Foreign Ministry International Intelligence Agency 12 official Security Specialist Little Group, Twenty-seven prepares Specialist Little Group, currently Tokyo Prefecture Self-Defense Force Core Server, pesters with [Endless Defense] resists, wish of lofty aspirations and high ideals seizes [Mr. M]. 外务省国际情报局的十二个正式安全专家小组,二十七个预备专家小组,正在东京都自卫队的核心服务器,与无尽防御纠缠对抗,雄心壮志的想要抓捕m先生。 But they do not know that this radically is the trap that Shi Lei sets up! 但他们不知道,这根本就是石磊设下的陷阱！ The [Endless Defense] defense mechanism is very simple, only meets two moves of most foundations thing, the rejection and deletion. 无尽防御的防御机制很简单,只会两招最基础的东西,拒绝与删除。 Comes in through Port Invading, or the camouflage normal visit, that directly was rejected \; Trojan Horse, Virus and malicious data package and trash data package, was deleted directly. 通过端口入侵进来,或者伪装正常访问,那就直接被拒绝\;木马、病毒、恶意数据包、垃圾数据包,则直接被删除。 Although this defense way is simple, but is very suitable. 这种防御的方式虽然简单,但十分适用。 The Great Dao Is Simplicity, exactly as stated this truth, a simpler way, takes the computer resources less, the reaction rate is faster, the ability of load pressure is higher! 大道至简,便是这种道理,越简单的方式,占用计算机的资源越少,反应速度越快,负载压力的能力越高！ Cites a simple example, at present Ordinary mainstream Antivirus software on market condition, a determine unknown document whether is Virus, mainly has three ways. 举一个简单的例子,目前市面上的普通主流杀毒软件,判断一个未知文件是否为病毒,主要有三种方式。 The First type is most common, is all Antivirus software has Signature Code structure determine that. Major Security Firm, from arrangement numerous Honeypot System, Seize to the Virus sample, have analyzed Virus Signature Code, then builds the huge Virus Signature Code data storehouse. When discovered suspicious document, first analyzes the unknown file organization, including a series peeling off the shell technology, obtained the unknown document Signature Code, Virus Signature Code comparison with Virus Database, confirmed whether is the Virus document. 第一种就是最常见,也是所有杀毒软件都有的特征码结构判断。各大安全厂商,从布置的大量蜜罐系统,捕捉到病毒样本,分析了病毒的特征码,然后建立庞大的病毒特征码数据库。当发现可疑文件的时候,首先分析未知文件结构,包括一系列脱壳技术等,获得未知文件的特征码,与病毒库的病毒特征码对照,确认是否为病毒文件。 This way, in later generation also very hot cloud Safety, actually is also Antivirus software uploads the unknown document Signature Code, in Server end Virus Signature Database. Whether the contrast is Virus. It as before is only the most foundation most common Signature Code contrast, hyped anything to say Safety. The boast deceives thing of person! 这种方式,在后世还有一种很火的云安全,其实也就是杀毒软件上传未知文件的特征码,在服务器端的病毒特征库。对比是否为病毒。它依旧只是一种最基础最常见的特征码对比而已,炒作成了什么云安全。吹嘘一些糊弄人的东西！ A Second way is Genetic Code, it is the Upgrade system of Signature Code, actually is also Signature Code. Each Signature Code can only correspond Virus, but Genetic Code can correspond gene series Virus. 第二种方式是基因码,它是特征码的升级体系,其实也是特征码。每一个特征码只能对应一个病毒,但一个基因码可以对应一个基因系列病毒。 Although with is the Signature Code nature, but Genetic Code reduced the Virus Signature Database data quantity effectively. 虽然同为特征码的性质,但基因码有效的减小了病毒特征库的数据量。 A Third way called enlighten(ment), some principles and [Endless Defense] connections of this way. It through the contrast unknown the difference between documents and normal procedures, comes a determine document whether is the Virus procedure. 第三种方式叫启发,这种方式的原理和无尽防御有些关联。它通过对比未知文件和正常程序之间的差别,来判断一个文件是否为病毒程序。 The enlighten(ment) way is divided into two types, one type is Dynamic Enlightenment. One type is Static Enlightenment. Static Enlightenment through carries on decompile to the static code command sequences, thus understood that an unknown procedure true motive, comes determine it whether is Virus. 启发的方式分为两种,一种为动态启发。一种为静态启发。静态启发就是通过对静态代码指令序列进行反编译,从而了解一个未知程序的真正动机,来判断它是否为病毒。 The Dynamic Enlightenment exactly as stated Sandbox technology, establishes Sandbox Environment through Antivirus software, making the unknown document operate in Sandbox, examined that actually the unknown procedure will make any behavior, thus determine it whether is Virus. 动态启发便是沙箱技术,通过杀毒软件建立一个沙箱环境,让未知文件在沙箱中运行,查看未知程序究竟会做出什么行为,从而判断它是否为病毒。 Dynamic Enlightenment has a very big shortcoming. Establishes Sandbox Environment to consume numerous system resources, causes the Computer System resources to be deficient, making the normal operation have, the slow and unresponsive situation sluggishly. 动态启发有一个很大的缺点。建立沙箱环境会消耗大量的系统资源,造成计算机系统资源匮乏,使正常操作出现迟滞、卡顿的情况。 What does very well in this domain is Kaspersky, its Antivirus effect is best, but is similar to its name is the same, alternate name ‚card explodes halts’! 在这个领域做得很好的是卡巴斯基,它的杀毒效果最好,但如同它的名字一样,别称‘卡爆死机’！ Indicated from the above three ways. A any way, must do the work of numerous, can actually a determine unknown document be the Virus procedure. Does the numerous work, will take numerous system resources, cpu computing resources. The memory storage resources, are other system resources. 从以上三种方式表明。无论是哪一种方式,均要做大量的工作,才能判断一个未知文件究竟是不是病毒程序。做大量工作,就会占用大量系统资源,无论是cpu计算资源。内存储存资源,还是其他的系统资源。 Has taken numerous system resources. Causes the computer equipment load capacity to be bad, strict heavier by a point, will let slightly computer equipment slow and unresponsive, even halts! 占用了大量系统资源。造成计算机设备负载能力差,稍微严重一点,就会让计算机设备卡顿,甚至死机！ But [Endless Defense] determined whether the unknown document is Virus, has one step! 而无尽防御确定未知文件是否为病毒,只有一步！ Only needs to determine it protected document! 只需要确定它是不是被保护的文件！ If not, deletes directly, need many operations, did not reduce to the pressure that System resulted. 如果不是,直接予以删除,不需要更多的操作,对于系统造成的压力减小了很多。 Therefore, facing 39 groups, Foreign Ministry International Intelligence Agency Security Specialist, [Endless Defense] has gone against! 所以,面对39组,外务省国际情报局的安全专家,无尽防御顶了下来！ Foreign Ministry International Intelligence Agency Official Website, after Shi Lei inspection, is based on Number One Server, unites Supercomputer [Swallow] and No. 3 Server, Clustered Server that composes, attacks Official Website web Server together. 外务省国际情报局的官方网站,石磊检查之后,以一号服务器为基础,联合超级计算机燕和三号服务器,组成的集群服务器,共同进攻官方网站web服务器。 As a result of Foreign Ministry International Intelligence Agency Official Website, has adopted Microsoft iis Server, uses the asp. technology construction, Shi Lei regarding Microsoft System, that has the considerable deep understanding! 由于外务省国际情报局官方网站,采取了微软的iis服务器,使用asp.技术构建,石磊对于微软的系统,那可是有相当深的了解！ Is controlling Supercomputer [Swallow], has not initiated any warning, Shi Lei gained web Server Low Grade authority. Then based on Low Grade authority, promoted authority slowly. 控制着超级计算机燕,没有引发任何警报,石磊获取了web服务器的低级权限。然后在低级权限的基础上,慢慢的提升权限。 First gains Low Grade authority, then raises power Upgrade, compared with direct one step gains Super Authority, sometimes Safety some. Especially Foreign Ministry International Intelligence Agency web Server, just Shi Lei scanning time, discovered that connects the alert mechanism of internal local area network, moreover is the independent control, to relieve is very difficult. 先获取低级权限,然后提权升级,比直接一步获取超级权限,在某些时候更安全一些。特别是外务省国际情报局的web服务器,刚刚石磊扫描的时候,发现一个连接内部局域网的报警机制,而且是单独控制,如果想要解除很难。 Foreign Ministry International Intelligence Agency, as the Wo Sang Nation biggest intelligence related activity, they belongs to Internal Network, only then extremely few nodes and External Internet have the link. 外务省国际情报局,作为沃桑国最大的情报机构,他们属于内部网络,只有极少节点与外部互联网有链接。 a web Server connection exactly as stated node. web服务器的连接便是一个节点。 After just, Shi Lei obtained Super Authority, he finally discovers big issue! 只不过,当石磊获得了超级权限之后,他终于发现一个大问题！ ‚Damn, unexpectedly is Unidirectional Data!’ Shi Lei in the heart cold snort|hum. ‘该死的,居然是单向数据！’石磊心中冷哼一声。 So-called Unidirectional Data, is a derivation of one-way linkage web page technology. If treats as a Foreign Ministry International Intelligence Agency Official Website web Server, Foreign Ministry International Intelligence Agency internal Data Server treats as b. 所谓的单向数据,是一种单向链接网页技术的衍生。如果将外务省国际情报局官方网站web服务器当做a,外务省国际情报局的内部数据服务器当做b。 Unidirectional Data is b can visit a, can transmit data to give a, can glance over a all situations, but a cannot transmit data to give b, cannot glance over b. 单向数据就是b可以访问a,可以传输数据给a,可以浏览a的所有情况,但a不能传输数据给b,也不能浏览b。 data service request of even though a , can only stay the preservation in a, arrives in a to carry on the visit read by b, then replies the data request of correspondence. 即便是a的数据服务请求,也只能停留保存在a,由b抵达a进行访问读取,然后回复对应的数据请求。 If general Hacker, meets this Unidirectional Data, simply does not have the means that after all web Server a, cannot to Internal Server b, transmit any data, can only investigate by Server b independently. 如果是一般的黑客,遇见这种单向数据,根本没有办法,毕竟web服务器a,不能向内部服务器b,发送任何数据,只能由服务器b自主探查。 How Shi Lei is World Summit Grade Hacker, even if Unidirectional Data can prevent many people, in person but who prevents, does not include Shi Lei absolutely! 奈何石磊是世界巅峰级黑客,哪怕是单向数据可以阻挡很多人,但阻挡的人中,绝对不包括石磊！ Shi Lei in web Server, has input more than 100 lines of codes directly. Then chooses the implement code. 石磊直接在web服务器中,输入了100多行代码。然后选择执行代码。 This more than 100 lines of implement codes, altogether are more than ten data requested. These data requests can create memory overflow, lets Foreign Ministry International Intelligence Agency, Data Server of internal local area network, has the situation that the service stops instantaneously. 这100多行执行代码,总共是十多条数据请求。这些数据请求会造成内存溢出,让外务省国际情报局,内部局域网的数据服务器,瞬间出现服务中止的情况。 The instance that the service stops, Unidirectional Data restriction(s) naturally also relieved, resumed the Bidirectional Data communication. 服务中止的瞬间,单向数据限制自然也解除,恢复了双向数据通信。 This time the process is very short, because of the Data Server memory, is different to general individual computer. But is the ecc memory, has the error check and corrects the function. 这个时间过程很短,因为数据服务器的内存,与一般个人计算机不一样。而是ecc内存,拥有错误检查和纠正功能。 After memory data overflows, the ecc memory autothatic ermr correction, Shi Lei must before the ecc memory restores, enters the Foreign Ministry International Intelligence Agency interior local area network. 内存数据溢出后,ecc内存会自动纠错,石磊必须在ecc内存恢复之前,进入外务省国际情报局内部局域网。 Shi Lei has Supercomputer [Swallow], but also is connecting Universal Air Company No. 3 Server, passes Number One Server special Cluster System. Two Exceed Grade computing resources about volume in same place, has invaded the Foreign Ministry International Intelligence Agency interior local area network rapidly. 石磊拥有超级计算机燕,还连接着普空公司的三号服务器,通过一号服务器的特殊集群系统。将两台超级计算资源合集在一起,迅速侵入了外务省国际情报局内部局域网。 Enters Foreign Ministry International Intelligence Agency, Shi Lei has not acted rashly, has not attempted to tamper with data, the Back Door procedure that but will compile ahead of time, has implanted Foreign Ministry International Intelligence Agency System Ground Level. 进入到外务省国际情报局,石磊没有轻举妄动,也没有企图篡改数据,而是将提前编写的后门程序,植入了外务省国际情报局的系统底层。 As a result of previous time. Permitted for Robot plan authority that Shi Lei formerly has entered Foreign Ministry International Intelligence Agency, clear knows the Foreign Ministry International Intelligence Agency Server situation. 由于上一次。为了robot计划的权限许可,石磊曾经进入过外务省国际情报局,清楚的知道外务省国际情报局的服务器情况。 Therefore, Back Door procedure of Shi Lei this compilation, assembly language of use. Sinks to System bottom level directly, hiding of ten points is common. Facilitates next time to enter Foreign Ministry International Intelligence Agency. 所以,石磊这次编写的后门程序,使用的汇编语言。直接沉入系统的底层,十分的隐蔽不起眼。方便下一次进入外务省国际情报局。 After processing the Back Door procedure, the Shi Lei preparation in Foreign Ministry International Intelligence Agency, the top-secret data storehouse of intelligence service, having a look at them to have any need data. 处理完后门程序之后,石磊准备在外务省国际情报局,情报部门的绝密资料库,看看他们有没有什么需要的资料。 However, while Shi Lei prepares to examine the top-secret data storehouse the time, Foreign Ministry International Intelligence Agency web Server, has encountered unexpectedly attack! 然而,正当石磊准备查看绝密资料库的时候,外务省国际情报局的web服务器,竟然又遭到了攻击！ If only the attack on forget about it, but that Idiot Hacker, attacks web Server unexpectedly forcefully, without any conceals own behavior. 如果只是进攻就算了,但那个白痴黑客,居然强行进攻web服务器,没有任何掩饰自己的行为。 Not only so, newly arrived Hacker, after having obtained Low Grade authority, unexpectedly tampers with Foreign Ministry International Intelligence Agency Official Website directly, the open to the public message provocation! 不仅仅如此,新来的黑客,取得了低级权限后,居然直接篡改外务省国际情报局的官方网站,公开留言挑衅！ ‚[Mr. M], aren't you that flamboyant? How to be sieged by Foreign Ministry International Intelligence Agency? Great [Raphael] here is waiting for you, dares to come?’ [Raphael] ‘m先生,你不是那么牛逼吗？怎么被外务省国际情报局围困了？伟大的拉斐尔就在这里等着你,敢不敢来？’拉斐尔 Shi Lei looks at this message, is nearly mad spits blood! 石磊看着这个留言,险些气得吐血！ What is the enemies often cross each other's path, what is outsmarts oneself, this moment exactly as stated! 什么叫冤家路窄,什么叫弄巧成拙,此刻便是！ [Raphael] thinks Shi Lei's [Mr. M] Sockpuppet, during Tokyo Prefecture Self-Defense Force was besieged by the Foreign Ministry International Intelligence Agency collective. While this opportunity, [Raphael] bluffs and blusters, fell Foreign Ministry International Intelligence Agency Official Website black, but also stayed behind has shamed the [Mr. M] language. 拉斐尔以为石磊的m先生马甲,在东京都自卫队被外务省国际情报局集体围攻之中。趁着这个机会,拉斐尔耀武扬威的,黑掉了外务省国际情报局的官方网站,还留下了羞辱m先生的语言。 Who would have thought outsmarts oneself like this, has caused Foreign Ministry International Intelligence Agency, the web Server warning, making the Foreign Ministry International Intelligence Agency Specialist vigilance come, certainly will return to base their [Old Nest]. 岂知这样弄巧成拙,引起了外务省国际情报局,web服务器的警报,让外务省国际情报局的专家警觉过来,一定会回防他们的老巢。 Then, Shi Lei invades the matter of Foreign Ministry International Intelligence Agency interior local area network, definitely will be exposed. 如此一来,石磊入侵外务省国际情报局内部局域网的事情,也铁定会被曝光。 Becoming angry out of shame Shi Lei, returns to web Server rapidly, found the [Raphael] connection ip address record, prepares this record retention, then keeps in web Server, lets Foreign Ministry International Intelligence Agency, copes [Raphael]. 恼羞成怒的石磊,迅速回到web服务器中,找到拉斐尔的连接ip地址记录,准备把这个记录保存下来,然后留在web服务器中,让外务省国际情报局,去对付拉斐尔。 However, [Raphael] that cheap person, worthily is World Summit Grade Hacker, he is unexpectedly same as the Shi Lei's idea, has been duplicating Shi Lei's to connect the ip address record! 然而,拉斐尔那个贱人,不愧是世界巅峰级的黑客,他居然和石磊的想法一样,已经在复制石磊的连接ip地址记录！ ‚Damn [Raphael], you compel my!’ Shi Lei in the heart is angry, has not alarmed [Raphael], but in the Foreign Ministry International Intelligence Agency internal local area network, found top-secret data of intelligence service, has chosen a named «SO Plan» file, camouflages to attempt to examine, and operation that duplicates. ‘狗日的拉斐尔,你逼我的！’石磊心中恼怒,没有惊动拉斐尔,而是在外务省国际情报局的内部局域网中,找到情报部门的绝密资料,在其中挑选了一个名为《so计划》的档案,伪装成企图查看,并且复制的操作。 Then connecting ip address, modify becomes [Raphael] connection ip address! 然后把连接ip地址,修改成为拉斐尔的连接ip地址！ that side web Server, Shi Lei pretends not to discover that the motion of [Raphael], making [Raphael] connect ip address his temporary bot, reserves in the System record. web服务器那边,石磊装作没有发现拉斐尔的行动,让拉斐尔把他的临时肉鸡连接ip地址,预留在系统记录中。 [Raphael] also thinks one do flawlessly, had not been discovered by Shi Lei. 拉斐尔还以为自己做得天衣无缝,没有被石磊发现。 But [Raphael] has made a fatal mistake! 只不过拉斐尔犯了一个致命的错误！ ( To be continued. If you like this work, welcome you to come the beginning( 520 xs.) casts the recommendation ticket and monthly ticket, your support, is I biggest power.) (未完待续。如果您喜欢这部作品,欢迎您来起点（520xs.）投推荐票、月票,您的支持,就是我最大的动力。) ps: Requested earnestly for 24 hours, subscribed «Hacker», gave mountain Shanzheng the energy! This month update way, odd-numbered days 3, even-numbered days 4, the time 0 points of old rule, 12 points, 16 points, 20 points. Asked everybody! Let «Hacker» walks! 【Hits to enjoy thanks】 Orphaned wild evening fan, the urge star rain 1, hits to enjoy 588. friend 0402, the top-secret flight, eternlty, hits to enjoy 100. ps:恳请24小时内,订阅《黑客》,给予山山正能量吧！本月更新方式,单日3更,双日4更,老规矩的时间0点,12点,16点,20点。拜托大家了！让《黑客》走得更远吧！【打赏感谢】孤野夕迷,叮咛星雨1,打赏588.朋友0402,绝密飞行,eternlty,打赏100.