Web

Email: tian@dr.com http://www.digiark.com/tian

Web

1. 2. 3. 4. 5. 6.

Internet Internet (Hacker) Internet web

IP

1 Internet

UNIX Windows

VLAN

Internet IP

2 Internet FTP TELNET PING IP

8 telnet FTP RLOGIN

1 2 3 4 5 6

3 Firewall Internet Internet

IP IP

TFTP NIS TELNET /

(1) IP TCP UDP ICMP ICMP

UDP RPC

(2)

WinGate Proxy Server

(3)

COPS Computer Oracle and Password System COPS UNIX COPS / etc/passwd /etc/group UNIX

4 IP

TELNET FTP

IP Internet

5 X Y X E Ke Y=Ke(X) X=Kd(Y)

Ke Kd

E D

DES RSA IDEA

6 Internet

Internet Comp.Security.announce., Comp.Security.Unix ftp://ftp.cert.org/pub/cert-advisories/ ftp://ciac.llnl.gov/pu/ciac/bulletin

Web

1. 2. 3. 4. 5. WEB 6. 7.

1

WEB http://www.2600.com/hacked_pages

2

Internet

Internet DoS WEB

IP SYN SYN-ACK ACK IP IP

SYN SYN SYN-ACK

WEB WEB

IP IP IP IP

IP Solaris /etc/hosts IP

Solaris#vi /etc/hosts 127.0.0.1 localhost 172.23.14.8 mytesthost 127.0.0.1 localhost 10.0.0.5 mytesthost

Windows95/98 TCP/IP TCP/IP IP IP IP IP

3 CERT http://www.cert.org

Internet WEB SECURITY

WEB USENET

Internet

www-security WEB Majordomo@nsmx.rutgers.edu subscribe www-security http://www.securityfocus.com

WEB hacker phreak http://www.2600.com http://www.10pht.com http://www.attrition.org

4 WEB WEB WEB

WEB WEB WEB CGI FTP FTP WEB

SVR4UNIX ps

#ps ef UID PID PPID C STIME TTY TIME CMD root 0 0 0 May 12? 0:02 sched root 1 0 0 May 12? 30:23 /etc/init root 2 0 0 May 12? 0:03 pageout root 13103 13100 2 18:06:11 pts/0 0:00 ps ef root 10582 1 0 Jun 16 console 0:02 /usr/bin/login usera 13100 13097 2 18:06:06 pts/0 0:01 /bin/csh usera 13084 10582 0 18:05:11 console 0:01 -sh

WEB TCP 80 WEB

UNIX Windows 95/98 netstat

UNIX #netstat an TCP Local Address Remote Address Swind Send-Q Rewind Recv-Q State *.* *.* 0 0 0 0 IDLE *.53 *.* 0 0 0 0 LISTEN *.21 *.* 0 0 0 0 LISTEN *.37 *.* 0 0 0 0 LISTEN 10.1.0.10.1093 10.0.0.7.6000 8760 0 64240 0 ESTABLISHED 10.1.0.10.1091 10.0.0.7.6000 8760 0 64240 0 FIN_WAIT_2 10.1.0.10.1092 10.0.0.6.23 4096 0 64240 0 TIME_WAIT *.* *.* 0 0 0 0 IDLE

LISTEN TCP UDP UNIT LISTEN TCP 37

*.37 *.* 0 0 0 0 LISTEN TELNET TCP UDP

TELNET 3 TELNET netstat netstat ESTABLISHED

WEB CMOS/PROM

5 WEB ps UNIX Windows NT Windows 95/98 MacOS

UNIX Windows NT

root /etc/shadow wc -l -l /etc/shadow root wc

#id uid=0(root) gid=1(daemon) groups=1(daemon) #wc l /etc/shadow 18 /etc/shadow

usera /etc/shadow wc, /etc/shadow /etc/hosts /etc/hosts %id uid=1001(usera) gid=15(users) groups=15(users) %wc l /etc/shadow wc: /etc/shadow: Permission denied %wc l /etc/hosts 8 /etc/hosts

WEB WEB WEB WEB WEB WEB WEB

6

Windows NT NTS FAT12 FAT16 DOS Windows 95/98 Windows NT GUI

UNIX Windows NT %ls l testprogram -rwxr-xr 1 usera group1 2391 May 21 22:57 testprogram

usera rwx ; group1 r- x ;, (r--),

usera rwx ; group1 r- x ;, (r--),

chmod %chmod o-r testprogram %ls al testprogram -rwxr-x--- l usera group1 2391 May 21 22:57 testprogram %chmod g+w testprogram %ls al testprogram -rwxrwx--- 1 usera group1 2391 May 21 22:57 testprogram

chmod o-r, usera group1 (o-r) o others, chmod group1 g+w, g+w g group u o g, u user

WEB WEB index.html default.htm WEB

WEB URL WEB URL URL WEB WEB WEB WEB WEB URL

7 WEB WEB

UNIX 5 link1 link2 /example2 dirlink

%ln s/example2/link1 link1 %ln s/example2/xfile link2 %ln s/somedir dirlink %ls al total 18 drwx------ 4 root other 512 Jul 22 02:26. drwx------ 3 root other 512 Jul 22 02:19.. -rw------- 1 root other 9 Jul 22 02:27 afile -rw------- 1 root other 314 Jul 22 02:27 bfile drwx------ 2 root other 512 Jul 22 02:22 dir1 drwx------ 2 root other 512 Jul 22 02:22 dir2 lrwxrwxrwx 1 root other 8 Jul 22 02:26 dirlink->/somedir lrwxrwxrwx 1 root other 26 Jul 22 02:24 link1->/example2/link1 lrwxrwxrwx 1 root other 29 Jul 22 02:24 link2->/example2/xfile

WEB WEB Apache httpd.conf, FollowSymLinks

WEB

WEB Server Side Includes, SSI, WEB

HTML WEB HTML HTML

HTML

<HTML> <HEAD> <TITLE> Web Security Inc. </TITLE> </HEAD> <BODY> <H1> Welcome to Web Security</H1> <UL> <LI>Introduction to Web Security <LI>Network Security <LI>Web Server Security <LI>CGI Security <LI>Web Client Security <LI>Secure Online Transactions <LI>Intrusion Detection and Recovery </UL> <! FOOTER <FONT SIZE=-3>File Last Modified:July 14,1999</FONT> </BODY> </HTML>

,,, WEB, <HTML> <HEAD> <TITLE> Web Security Inc. </TITLE> </HEAD> <BODY> <H1> Welcome to Web Security</H1> <UL>

<LI>Introduction to Web Security <LI>Network Security <LI>Web Server Security <LI>CGI Security <LI>Web Client Security

<LI>Secure Online Transactions <LI>Intrusion Detection and Recovery </UL> <!---#echo=var=last_modified--> </BODY> </HTML>

WEB <!---#echo=var=last_modified--> WEB

HTML Sslexec WEB WEB

1 2 3 4

1

Meet me on the corner at midnight,

ABCDEFGHIJKLMNOPQRSTUVWXYZ Meet me on the corner at midnight C=P+K C P K 3

P C K X Y Z A B C

Phhw ph rq wkh fruqhu dw plgqljkw

Data Encyption Standard, DES 1977 DES 56 2 56

WEB

finger finger

Internet Internet

2 Netscape Secure Socket Layer SSL

SSL SSL TCP/IP SSL

SSL WEB SSL WEB Netscape Internet Explorer Netscape WEB

SSL SSL

SSL

SSL SSL

SSL [ HELLO ] [ HELLO + ] [ 1 ] [( ) ] [( 2 ) ]

HELLO 1

1 2 2

3

Certificate Authority CA

4 ACL WEB Access Control List, ACL

WEB WEB

ACL ACL ACL WEB WEB WEB

WEB WEB WEB

ACL ACL

Apache Web ACL ACL Secret, /etc/http/passwd Basic

Authname Secret AuthType Basic AuthUserFile /etc/http/passwd Require valid-user WEB.htaccess.acl ACL