This presentation is the property of its rightful owner.
Sponsored Links
1 / 72

网络攻击与防御 PowerPoint PPT Presentation


  • 109 Views
  • Uploaded on
  • Presentation posted in: General

网络攻击与防御. 1 网络安全基础知识. 网络安全 信息安全 关键技术 安全威胁及分类 威胁来源. 1.1 网络安全 & 信息安全. 网络安全 从其本质上来讲就是网络上的信息安全。它涉及的领域相当广泛,这是因为在目前的公用通信网络中存在着各种各样的安全漏洞和威胁。从广义来说,凡是涉及到网络上信息的 保密性、完整性、可用性、真实性和可控性 的相关技术和理论,都是网络安全所要研究的领域。 确保网络系统的信息安全是网络安全的目标, 信息安全 包括两个方面: 信息的存储安全 和 信息的传输安全 。 信息的存储安全 是指信息在静态存放状态下的安全,如信息是否会被非授权调用等。

Download Presentation

网络攻击与防御

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


6747859


6747859

1


6747859

1.1 &


6747859

1.2


6747859

1.3


6747859

1.4

Internet


6747859


6747859

1.5


6747859

2

A

1

2

3


6747859

B.


6747859

C.


6747859

1


6747859

1

    • Win32IKS

    • Win32snifferUnixlibpcap


6747859

    • Win32LOphtcrack

    • IPARPRIP


6747859

    • Ping of Death

    • SmurfCPUSyn Flood


6747859

    • ShellCodeWindowsCode-RedBlasterSasser

    • 1996PHF

    • Win32AdministratorLSA


6747859

3


6747859

3.1

  • ,

  • Social Engineering


6747859

3.2

  • Ping fpingping sweep

  • ARP

  • Finger

  • Whois

  • DNS/nslookup

  • google

  • telnet


6747859

ping

  • Ping


6747859

ping

8

Type = 8

Type = 0

0


6747859

1

2ICMP


6747859

ping

192.168.1.25


6747859

1

Reply from 192.168.3.10: bytes=32 time<1ms TTL=32

  • Reply from 192.168.3.10 pingip192.168.3.10

  • bytes=32 32

  • time<1ms1

  • TTL=32TTL032

    2

    Pingwar 2.0ping.


6747859

ARP

ARP


6747859

finger

  • tcp 79

  • fingerd,finger


6747859

finger


6747859

whois

  • tcp 43

  • whoisd,finger

  • 1 http://whois.webhosting.info

  • 2 http://samspade.org/


6747859

Ip


6747859

DNS

  • udp 53

  • bind,nslookup


6747859

DNS


6747859

telnet

  • ,telnet

  • NC


6747859

4


6747859

4.1

  • TCP

  • TCP

  • TCP

  • TCP/IP


6747859

TCP

  • URG

  • ACK

  • PSHtelnet

  • RSTTCP

  • SYNTCP

  • FIN


6747859

TCP


6747859

TCP


Tcp ip

TCP/IP

  • 1

  • SYNFINRST


Tcp ip1

TCP/IP

  • 2

  • RSTRST


Tcp ip2

TCP/IP

  • 3

  • ACKRST


Tcp ip3

TCP/IP

  • 4

  • FIN


6747859

4.2


6747859

TCP

SYN

FIN

ping

FTP

TCP

ident

IP

dumb

UDP/ICMP

ACK

UDP

UDPrecvfrom

/write

ACK

XMAS

SYN

TCP

ICMP

SYN/ACK


6747859

ClientSYN

ServerSYN/ACK

ClientACK

ClientSYN

ServerRST/ACK

ClientRST


6747859

  • SYN

*

ClientSYN

ServerSYN/ACK

ClientACK

ClientSYN

ServerRST/ACK

ClientRST


6747859

  • SYN/ACK

ClientSYN/ACK

ServerRST

ClientSYN

Server--


6747859

  • FIN

ClientFIN

ServerRST

ClientFIN

Server--


6747859

  • ACK

ClientFIN

Server(TTL<64)

Server(WIN>0)

ClientFIN

Server(TTL>64)

Server(WIN=0)


6747859

  • ICMP

*ICMP Usage in Scanning


6747859

4.3

  • Nmap

  • Xscan

  • SuperScan

  • Shadow Security Scanner

  • MS06040Scanner


6747859

Nmap

  • NMAPLinuxWindowsNMAPUDPTCP connect,TCP SYN, ftp proxy (bounce attack),Reverse-ident, ICMP (ping sweep), FIN, ACK sweep,Xmas Tree, SYN sweep, Nulltcp/ip


6747859

  • -sT TCP Connect()

    TCP

  • -sS TCP SYN

    connect

  • -sF -sX sN

    Stealth FIN,Xmas Tree Null

  • -sP Ping

    IPICMPecho requestnmapTCP ack80

  • -sU UDP

    UDP


Xscan

xscan

ping


Superscan

Superscan


Ms06040scanner

MS06040Scanner

MS06040


6747859

MS06040Scannerwindows2000TCP 139 TCP 445MS06040MS06040


6747859

5

  • SQL

  • SQL

  • Cookie


5 1 sql

5.1 SQL

  • SQL

    SQLSQL

  • SQL


6747859

dim rs

admin1=request("admin")

password1=request("password")

set rs=server.CreateObject("ADODB.RecordSet")

rs.open "select * from admin where admin='" & admin1 & "' and password='"& password1 &"'",conn,1

if rs.eof and rs.bof then

response.write"<SCRIPT language=JavaScript>alert('');"

response.write"javascript:history.go(-1)</SCRIPT>"

response.end

else

session("admin")=rs("admin")

session("password")=rs("password")

session("aleave")=rs("aleave")

response.redirect "admin.asp"

end if

rs.close

set rs=nothing

SQL


6747859

  • OR =

  • SQL

    select * from admin where admin= 'OR '= 'andpassword= 'OR '=

  • adminpassword


6747859

  • '

    admin1=replace(trim(request("admin")),"'","")

    password1=replace(trim(request("password")),"'","")


5 2 sql

5.2 SQL

(1)

(2)

(3) /

(4)


6747859

Dim Tc_Post,Tc_Get,Tc_In,Tc_Inf,Tc_Xh

'

Tc_In="'|;|and|(|)|exec|insert|select|delete|update|count|*|%|chr|mid|master||or|char|declare"

Tc_Inf = split(Tc_In,"|")

'post

If Request.Form<>"" Then

For Each Tc_Post In Request.Form

For Tc_Xh=0 To Ubound(Tc_Inf)

If Instr(LCase(Request.Form(Tc_Post)),Tc_Inf(Tc_Xh))<>0 Then

Response.Write "<Script Language=JavaScript>alert('');</Script>"

'get

If Request.QueryString<>"" Then

For Each Tc_Get In Request.QueryString

For Tc_Xh=0 To Ubound(Tc_Inf)

If Instr(LCase(Request.QueryString(Tc_Get)),Tc_Inf(Tc_Xh))<>0 Then

Response.Write "<Script Language=JavaScript>alert('');</Script>"


5 3 cookie

5.3 Cookie

<%owen=request("id")%> ID

Set rsnews=Server.CreateObject("ADODB.RecordSet")

sql="update news set hits=hits+1 where id="&cstr(request("id"))

conn.execute sql

sql="select * from news where id="&owen

rsnews.Open sql,conn,1,1

title=rsnews("title")

if rsnews.eof and rsnews.bof then

response.Write("")

else


6747859

  • requestrequest.formpostrequest.querystringgetrequest.cookiescookie

  • <%owen=request("id")%>querystringformcookieservervariable


Cookie

cookie

  • cookie;,;,,

  • cookie


Cookie1

cookie

  • http://localhost/leichi/onews.asp?id=39


6747859

  • javascript:alert(document.cookie=id=+escape(39 and 1=1));cookie


6747859

  • http://localhost/leichi/onews.asp


  • Login