How to get the Information leakage
来源:互联网 发布:ubuntu最低配置 编辑:程序博客网 时间:2024/05/01 17:17
1. Banners
Banners are the text presented to a user when they attempt to log into a system via any one of the many services. Banners can be found on such services as File Transfer Protocol (FTP), secure shell (SSH), telnet, Simple Mail Transfer Protocol (SMTP), and Post Office Protocol 3 (POP3). Many software packages for these services happily yield version information to outside users in their default configuration.
2. Error Messages:
Services such as Web servers yield more than ample information about themselves when an exception condition is created. An exception condition is defined by a circumstance out of the ordinary, such as a request for a page that does not exist, or a command that is not recognized. In these situations, it is best to make use of the customizable error configurations supplied, or create a workaround configuration.
3. Protocol Information Leakage:
In addition to the previously mentioned cases of information leakage, there is also what is termed protocol analysis. Protocol analysis exists in numerous forms. One type of analysis is using the constraints of a protocol’s design against a system to yield information about a system. Observe this FTP system type query:
elliptic@ellipse:~$ telnet parabola.cipherpunks.com 21
Trying 192.168.1.2...
Connected to parabola.cipherpunks.com.
Escape character is '^]'.
220 parabola FTP server (Version: 9.2.1-4) ready.
SYST
215 UNIX Type: L8 Version: SUNOS
This problem also manifests itself in such services as HTTP. Observe the leakage of information through the HTTP HEAD command:
elliptic@ellipse:~$ telnet www.cipherpunks.com 80
Trying 192.168.1.2...
Connected to www.cipherpunks.com.
Escape character is '^]'.
HEAD / HTTP/1.0
HTTP/1.1 200 OK
Date: Wed, 05 Dec 2001 11:25:13 GMT
Server: Apache/1.3.22 (Unix)
Last-Modified: Wed, 28 Nov 2001 22:03:44 GMT
ETag: "30438-44f-3c055f40"
Accept-Ranges: bytes
Content-Length: 1103
Connection: close
Content-Type: text/html
4. Analysis of responses to IP
Attackers also perform protocol analysis through a number of other methods. One such method is the analysis of responses to IP, an attack based on the previously mentioned concept, but working on a lower level. Automated tools, such as www.syngress.com Classes of Attack, the Network Mapper, or Nmap, provide an easy-to-use utility designed to gather information about a target system, including publicly reachable ports on the system, and the operating system of the target. Observe the output from an Nmap scan:
elliptic@ellipse:~$ nmap -sS -O parabola.cipherpunks.com
Starting nmap V. 2.54BETA22 ( www.insecure.org/nmap/ )
Interesting ports on parabola.cipherpunks.com (192.168.1.2):
(The 1533 ports scanned but not shown below are in state: closed)
Port State Service
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
Remote operating system guess: Solaris 2.6 - 2.7
Uptime 5.873 days (since Thu Nov 29 08:03:04 2001)
Nmap run completed — 1 IP address (1 host up) scanned in 67 seconds
- How to get the Information leakage
- how to get session information
- Information Leakage
- How to get CListCtrl clicked item information !!
- How to Get Hardware Information using C#
- How to get information of .a/.so
- How to get user information say: passwd
- How to generate the meta information
- How to Get the WDK
- How To Get High Quality Information About Query Performance
- How to get session information in Spring MVC 3
- How to get to the point quickly?
- How To Upload Files to the Internet Information Server
- How To Get Hardware Information (CPU ID, MainBoard Info, Hard Disk Serial, System Information , ...)
- How to Use or Disable the Information Bar
- How to get parameters from the URL?
- How to get the current epoch time
- How to get the useful synonyms
- 中断处理
- 机器学习之:特征向量选取
- ubuntu/xubuntu 安装flash player
- css overflow的解决方案 容器字母换行问题解决方案
- oralce创建表空间和创建用户
- How to get the Information leakage
- java.io.IOException: Server returned HTTP response code: 500 for URL
- 【20】IO流3_File类,递归,Properties,合并流,切割文件
- jquery用$(this)选择下面的子元素
- 【21】IO流4_序列化,管道,随机,字节数组流,字符编码
- 【22】GUI图形用户界面,菜单栏打开,保存等操作
- 黑马程序员--03.Java面向对象--01.【OOP基本概念】【匿名对象】【封装】【构造函数】【this关键字】
- birt隔行换色
- 1006. 换个格式输出整数 (15)