




版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领
文档简介
1、,1,Cyber-crime investigative techniques,LIN YING,2,Chapter2 Network attack model,3,2.1 Overview,Attacks hidden identity and location Objective information collection system Weaknesses of Information Mining The use of authority to target,Attacks hidden The attack Open up the back door Remove traces o
2、f attacks,Network attacks usually divided into the following stages:,4,2.2 Attacks hidden identity and location,Objective: To hide the identity of network attacks and the host location 1) The mainframe was used as a springboard for the invasion;,5,2) Application telephone adapter technology hidden i
3、dentity of the attacker; 3) Others ACCOUNT Internet piracy; 4) Gateway through the free agent attacks; 5) fake user accounts; 6) forged IP addresses.,6,2.1.1.1 Relations of trust In Unix mainframe, there is a special relationship of trust. Assume that two hosts A and B, above have an account admin,
4、mainframe A and B to admin as two unrelated users, in different host operating need to import the corresponding accounts (although these two accounts are for admin), which is extremely inconvenient. In order to reduce this inconvenience can host mainframe A and B in the two accounts established rela
5、tionship of trust, of the specific steps are as follows:,2.2.1 IP Spoofing,7,1)In the mainframe A and B on the admin console the home directory creation. Rhosts file; 2)host of admin in the home directory using the commands A, B relationship of trust: # echo “B admin” /.rhosts;,8,2.1.1.2 The theoret
6、ical basis for IP Spoofing IP deceive most fundamental theoretical basis: Since A and B is the relationship of trust between the established based on the IP address, then pretending to B if the IP address, they can use rlogin logged on A, without the need for any password verification.,9,IP deceived
7、 by the composition of a number of steps: 1、Trust was host to a standstill: 2、Speculation of sampling and sequencing:,2.1.1.3 The whole process of IP Spoofing,10,2.3 Objective information collection system,Objective: To determine the target and collect the relevant information system goals,11,2.3.1
8、Scanner related knowledge,2.3.1.1 What is scanner Scanner is a system of information through the collection to automatically detect remote or local host security vulnerability procedures. Through the use of scanners, remote server can be found the various TCP port and the distribution of the service
9、s provided and their version of the software, which allows hackers or caretakers indirectly or directly that the existence of long-range mainframe security issues.,12,2.3.1.2 classification The use of scanners in accordance with the different objects can be divided into local and long-range scanners
10、 scanners; In accordance with the purpose to scan classification, can be divided into port scanners and vulnerability scanner.,13,/*包含一些网络调用和系统调用的头文件*/ #include #include #include #include #include #include ,int main(int argc,char *argv) int probeport=0; struct hostent host;/*定义socket主机结构*/ int err,i
11、, net; struct sockaddr_in sa;/*socket地址结构*/ if (argc!=2) printf(“用法:%s hostnamen”,argv0); exit(1); ,for (i:=1;ih_addr,sizeof sa.sin_addr); else herror(argv1); exit(2); ,sa.sin_port=htons(i);/*本次扫描的端口号*/ net=socket(AF_INET,SOCKET_ATREAM,0); /*建立一个socket套接字*/ if(net0) perror(nsocket”); exit(2); err=co
12、nnect(net,(struct sockaddr) /*连接到本端口*/,if (err0) printf(“%s%-5d%sr”,argv1,i,strerror(errno); /*如果端口关闭则显示*/ fflush(stdout); else printf(“%s%-5d accepted.n”,argv1,i); /*开放的端口显示*/,if (shutdown(net,2)0) perror(“shutdown”); exit(2); close(net);/*关闭连接*/ printf(“r”); fflush(stdout); return(0); ,19,2.4 Weak
13、nesses of Information Mining,Objective: The objective of the information collected can be used in the extraction of information loopholes. Commonly used to the weakness of mining methods are as follows: System or application service software vulnerabilities,20,Mainframe relationship of trust loophol
14、e An attacker could exploit the loopholes CGI, read / etc / hosts.allow and other documents through these documents, an attacker can generally understand the relationship of trust between the mainframe and then detecting these trust, what are the loopholes mainframe.,21,2.5 The use of authority to target,Objective: To access the target system privileges ordinary account or competence.,22,2.6 Attacks hidden,Objective: hidden in the target operating system, was found to prevent attacks,23,2.7 Attack,Objective: To attack or target system to other systems as a
温馨提示
- 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
- 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
- 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
- 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
- 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
- 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
- 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
最新文档
- 影像管理示教平台技术要求
- 油气管道安装工技师模拟习题含答案
- 优化住宅物业管理方案
- 餐饮联营品牌授权合作协议范本
- 智能家居产品场地适配与必要性论证合同
- 企业团队合作课件
- 装修验收要求方案
- 餐饮品牌加盟权转让与经营管理协议
- 营地项目定价方案
- 高端制造业劳动合同范本定制与实施合同
- 【公开课】三角形的边+课件+2025-2026学年人教版八年级数学上册
- 2025年4月自考03346项目管理试题
- 2024年度医患沟通课件
- 第2章中子活化分析
- 武汉市市级预算单位银行账户和资金管理暂行办法
- 工作简报模板
- 避难硐室使用说明书
- 九宫格数独题目(打印版)
- 第二类医疗器械授权委托书
- 初中语文活动·探究单元教学研究综述
- 七年级期末考试数学质量分析
评论
0/150
提交评论