,或者是某些被需要的能力产生的非故意的结果。
按照定义,弱点可能被利用。这些弱点可以是低级的密码保护,也可以是让电脑开着,让办公室的访客可以利用。只要坐在接待员的桌前,用他的电脑获得需要的信息,就有超过一种技术被利用。低级的密码(比如,用户名“Joe Smith”, 密码也是“Joe Smith”)也是接近电脑的丰富的来源:密码破译程序可以很容易在几分钟内确认字典中的单词、姓名,甚至常见短语。通过用数字代替字母,使这些密码更复杂。比如用0来代替字母O,并不会使任务更复杂。当未获授权的使用者使用有效的用户名—密码组合,进入系统就是简单的.登录了。
假如目标系统被很好地保护(通过技术控制,比如防火墙或安全软件,还有管理控制,比如明确的政策和过程),并且远程难以进入,未获授权的使用者可能会使用低技术的攻击,这些策略可能包括贿赂获授权的使用者,在清洁公司做临时工,或者在垃圾堆里翻找信息。
如果目标系统没有得到很好的保护,那么未获授权的使用者可以使用技术手段进入。
为了使用技术手段未获授权的使用者必须先决定目标系统的规格。对未获授权使用者来说,如果目标系统是Macintosh, 使用攻击微软弱点的技术手段没有任何好处。他们必须知道目标系统是什么,它是怎样配置的,它有哪种联网能力。一旦知道了这些参数(它们可以通过多种方法远程获得),他们就可以利用这些配置的已知弱点。对于常见的配置可以利用先设置好的攻击方式,这样能让这次任务很简单。
使用这些预先设置的攻击能力的人有时被嘲笑为“脚本小子”。 技术熟练的人可以远程决定目标系统的配置,其中一个办法是通过超文本传输协议内在的能力。接近固有网站的人把配置信息,比如正在被使用的浏览器类型,发送到发出请求的地址。一旦系统配置已知,就可以选择手段。
另一种攻击类型是针对特定的弱点预设好,没有任何特定的目标就发起攻击——它
就像猎*一样猛烈攻击,目的是尽可能多地攻击潜在目标。这种攻击略去了第一步。但是对于任何给定的目标其结果和有效性都不太好预测。
应该注意到未获授权的进入其最终目的因为进入者的动机而有不同,比如,如果他
想收集很多僵尸电脑,而又不想在服务时进行攻击,那他的目的就是把客户程序偷偷安装到尽量多的电脑上,这样做的一种有效方式就是通过使用所谓的特洛伊木马程序,它是在用户不知情或不同意的情况下安装恶意程序,有些更近期发生的大规模网络攻击,有些更近期发生的大规模网络攻击,有这样的姿态作为攻击类型的要素。
保护好自己不受攻击是多步的过程,目的是限制和管理系统的弱点(并不可能完全
消除这些弱点)。首先,保证你有操作系统和应用程序的最新补丁——这些补丁通常会修补可以利用的弱点,保证你的密码够复杂:包括字母、数字和象征符号,并且毫无意义。
同时,要考虑硬件防火墙,并且限制往来因特网的数据流。在你真正需要的几个精心挑选的端口上,比如email 和网络交通,保证你的反病毒软件是最新的,经常检查是否有新的病毒定义(如果你正在使用Windows 系统,理想状态下你应该每天升级病毒定义)。最后,备份你的数据,那样如果不好的情况真的发生,至少你可以恢复重要的东西。
【通用学术英语课文翻译】相关文章:
3.高三英语课文翻译
5.会展英语课文翻译
6.读课文用英语翻译