来源:互联网 发布:圣诞祝福 知乎 编辑:程序博客网 时间:2024/06/04 22:05

A. Using a search engine, find sites that may have mistakenly given privileged access to
everyone. To do this, we will look for directory listings which are accessible when you don't go

directly to the right web page. To do this, we will go to http://www.google.com and enter
this into the search box:
allintitle: "index of" .pdf
Click on a link in the results and you should find one that looks like a directory listing.
This type of searching is also known as Google Hacking.



A. 通过一个搜索引擎,搜寻出现授权漏洞的网站。如果不直接进入那个网站,我们需要通过找一个目录列表去寻找那样的网站,

进入http://www.google.com ,在输入关键字的地方输入“allintitle: "index of" .pdf”,然后点击搜索,你就能够找到




B. Can you find other types of documents in this way using Google? Find 3 more directory
listings which contain .xls files and .avi files.


B. 你能通过Google用相同的方法找到其他格式的文档吗?另外找出三个包含.xls和.avi格式文件的目录列表。

C. There are many search engines out there besides Google. A good researcher knows how
to use them all. Some websites specialize in tracking search engines, such as
http://www.searchengine.com. However, there are many more and you can generally find
them by using search engines. There is even a search engine for “the invisible web”. Find 10
search engines which are NOT meta search engines.


C. 除了Google还有其它搜索引擎。一个搜索高手知道如何综合利用它们。有些专门跟踪搜索引擎的网站(不太明白意思




D. Search for “security testing and ethical hacking” and list the top 3 answers.
E. Search for the same without the quotes and give the top 3 answers. Are they different?


D. 搜索“security testing and ethical hacking”,列出前3个搜索结果。

E. 搜索 security testing and ethical hacking,列出前3个搜索结果,和D有什么不同?

F. It is very different to search for a topic than it is to search for a word or phrase. In exercise
D, you searched for a phrase. Now you will search for an idea. To do this, you need to think
about what you want and how you want to find it. For example, you want to find an online
resource of magazines for ethical hacking. If you enter online resource of magazines for
ethical hacking into a search engine, you will get a number of opinions about the topic. This
is helpful but not as helpful as actually getting the resource. Instead, you need to think, “If I
was to make such a resource, what information would be in there and what key words could I
pick from that information?” Put the following words and phrases into a search engine and
find out which provides the best results for your search:

1. my favorite list of magazines on ethical hacking
2. list of ethical hacking magazines
3. resources for ethical hackers
4. ethical hacking magazine
5. magazines ethical hacking security list resource


F. 搜索一个单词和词组与搜索一个话题有很大的不同,在练习题D中,你搜索的是词组,现在,你要搜索话题。





1. 我最喜欢的伦理黑客杂志列表

2. 伦理黑客杂志列表

3. 伦理黑客杂志资源

4. 伦理黑客杂志

5. 伦理黑客安全杂志列表资源

G. Find the oldest website from Mozilla in the Internet Archive. To do this you need to search
on “www.mozilla.org” at the http://www.archive.org website.
H. Now to put it all together, let's say you want to download version 1 of the Netscape web
browser. Using search engines and the Internet Archives, see if you can locate and
download version 1 (but don't install it).


G. 通过Mozilla浏览器在互联网档案馆中查找出最老的网站。你要在http://www.archive.org上查找“www.mozilla.org”。

H. 现在综合利用何种方法,假设你现在想下载网景浏览器版本1.0。综合利用搜索引擎和互联网档案馆,看你能不能找到并下载



1.1.7 Chat
Chats, also known as Internet Relay Chat (IRC), as well as Instant Messaging (IM), are very
popular modes of quickly communicating with others.
As a research source, chat is extremely inconsistent, because you will be dealing with
individuals in real time. Some will be friendly, and some will be rude. Some will be harmless
pranksters, but some will be malicious liars. Some will be intelligent and willing to share
information, and some will be completely uninformed, but no less willing to share. It can be
difficult to know which is which.


1.1.7 聊天






However, once you get comfortable with certain groups and channels, you may be
accepted into the community, and you will be allowed to ask more and more questions, and
you will learn who you can trust. Eventually you will be able to learn the very newest security
information (also known as zero day, which implies that it was just discovered) and advance
your own knowledge.





A. Find 3 chat programs to use for instant messaging. What makes them different? Can
they all be used to talk to each other?
B. Find out what IRC is and how you can connect to it. Once you are able to connect,
enter the ISECOM chat room as announced on the front page of http://www.isecom.org.
C. How do you know which channels exist to join in IRC? Find 3 computer security
channels and 3 hacker channels. Can you enter these channels? Are there people talking or
are they “bots”?



A. 找出3个可以及时通讯的聊天工具。它们各有什么不同?它们全部都能用来和对方聊天吗?

B. 查找IRC是什么,并找出连接的方式。一旦你能连接,就进入如http://www.isecom.org首页上所说的ISECOM聊天室。




1.1.8 P2P
Peer to Peer, also known as P2P, is a network inside the Internet. Instead of many local
computers communicating with each other through a centralized, remote computer, the
computers in a P2P network communicate directly with each other. Most people associate
P2P with the downloading of mp3s and pirated movies, however, many other P2P networks
exist – both for the purposes of exchanging a wide variety of information and as a means to
conduct research on distributed information sharing. One website dedicated to teaching
about this, http://infoanarchy.org, is based on the premise that information should be free.
On the Infoanarchy website, you can find a listing of available P2P networks and clients.


1.1.8 P2P(点对点技术)





The problem with P2P networks is that, while you can find information on just about anything
on them, some of that information is on the network illegally. The Hacker Highschool program
doesn't condone the use of P2P to illegally download intellectual property, but there is no
question that P2P networks can be a vital resource for finding information. Remember: there
is nothing illegal about P2P networks – there are a lot of files that are available to be freely
distributed under a wide variety of licenses – but there are also a lot of files on these networks
that shouldn't be there. Don't be afraid to use P2P networks, but be aware of the dangers.







1.2 Further Lessons
Now you should practice to master the skill of researching. The better you get at it, the more
information you can find quickly, and the faster you will learn. To help you become a better
researcher for the Hacker Highschool program, here are some additional topics and terms for
you to investigate:
Meta Search
The Invisible Web
Google Hacking
How Search Engines Work
The Open Source Search Engine


1.2 深入课程












wow,欢呼吧,lesson 1终于翻译完了,由于不成熟的翻译水平,肯定有很多不足之处,欢迎提出意见哦~~~,后面让我们一起继续
