Home | 简体中文 | 繁体中文 | 杂文 | Search | ITEYE 博客 | OSChina 博客 | Facebook | Linkedin | 知乎专栏 | Email

部分 X. Security

目录

135. Authentication
135.1. /etc/login.defs
135.2. PAM 插件认证
135.2.1. pam_tally2.so
135.2.2. pam_listfile.so
135.2.3. pam_access.so
135.2.4. pam_wheel.so
135.3. Network Authentication
135.3.1. Network Information Service (NIS)
135.3.1.1. 安装NIS服务器
135.3.1.2. Slave NIS Server
135.3.1.3. 客户机软件安装
135.3.1.4. Authentication Configuration
135.3.1.5. application example
135.3.1.6. Mount /home volume from NFS
135.3.2. OpenLDAP
135.3.2.1. Server
135.3.2.2. Client
135.3.2.3. User and Group Management
135.3.3. Kerberos
135.3.3.1. Kerberos 安装
135.3.3.2. Kerberos Server
135.3.3.3. Kerberos Client
135.3.3.4. Kerberos Management
135.3.3.5. OpenSSH Authentications
135.3.4. FreeRADIUS (Remote Authentication Dial In User Service)
135.3.4.1. 安装 FreeRADIUS
135.3.4.2. ldap
135.3.4.3. mysql
135.3.4.4. WAP2 Enterprise
135.3.5. SASL (Simple Authentication and Security Layer)
135.3.6. GSSAPI (Generic Security Services Application Program Interface)
136. Sniffer
136.1. nmap - Network exploration tool and security / port scanner
136.1.1. 端口扫描
136.1.2. HOST DISCOVERY
136.1.2.1. -sP: Ping Scan - go no further than determining if host is online
136.1.3. SCAN TECHNIQUES
136.1.3.1. -sU: UDP Scan 扫描
136.1.3.2. -b <FTP relay host>: FTP bounce scan
136.1.4. PORT SPECIFICATION AND SCAN ORDER
136.1.4.1. -p <port ranges>: Only scan specified ports
136.1.5. SCRIPT SCAN
136.1.5.1. ftp-anon
136.1.5.2. mysql-info
136.1.5.3. http
136.1.5.4. snmp
136.1.5.5. SSHv1
136.1.5.6. --script-updatedb 更新脚本
136.1.6. OS DETECTION
136.1.6.1. -O: Enable OS detection 操作系统探测
136.1.7. OUTPUT
136.1.7.1. --open: Only show open (or possibly open) ports 操作系统探测
136.1.8. MISC
136.1.8.1. -6: Enable IPv6 scanning
136.1.8.2. -A: Enables OS detection and Version detection, Script scanning and Traceroute
136.1.9. Nmap Scripting Engine (NSE)
136.2. tcpdump - A powerful tool for network monitoring and data acquisition
136.2.1. 监控网络适配器接口
136.2.2. 监控主机
136.2.3. 监控TCP端口
136.2.4. 监控协议
136.2.5. 输出到文件
136.2.6. src / dst
136.2.7. 保存结果
136.2.8. Cisco Discovery Protocol (CDP)
136.2.9. Flags
136.2.10. 案例
136.2.10.1. 监控80端口与icmp,arp
136.2.10.2. monitor mysql tcp package
136.2.10.3. HTTP 包
136.2.10.4. 显示SYN、FIN和ACK-only包
136.2.10.5. 嗅探 Oracle 错误
136.2.10.6. smtp
136.3. cdpr - Cisco Discovery Protocol Reporter
136.4. ncat - Concatenate and redirect sockets
136.4.1. TCP 数据传输
136.4.2. UDP 数据传输
136.4.3. 始终保持服务器开启
136.4.4. 传输视频流
136.5. ngrep - Network layer grep tool
136.5.1. 匹配关键字
136.5.2. 指定网络接口
136.6. Unicornscan,Zenmap,nast
136.7. netstat-nat - Show the natted connections on a linux iptable firewall
136.8. Tcpreplay
136.9. Wireshark
137. sqlmap - automatic SQL injection and database takeover tool
137.1. Installation
137.2. 开始入住实验
137.2.1. 测试脚本
137.2.2. sqlmap.ini
137.3. Request参数
137.3.1. --method, --data
137.3.2. --cookie
137.3.3. --referer
137.3.4. --user-agent
137.3.4.1. -a
137.3.5. --headers
137.3.6. --referer
137.3.7. auth
137.3.7.1. --auth-type
137.3.7.2. --auth-cred
137.3.8. --proxy
137.3.9. --threads
137.3.10. --delay
137.3.11. --timeout
137.4. Injection
137.4.1. --dbms
137.4.2. --prefix
137.4.3. --postfix
137.4.4. --string
137.4.5. --regexp
137.4.6. --excl-str
137.4.7. --excl-reg
137.5. Techniques
137.5.1. --stacked-test
137.5.2. --time-test
137.5.3. --union-test
137.5.4. --union-tech
137.5.5. --union-use
137.6. Enumeration
137.6.1. dbs
137.6.2. --count
137.6.3. --dump/--dump-all
137.6.4. --sql-query
137.6.5. --sql-shell
137.7. Miscellaneous
137.7.1. --update
137.7.2. --save
138. Vulnerability Scanner
138.1. Nessus
138.2. OpenVAS
139. Injection & Penetration
139.1. Backtrack Linux
140. SELinux
140.1. getsebool - get SELinux boolean value
140.2. sestatus - SELinux status tool
140.3. setsebool - set SELinux boolean value
140.4. chcon - change file SELinux security context
140.5. rsync
141. Suricata Engine
142. psad
143. fwknop
144. fwsnort
145. nftables
146. Haka
comments powered by Disqus