Home | 简体中文 | 繁体中文 | 杂文 | 打赏(Donations) | 云栖社区 | OSChina 博客 | Facebook | Linkedin | 知乎专栏 | Github | Search | About

部分 X. Security

目录

144. Authentication
144.1. /etc/login.defs
144.2. PAM 插件认证
144.2.1. pam_tally2.so
144.2.2. pam_listfile.so
144.2.3. pam_access.so
144.2.4. pam_wheel.so
144.3. Network Authentication
144.3.1. Network Information Service (NIS)
144.3.1.1. 安装NIS服务器
144.3.1.2. Slave NIS Server
144.3.1.3. 客户机软件安装
144.3.1.4. Authentication Configuration
144.3.1.5. application example
144.3.1.6. Mount /home volume from NFS
144.3.2. OpenLDAP
144.3.2.1. Server
144.3.2.2. Client
144.3.2.3. User and Group Management
144.3.3. Kerberos
144.3.3.1. Kerberos 安装
144.3.3.1.1. CentOS 安装
144.3.3.1.2. Install by apt-get
144.3.3.2. Kerberos Server
144.3.3.3. Kerberos Client
144.3.3.4. Kerberos Management
144.3.3.4.1. ktutil - Kerberos keytab file maintenance utility
144.3.3.4.2. klist - list cached Kerberos tickets
144.3.3.5. OpenSSH Authentications
144.3.3.5.1. Configuring the Application server system
144.3.3.5.2. Configuring the Application client system
144.3.4. FreeRADIUS (Remote Authentication Dial In User Service)
144.3.4.1. 安装 FreeRADIUS
144.3.4.1.1. Ubuntu
144.3.4.1.2. 安装 radiusd
144.3.4.2. ldap
144.3.4.3. mysql
144.3.4.4. WAP2 Enterprise
144.3.5. SASL (Simple Authentication and Security Layer)
144.3.6. GSSAPI (Generic Security Services Application Program Interface)
145. SELinux
145.1. getsebool - get SELinux boolean value
145.1.1. HTTP 相关配置
145.2. sestatus - SELinux status tool
145.3. setsebool - set SELinux boolean value
145.4. chcon - change file SELinux security context
145.5. rsync
145.6. 查找被SELINUX禁用服务
145.6.1. Nginx
146. Sniffer
146.1. nmap - Network exploration tool and security / port scanner
146.1.1. 端口扫描
146.1.2. HOST DISCOVERY
146.1.2.1. -sP: Ping Scan - go no further than determining if host is online
146.1.3. SCAN TECHNIQUES
146.1.3.1. -sU: UDP Scan 扫描
146.1.3.2. -b <FTP relay host>: FTP bounce scan
146.1.4. PORT SPECIFICATION AND SCAN ORDER
146.1.4.1. -p <port ranges>: Only scan specified ports
146.1.5. SCRIPT SCAN
146.1.5.1. ftp-anon
146.1.5.2. mysql-info
146.1.5.3. http
146.1.5.4. snmp
146.1.5.5. SSHv1
146.1.5.6. --script-updatedb 更新脚本
146.1.6. OS DETECTION
146.1.6.1. -O: Enable OS detection 操作系统探测
146.1.7. OUTPUT
146.1.7.1. --open: Only show open (or possibly open) ports 操作系统探测
146.1.8. 排除指定的主机
146.1.9. 查看本地路由与接口
146.1.10. MISC
146.1.10.1. -6: Enable IPv6 scanning
146.1.10.2. -A: Enables OS detection and Version detection, Script scanning and Traceroute
146.1.11. Nmap Scripting Engine (NSE)
146.2. tcpdump - A powerful tool for network monitoring and data acquisition
146.2.1. 监控网络适配器接口
146.2.2. 监控主机
146.2.3. 监控TCP端口
146.2.4. 监控协议
146.2.5. 输出到文件
146.2.6. src / dst
146.2.7. 保存结果
146.2.8. Cisco Discovery Protocol (CDP)
146.2.9. Flags
146.2.10. 案例
146.2.10.1. 监控80端口与icmp,arp
146.2.10.2. monitor mysql tcp package
146.2.10.3. HTTP 包
146.2.10.4. 显示SYN、FIN和ACK-only包
146.2.10.5. 嗅探 Oracle 错误
146.2.10.6. smtp
146.3. cdpr - Cisco Discovery Protocol Reporter
146.4. ncat - Concatenate and redirect sockets
146.4.1. TCP 数据传输
146.4.2. UDP 数据传输
146.4.3. 始终保持服务器开启
146.4.4. 传输视频流
146.5. ngrep - Network layer grep tool
146.5.1. 匹配关键字
146.5.2. 指定网络接口
146.6. Unicornscan,Zenmap,nast
146.7. netstat-nat - Show the natted connections on a linux iptable firewall
146.8. Tcpreplay
146.9. Wireshark
147. sqlmap - automatic SQL injection and database takeover tool
147.1. Installation
147.2. 开始入住实验
147.2.1. 测试脚本
147.2.2. sqlmap.ini
147.3. Request参数
147.3.1. --method, --data
147.3.2. --cookie
147.3.3. --referer
147.3.4. --user-agent
147.3.4.1. -a
147.3.5. --headers
147.3.6. --referer
147.3.7. auth
147.3.7.1. --auth-type
147.3.7.2. --auth-cred
147.3.8. --proxy
147.3.9. --threads
147.3.10. --delay
147.3.11. --timeout
147.4. Injection
147.4.1. --dbms
147.4.2. --prefix
147.4.3. --postfix
147.4.4. --string
147.4.5. --regexp
147.4.6. --excl-str
147.4.7. --excl-reg
147.5. Techniques
147.5.1. --stacked-test
147.5.2. --time-test
147.5.3. --union-test
147.5.4. --union-tech
147.5.5. --union-use
147.6. Enumeration
147.6.1. dbs
147.6.2. --count
147.6.3. --dump/--dump-all
147.6.4. --sql-query
147.6.5. --sql-shell
147.7. Miscellaneous
147.7.1. --update
147.7.2. --save
148. Vulnerability Scanner
148.1. Nessus
148.2. OpenVAS
149. Injection & Penetration
149.1. Backtrack Linux
150. Suricata Engine
151. psad
152. fwknop
153. fwsnort
154. nftables
155. Haka