security operation center - ntnu.edu.t · 關於我 吳東霖, alex...
TRANSCRIPT
-
Windows
-
, Alex
-
358
359
360
361 1/2
362
363 358 ~ 360
6
-
ICMPTCPZone Transfer
Google / Search Engine
( Port Scan )nmapSuperscanamapetcFIN, Xmas , or Null scan
traceroutetcptracerouteetc
TCP Fingerprint xprobep0fnmap
-
Nessus
ISS Internet Scanner
Foundstone FoundScan
etc
HP WebInspect
IBM Rational AppScan
Acunetix Web Vulnerability Scanner
-
Web SQL Injection
Code/Command Injection
Remote File Inclusion
Upload File Mis-Handling
(Daemon)Remote Buffer Overflow
Design Error
Brute Force Attack
Sniff
Man-in-the-Middle / Session Hijacking
-
- milw0rm
13http://www.milw0rm.com
-
Adobe Acrobat Reader EXP
14
-
Milw0rm - platforms
15
-
Milw0rm
16
-
- sebug
17http://www.sebug.net
-
Sebug - vuldb
18
-
-
19
-
- TW
20
-
NTFS -
22
-
23
-
24
-
Windows Update
TCP/IP
Windows Update
25
-
Checklist
26
NTFS
Administrator
TCP/IP
Windows Update
-
28
42 42
0 0
8 0
0 0
-
29
30
30
5
0
-
30
, , ,
,
,
, , ,
-
31
LAN ManagerNTLM
LM NTLM
SAM
-
32
Messenger
Wireless Configuration
Shell Hardware Detection
-
33
16384KB 512 KB
16384KB 512 KB
16384KB 512 KB
-
34
Internet Explorer
Internet Explorer
ActiveDesktop