Home | 简体中文 | 繁体中文 | 杂文 | 打赏(Donations) | 云栖社区 | OSChina 博客 | Facebook | Linkedin | 知乎专栏 | Github | Search | About

部分 X. Security

目录

144. Authentication
144.1. /etc/login.defs
144.2. PAM 插件认证
144.2.1. pam_tally2.so
144.2.2. pam_listfile.so
144.2.3. pam_access.so
144.2.4. pam_wheel.so
144.3. Network Authentication
144.3.1. Network Information Service (NIS)
144.3.1.1. 安装NIS服务器
144.3.1.2. Slave NIS Server
144.3.1.3. 客户机软件安装
144.3.1.4. Authentication Configuration
144.3.1.5. application example
144.3.1.6. Mount /home volume from NFS
144.3.2. OpenLDAP
144.3.2.1. Server
144.3.2.2. Client
144.3.2.3. User and Group Management
144.3.3. Kerberos
144.3.3.1. Kerberos 安装
144.3.3.1.1. CentOS 安装
144.3.3.1.2. Install by apt-get
144.3.3.2. Kerberos Server
144.3.3.3. Kerberos Client
144.3.3.4. Kerberos Management
144.3.3.4.1. ktutil - Kerberos keytab file maintenance utility
144.3.3.4.2. klist - list cached Kerberos tickets
144.3.3.5. OpenSSH Authentications
144.3.3.5.1. Configuring the Application server system
144.3.3.5.2. Configuring the Application client system
144.3.4. FreeRADIUS (Remote Authentication Dial In User Service)
144.3.4.1. 安装 FreeRADIUS
144.3.4.1.1. Ubuntu
144.3.4.1.2. 安装 radiusd
144.3.4.2. ldap
144.3.4.3. mysql
144.3.4.4. WAP2 Enterprise
144.3.5. SASL (Simple Authentication and Security Layer)
144.3.6. GSSAPI (Generic Security Services Application Program Interface)
145. Sniffer
145.1. nmap - Network exploration tool and security / port scanner
145.1.1. 端口扫描
145.1.2. HOST DISCOVERY
145.1.2.1. -sP: Ping Scan - go no further than determining if host is online
145.1.3. SCAN TECHNIQUES
145.1.3.1. -sU: UDP Scan 扫描
145.1.3.2. -b <FTP relay host>: FTP bounce scan
145.1.4. PORT SPECIFICATION AND SCAN ORDER
145.1.4.1. -p <port ranges>: Only scan specified ports
145.1.5. SCRIPT SCAN
145.1.5.1. ftp-anon
145.1.5.2. mysql-info
145.1.5.3. http
145.1.5.4. snmp
145.1.5.5. SSHv1
145.1.5.6. --script-updatedb 更新脚本
145.1.6. OS DETECTION
145.1.6.1. -O: Enable OS detection 操作系统探测
145.1.7. OUTPUT
145.1.7.1. --open: Only show open (or possibly open) ports 操作系统探测
145.1.8. 排除指定的主机
145.1.9. 查看本地路由与接口
145.1.10. MISC
145.1.10.1. -6: Enable IPv6 scanning
145.1.10.2. -A: Enables OS detection and Version detection, Script scanning and Traceroute
145.1.11. Nmap Scripting Engine (NSE)
145.2. tcpdump - A powerful tool for network monitoring and data acquisition
145.2.1. 监控网络适配器接口
145.2.2. 监控主机
145.2.3. 监控TCP端口
145.2.4. 监控协议
145.2.5. 输出到文件
145.2.6. src / dst
145.2.7. 保存结果
145.2.8. Cisco Discovery Protocol (CDP)
145.2.9. Flags
145.2.10. 案例
145.2.10.1. 监控80端口与icmp,arp
145.2.10.2. monitor mysql tcp package
145.2.10.3. HTTP 包
145.2.10.4. 显示SYN、FIN和ACK-only包
145.2.10.5. 嗅探 Oracle 错误
145.2.10.6. smtp
145.3. cdpr - Cisco Discovery Protocol Reporter
145.4. ncat - Concatenate and redirect sockets
145.4.1. TCP 数据传输
145.4.2. UDP 数据传输
145.4.3. 始终保持服务器开启
145.4.4. 传输视频流
145.5. ngrep - Network layer grep tool
145.5.1. 匹配关键字
145.5.2. 指定网络接口
145.6. Unicornscan,Zenmap,nast
145.7. netstat-nat - Show the natted connections on a linux iptable firewall
145.8. Tcpreplay
145.9. Wireshark
146. sqlmap - automatic SQL injection and database takeover tool
146.1. Installation
146.2. 开始入住实验
146.2.1. 测试脚本
146.2.2. sqlmap.ini
146.3. Request参数
146.3.1. --method, --data
146.3.2. --cookie
146.3.3. --referer
146.3.4. --user-agent
146.3.4.1. -a
146.3.5. --headers
146.3.6. --referer
146.3.7. auth
146.3.7.1. --auth-type
146.3.7.2. --auth-cred
146.3.8. --proxy
146.3.9. --threads
146.3.10. --delay
146.3.11. --timeout
146.4. Injection
146.4.1. --dbms
146.4.2. --prefix
146.4.3. --postfix
146.4.4. --string
146.4.5. --regexp
146.4.6. --excl-str
146.4.7. --excl-reg
146.5. Techniques
146.5.1. --stacked-test
146.5.2. --time-test
146.5.3. --union-test
146.5.4. --union-tech
146.5.5. --union-use
146.6. Enumeration
146.6.1. dbs
146.6.2. --count
146.6.3. --dump/--dump-all
146.6.4. --sql-query
146.6.5. --sql-shell
146.7. Miscellaneous
146.7.1. --update
146.7.2. --save
147. Vulnerability Scanner
147.1. Nessus
147.2. OpenVAS
148. Injection & Penetration
148.1. Backtrack Linux
149. SELinux
149.1. getsebool - get SELinux boolean value
149.2. sestatus - SELinux status tool
149.3. setsebool - set SELinux boolean value
149.4. chcon - change file SELinux security context
149.5. rsync
150. Suricata Engine
151. psad
152. fwknop
153. fwsnort
154. nftables
155. Haka