Có 20+ tài liệu thuộc chủ đề "thực hành ứng dụng bảo mật"
tailieu.vn Xem trực tuyến Tải xuống
wireless network card status, 328 NetStumbler Web site, 322. presentation layer, 57 session layer, 57 transport layer, 56–57. routers, 166 Tcpdump, 167–181 tight search criteria, 167 WinDump, 181–182 Network Solutions, 36 Network Solutions Web site, 37 Network unreachable ICMP message, 31 Network use policy, 60. Nlog Web site, 112 Nlog-bind.pl file, 117 Nlog-bind.pl script, 116 Nlog-config.ph file, 117. color coding...
tailieu.vn Xem trực tuyến Tải xuống
Open Source Security Tools. howlett_fm.fm Page i Tuesday, June PM. howlett_fm.fm Page ii Tuesday, June PM. howlett_fm.fm Page iii Tuesday, June PM. Open source security tools : practical applications for security / Tony Howlett p. Open source software. howlett_fm.fm Page iv Wednesday, June AM. Open Source Security Tool Index xiii. Chapter 1: Information Security and Open Source Software xiii Chapter...
tailieu.vn Xem trực tuyến Tải xuống
Open source software is such an integral part of the Internet that is it safe to say that the Internet wouldn’t exist as we know it today without it. The Internet never would have grown as fast and as dynamically as it did without open source programs such as BIND, which controls the domain name system. Major Domo, which runs...
tailieu.vn Xem trực tuyến Tải xuống
Open Source Security Tools Index xxi. Information Security and Open Source. The com- pany had been hacked several times in the last year and their home page had been replaced with obscene images. After only his first day on the job, he knew he was in for a challenge. Their Internet connection, protected only by a simple ISP router, was...
tailieu.vn Xem trực tuyến Tải xuống
With the advent of Internet worms like Nimda in 2001, even the human element has been taken out of the picture. These autonomous cousins to the computer virus roam the Internet, looking for computers with a certain set of security holes. Orders can be lost. Does your company have a written Disaster Recovery Plan that covers data and systems? If...
tailieu.vn Xem trực tuyến Tải xuống
code—all things that are impossible with closed source software. The most you can ever be with a closed source program is an experienced user. with open source, you can be an innovator and creator if you want.. The mailing lists and chat rooms for open source projects are excellent places to ask questions and make friends with people who can...
tailieu.vn Xem trực tuyến Tải xuống
Once you’ve fully tested the effect and verified that it’s stable, you can run them in your production environment.. You can also type bastille from a terminal window opened in X.. If you don’t want to use Bastille in X-Windows or can’t for some reason, you can still run Bastille from the command line using the Curses-based user interface.. You...
tailieu.vn Xem trực tuyến Tải xuống
How- ever, you’d be surprised how many servers still run it. Table 2.2 dig Record Types Options Descriptions. “A” records are individual host names on the net- work, such as webserver.example.com and firewall1.example.com.. This is useful if you want to contact an administrator (try [email protected] or [email protected]).. fido.example.com = www.example.com.. ANY Returns any information it can generate on the domain....
tailieu.vn Xem trực tuyến Tải xuống
You can use PuTTY to securely communicate with any server running the SSH protocol.. You can configure the port number you come in on if the SSH server is using a nonstandard port number. You can also fiddle with all the settings by using the menus on the left.. You can log all your sessions to a text file, which...
tailieu.vn Xem trực tuyến Tải xuống
and assuming we are using IP addresses and not host names, the first thing that happens is that the machine generates an ARP (Address Resolution Protocol) request to find the cor- responding Ethernet address to the IP it is trying to communicate with. Now that we can communicate to the machine using IP, there is a three-way communication between the...
tailieu.vn Xem trực tuyến Tải xuống
iptables –A FORWARD –m multiport –p tcp –i eth0 –d 0.0.0.0 --dports www,smtp --syn –j ACCEPT. UDP is used for DNS, and if you block that your users won’t be able to resolve addresses. Because they don’t have a state like TCP packets, you can’t rely on checking the SYN or ACK flags.. You want to allow UDP only on...
tailieu.vn Xem trực tuyến Tải xuống
For example, if you have two NICs on your computer but only want to use one as a firewall interface on the firewall, you would define that here.. Assign them an IP address and sub- net mask. In setup mode, you will be asked for a hostname for the SmoothWall. You can use the hostname to access the machine instead...
tailieu.vn Xem trực tuyến Tải xuống
The port number system depends on a certain “honesty” from the machines it is communicating with, and that’s where the trouble can come in. This is called a buffer overflow, and these make up a large percentage of the security holes that exist today.. 90 Chapter 4 • Port Scanners. Buffer overflows happen when application programmers don’t properly code their...
tailieu.vn Xem trực tuyến Tải xuống
Once you have either run the RPM or compiled the program, you are ready to using Nmap. If you don’t have /usr/local/bin in your PATH statement, type:. Tip: You can also create a link to the binary on your desktop so you can just double-click on it to start the program.. He has ported it to the Windows OS and...
tailieu.vn Xem trực tuyến Tải xuống
If you don’t have UNIX systems on your network, it is not worth running with this option.. This option tries to resolve every address in the range, even when they are not answering. of the replies to a database of known TCP fingerprints, Nmap can usually identify the OS it is talking to with a fair amount of accuracy. If...
tailieu.vn Xem trực tuyến Tải xuống
by servers, such as mail, Web, and FTP. This is the favored range for Trojan horses because it is out of the range of normal services and so they usually will go unnoticed—that is, unless you are port scanning your network. However, just because there are some services running on high-level ports doesn’t always mean you have Trojan horses, but...
tailieu.vn Xem trực tuyến Tải xuống
They do this with a num- ber of tools, like port scanners and other hacking tools available on the Internet. Not only isn’t this service used anymore, but it can also be used to generate a denial of service by having it continually spit out character streams.. Here is an example of how a cracker would use some of the...
tailieu.vn Xem trực tuyến Tải xuống
Once you are logged in, you can access the other tab sections. The Plugins tab is where you can selectively enable or disable certain groups of plug-ins as well as individual plug- ins (see Figure 5.2). Each category is listed, and when you click on a category the individ- ual plug-ins in that category appear in the lower section. By...
tailieu.vn Xem trực tuyến Tải xuống
You can stop the testing on that host only by click- ing on the Stop button on the right side (see Figure 5.7). You can also click the Stop the whole test button at the bottom to stop all the testing and just report the results thus far.. It represents the client end only of the program. Tenable Network Security...
tailieu.vn Xem trực tuyến Tải xuống
Along the lines of the last comment, make sure you coordinate your scan to get the results you want with minimal impact on other employees. Schedule scans on always-up servers for off-hours, and be sure to avoid overlapping with other system administration and general activity levels (scanning an accountant’s network on April 14 th is not a good idea). If...