Email: tian@dr.com http://www.digiark.com/tian
Web
1. 2. 3. 4. 5. 6.
Internet Internet (Hacker) Internet web
IP
1 Internet
UNIX Windows
VLAN
Internet IP
2 Internet FTP TELNET PING IP
8 telnet FTP RLOGIN
1 2 3 4 5 6
3 Firewall Internet Internet
IP IP
TFTP NIS TELNET /
(1) IP TCP UDP ICMP ICMP
UDP RPC
(2)
WinGate Proxy Server
(3)
COPS Computer Oracle and Password System COPS UNIX COPS / etc/passwd /etc/group UNIX
4 IP
TELNET FTP
IP Internet
5 X Y X E Ke Y=Ke(X) X=Kd(Y)
Ke Kd
E D
DES RSA IDEA
6 Internet
Internet Comp.Security.announce., Comp.Security.Unix ftp://ftp.cert.org/pub/cert-advisories/ ftp://ciac.llnl.gov/pu/ciac/bulletin
Web
1. 2. 3. 4. 5. WEB 6. 7.
1
WEB http://www.2600.com/hacked_pages
2
Internet
Internet DoS WEB
IP SYN SYN-ACK ACK IP IP
SYN SYN SYN-ACK
WEB WEB
IP IP IP IP
IP Solaris /etc/hosts IP
Solaris#vi /etc/hosts 127.0.0.1 localhost 172.23.14.8 mytesthost 127.0.0.1 localhost 10.0.0.5 mytesthost
Windows95/98 TCP/IP TCP/IP IP IP IP IP
3 CERT http://www.cert.org
Internet WEB SECURITY
WEB USENET
Internet
www-security WEB Majordomo@nsmx.rutgers.edu subscribe www-security http://www.securityfocus.com
WEB hacker phreak http://www.2600.com http://www.10pht.com http://www.attrition.org
4 WEB WEB WEB
WEB WEB WEB CGI FTP FTP WEB
SVR4UNIX ps
#ps ef UID PID PPID C STIME TTY TIME CMD root 0 0 0 May 12? 0:02 sched root 1 0 0 May 12? 30:23 /etc/init root 2 0 0 May 12? 0:03 pageout root 13103 13100 2 18:06:11 pts/0 0:00 ps ef root 10582 1 0 Jun 16 console 0:02 /usr/bin/login usera 13100 13097 2 18:06:06 pts/0 0:01 /bin/csh usera 13084 10582 0 18:05:11 console 0:01 -sh
WEB TCP 80 WEB
UNIX Windows 95/98 netstat
UNIX #netstat an TCP Local Address Remote Address Swind Send-Q Rewind Recv-Q State *.* *.* 0 0 0 0 IDLE *.53 *.* 0 0 0 0 LISTEN *.21 *.* 0 0 0 0 LISTEN *.37 *.* 0 0 0 0 LISTEN 10.1.0.10.1093 10.0.0.7.6000 8760 0 64240 0 ESTABLISHED 10.1.0.10.1091 10.0.0.7.6000 8760 0 64240 0 FIN_WAIT_2 10.1.0.10.1092 10.0.0.6.23 4096 0 64240 0 TIME_WAIT *.* *.* 0 0 0 0 IDLE
LISTEN TCP UDP UNIT LISTEN TCP 37
*.37 *.* 0 0 0 0 LISTEN TELNET TCP UDP
TELNET 3 TELNET netstat netstat ESTABLISHED
WEB CMOS/PROM
5 WEB ps UNIX Windows NT Windows 95/98 MacOS
UNIX Windows NT
root /etc/shadow wc -l -l /etc/shadow root wc
#id uid=0(root) gid=1(daemon) groups=1(daemon) #wc l /etc/shadow 18 /etc/shadow
usera /etc/shadow wc, /etc/shadow /etc/hosts /etc/hosts %id uid=1001(usera) gid=15(users) groups=15(users) %wc l /etc/shadow wc: /etc/shadow: Permission denied %wc l /etc/hosts 8 /etc/hosts
WEB WEB WEB WEB WEB WEB WEB
6
Windows NT NTS FAT12 FAT16 DOS Windows 95/98 Windows NT GUI
UNIX Windows NT %ls l testprogram -rwxr-xr 1 usera group1 2391 May 21 22:57 testprogram
usera rwx ; group1 r- x ;, (r--),
usera rwx ; group1 r- x ;, (r--),
chmod %chmod o-r testprogram %ls al testprogram -rwxr-x--- l usera group1 2391 May 21 22:57 testprogram %chmod g+w testprogram %ls al testprogram -rwxrwx--- 1 usera group1 2391 May 21 22:57 testprogram
chmod o-r, usera group1 (o-r) o others, chmod group1 g+w, g+w g group u o g, u user
WEB WEB index.html default.htm WEB
WEB URL WEB URL URL WEB WEB WEB WEB WEB URL
7 WEB WEB
UNIX 5 link1 link2 /example2 dirlink
%ln s/example2/link1 link1 %ln s/example2/xfile link2 %ln s/somedir dirlink %ls al total 18 drwx------ 4 root other 512 Jul 22 02:26. drwx------ 3 root other 512 Jul 22 02:19.. -rw------- 1 root other 9 Jul 22 02:27 afile -rw------- 1 root other 314 Jul 22 02:27 bfile drwx------ 2 root other 512 Jul 22 02:22 dir1 drwx------ 2 root other 512 Jul 22 02:22 dir2 lrwxrwxrwx 1 root other 8 Jul 22 02:26 dirlink->/somedir lrwxrwxrwx 1 root other 26 Jul 22 02:24 link1->/example2/link1 lrwxrwxrwx 1 root other 29 Jul 22 02:24 link2->/example2/xfile
WEB WEB Apache httpd.conf, FollowSymLinks
WEB
WEB Server Side Includes, SSI, WEB
HTML WEB HTML HTML
HTML
<HTML> <HEAD> <TITLE> Web Security Inc. </TITLE> </HEAD> <BODY> <H1> Welcome to Web Security</H1> <UL> <LI>Introduction to Web Security <LI>Network Security <LI>Web Server Security <LI>CGI Security <LI>Web Client Security <LI>Secure Online Transactions <LI>Intrusion Detection and Recovery </UL> <! FOOTER <FONT SIZE=-3>File Last Modified:July 14,1999</FONT> </BODY> </HTML>
,,, WEB, <HTML> <HEAD> <TITLE> Web Security Inc. </TITLE> </HEAD> <BODY> <H1> Welcome to Web Security</H1> <UL>
<LI>Introduction to Web Security <LI>Network Security <LI>Web Server Security <LI>CGI Security <LI>Web Client Security
<LI>Secure Online Transactions <LI>Intrusion Detection and Recovery </UL> <!---#echo=var=last_modified--> </BODY> </HTML>
WEB <!---#echo=var=last_modified--> WEB
HTML Sslexec WEB WEB
1 2 3 4
1
Meet me on the corner at midnight,
ABCDEFGHIJKLMNOPQRSTUVWXYZ Meet me on the corner at midnight C=P+K C P K 3
P C K X Y Z A B C
Phhw ph rq wkh fruqhu dw plgqljkw
Data Encyption Standard, DES 1977 DES 56 2 56
WEB
finger finger
Internet Internet
2 Netscape Secure Socket Layer SSL
SSL SSL TCP/IP SSL
SSL WEB SSL WEB Netscape Internet Explorer Netscape WEB
SSL SSL
SSL
SSL SSL
SSL [ HELLO ] [ HELLO + ] [ 1 ] [( ) ] [( 2 ) ]
HELLO 1
1 2 2
3
Certificate Authority CA
4 ACL WEB Access Control List, ACL
WEB WEB
ACL ACL ACL WEB WEB WEB
WEB WEB WEB
ACL ACL
Apache Web ACL ACL Secret, /etc/http/passwd Basic
Authname Secret AuthType Basic AuthUserFile /etc/http/passwd Require valid-user WEB.htaccess.acl ACL