√лавна€    Ex Libris     ниги    ∆урналы    —татьи    —ерии     аталог    Wanted    «агрузка    ’удЋит    —правка    ѕоиск по индексам    ѕоиск    ‘орум   

ѕоиск по указател€м

Hatch B., Lee J., Kurtz G. Ч Hacking linux exposed: linux security secrets & solutions
Hatch B., Lee J., Kurtz G. Ч Hacking linux exposed: linux security secrets & solutions

ќбсудите книгу на научном форуме

Ќашли опечатку?
¬ыделите ее мышкой и нажмите Ctrl+Enter

Ќазвание: Hacking linux exposed: linux security secrets & solutions

јвторы: Hatch B., Lee J., Kurtz G.


If you have a vulnerable computer attached to the BIG BAD INTERNET, sooner or later your box will be compromised. Notice I prefer the term compromised to hacked. Hacking is a benign activity. You hack out of curiosity and [hopefully] with prior permission. Can this be done? Can I get into this box? How is he trying to keep me out? What stone has he left unturned? Woops: He has a bulletproof firewall but he left this one vulnerable cgi script in his httpd directory: HA! I'M IN! At that point the correct thing to do is to stop and notify the hackee. But once a hacker gets in, (especially if he is there without permission) the temptation to quietly mess around and cover his guilty tracks is usually overwhelming. Then it has gone from hacking to compromising someone else's box.

язык: en

–убрика: “ехнологи€/

—татус предметного указател€: √отов указатель с номерами страниц

ed2k: ed2k stats

√од издани€: 2001

 оличество страниц: 566

ƒобавлена в каталог: 02.12.2005

ќперации: ѕоложить на полку | —копировать ссылку дл€ форума | —копировать ID
ѕредметный указатель
"Ping of Death" attack      236Ч237
"The Cathedral and the Bazaar"      5Ч6
# (number sign)      208 465
* (asterisk)      441
-DPARANOID option      470
-L option      10
. (period symbol)      251Ч252 466 467
.cgi extension      431
.htaccess files      321 434Ч435
.htpasswd file      321
.netrc file      253Ч254
.rhosts file      324 325 327Ч328
/etc/dfs/dfstab file      187
/etc/exports file      186Ч187 319
/etc/group file      9Ч10 320
/etc/hosts.allow file      109 316Ч317 324 465 466
/etc/hosts.deny file      109 317 465
/etc/inetd.conf file      57 207Ч208 330Ч332 460Ч465
/etc/issue file      102
/etc/lilo.conf file      164 167 168 172
/etc/passwd file      284Ч292
/etc/passwd file, "Double-Dot" issue      425
/etc/passwd file, checking integrity of      301Ч302
/etc/passwd file, described      253
/etc/passwd file, overview      7Ч8
/etc/passwd file, PAM and      305
/etc/passwd file, password shadowing and      299Ч302
/etc/passwd file, security and      7Ч8 320
/etc/passwd file, Sudo tool and      262Ч263
/etc/profile file      18Ч19
/etc/rc#.d directories      48
/etc/rc#.d directory      503 506Ч508
/etc/rc.config file      319
/etc/red directory      319
/etc/red scripts      281Ч282
/etc/security/limits.conf file      19
/etc/sendmail.cf file      102Ч103
/etc/shadow file      253 299Ч305 320Ч322
/etc/sshd_config file      327Ч328
/etc/syslog.conf file      37Ч39
/etc/xinetd.conf file      462Ч464
/home filesystem      113
/proc filesystem      34
/tmp directory      34
@ (at sign)      467
@loghost target      38
Access agent      370
Access control lists (ACLs)      214Ч215
AccessFileName directive      434
ACK flag      182
ACK packets      223
ACK scans      96
ACK storms      223
ACLs (access control lists)      214Ч215
Active stack fingerprinting      103Ч106
AddHandler directive      431Ч432 437
Address Resolution Protocol      See "ARP"
Advanced Intrusion Detection Environment (AIDE)      52Ч59
Advanced Package Tool (APT)      496Ч498
AFS (Andrew File system)      111 113Ч114 240
Aftpd FTP server      414
AIDE (Advanced Intrusion Detection Environment)      52Ч59
Aliases      8
Allow transfer statement      85Ч86
AllowOverride directive      434
America Online (AOL)      456
Andrew File System (AFS)      111 113Ч114 240
anlpasswd program      311
Anonymous ftp      254 395 413Ч414
AOL server      456
Apache web server      425Ч439
Apache web server, CGI and      431Ч434
Apache web server, configuration of      427Ч439
Apache web server, directories on      428Ч432
Apache web server, features      425Ч426
Apache web server, open source and      5
Apache web server, password files      303Ч304
Apache web server, proxying      439
Apache web server, security and      426
Apache web server, symbolic links and      427Ч428
APOP authentication      391
APPEND access      35
Application layer protocols      183Ч184
applications      See "Programs"
APT (Advanced Package Tool)      496Ч498
apt-get program      497Ч498
ARP (Address Resolution Protocol)      221Ч226
ARP spoofing      221Ч226
ARP tables      221Ч223
Arpspoof program      226 227
asterisk (*)      441
at sign (@)      467
Atomic functions      272 274
Authentication, host-based      316Ч323
Authentication, modem connections      185
Authentication, PAM      304Ч305 345Ч347
authentication, POP3      255Ч256
Authentication, Popauth      255Ч256
Authentication, privileged ports      21
Authentication, rules      344Ч345
Authorized_keys files      328 329
awk-httpd server      456
back doors      344Ч351
Back doors, authentication rules      344Ч345
Back doors, CGIs      350Ч351
Back doors, IRC      152Ч153
Back doors, local setXid programs      348Ч349
Back doors, network access restrictions      344
Back doors, network daemon modifications      347Ч348
Back doors, network services      344
Back doors, PAM libraries      345Ч347
backbone routers      219
backslash (\)      450 465
Backticks      454Ч455
Backups      63 162
Bandwidth      88 89
Banners, FTP      396Ч398
Banners, mail server      374Ч376
Banners, network      102Ч103
Banners, sendmail      102
Banners, SMTP      375 376
Banners, telnet      102
Banners, wu-ftpd      396Ч398
bash (Bourne Again Shell)      8
bash-httpd server      456
Bastille utility      32Ч33
Battery, computer      166
Berkeley Internet Name Domain      See "BIND"
BestCrypt filesystem      173
BGP (Border Gateway Protocol)      217 219
Binaries, setuserid      270
Binaries, smrsh      380
Binaries, trojaned      138 139 338 350Ч351
BIND server      81
BIND, cache poisoning      212Ч216
BIND, described      81
BIND, DNS and      81 212
BIND, versions      81
BIND, zone transfers and      84Ч86
BIOS C-MOS memory      166
BIOS settings      165Ч167
Blackholes      66 383
Body, packet      477
Boot access      163Ч173
boot devices      164Ч165
Boot disks, precautions      164Ч165 171Ч172
Boot disks, starting computer with      62 171Ч172
boot loader      167
Border Gateway Protocol (BGP)      217 219
Bourne Again Shell (bash)      8
Bourne shell      8
Brute-force attacks, described      187Ч188
Brute-force attacks, Netscape browsers and      187Ч188
Brute-force attacks, passwords      187 197 289 290 298 311
Brute-force attacks, tools for      197
Brute-force attacks, wardialers      185Ч186
BSD checksum      141Ч143
buffer overflows      265Ч267
Buffer overflows in services      200Ч201
Buffer overflows, described      199Ч200
Buffer overflows, scripts for      146Ч147 201Ч202
Bugs      420
Bugtraq mailing list      71 510
C shell (csh)      8
C string functions      199
C-MOS memory      166
Cache files      212Ч216
Case studies, extended      513Ч541
CD-ROMs, removing drives      165 166
CD-ROMs, running programs from      51
CD-ROMs, starting computer with      62 164Ч165
CD-ROMs, system tools on      351
Certificate authority      232
CFS filesystem      173
CGI (Common Gateway Interface)      439Ч456
CGI (Common Gateway Interface), Apache web server and      431Ч434
CGI (Common Gateway Interface), back-door CGIs      350Ч351
CGI (Common Gateway Interface), execution based on file name      431Ч432 437
CGI (Common Gateway Interface), insecure configurations      431Ч434
CGI (Common Gateway Interface), older versions of      432Ч433
CGI forms, cookies and      448Ч449
CGI forms, data length      446Ч447
CGI forms, hidden fields      444Ч446
CGI forms, missing fields in      442Ч444
CGI forms, null characters      450Ч451
CGI forms, pipes      452Ч455
CGI forms, preprocessing of data      451Ч452
CGI forms, referer headers      447Ч448
CGI forms, system calls      452Ч455
CGI programs, cookies      444 448Ч449
CGI programs, downloadable      440Ч442
CGI programs, execution of      431Ч432 443
CGI programs, filename characters and      449Ч451
CGI programs, form fields and      442Ч444
CGI programs, GET method      443
CGI programs, hidden fields      444Ч488
CGI programs, insecure      442Ч456
CGI programs, JavaScript preprocessing      451Ч452
CGI programs, operating system calls      452Ч455
CGI programs, Perl code problems      443Ч444
CGI programs, post connections      443
CGI programs, pre-shipped      440Ч442
CGI programs, problems with      439Ч456
CGI programs, referer headers      447Ч448
CGI programs, running as different users      433Ч434
CGI programs, shipped with web servers      440Ч442
CGI programs, telnet connections      443
CGI programs, user input and      446Ч447
CGI programs, web farms      455Ч456
CGI scanners      440
CGI scripts      440Ч442
CGI scripts, attacking      531Ч534
CGI scripts, downloadable      440Ч442
CGI scripts, pre-shipped      440Ч442
CGI scripts, running as different users      433Ч434
CGI scripts, searching for      531
chage command      302Ч303 311Ч312
Channels      391Ч392
Chargen service      202Ч203 233
Chassis locks      166
chattr +i command      282 351
chattr +i databasename command      51
chattr command      16Ч17 173
Checkpoint      486
checksums      49Ч50
Checksums, algorithms      56Ч57
Checksums, BSD checksum      141Ч143
Checksums, comparing      141Ч142
Checksums, CRC checksums      54
Checksums, CRC32 checksum      56
Checksums, cryptographic checksum      141Ч144
Checksums, described      47
Checksums, file checksum      141Ч142
Checksums, MD5 checksum      47 56 141 143
Checksums, System V checksum      141Ч143
Checksums, verifying      63
chkconfig program      504Ч505
chklastlog program      61
Chkrootkit      365
chkwtmp program      61
chmod command      12Ч13 263
chown command      264 278
chown() system call      278
chroot jails      139
Cisco Pix packet filter      486
Cisco routers      218
Cisco switches      523Ч525
Cleartext, email      387Ч389
Cleartext, FTP protocol      394-395
Cleartext, passwords      253Ч256 389Ч391 394Ч395
Cleartext, SMTP      387Ч389
Cleartext, usernames      394Ч395
Clients, FTP client      412Ч413
Clients, IRC client      152
Clients, netcat client      537Ч538
Clients, rsh client      21
Clients, SSH client      21 228Ч229
Clients, telnet client      184
Clients, Xftp FTP client      405 407
COAST project      51Ч52
Coda      240
Code on FTP sites      139Ч140
Code, comparing versions      140Ч141
Code, Linux kernel      359
code, Perl      443Ч444 447
Code, reviewing      140Ч141
Code, Trojaned      138Ч144
command lines      256Ч257
commands, chage      302Ч303 311Ч312
Commands, chattr      16Ч17 173
Commands, chattr +i      282 351
Commands, chattr +i databasename      51
commands, chmod      12Ч13 263
commands, chown      264 278
Commands, command lines      256Ч257
Commands, cpio      264
Commands, dpkg      495Ч497
Commands, edquota      17
Commands, EXPN      377 379
Commands, find      25 410
Commands, gpasswd      303
Commands, groupadd      303
Commands, groupdel      303
Commands, groupmod      303
Commands, host      82Ч86
Commands, htpasswd      304
Commands, ifconfig      27Ч28
Commands, killall      20Ч21
Commands, LIST      398Ч399 408
commands, ls      10 251 393
Commands, lsattr      16Ч17
Commands, lsmod      352Ч353
commands, mkdir      273Ч274
commands, mount      186Ч187 264 269Ч270
commands, netstat      203Ч206
commands, passwd      260Ч261 303
Commands, PASV      394 399 401Ч404
commands, ping      78
commands, port      398Ч401 408 409 412
commands, ps      319
1 2 3 4 5 6 7 8
       © Ёлектронна€ библиотека попечительского совета мехмата ћ√”, 2004-2022
Ёлектронна€ библиотека мехмата ћ√” | Valid HTML 4.01! | Valid CSS! ќ проекте