Home | 簡體中文 | 繁體中文 | 雜文 | 打賞(Donations) | OSChina 博客 | Facebook | Linkedin | 知乎專欄 | Search | About

部分 X. Security

目錄

143. Authentication
143.1. /etc/login.defs
143.2. PAM 插件認證
143.2.1. pam_tally2.so
143.2.2. pam_listfile.so
143.2.3. pam_access.so
143.2.4. pam_wheel.so
143.3. Network Authentication
143.3.1. Network Information Service (NIS)
143.3.1.1. 安裝NIS伺服器
143.3.1.2. Slave NIS Server
143.3.1.3. 客戶機軟件安裝
143.3.1.4. Authentication Configuration
143.3.1.5. application example
143.3.1.6. Mount /home volume from NFS
143.3.2. OpenLDAP
143.3.2.1. Server
143.3.2.2. Client
143.3.2.3. User and Group Management
143.3.3. Kerberos
143.3.3.1. Kerberos 安裝
143.3.3.1.1. CentOS 安裝
143.3.3.1.2. Install by apt-get
143.3.3.2. Kerberos Server
143.3.3.3. Kerberos Client
143.3.3.4. Kerberos Management
143.3.3.4.1. ktutil - Kerberos keytab file maintenance utility
143.3.3.4.2. klist - list cached Kerberos tickets
143.3.3.5. OpenSSH Authentications
143.3.3.5.1. Configuring the Application server system
143.3.3.5.2. Configuring the Application client system
143.3.4. FreeRADIUS (Remote Authentication Dial In User Service)
143.3.4.1. 安裝 FreeRADIUS
143.3.4.1.1. Ubuntu
143.3.4.1.2. 安裝 radiusd
143.3.4.2. ldap
143.3.4.3. mysql
143.3.4.4. WAP2 Enterprise
143.3.5. SASL (Simple Authentication and Security Layer)
143.3.6. GSSAPI (Generic Security Services Application Program Interface)
144. Sniffer
144.1. nmap - Network exploration tool and security / port scanner
144.1.1. 連接埠掃瞄
144.1.2. HOST DISCOVERY
144.1.2.1. -sP: Ping Scan - go no further than determining if host is online
144.1.3. SCAN TECHNIQUES
144.1.3.1. -sU: UDP Scan 掃瞄
144.1.3.2. -b <FTP relay host>: FTP bounce scan
144.1.4. PORT SPECIFICATION AND SCAN ORDER
144.1.4.1. -p <port ranges>: Only scan specified ports
144.1.5. SCRIPT SCAN
144.1.5.1. ftp-anon
144.1.5.2. mysql-info
144.1.5.3. http
144.1.5.4. snmp
144.1.5.5. SSHv1
144.1.5.6. --script-updatedb 更新腳本
144.1.6. OS DETECTION
144.1.6.1. -O: Enable OS detection 操作系統探測
144.1.7. OUTPUT
144.1.7.1. --open: Only show open (or possibly open) ports 操作系統探測
144.1.8. 排除指定的主機
144.1.9. 查看本地路由與介面
144.1.10. MISC
144.1.10.1. -6: Enable IPv6 scanning
144.1.10.2. -A: Enables OS detection and Version detection, Script scanning and Traceroute
144.1.11. Nmap Scripting Engine (NSE)
144.2. tcpdump - A powerful tool for network monitoring and data acquisition
144.2.1. 監控網絡適配器介面
144.2.2. 監控主機
144.2.3. 監控TCP連接埠
144.2.4. 監控協議
144.2.5. 輸出到檔案
144.2.6. src / dst
144.2.7. 保存結果
144.2.8. Cisco Discovery Protocol (CDP)
144.2.9. Flags
144.2.10. 案例
144.2.10.1. 監控80連接埠與icmp,arp
144.2.10.2. monitor mysql tcp package
144.2.10.3. HTTP 包
144.2.10.4. 顯示SYN、FIN和ACK-only包
144.2.10.5. 嗅探 Oracle 錯誤
144.2.10.6. smtp
144.3. cdpr - Cisco Discovery Protocol Reporter
144.4. ncat - Concatenate and redirect sockets
144.4.1. TCP 數據傳輸
144.4.2. UDP 數據傳輸
144.4.3. 始終保持伺服器開啟
144.4.4. 傳輸視頻流
144.5. ngrep - Network layer grep tool
144.5.1. 匹配關鍵字
144.5.2. 指定網絡介面
144.6. Unicornscan,Zenmap,nast
144.7. netstat-nat - Show the natted connections on a linux iptable firewall
144.8. Tcpreplay
144.9. Wireshark
145. sqlmap - automatic SQL injection and database takeover tool
145.1. Installation
145.2. 開始入住實驗
145.2.1. 測試腳本
145.2.2. sqlmap.ini
145.3. Request參數
145.3.1. --method, --data
145.3.2. --cookie
145.3.3. --referer
145.3.4. --user-agent
145.3.4.1. -a
145.3.5. --headers
145.3.6. --referer
145.3.7. auth
145.3.7.1. --auth-type
145.3.7.2. --auth-cred
145.3.8. --proxy
145.3.9. --threads
145.3.10. --delay
145.3.11. --timeout
145.4. Injection
145.4.1. --dbms
145.4.2. --prefix
145.4.3. --postfix
145.4.4. --string
145.4.5. --regexp
145.4.6. --excl-str
145.4.7. --excl-reg
145.5. Techniques
145.5.1. --stacked-test
145.5.2. --time-test
145.5.3. --union-test
145.5.4. --union-tech
145.5.5. --union-use
145.6. Enumeration
145.6.1. dbs
145.6.2. --count
145.6.3. --dump/--dump-all
145.6.4. --sql-query
145.6.5. --sql-shell
145.7. Miscellaneous
145.7.1. --update
145.7.2. --save
146. Vulnerability Scanner
146.1. Nessus
146.2. OpenVAS
147. Injection & Penetration
147.1. Backtrack Linux
148. SELinux
148.1. getsebool - get SELinux boolean value
148.2. sestatus - SELinux status tool
148.3. setsebool - set SELinux boolean value
148.4. chcon - change file SELinux security context
148.5. rsync
149. Suricata Engine
150. psad
151. fwknop
152. fwsnort
153. nftables
154. Haka