Home | 简体中文 | 繁体中文 | 杂文 | 知乎专栏 | Github | OSChina 博客 | 云社区 | 云栖社区 | Facebook | Linkedin | 视频教程 | 打赏(Donations) | About
知乎专栏多维度架构

部分 X. Security

目录

141. Authentication
141.1. /etc/login.defs
141.2. PAM 插件认证
141.2.1. pam_tally2.so
141.2.2. pam_listfile.so
141.2.3. pam_access.so
141.2.4. pam_wheel.so
141.3. Network Authentication
141.3.1. Network Information Service (NIS)
141.3.1.1. 安装NIS服务器
141.3.1.2. Slave NIS Server
141.3.1.3. 客户机软件安装
141.3.1.4. Authentication Configuration
141.3.1.5. application example
141.3.1.6. Mount /home volume from NFS
141.3.2. OpenLDAP
141.3.2.1. Server
141.3.2.2. Client
141.3.2.3. User and Group Management
141.3.3. Kerberos
141.3.3.1. Kerberos 安装
141.3.3.1.1. CentOS 安装
141.3.3.1.2. Install by apt-get
141.3.3.2. Kerberos Server
141.3.3.3. Kerberos Client
141.3.3.4. Kerberos Management
141.3.3.4.1. ktutil - Kerberos keytab file maintenance utility
141.3.3.4.2. klist - list cached Kerberos tickets
141.3.3.5. OpenSSH Authentications
141.3.3.5.1. Configuring the Application server system
141.3.3.5.2. Configuring the Application client system
141.3.4. FreeRADIUS (Remote Authentication Dial In User Service)
141.3.4.1. 安装 FreeRADIUS
141.3.4.1.1. Ubuntu
141.3.4.1.2. 安装 radiusd
141.3.4.2. ldap
141.3.4.3. mysql
141.3.4.4. WAP2 Enterprise
141.3.5. SASL (Simple Authentication and Security Layer)
141.3.6. GSSAPI (Generic Security Services Application Program Interface)
142. SELinux
142.1. getsebool - get SELinux boolean value
142.1.1. HTTP 相关配置
142.2. sestatus - SELinux status tool
142.3. setsebool - set SELinux boolean value
142.4. chcon - change file SELinux security context
142.5. rsync
142.6. 查找被SELINUX禁用服务
142.6.1. Nginx
143. Sniffer
143.1. nmap - Network exploration tool and security / port scanner
143.1.1. 端口扫描
143.1.2. HOST DISCOVERY
143.1.2.1. -sP: Ping Scan - go no further than determining if host is online
143.1.3. SCAN TECHNIQUES
143.1.3.1. -sU: UDP Scan 扫描
143.1.3.2. -b <FTP relay host>: FTP bounce scan
143.1.4. PORT SPECIFICATION AND SCAN ORDER
143.1.4.1. -p <port ranges>: Only scan specified ports
143.1.5. SCRIPT SCAN
143.1.5.1. ftp-anon
143.1.5.2. mysql-info
143.1.5.3. http
143.1.5.4. snmp
143.1.5.5. SSHv1
143.1.5.6. --script-updatedb 更新脚本
143.1.6. OS DETECTION
143.1.6.1. -O: Enable OS detection 操作系统探测
143.1.7. OUTPUT
143.1.7.1. --open: Only show open (or possibly open) ports 操作系统探测
143.1.8. 排除指定的主机
143.1.9. 查看本地路由与接口
143.1.10. MISC
143.1.10.1. -6: Enable IPv6 scanning
143.1.10.2. -A: Enables OS detection and Version detection, Script scanning and Traceroute
143.1.11. Nmap Scripting Engine (NSE)
143.2. tcpdump - A powerful tool for network monitoring and data acquisition
143.2.1. 监控网络适配器接口
143.2.2. 监控主机
143.2.3. 监控TCP端口
143.2.4. 监控协议
143.2.5. 输出到文件
143.2.6. src / dst
143.2.7. 保存结果
143.2.8. Cisco Discovery Protocol (CDP)
143.2.9. Flags
143.2.10. 案例
143.2.10.1. 监控80端口与icmp,arp
143.2.10.2. monitor mysql tcp package
143.2.10.3. HTTP 包
143.2.10.4. 显示SYN、FIN和ACK-only包
143.2.10.5. 嗅探 Oracle 错误
143.2.10.6. smtp
143.3. cdpr - Cisco Discovery Protocol Reporter
143.4. ncat - Concatenate and redirect sockets
143.4.1. TCP 数据传输
143.4.2. UDP 数据传输
143.4.3. 始终保持服务器开启
143.4.4. 传输视频流
143.5. ngrep - Network layer grep tool
143.5.1. 匹配关键字
143.5.2. 指定网络接口
143.6. Unicornscan,Zenmap,nast
143.7. netstat-nat - Show the natted connections on a linux iptable firewall
143.8. Tcpreplay
143.9. Wireshark
144. sqlmap - automatic SQL injection and database takeover tool
144.1. Installation
144.2. 开始入住实验
144.2.1. 测试脚本
144.2.2. sqlmap.ini
144.3. Request参数
144.3.1. --method, --data
144.3.2. --cookie
144.3.3. --referer
144.3.4. --user-agent
144.3.4.1. -a
144.3.5. --headers
144.3.6. --referer
144.3.7. auth
144.3.7.1. --auth-type
144.3.7.2. --auth-cred
144.3.8. --proxy
144.3.9. --threads
144.3.10. --delay
144.3.11. --timeout
144.4. Injection
144.4.1. --dbms
144.4.2. --prefix
144.4.3. --postfix
144.4.4. --string
144.4.5. --regexp
144.4.6. --excl-str
144.4.7. --excl-reg
144.5. Techniques
144.5.1. --stacked-test
144.5.2. --time-test
144.5.3. --union-test
144.5.4. --union-tech
144.5.5. --union-use
144.6. Enumeration
144.6.1. dbs
144.6.2. --count
144.6.3. --dump/--dump-all
144.6.4. --sql-query
144.6.5. --sql-shell
144.7. Miscellaneous
144.7.1. --update
144.7.2. --save
145. Vulnerability Scanner
145.1. Nessus
145.2. OpenVAS
146. Injection & Penetration
146.1. Backtrack Linux
147. Suricata Engine
148. psad
149. fwknop
150. fwsnort
151. nftables
152. Haka