Home | 简体中文 | 繁体中文 | 杂文 | 知乎专栏 | Github | OSChina 博客 | 云社区 | 云栖社区 | Facebook | Linkedin | 视频教程 | 打赏(Donations) | About
知乎专栏多维度架构 微信号 netkiller-ebook | QQ群:128659835 请注明“读者”

部分 X. Security

目录

140. Authentication
140.1. /etc/login.defs
140.2. PAM 插件认证
140.2.1. pam_tally2.so
140.2.2. pam_listfile.so
140.2.3. pam_access.so
140.2.4. pam_wheel.so
140.3. Network Authentication
140.3.1. Network Information Service (NIS)
140.3.1.1. 安装NIS服务器
140.3.1.2. Slave NIS Server
140.3.1.3. 客户机软件安装
140.3.1.4. Authentication Configuration
140.3.1.5. application example
140.3.1.6. Mount /home volume from NFS
140.3.2. OpenLDAP
140.3.2.1. Server
140.3.2.2. Client
140.3.2.3. User and Group Management
140.3.3. Kerberos
140.3.3.1. Kerberos 安装
140.3.3.1.1. CentOS 安装
140.3.3.1.2. Install by apt-get
140.3.3.2. Kerberos Server
140.3.3.3. Kerberos Client
140.3.3.4. Kerberos Management
140.3.3.4.1. ktutil - Kerberos keytab file maintenance utility
140.3.3.4.2. klist - list cached Kerberos tickets
140.3.3.5. OpenSSH Authentications
140.3.3.5.1. Configuring the Application server system
140.3.3.5.2. Configuring the Application client system
140.3.4. FreeRADIUS (Remote Authentication Dial In User Service)
140.3.4.1. 安装 FreeRADIUS
140.3.4.1.1. Ubuntu
140.3.4.1.2. 安装 radiusd
140.3.4.2. ldap
140.3.4.3. mysql
140.3.4.4. WAP2 Enterprise
140.3.5. SASL (Simple Authentication and Security Layer)
140.3.6. GSSAPI (Generic Security Services Application Program Interface)
141. SELinux
141.1. getsebool - get SELinux boolean value
141.1.1. HTTP 相关配置
141.2. sestatus - SELinux status tool
141.3. setsebool - set SELinux boolean value
141.4. chcon - change file SELinux security context
141.5. rsync
141.6. 查找被SELINUX禁用服务
141.6.1. Nginx
142. Sniffer
142.1. nmap - Network exploration tool and security / port scanner
142.1.1. 端口扫描
142.1.2. HOST DISCOVERY
142.1.2.1. -sP: Ping Scan - go no further than determining if host is online
142.1.3. SCAN TECHNIQUES
142.1.3.1. -sU: UDP Scan 扫描
142.1.3.2. -b <FTP relay host>: FTP bounce scan
142.1.4. PORT SPECIFICATION AND SCAN ORDER
142.1.4.1. -p <port ranges>: Only scan specified ports
142.1.5. SCRIPT SCAN
142.1.5.1. ftp-anon
142.1.5.2. mysql-info
142.1.5.3. http
142.1.5.4. snmp
142.1.5.5. SSHv1
142.1.5.6. --script-updatedb 更新脚本
142.1.6. OS DETECTION
142.1.6.1. -O: Enable OS detection 操作系统探测
142.1.7. OUTPUT
142.1.7.1. --open: Only show open (or possibly open) ports 操作系统探测
142.1.8. 排除指定的主机
142.1.9. 查看本地路由与接口
142.1.10. MISC
142.1.10.1. -6: Enable IPv6 scanning
142.1.10.2. -A: Enables OS detection and Version detection, Script scanning and Traceroute
142.1.11. Nmap Scripting Engine (NSE)
142.2. tcpdump - A powerful tool for network monitoring and data acquisition
142.2.1. 监控网络适配器接口
142.2.2. 监控主机
142.2.3. 监控TCP端口
142.2.4. 监控协议
142.2.5. 输出到文件
142.2.6. src / dst
142.2.7. 保存结果
142.2.8. Cisco Discovery Protocol (CDP)
142.2.9. Flags
142.2.10. 案例
142.2.10.1. 监控80端口与icmp,arp
142.2.10.2. monitor mysql tcp package
142.2.10.3. HTTP 包
142.2.10.4. 显示SYN、FIN和ACK-only包
142.2.10.5. 嗅探 Oracle 错误
142.2.10.6. smtp
142.3. cdpr - Cisco Discovery Protocol Reporter
142.4. ncat - Concatenate and redirect sockets
142.4.1. TCP 数据传输
142.4.2. UDP 数据传输
142.4.3. 始终保持服务器开启
142.4.4. 传输视频流
142.5. ngrep - Network layer grep tool
142.5.1. 匹配关键字
142.5.2. 指定网络接口
142.6. Unicornscan,Zenmap,nast
142.7. netstat-nat - Show the natted connections on a linux iptable firewall
142.8. Tcpreplay
142.9. Wireshark
143. sqlmap - automatic SQL injection and database takeover tool
143.1. Installation
143.2. 开始入住实验
143.2.1. 测试脚本
143.2.2. sqlmap.ini
143.3. Request参数
143.3.1. --method, --data
143.3.2. --cookie
143.3.3. --referer
143.3.4. --user-agent
143.3.4.1. -a
143.3.5. --headers
143.3.6. --referer
143.3.7. auth
143.3.7.1. --auth-type
143.3.7.2. --auth-cred
143.3.8. --proxy
143.3.9. --threads
143.3.10. --delay
143.3.11. --timeout
143.4. Injection
143.4.1. --dbms
143.4.2. --prefix
143.4.3. --postfix
143.4.4. --string
143.4.5. --regexp
143.4.6. --excl-str
143.4.7. --excl-reg
143.5. Techniques
143.5.1. --stacked-test
143.5.2. --time-test
143.5.3. --union-test
143.5.4. --union-tech
143.5.5. --union-use
143.6. Enumeration
143.6.1. dbs
143.6.2. --count
143.6.3. --dump/--dump-all
143.6.4. --sql-query
143.6.5. --sql-shell
143.7. Miscellaneous
143.7.1. --update
143.7.2. --save
144. Vulnerability Scanner
144.1. Nessus
144.2. OpenVAS
145. Injection & Penetration
145.1. Backtrack Linux
146. Lynis Linux 安全性扫描工具
146.1. 安装
146.1.1.
146.2. 开始审计
147. Suricata Engine
148. psad
149. fwknop
150. fwsnort
151. nftables
152. Haka