Home | 簡體中文 | 繁體中文 | 雜文 | 打賞(Donations) | 雲棲社區 | OSChina 博客 | Facebook | Linkedin | 知乎專欄 | Github | Search | About

部分 X. Security

目錄

144. Authentication
144.1. /etc/login.defs
144.2. PAM 插件認證
144.2.1. pam_tally2.so
144.2.2. pam_listfile.so
144.2.3. pam_access.so
144.2.4. pam_wheel.so
144.3. Network Authentication
144.3.1. Network Information Service (NIS)
144.3.1.1. 安裝NIS伺服器
144.3.1.2. Slave NIS Server
144.3.1.3. 客戶機軟件安裝
144.3.1.4. Authentication Configuration
144.3.1.5. application example
144.3.1.6. Mount /home volume from NFS
144.3.2. OpenLDAP
144.3.2.1. Server
144.3.2.2. Client
144.3.2.3. User and Group Management
144.3.3. Kerberos
144.3.3.1. Kerberos 安裝
144.3.3.1.1. CentOS 安裝
144.3.3.1.2. Install by apt-get
144.3.3.2. Kerberos Server
144.3.3.3. Kerberos Client
144.3.3.4. Kerberos Management
144.3.3.4.1. ktutil - Kerberos keytab file maintenance utility
144.3.3.4.2. klist - list cached Kerberos tickets
144.3.3.5. OpenSSH Authentications
144.3.3.5.1. Configuring the Application server system
144.3.3.5.2. Configuring the Application client system
144.3.4. FreeRADIUS (Remote Authentication Dial In User Service)
144.3.4.1. 安裝 FreeRADIUS
144.3.4.1.1. Ubuntu
144.3.4.1.2. 安裝 radiusd
144.3.4.2. ldap
144.3.4.3. mysql
144.3.4.4. WAP2 Enterprise
144.3.5. SASL (Simple Authentication and Security Layer)
144.3.6. GSSAPI (Generic Security Services Application Program Interface)
145. Sniffer
145.1. nmap - Network exploration tool and security / port scanner
145.1.1. 連接埠掃瞄
145.1.2. HOST DISCOVERY
145.1.2.1. -sP: Ping Scan - go no further than determining if host is online
145.1.3. SCAN TECHNIQUES
145.1.3.1. -sU: UDP Scan 掃瞄
145.1.3.2. -b <FTP relay host>: FTP bounce scan
145.1.4. PORT SPECIFICATION AND SCAN ORDER
145.1.4.1. -p <port ranges>: Only scan specified ports
145.1.5. SCRIPT SCAN
145.1.5.1. ftp-anon
145.1.5.2. mysql-info
145.1.5.3. http
145.1.5.4. snmp
145.1.5.5. SSHv1
145.1.5.6. --script-updatedb 更新腳本
145.1.6. OS DETECTION
145.1.6.1. -O: Enable OS detection 操作系統探測
145.1.7. OUTPUT
145.1.7.1. --open: Only show open (or possibly open) ports 操作系統探測
145.1.8. 排除指定的主機
145.1.9. 查看本地路由與介面
145.1.10. MISC
145.1.10.1. -6: Enable IPv6 scanning
145.1.10.2. -A: Enables OS detection and Version detection, Script scanning and Traceroute
145.1.11. Nmap Scripting Engine (NSE)
145.2. tcpdump - A powerful tool for network monitoring and data acquisition
145.2.1. 監控網絡適配器介面
145.2.2. 監控主機
145.2.3. 監控TCP連接埠
145.2.4. 監控協議
145.2.5. 輸出到檔案
145.2.6. src / dst
145.2.7. 保存結果
145.2.8. Cisco Discovery Protocol (CDP)
145.2.9. Flags
145.2.10. 案例
145.2.10.1. 監控80連接埠與icmp,arp
145.2.10.2. monitor mysql tcp package
145.2.10.3. HTTP 包
145.2.10.4. 顯示SYN、FIN和ACK-only包
145.2.10.5. 嗅探 Oracle 錯誤
145.2.10.6. smtp
145.3. cdpr - Cisco Discovery Protocol Reporter
145.4. ncat - Concatenate and redirect sockets
145.4.1. TCP 數據傳輸
145.4.2. UDP 數據傳輸
145.4.3. 始終保持伺服器開啟
145.4.4. 傳輸視頻流
145.5. ngrep - Network layer grep tool
145.5.1. 匹配關鍵字
145.5.2. 指定網絡介面
145.6. Unicornscan,Zenmap,nast
145.7. netstat-nat - Show the natted connections on a linux iptable firewall
145.8. Tcpreplay
145.9. Wireshark
146. sqlmap - automatic SQL injection and database takeover tool
146.1. Installation
146.2. 開始入住實驗
146.2.1. 測試腳本
146.2.2. sqlmap.ini
146.3. Request參數
146.3.1. --method, --data
146.3.2. --cookie
146.3.3. --referer
146.3.4. --user-agent
146.3.4.1. -a
146.3.5. --headers
146.3.6. --referer
146.3.7. auth
146.3.7.1. --auth-type
146.3.7.2. --auth-cred
146.3.8. --proxy
146.3.9. --threads
146.3.10. --delay
146.3.11. --timeout
146.4. Injection
146.4.1. --dbms
146.4.2. --prefix
146.4.3. --postfix
146.4.4. --string
146.4.5. --regexp
146.4.6. --excl-str
146.4.7. --excl-reg
146.5. Techniques
146.5.1. --stacked-test
146.5.2. --time-test
146.5.3. --union-test
146.5.4. --union-tech
146.5.5. --union-use
146.6. Enumeration
146.6.1. dbs
146.6.2. --count
146.6.3. --dump/--dump-all
146.6.4. --sql-query
146.6.5. --sql-shell
146.7. Miscellaneous
146.7.1. --update
146.7.2. --save
147. Vulnerability Scanner
147.1. Nessus
147.2. OpenVAS
148. Injection & Penetration
148.1. Backtrack Linux
149. SELinux
149.1. getsebool - get SELinux boolean value
149.2. sestatus - SELinux status tool
149.3. setsebool - set SELinux boolean value
149.4. chcon - change file SELinux security context
149.5. rsync
150. Suricata Engine
151. psad
152. fwknop
153. fwsnort
154. nftables
155. Haka