Home | 簡體中文 | 繁體中文 | 雜文 | 打賞(Donations) | ITEYE 博客 | OSChina 博客 | Facebook | Linkedin | 知乎專欄 | Search | Email

部分 X. Security

目錄

136. Authentication
136.1. /etc/login.defs
136.2. PAM 插件認證
136.2.1. pam_tally2.so
136.2.2. pam_listfile.so
136.2.3. pam_access.so
136.2.4. pam_wheel.so
136.3. Network Authentication
136.3.1. Network Information Service (NIS)
136.3.1.1. 安裝NIS伺服器
136.3.1.2. Slave NIS Server
136.3.1.3. 客戶機軟件安裝
136.3.1.4. Authentication Configuration
136.3.1.5. application example
136.3.1.6. Mount /home volume from NFS
136.3.2. OpenLDAP
136.3.2.1. Server
136.3.2.2. Client
136.3.2.3. User and Group Management
136.3.3. Kerberos
136.3.3.1. Kerberos 安裝
136.3.3.2. Kerberos Server
136.3.3.3. Kerberos Client
136.3.3.4. Kerberos Management
136.3.3.5. OpenSSH Authentications
136.3.4. FreeRADIUS (Remote Authentication Dial In User Service)
136.3.4.1. 安裝 FreeRADIUS
136.3.4.2. ldap
136.3.4.3. mysql
136.3.4.4. WAP2 Enterprise
136.3.5. SASL (Simple Authentication and Security Layer)
136.3.6. GSSAPI (Generic Security Services Application Program Interface)
137. Sniffer
137.1. nmap - Network exploration tool and security / port scanner
137.1.1. 連接埠掃瞄
137.1.2. HOST DISCOVERY
137.1.2.1. -sP: Ping Scan - go no further than determining if host is online
137.1.3. SCAN TECHNIQUES
137.1.3.1. -sU: UDP Scan 掃瞄
137.1.3.2. -b <FTP relay host>: FTP bounce scan
137.1.4. PORT SPECIFICATION AND SCAN ORDER
137.1.4.1. -p <port ranges>: Only scan specified ports
137.1.5. SCRIPT SCAN
137.1.5.1. ftp-anon
137.1.5.2. mysql-info
137.1.5.3. http
137.1.5.4. snmp
137.1.5.5. SSHv1
137.1.5.6. --script-updatedb 更新腳本
137.1.6. OS DETECTION
137.1.6.1. -O: Enable OS detection 操作系統探測
137.1.7. OUTPUT
137.1.7.1. --open: Only show open (or possibly open) ports 操作系統探測
137.1.8. MISC
137.1.8.1. -6: Enable IPv6 scanning
137.1.8.2. -A: Enables OS detection and Version detection, Script scanning and Traceroute
137.1.9. Nmap Scripting Engine (NSE)
137.2. tcpdump - A powerful tool for network monitoring and data acquisition
137.2.1. 監控網絡適配器介面
137.2.2. 監控主機
137.2.3. 監控TCP連接埠
137.2.4. 監控協議
137.2.5. 輸出到檔案
137.2.6. src / dst
137.2.7. 保存結果
137.2.8. Cisco Discovery Protocol (CDP)
137.2.9. Flags
137.2.10. 案例
137.2.10.1. 監控80連接埠與icmp,arp
137.2.10.2. monitor mysql tcp package
137.2.10.3. HTTP 包
137.2.10.4. 顯示SYN、FIN和ACK-only包
137.2.10.5. 嗅探 Oracle 錯誤
137.2.10.6. smtp
137.3. cdpr - Cisco Discovery Protocol Reporter
137.4. ncat - Concatenate and redirect sockets
137.4.1. TCP 數據傳輸
137.4.2. UDP 數據傳輸
137.4.3. 始終保持伺服器開啟
137.4.4. 傳輸視頻流
137.5. ngrep - Network layer grep tool
137.5.1. 匹配關鍵字
137.5.2. 指定網絡介面
137.6. Unicornscan,Zenmap,nast
137.7. netstat-nat - Show the natted connections on a linux iptable firewall
137.8. Tcpreplay
137.9. Wireshark
138. sqlmap - automatic SQL injection and database takeover tool
138.1. Installation
138.2. 開始入住實驗
138.2.1. 測試腳本
138.2.2. sqlmap.ini
138.3. Request參數
138.3.1. --method, --data
138.3.2. --cookie
138.3.3. --referer
138.3.4. --user-agent
138.3.4.1. -a
138.3.5. --headers
138.3.6. --referer
138.3.7. auth
138.3.7.1. --auth-type
138.3.7.2. --auth-cred
138.3.8. --proxy
138.3.9. --threads
138.3.10. --delay
138.3.11. --timeout
138.4. Injection
138.4.1. --dbms
138.4.2. --prefix
138.4.3. --postfix
138.4.4. --string
138.4.5. --regexp
138.4.6. --excl-str
138.4.7. --excl-reg
138.5. Techniques
138.5.1. --stacked-test
138.5.2. --time-test
138.5.3. --union-test
138.5.4. --union-tech
138.5.5. --union-use
138.6. Enumeration
138.6.1. dbs
138.6.2. --count
138.6.3. --dump/--dump-all
138.6.4. --sql-query
138.6.5. --sql-shell
138.7. Miscellaneous
138.7.1. --update
138.7.2. --save
139. Vulnerability Scanner
139.1. Nessus
139.2. OpenVAS
140. Injection & Penetration
140.1. Backtrack Linux
141. SELinux
141.1. getsebool - get SELinux boolean value
141.2. sestatus - SELinux status tool
141.3. setsebool - set SELinux boolean value
141.4. chcon - change file SELinux security context
141.5. rsync
142. Suricata Engine
143. psad
144. fwknop
145. fwsnort
146. nftables
147. Haka