Tam sim no peb yuav sim lwm txoj kev ntawm SQL txhaj. Cia peb pom yog tias cov ntaub ntawv tseem cuam tshuam cov lus yuam kev. Txoj kev no hu ua "tos ncua", thiab ncua nws tus kheej yog sau raws li hauv qab no: waitfor ncua 00:00:01'. Kuv luam qhov no los ntawm peb cov ntaub ntawv thiab muab tso rau hauv qhov chaw nyob bar ntawm qhov browser.
Qhov no yog tag nrho hu ua "dig muag ib ntus SQL txhaj". Txhua yam peb ua ntawm no yog hais tias, "tos ncua sijhawm 10 vib nas this." Yog tias koj pom, ntawm sab laug sab laug peb muaj cov ntawv sau "txuas ...", uas yog, peb nplooj ntawv ua li cas? Nws tos rau kev sib txuas, thiab tom qab 10 vib nas this nplooj ntawv raug tshwm sim ntawm koj lub monitor. Siv cov txheej txheem no, peb hu rau lub database kom nws tso cai rau peb nug nws ob peb nqe lus nug ntxiv, piv txwv li, yog tias tus neeg siv yog Joe, ces peb yuav tsum tau tos 10 vib nas this. Nws puas meej? Yog tias tus neeg siv yog dbo, tos 10 vib nas this. Qhov no yog txoj kev dig muag SQL txhaj tshuaj.
Kuv xav tias cov neeg tsim khoom tsis kho qhov tsis zoo no thaum tsim thaj ua rau thaj. Qhov no yog kev txhaj tshuaj SQL, tab sis peb qhov kev pabcuam IDS tsis pom nws, zoo li yav dhau los txoj kev txhaj tshuaj SQL.
Wb sim ib yam dab tsi nthuav dua. Cia peb luam cov kab no nrog tus IP chaw nyob thiab muab tso rau hauv qhov browser. Nws ua haujlwm! TCP bar hauv peb qhov kev pab cuam tig liab, qhov kev zov me nyuam tau sau tseg 2 qhov kev hem thawj rau kev nyab xeeb.
Zoo heev, cia peb pom dab tsi tshwm sim tom ntej. Peb muaj ib qho kev hem thawj rau lub plhaub XP, thiab lwm qhov kev hem thawj - SQL txhaj tshuaj. Hauv tag nrho, ob qhov kev sim tau raug sau tseg los tawm tsam lub vev xaib thov.
Okay, tam sim no pab kuv nrog logic. Peb muaj cov ntaub ntawv nkag mus rau hauv uas IDS hais tias nws tau teb rau ntau yam kev nkag mus rau hauv lub plhaub XP.
Yog tias peb nqes mus, peb pom lub rooj ntawm HEX cov lej, mus rau sab xis uas muaj tus chij nrog cov lus xp_cmdshell + & 27ping, thiab pom tseeb tias qhov no tsis zoo.
Cia peb saib ntawm no yog dab tsi tshwm sim. SQL server ua dab tsi?
SQL neeg rau zaub mov tau hais tias: "Koj tuaj yeem muaj tus password rau kuv cov ntaub ntawv, koj tuaj yeem tau txais tag nrho cov ntaub ntawv hauv kuv cov ntaub ntawv, tab sis phooj ywg, Kuv tsis xav kom koj khiav koj cov lus txib ntawm kuv, qhov ntawd tsis txias kiag li"!
Qhov peb yuav tsum tau ua yog xyuas kom meej tias txawm tias IDS qhia txog kev hem thawj rau XP lub plhaub, qhov kev hem thawj tsis quav ntsej. Yog tias koj tab tom siv SQL Server 2005 lossis SQL Server 2008, yog tias kuaj pom SQL txhaj tshuaj, lub kaw lus ua haujlwm yuav raug kaw, tiv thaiv koj los ntawm kev ua haujlwm ntxiv. Qhov no yog kev ntxhov siab heev. Yog li peb yuav tsum ua li cas? Koj yuav tsum sim nug tus neeg rau zaub mov ua siab zoo. Koj yuav tsum hais li no: "Thov, txiv, kuv puas tuaj yeem muaj cov ncuav qab zib no"? Qhov ntawd yog qhov kuv ua, tiag tiag, kuv nug tus neeg rau zaub mov zoo heev! Kuv thov kom muaj kev xaiv ntxiv, kuv thov kom kho dua tshiab, thiab kuv thov kom XP plhaub chaw hloov pauv kom lub plhaub siv tau vim kuv xav tau!
Peb pom tias IDS tau kuaj pom qhov no - koj pom, 3 qhov kev hem thawj twb tau sau tseg ntawm no.
Tsuas yog saib ntawm no - peb tau tawg cov ntaub ntawv kev ruaj ntseg! Zoo li tsob ntoo Christmas, muaj ntau dai ntawm no! Ntau li 27 qhov kev hem thawj kev nyab xeeb! Hurray hais mav, peb ntes tus hacker no, peb tau txais nws!
Peb tsis txhawj xeeb tias nws yuav nyiag peb cov ntaub ntawv, tab sis yog tias nws tuaj yeem ua tiav cov lus txib hauv peb "lub thawv" - qhov no twb loj heev! Koj tuaj yeem kos ib txoj kev Telnet, FTP, koj tuaj yeem hla kuv cov ntaub ntawv, qhov txias, tab sis kuv tsis txhawj xeeb txog nws, Kuv tsuas yog tsis xav kom koj hla lub plhaub ntawm kuv "lub thawv".
Kuv xav tham txog tej yam uas tau txais kuv tiag tiag. Kuv ua hauj lwm rau cov koom haum, kuv tau ua hauj lwm rau lawv tau ntau xyoo, thiab kuv qhia rau koj no vim kuv tus hluas nkauj xav tias kuv poob hauj lwm. Nws xav tias txhua yam kuv ua yog sawv ntawm theem thiab sib tham, qhov no tsis tuaj yeem suav tias ua haujlwm. Tab sis kuv hais tias: "Tsis yog, kuv txoj kev xyiv fab, kuv yog tus kws pab tswv yim"! Qhov ntawd yog qhov txawv - Kuv hais kuv lub siab thiab kuv tau them rau nws.
Kuv yuav hais qhov no - peb, raws li hackers, nyiam tawg lub plhaub, thiab rau peb tsis muaj kev txaus siab nyob hauv lub ntiaj teb ntau dua li "nqus lub plhaub." Thaum cov kws tshuaj ntsuam IDS sau lawv cov cai, koj pom tias lawv sau lawv los tiv thaiv lub plhaub tawm tsam. Tab sis yog tias koj tham nrog CIO txog qhov teeb meem ntawm kev rho tawm cov ntaub ntawv, nws yuav hais kom koj xav txog ob txoj kev xaiv. Wb hais tias kuv muaj ib daim ntawv thov uas ua 100 "pieces" ib teev. Dab tsi yog qhov tseem ceeb tshaj rau kuv: ua kom muaj kev ruaj ntseg ntawm txhua cov ntaub ntawv hauv daim ntawv thov no lossis kev ruaj ntseg ntawm "lub thawv" plhaub? Qhov no yog ib lo lus nug loj! Koj yuav tsum txhawj xeeb txog dab tsi ntxiv?
Tsuas yog vim tias koj "lub thawv" lub plhaub tau tawg tsis tas txhais tau tias ib tus neeg tau nkag mus rau cov haujlwm sab hauv ntawm cov ntawv thov. Yog, qhov no ntau dua qhov yuav tshwm sim, thiab yog tias nws tseem tsis tau tshwm sim, nws yuav tshwm sim sai sai. Tab sis nco ntsoov tias ntau yam khoom siv kev ruaj ntseg yog tsim los ntawm kev xav tias tus neeg tawm tsam tau txav los ntawm koj lub network. Yog li ntawd, lawv xyuam xim rau kev ua tiav ntawm cov lus txib, rau kev ua raws li cov lus txib, thiab koj yuav tsum nco ntsoov tias qhov no yog qhov tseem ceeb. Lawv them sai sai rau qhov tsis txaus ntseeg tsis tseem ceeb, kom yooj yim hla qhov chaw sau ntawv, mus rau SQL txhaj tshuaj yooj yim heev. Lawv tsis quav ntsej txog kev hem thawj lossis cov lus zais, lawv tsis quav ntsej txog cov khoom ntawd. Koj tuaj yeem hais tias txhua yam khoom ruaj ntseg tab tom nrhiav suab nrov, lawv tab tom nrhiav yap, lawv tab tom nrhiav kom nres ib yam dab tsi uas tom koj pob taws. Nov yog qhov kuv tau kawm thaum hais txog cov khoom ruaj ntseg. Koj tsis tas yuav cov khoom muaj kev nyab xeeb, koj tsis tas yuav tsav lub tsheb rov qab. Koj xav tau cov neeg txawj ntse, txawj ntse uas nkag siab txog thev naus laus zis. Yog, kuv tus Vajtswv, raws nraim tib neeg! Peb tsis xav pov nyiaj ntau lab daus las rau cov teeb meem no, tab sis ntau tus ntawm koj tau ua haujlwm hauv daim teb no thiab paub tias sai li sai tau thaum koj tus thawj coj pom ib qho kev tshaj tawm, nws tau khiav mus rau lub khw qw, "Peb yuav tsum tau txais cov khoom no! " Tab sis peb tsis xav tau tiag tiag, peb tsuas yog yuav tsum kho qhov kev ntxhov siab tom qab peb. Qhov ntawd yog lub hauv paus rau qhov kev ua yeeb yam no.
Kev ruaj ntseg ib puag ncig yog ib yam uas kuv tau siv sijhawm ntau los nkag siab tias cov txheej txheem kev ruaj ntseg ua haujlwm li cas. Thaum koj nkag siab txog cov txheej txheem tiv thaiv, hla kev tiv thaiv tsis yog qhov nyuaj. Piv txwv li, kuv muaj ib daim ntawv thov web uas tiv thaiv los ntawm nws tus kheej firewall. Kuv luam qhov chaw nyob ntawm lub vaj huam sib luag teeb tsa, muab tso rau hauv qhov chaw nyob bar ntawm qhov browser thiab mus rau qhov chaw thiab sim hla qhov chaw sau ntawv.
Raws li qhov tshwm sim, kuv tau txais cov lus firewall hais txog kev hem thawj - Kuv tau raug thaiv.
Kuv xav tias qhov no tsis zoo, koj puas pom zoo? Koj tau ntsib cov khoom ruaj ntseg. Tab sis yuav ua li cas yog tias kuv sim ib yam dab tsi zoo li no: Kuv nkag mus rau qhov parameter Joe' + OR + 1 = '1
Raws li koj tau pom, nws ua haujlwm. Kho kuv yog tias kuv yuam kev, tab sis peb tau pom SQL txhaj tshuaj tiv thaiv daim ntawv thov firewall. Tam sim no cia peb ua txuj tias peb xav pib lub tuam txhab kev ruaj ntseg, yog li peb yuav muab tso rau ntawm peb lub kaus mom software tsim. Tam sim no peb embody phem vim nws yog dub kaus mom. Kuv yog tus kws pab tswv yim, yog li kuv tuaj yeem ua ib yam nrog software manufacturers.
Peb xav tsim thiab xa tawm qhov tshiab tamper nrhiav kom tau, yog li peb yuav pib lub tuam txhab tamper nrhiav pom. Snort, raws li cov khoom lag luam qhib, muaj ntau pua txhiab tus kos npe cuam tshuam txog kev hem thawj. Peb yuav tsum ua raws li kev coj ncaj ncees, yog li peb yuav tsis nyiag cov npe no los ntawm lwm daim ntawv thov thiab muab tso rau hauv peb lub cev. Peb tsuas yog zaum thiab sau lawv txhua tus - nyob deb, Bob, Tim, Joe, tuaj ntawm no, khiav nrawm dhau ntawm tag nrho 100 kos npe no!
Peb kuj yuav tsum tsim kom muaj qhov tsis zoo scanner. Koj paub tias Nessus, qhov kev pab cuam rau kev tshawb nrhiav qhov tsis zoo, muaj 80 txhiab tus kos npe zoo thiab cov ntawv sau uas tshawb xyuas qhov tsis zoo. Peb yuav ua kom ncaj ncees dua thiab rov sau lawv txhua tus rau hauv peb txoj haujlwm peb tus kheej.
Cov neeg nug kuv tias, "Joe, koj ua tag nrho cov kev sim no siv cov software qhib xws li Mod Security, Snort thiab lwm yam, lawv zoo li cas rau lwm cov tuam txhab cov khoom lag luam?" Kuv teb lawv tias: “Lawv tsis zoo ib yam li!” Vim tias cov tuam txhab lag luam tsis nyiag khoom los ntawm cov khoom lag luam qhib kev ruaj ntseg, lawv zaum thiab sau tag nrho cov cai no lawv tus kheej.
Yog tias koj tuaj yeem ua rau koj tus kheej kos npe thiab tua cov hlua ua haujlwm yam tsis siv cov khoom qhib, qhov no yog lub sijhawm zoo rau koj. Yog tias koj tsis tuaj yeem sib tw nrog cov khoom lag luam, txav mus rau hauv txoj kev yog, koj yuav tsum nrhiav lub tswv yim uas yuav pab koj muaj npe nrov hauv koj daim teb.
Sawv daws paub kuv haus. Cia kuv qhia koj vim li cas kuv haus. Yog tias koj tau ua qhov kev tshuaj xyuas hauv koj lub neej, koj yuav haus dej haus cawv, ntseeg kuv, tom qab ntawd koj yuav pib haus.
Yog li, peb cov lus nyiam yog C ++. Wb saib qhov program no - Web Knight, nws yog daim ntawv thov firewall rau web servers. Nws muaj kev zam los ntawm lub neej ntawd. Qhov no yog qhov nthuav - yog tias kuv xa cov firewall no, nws yuav tsis tiv thaiv kuv ntawm Outlook Web Access.
Zoo kawg! Qhov no yog vim ntau tus neeg muag khoom software rub cov cai los ntawm ib daim ntawv thov thiab muab tso rau hauv lawv cov khoom yam tsis tau ua tag nrho cov kev tshawb fawb. Yog li thaum kuv xa daim ntawv thov web firewall, kuv pom tias txhua yam hais txog webmail ua tsis raug! Vim tias yuav luag txhua lub webmail tawg kev ruaj ntseg los ntawm lub neej ntawd. Koj muaj lub vev xaib code uas ua tiav cov lus txib thiab cov lus nug rau LDAP lossis lwm tus neeg siv cov ntaub ntawv khaws cia ncaj qha hauv Is Taws Nem.
Qhia rau kuv, ntawm lub ntiaj teb dab tsi tuaj yeem muaj qee yam zoo li no suav tias muaj kev nyab xeeb? Cia li xav txog nws: koj qhib Outlook Web Access, nias ctrl +K, tshawb rau cov neeg siv thiab txhua yam, koj tswj Active Directory ncaj qha los ntawm Is Taws Nem, koj ua tiav cov lus txib hauv Linux, yog tias koj siv Squirrel Mail, lossis Horde lossis txawm tias ib yam dab tsi. lwm tus. Koj tab tom rub tawm tag nrho cov evals thiab lwm yam kev ua haujlwm tsis zoo. Yog li ntawd, ntau firewalls cais lawv los ntawm cov npe ntawm kev ruaj ntseg txaus ntshai, sim nug koj tus kws tsim software txog qhov no.
Cia peb rov qab mus rau Web Knight daim ntawv thov. Nws nyiag ntau txoj cai kev nyab xeeb los ntawm URL scanner, uas tau tshuaj xyuas tag nrho cov chaw nyob IP no. Yog li, puas yog tag nrho cov chaw nyob no tsis suav nrog kuv cov khoom?
Koj puas xav tau nruab cov chaw nyob hauv koj lub network? Koj puas xav kom koj lub network khiav ntawm cov chaw nyob no? Yog, nws yog amazing. Okay, cia peb nqes mus rau qhov program no thiab saib lwm yam uas lub firewall tsis xav ua.
Lawv hu ua "1999" thiab lawv xav kom lawv lub vev xaib server rov qab mus rau lub sijhawm! Koj puas nco qab cov khib nyiab no: /scripts, /iishelp, msads? Tej zaum ob peb tus neeg yuav nco ntsoov nrog kev xav tias nws lom zem npaum li cas rau hack tej yam no. "Koj puas nco qab, txiv neej, ntev npaum li cas peb tau "tua" servers, nws txias heev!"
Tam sim no, yog tias koj saib cov kev zam no, koj yuav pom tias koj tuaj yeem ua txhua yam no - msads, printers, iisadmpwd - tag nrho cov no uas tsis muaj leej twg xav tau hnub no. Yuav ua li cas hais txog cov lus txib uas koj tsis raug tso cai ua?
Cov no yog arp, at, cacls, chkdsk, cipher, cmd, com. Raws li koj sau lawv, koj tau kov yeej nrog kev nco txog cov hnub qub, "tus txiv neej, nco ntsoov thaum peb tau hla lub server, nco txog cov hnub ntawd"?
Tab sis ntawm no yog qhov nthuav tiag tiag - puas muaj leej twg pom WMIC lossis tej zaum PowerShell ntawm no? Xav txog tias koj muaj ib daim ntawv thov tshiab uas ua haujlwm los ntawm kev khiav cov ntawv sau hauv zos, thiab cov no yog cov ntawv sau niaj hnub vim tias koj xav khiav Windows Server 2008, thiab kuv yuav ua qhov zoo los ntawm kev tiv thaiv nrog cov cai tsim rau Windows 2000. Yog li tom ntej no tus neeg muag khoom tuaj rau koj nrog lawv daim ntawv thov lub vev xaib, nug lawv: "Hav txiv neej, koj puas tau them cov khoom xws li bits admin, lossis khiav cov lus txib powershell, koj puas tau kuaj tag nrho lwm yam, vim peb yuav hloov kho. thiab siv tus tshiab version ntawm DotNET"? Tab sis tag nrho cov no yuav tsum muaj nyob rau hauv cov khoom ruaj ntseg los ntawm lub neej ntawd!
Qhov tom ntej no kuv xav tham nrog koj txog yog cov laj thawj tsis raug. Cia peb mus rau 192.168.2.6. Qhov no yog hais txog tib daim ntawv thov raws li yav dhau los.
Tej zaum koj yuav pom ib yam dab tsi nthuav yog tias koj nqes mus rau nplooj ntawv thiab nyem rau ntawm Hu rau peb qhov txuas.
Yog tias koj saib ntawm lub hauv paus code ntawm "Hu Hu Rau Peb" tab, uas yog ib qho ntawm txoj kev pentesting uas kuv ua txhua lub sijhawm, koj yuav pom cov kab no.
Xav txog nws! Kuv hnov tias thaum lawv pom qhov no, ntau tus hais tias: “Wow”! Ib zaug kuv tau ua qhov kev sim nkag rau, hais tias, ib lub txhab nyiaj billionaire, thiab kuv pom qee yam zoo sib xws. Yog li, peb tsis xav tau kev txhaj tshuaj SQL lossis cross-site scripting - peb muaj cov hauv paus, qhov chaw nyob bar.
Yog li, tsis muaj exaggeration - lub txhab nyiaj tau hais rau peb tias lawv muaj ob tus kws tshaj lij network thiab tus kws tshuaj xyuas lub vev xaib, thiab lawv tsis tau hais lus. Ntawd yog, lawv suav tias nws ib txwm muaj cov ntawv nyeem tuaj yeem qhib thiab nyeem los ntawm browser.
Ntawd yog, koj tuaj yeem nyeem cov ntaub ntawv ncaj qha los ntawm cov ntaub ntawv kaw lus. Tus thawj coj ntawm lawv pab neeg saib xyuas kev ruaj ntseg tau hais rau kuv tias: "Yog lawm, ib qho ntawm cov scanners pom qhov tsis zoo no, tab sis suav tias nws yog me me." Qhov kuv teb tias, ok, muab sijhawm rau kuv. Kuv ntaus filename =../../../../boot.ini rau hauv qhov chaw nyob bar thiab tau nyeem cov ntaub ntawv kaw lus khau raj!
Txog qhov no lawv hais rau kuv: "tsis yog, tsis yog, tsis yog, cov no tsis yog cov ntaub ntawv tseem ceeb"! Kuv teb - tab sis qhov no yog Server 2008? Lawv hais tias yog, nws yog nws. Kuv hais - tab sis tus neeg rau zaub mov no muaj cov ntaub ntawv teeb tsa nyob rau hauv lub hauv paus directory ntawm lub server, txoj cai? “Yog lawm,” lawv teb. "Zoo heev,"Kuv hais, "Yuav ua li cas yog tias tus neeg tawm tsam ua qhov no," thiab kuv ntaus filename = web.config hauv qhov chaw nyob bar. Lawv hais - yog li cas, koj tsis pom dab tsi ntawm lub monitor?
Kuv hais - yuav ua li cas yog tias kuv txoj cai-nias ntawm lub monitor thiab xaiv qhov Kev Xaiv Qhia Page Source? Thiab kuv yuav pom dab tsi ntawm no? "Tsis muaj dab tsi tseem ceeb"? Kuv yuav pom tus neeg saib xyuas tus password!
Thiab koj hais tias tsis muaj teeb meem ntawm no?
Tab sis qhov kuv nyiam tshaj yog qhov tom ntej no. Koj tsis tso cai rau kuv ua cov lus txib hauv lub thawv, tab sis kuv tuaj yeem nyiag lub web server tus thawj tswj password thiab database, saib tag nrho cov ntaub ntawv, rub tawm tag nrho cov ntaub ntawv hais txog database thiab system tsis ua haujlwm, thiab tshem tawm tag nrho. Qhov no yog ib tug neeg phem hais tias, "Hav txiv neej, hnub no yog hnub loj"!
Tsis txhob cia cov khoom muaj kev nyab xeeb ua rau koj mob! Tsis txhob cia cov khoom muaj kev nyab xeeb ua rau koj mob! Nrhiav ib co nerds, muab txhua yam uas Star Trek nco, ua rau lawv txaus siab, txhawb kom lawv nyob nrog koj, vim tias cov stinkers tho txawv uas tsis da dej txhua hnub yog cov uas ua rau koj lub network ua haujlwm. Cov no yog cov neeg uas yuav pab koj cov khoom ruaj ntseg ua haujlwm raws li lawv yuav tsum tau ua.
Qhia rau kuv, muaj pes tsawg tus ntawm koj tuaj yeem nyob hauv ib chav ntev ntev nrog tus neeg uas pheej hais tias: "Au, Kuv yuav tsum tau ntaus ntawv sai sai no!", thiab leej twg tsis khoom nrog txhua lub sijhawm? Tab sis koj xav tau cov neeg uas ua rau koj cov khoom ruaj ntseg ua haujlwm.
Kuv mam li hais dua - cov khoom lag luam kev ruaj ntseg yog ruam vim tias cov teeb ua yuam kev tas li, tsis tu ncua ua shitty yam, lawv tsuas yog tsis muaj kev ruaj ntseg. Kuv yeej tsis tau pom ib yam khoom muaj kev ruaj ntseg zoo uas tsis tas yuav tsum muaj ib tus neeg uas muaj lub hau ntswj kom nruj nws qhov tsim nyog kom nws ua haujlwm ntau dua lossis tsawg dua ib txwm. Nws tsuas yog daim ntawv teev npe loj ntawm txoj cai hais tias nws tsis zoo, yog tag nrho!
Yog li kuv xav kom koj los saib txog kev kawm, tej yam xws li kev nyab xeeb, kev cob qhia polytechnic, vim tias muaj ntau cov kev kawm dawb hauv online ntawm cov teeb meem kev nyab xeeb. Kawm Python, kawm Assembly, kawm kev xeem ntawv hauv web.
Qhov no yog qhov yuav pab tau koj tiv thaiv koj lub network. Cov neeg ntse tiv thaiv tes hauj lwm, cov khoom lag luam network tsis ua! Rov qab mus ua haujlwm thiab qhia koj tus thawj coj tias koj xav tau nyiaj txiag ntxiv rau cov neeg txawj ntse ntau dua, kuv paub tias qhov no yog qhov teebmeem, tab sis qhia rau nws - peb xav tau nyiaj ntxiv rau tib neeg, rau kev cob qhia lawv. Yog tias peb yuav ib yam khoom tab sis tsis yuav ib chav kawm yuav ua li cas siv nws vim nws kim, yog vim li cas peb thiaj yuav nws tag nrho yog tias peb tsis mus qhia tib neeg siv nws?
Kuv tau ua haujlwm rau ntau tus neeg muag khoom kev ruaj ntseg, siv ntau npaum li kuv lub neej siv cov khoom no, thiab kuv mob tag nrho cov kev tswj xyuas network thiab cov khoom vim kuv tau teeb tsa thiab khiav tag nrho cov khoom crap. Kuv ib zaug tuaj rau tus neeg siv khoom, lawv xav siv 802.1x tus qauv rau EAP raws tu qauv, yog li lawv muaj MAC chaw nyob thiab chaw nyob thib ob rau txhua qhov chaw nres nkoj. Kuv tuaj, pom tias nws tsis zoo, tig ib ncig thiab pib nias khawm ntawm lub tshuab luam ntawv. Koj paub, lub tshuab luam ntawv tuaj yeem luam tawm nplooj ntawv xeem ntawm cov khoom siv network nrog txhua qhov chaw nyob MAC thiab IP chaw nyob. Tab sis nws tau muab tawm tias lub tshuab luam ntawv tsis txhawb nqa tus qauv 802.1x, yog li nws yuav tsum raug cais tawm.
Tom qab ntawd kuv unplugged lub tshuab luam ntawv thiab hloov kuv lub laptop qhov chaw nyob MAC rau lub tshuab luam ntawv qhov chaw nyob MAC thiab txuas nrog kuv lub laptop, yog li hla qhov kev daws teeb meem MAC kim, xav txog nws! Yog li qhov kev daws teeb meem MAC no tuaj yeem ua rau kuv zoo li cas yog tias ib tus neeg tuaj yeem hla dhau ib qho khoom siv ua lub tshuab luam ntawv lossis lub xov tooj VoIP?
Yog li niaj hnub no, pentesting rau kuv yog tias kuv siv sijhawm los ua kom nkag siab thiab nkag siab txog kev ruaj ntseg cov khoom uas kuv cov neeg tau yuav. Niaj hnub no txhua lub tsev txhab nyiaj kuv ua qhov kev ntsuam xyuas nkag ntawm muaj tag nrho cov HIPS, NIPS, LAUGTHS, MACS thiab tag nrho pawg ntawm lwm cov ntsiab lus uas ua tiav cov crap. Tab sis kuv tab tom sim xyuas seb cov khoom no sim ua li cas thiab lawv tab tom sim ua li cas. Tom qab ntawd, thaum kuv txheeb xyuas seb hom txheej txheem thiab cov laj thawj twg lawv siv los muab kev tiv thaiv, nws tsis yooj yim los hla nws.
Cov khoom uas kuv nyiam tshaj uas kuv yuav tso koj mus yog hu ua MS 1103. Nws yog kev siv browser raws li "txhaj" HIPS, Tus Tswv Cuab Tiv Thaiv Kev Tiv Thaiv Kos npe, lossis tus tswv cuab tiv thaiv kev kos npe. Qhov tseeb, nws yog tsim los hla HIPS kos npe. Kuv tsis xav qhia tias nws ua haujlwm li cas vim kuv tsis xav tau sijhawm los ua qauv qhia, tab sis nws ua haujlwm zoo ntawm kev hla kev ruaj ntseg thiab kuv xav kom koj sim nws.
OK cov txiv neej, kuv tawm tam sim no.
Ib co ads 🙂
Ua tsaug uas koj tau nyob nrog peb. Koj puas nyiam peb cov ntawv? Xav pom cov ntsiab lus nthuav ntxiv? Txhawb nqa peb los ntawm kev tso ib qho kev txiav txim lossis qhia rau cov phooj ywg, , ib qho tshwj xeeb analogue ntawm nkag-theem servers, uas tau tsim los ntawm peb rau koj: (muaj nrog RAID1 thiab RAID10, mus txog 24 cores thiab mus txog 40GB DDR4).
Dell R730xd 2x pheej yig dua hauv Equinix Tier IV data center hauv Amsterdam? Tsuas yog nyob ntawm no hauv Netherlands! Dell R420 - 2x E5-2430 2.2Ghz 6C 128GB DDR3 2x960GB SSD 1Gbps 100TB - los ntawm $ 99! Nyeem txog
Tau qhov twg los: www.hab.com