1. Trang chủ
  2. » Luận Văn - Báo Cáo

Nghiên cứu các lỗ hổng bảo mật gây ra bời các chính sách bảo mật của người dùng trên các hệ thống hiện nay

214 13 0

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

THÔNG TIN TÀI LIỆU

Nội dung

€•i H‚c Quƒc Gia Tp H„ Ch… Minh TR€•NG ‚ƒI H„C B…CH KHOA L† TI‡U BˆNG ‚‰ TŠI: Nghi‹n cŒu c•c lŽ h•ng b•o m‘t g’y b“i c•c ch”nh s•ch b•o m‘t c•a ng–—i d˜ng tr‹n c•c h™ thšng hi™n Chuy†n ng‡nh : Cˆng Ngh‰ Thˆng Tin MŠ ng‡nh : 01.02.10 LU›N VœN THƒC S• TP H‹ CHŒ MINH, th•ng 12 nŽm 2006 CO€NG TR•NH ‚ƒ„…C HOA†N THA†NH TA…I TRƒ„†NG ‚A…I HO…C BA‡CH KHOA ‚A…I HO…C QUOˆC GIA TP HO‰ CHŠ MINH Ca‹n boŒ h•Ž‹ng da•n khoa ho•c : Tie‘n s’ Nguye•n Xua“n Du”ng Ca‹n boŒ cha‘m nhaŒn xe‹t : Tie‘n s’ ‚a•ng Tra–n Kha‹nh Ca‹n boŒ cha‘m nhaŒn xe‹t : Tie‘n s’ Nguye•n ‚—nh Thu‹c LuaŒn va˜n tha•c s’ ™•Ž•c bašo veŒ ta•i HO›I ‚O‰NG CHAˆM BAœO VE› LUA›N VA•N THA…C Sž TRƒ„†NG ‚A…I HO…C BA‡CH KHOA, ngaŸy 13 tha‹ng 12 na˜m 2006 TRƒ„†NG ‚A…I HO…C BA‡CH KHOA PHO•NG …A•O TA†O S…H CO€NG HO•A XA‚ HO€I CHUƒ NGH„A VIE€T NAM ‚O›C LA›P Tƒ… DO HA…NH PHU‡C Tp HCM, nga€y 06 tha•ng 10 na‚m 2006 NHIE€M VU† LUA€N VA‡N THA†C S Hoã ten hoãc vien: Ly TieĂu BaÂng Pha‹i: Nam NgaŸy, tha‹ng, na˜m sinh: 09/06/1978 NŽi sinh: B—nh D•Žng Chuye“n ngaŸnh: Co“ng NgheŒ Tho“ng Tin MSHV: 00704157 I- TEˆN …E‰ TA•I: NghieŠn c‹Œu caŒc lo• hoŽng ba•o ma•t gaŠy b‘•i caŒc ch’nh saŒch ba•o ma•t cu•a ng‹‘“i du“ng treŠn caŒc he• tho”ng hie•n II- NHIE€M VU† VA• NO€I DUNG: - Pha“n t£ch chi tie‘t nguye“n nha“n cuša ca‹c lo• ho¡ng, ca‹c ph•Žng pha‹p ta‘n co“ng vaŸ phoŸng thuš - ‚•a demo th••c te‘ cho ta‘t caš ca‹c nghie“n c•‹u ™a” th••c hieŒn - Nghie“n c•‹u ™e¡ ™•a moŒt heŒ tho‘ng ph•Žng pha‹p giu‹p xa‹c laŒp ca‹c ch£nh sa‹ch bašo maŒt hŽ•p ly‹ Žš m•‹c to¡ng qua‹t ch•‹ kho“ng phaši Žš m•‹c x•š ly‹ t—nh huo‘ng nh• ™a” nghie“n c•‹u tr•Ž‹c ™o‹ - Xa“y d••ng ch•Žng tr—nh pha‹t hieŒn lo• ho¡ng III- NGA•Y GIAO NHIE€M VU†: 10/10/2005 IV- NGA•Y HOA•N THA•NH NHIE€M VU†: 06/10/2006 V- CA•N BO€ H–—•NG DA˜N: Tie‘n s’ Nguye•n Xua“n Du”ng CA•N BO€ H–—•NG DA˜N CN BO€ MOˆN QL CHUYEˆN NGA•NH Tie”n s™ Nguye•n XuaŠn Dušng NoŒi dung vaŸ ™e– c•Žng luaŒn va˜n tha•c s’ ™a” ™•Ž•c HoŒi ™o–ng chuye“n ngaŸnh tho“ng qua NgaŸy TR–—ƒNG PHO•NG …T › S…H tha‹ng na˜m TR–—ƒNG KHOA QL NGA•NH L—•I CAƒM —N Bašn tha“n to“i kho“ng the¡ hoaŸn thaŸnh luaŒn va˜n naŸy moŒt ca‹ch to‘t nha‘t ne‘u kho“ng co‹ s•• giu‹p ™Ž” vaŸ go‹p y‹ cuša ca‹c tha–y vaŸ s•• ™oŒng vie“n cuša gia ™—nh vaŸ ca‹c ba•n ™o–ng nghieŒp Xin cha“n thaŸnh cašm Žn tha–y TS Nguye•n Xua“n Du”ng (Khoa CNTT, ‚a•i ho•c Va˜n Lang) ™a” he‘t loŸng giu‹p ™Ž” qua‹ tr—nh nghie“n c•‹u vaŸ th••c hieŒn ™e– taŸi Xin cašm Žn ba•n ‚o• Ngo•c Duy Tra‹c, gia‹m ™o‘c ma•ng An toaŸn Tho“ng tin VSEC ™a” nhieŒt t—nh giu‹p ™Ž” to“i nh•”ng tho“ng tin taŸi lieŒu nghie“n c•‹u vaŸ kinh nghieŒm th••c tie•n he‘t s•‹c quy‹ gia‹ lu‹c hoaŸn thaŸnh luaŒn va˜n naŸy Xin cašm Žn ca‹c tha–y, co“ khoa Co“ng ngheŒ Tho“ng tin, phoŸng Quašn ly‹ Sau ™a•i ho•c tr•ŽŸng ‚a•i ho•c Ba‹ch Khoa TP.HCM ™a” cung ca‘p kie‘n th•‹c cho to“i suo‘t thŽŸi gian ho•c taŒp cu”ng nh• hoaŸn ta‘t luaŒn va˜n naŸy Xin cha“n thaŸnh cašm Žn ba, me•, vŽ•, vaŸ nh•”ng ng•ŽŸi tha“n gia ™—nh, ba•n beŸ vaŸ ca‹c ba•n ™o–ng nghieŒp co“ng ty ™a” ™oŒng vie“n giu‹p ™Ž” qua‹ tr—nh nghie“n c•‹u vaŸ xa“y d••ng luaŒn va˜n TP.HCM, ngaŸy tha‹ng na˜m 2006 Ly‹ Tie¡u Ba¢ng 199 PHU† LU†C I Tham kha•o chi tie”t ve¡ caŒc lo• hoŽng baão maãt tren Windows Cac dÔch vu cuãa Windows http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfintro.mspx http://www.microsoft.com/windows2000/en/advanced/help/sag_TCPIP_ovr_secfeatures.htm http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/4dbc4c95-935b4617-b4f8-20fc947c7288.mspx a Remote Code Execution in MSDTC and COM+ Services http://www.microsoft.com/technet/Security/bulletin/ms05-051.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=41#widely2 b Remote Code Execution in Print Spooler Service http://www.microsoft.com/technet/Security/bulletin/ms05-043.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=32#widely3 c Remote Code Execution in Plug and Play Service http://www.microsoft.com/technet/Security/bulletin/ms05-047.mspx http://www.microsoft.com/technet/Security/bulletin/ms05-039.mspx http://www.microsoft.com/security/incident/zotob.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=41#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=43#exploit1 http://www.sans.org/newsletters/risk/display.php?v=4&i=32#widely1 http://www.sans.org/newsletters/newsbites/newsbites.php?vol=7&issue=47#305 d Remote Code Execution in Server Message Block Service http://www.microsoft.com/technet/security/bulletin/ms05-027.mspx http://www.microsoft.com/technet/security/bulletin/ms05-011.mspx http://www.qualys.com/research/alerts/view.php/2005-06-14 http://www.sans.org/newsletters/risk/display.php?v=4&i=24#widely3 http://www.sans.org/newsletters/risk/display.php?v=4&i=6#widely6 e Remote Code Execution in Exchange SMTP Service http://www.microsoft.com/technet/security/Bulletin/MS05-021.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=15#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=16#exploit1 f Remote Code Execution in Message Queuing Service http://www.microsoft.com/technet/security/bulletin/ms05-017.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=15#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=19#exploit2 http://www.sans.org/newsletters/risk/display.php?v=4&i=26#exploit2 g Remote Code Execution in License Logging Service http://www.microsoft.com/technet/security/bulletin/ms05-010.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=6#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=11#exploit1 200 h Remote Code Execution in WINS Service http://www.microsoft.com/technet/security/bulletin/MS04-045.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=48#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=50#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=1#exploit1 http://www.sans.org/newsletters/risk/display.php?v=4&i=2#exploit2 i Remote Code Execution in NNTP Service http://www.microsoft.com/technet/security/bulletin/MS04-036.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=41#widely2 j Remote Code Execution in NetDDE Service http://www.microsoft.com/technet/security/bulletin/MS04-031.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=41#widely4 k Remote Code Execution in Task Scheduler http://www.microsoft.com/technet/security/bulletin/ms04-022.asp http://www.sans.org/newsletters/risk/display.php?v=3&i=28#widely1 Internet Explorer € Ca‹c caŒp nhaŒt bašo maŒt cuša Internet Explorer • http://www.microsoft.com/technet/security/Bulletin/MS05-052.mspx • • • • • • • • http://www.sans.org/newsletters/risk/display.php?v=4&i=41#widely3 http://www.microsoft.com/technet/security/Bulletin/MS05-038.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=32#widely2 http://www.microsoft.com/technet/security/Bulletin/MS05-037.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=28#widely1 http://www.microsoft.com/technet/security/Bulletin/MS05-025.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=24#widely1 http://www.microsoft.com/technet/security/Bulletin/MS05-020.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=15#widely3 http://www.sans.org/newsletters/risk/display.php?v=4&i=17#exploit2 http://www.microsoft.com/technet/security/bulletin/ms05-014.mspx http://www.microsoft.com/technet/security/bulletin/ms05-008.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=6#widely2 http://www.microsoft.com/technet/security/bulletin/MS04-040.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=48#widely2 http://www.microsoft.com/technet/security/bulletin/MS04-038.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=41#widely1 http://www.microsoft.com/technet/security/bulletin/MS04-025.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=30#widely1 € Ca‹c lo• ho¡ng Internet Explorer da•ng 0-day (vaŸo thŽŸi ™ie–m co“ng bo‘) http://www.sans.org/newsletters/risk/display.php?v=4&i=33#widely3 http://www.sans.org/newsletters/risk/display.php?v=4&i=29#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=26#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=27#widely1 201 http://www.sans.org/newsletters/risk/display.php?v=3&i=51#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=51#widely4 http://www.sans.org/newsletters/risk/display.php?v=3&i=52#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=46#widely2 http://www.sans.org/newsletters/risk/display.php?v=3&i=45#widely4 http://www.sans.org/newsletters/risk/display.php?v=3&i=44#widely2 http://www.sans.org/newsletters/risk/display.php?v=3&i=43#widely2 http://www.sans.org/newsletters/risk/display.php?v=3&i=44#widely3 http://www.sans.org/newsletters/risk/display.php?v=3&i=42#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=43#widely2 http://www.sans.org/newsletters/risk/display.php?v=3&i=34#exploit1 http://www.sans.org/newsletters/risk/display.php?v=3&i=33#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=28#widely2 CaŒc th‹ vie•n Windows a Th••c thi ma” t•Ÿ xa cŽ ca‘u d••ng h—nh ™o– hoa• cuša Windows http://www.microsoft.com/technet/security/Bulletin/MS05-053.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=45#widely1 b Th••c thi ma” t•Ÿ xa Microsoft DirectShow http://www.microsoft.com/technet/security/Bulletin/MS05-050.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=41#widely1 c Th••c thi ma” t•Ÿ xa module quašn ly‹ maŸu cuša Microsoft http://www.microsoft.com/technet/security/Bulletin/MS05-036.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=28#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=29#exploit1 d Th••c thi ma” t•Ÿ xa HTML Help http://www.microsoft.com/technet/security/bulletin/MS05-026.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=24#widely2 http://www.microsoft.com/technet/security/bulletin/MS05-001.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=2#widely1 http://www.microsoft.com/technet/security/bulletin/MS04-023.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=28#widely3 e Th••c thi ma” t•Ÿ xa Web View http://www.microsoft.com/technet/security/bulletin/MS05-024.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=19#widely2 f Th••c thi leŒnh t•Ÿ xa Windows Shell http://www.microsoft.com/technet/security/bulletin/MS05-016.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=15#widely6 http://www.microsoft.com/technet/security/bulletin/MS04-037.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=41#widely5 http://www.microsoft.com/technet/security/bulletin/MS04-024.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=28#widely5 g Th••c thi ma” t•Ÿ xa ca‹c th• vieŒn lie“n ke‘t cuša Windows 202 http://www.microsoft.com/technet/security/bulletin/ms05-015.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=6#widely10 h Th••c thi ma” t•Ÿ xa qua‹ tr—nh x•š ly‹ ašnh PNG http://www.microsoft.com/technet/security/bulletin/ms05-009.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=6#widely i Th••c thi ma” t•Ÿ xa qua‹ tr—nh x•š ly‹ bie¡u t•Ž•ng vaŸ cursor http://www.microsoft.com/technet/security/bulletin/ms05-002.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=2#widely2 http://www.sans.org/newsletters/risk/display.php?v=3&i=51#widely2 j Th••c thi ma” t•Ÿ xa ca‹c th• mu•c ne‹n cuša Windows http://www.microsoft.com/technet/security/bulletin/MS04-034.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=41#widely3 k Th••c thi ma” t•Ÿ xa qua‹ tr—nh x•š ly‹ ašnh JPEG http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=37#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=38#widely2 Bo• pha¡n me¡m Office va“ Outlook Express a Microsoft Office XP Buffer Overflow http://www.microsoft.com/technet/Security/bulletin/ms05-005.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=6#widely4 b Microsoft OLE and COM Remote Code Execution http://www.microsoft.com/technet/Security/bulletin/ms05-012.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=6#widely7 c Cumulative Security Update for Outlook Express http://www.microsoft.com/technet/security/bulletin/ms05-030.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=24#widely4 http://www.sans.org/newsletters/risk/display.php?v=4&i=26#exploit3 d Office Access Buffer Overflow http://www.sans.org/newsletters/risk/display.php?v=4&i=15#exploit1 http://securityresponse.symantec.com/avcenter/venc/data/backdoor.ryejet.b.html S‹Ÿ ye”u keŒm ca”u h¢nh Windows a Tho“ng tin ve– GaoBot http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.gaobot.gen.html b DuŸng Brute force ™e¡ que‹t taŸi khoašn MS SQL server http://isc.sans.org/diary.php?date=2004-12-30 c SQL Server kho“ng bašo maŒt vŽ‹i maŒt kha¡u ro•ng cuša taŸi khoašn SA se” ™e¡ la•i lo• ho¡ng cho sa“u ta‘n co“ng http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q313418 d Ghi chu‹ ve– lo• ho¡ng bašo maŒt cuša CERT 203 http://www.kb.cert.org/vuls/id/635463 e Bašo maŒt to‘t nha‘t cho IIS 6.0 http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/596cdf5a-c8524b79-b55a-708e5283ced5.mspx f LaŸm the‘ naŸo eĂ sã duãng gia trÔ RestrictAnonymous registry cua Windows 2000 http://support.microsoft.com/kb/q246261 II Tham kha•o chi tie”t ve¡ caŒc lo• hoŽng caŒc ‹Œng duŸng a moŠi tr‹‘“ng CaŒc pha¡n me¡m l‹u d‹š lie•u a Computer Associates Advisories http://archives.neohapsis.com/archives/bugtraq/2005-08/0033.html http://archives.neohapsis.com/archives/bugtraq/2005-04/0202.html http://www.sans.org/newsletters/risk/display.php?v=4&i=31#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=15#other1 http://www.ca.com/at/local/partner/techtalk_mar05_faq.pdf (Ports Used by Backup Products) b Symantec Veritas Advisories http://seer.support.veritas.com/docs/279553.htm http://seer.support.veritas.com/docs/276604.htm http://seer.support.veritas.com/docs/276605.htm http://seer.support.veritas.com/docs/276606.htm http://seer.support.veritas.com/docs/276533.htm http://seer.support.veritas.com/docs/276607.htm http://seer.support.veritas.com/docs/277567.htm http://seer.support.veritas.com/docs/277566.htm http://www.sans.org/newsletters/risk/display.php?v=4&i=45#widely4 http://www.sans.org/newsletters/risk/display.php?v=4&i=38#other3 http://www.sans.org/newsletters/risk/display.php?v=4&i=25#widely1 http://www.us-cert.gov/current/current_activity.html#VU378957 c EMC Legato and Sun Advisories http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1 http://www.sans.org/newsletters/risk/display.php?v=4&i=33#widely2 d Arkeia Advisory http://www.arkeia.com/securityfix/ http://www.sans.org/newsletters/risk/display.php?v=4&i=8#widely1 e BakBone Advisory http://www.sans.org/newsletters/risk/display.php?v=4&i=19#other1 (unpatched) http://www.sans.org/newsletters/risk/display.php?v=4&i=14#other1 204 CaŒc pha¡n me¡m die•t virus Be“n d•Ž‹i laŸ danh sa‹ch ca‹c nhaŸ cung ca‘p ch•Žng tr—nh dieŒt virus ™e¡ kie¡m tra ca‹c bašn caŒp nhaŒt, va‹ lo•i hoa•c ca‹c lŽŸi khuye“n bašo maŒt a Anti-virus Security Advisories http://www.sans.org/newsletters/risk/display.php?v=4&i=6 (Symantec) http://www.sans.org/newsletters/risk/display.php?v=4&i=6 (F-Secure) http://www.sans.org/newsletters/risk/display.php?v=4&i=8#widely2 (Trend Micro) http://www.sans.org/newsletters/risk/display.php?v=4&i=12#widely1 (McAfee) http://www.sans.org/newsletters/risk/display.php?v=4&i=21#widely1 (Computer Associates) http://www.sans.org/newsletters/risk/display.php?v=4&i=30#widely1 (ClamAV) http://www.sans.org/newsletters/risk/display.php?v=4&i=38 (ClamAV) http://www.sans.org/newsletters/risk/display.php?v=4&i=34#other2 (HAURI) http://www.sans.org/newsletters/risk/display.php?v=4&i=35#widely2 (Sophos) http://www.sans.org/newsletters/risk/display.php?v=4&i=38#other2 (AhnLab and AVIRA) http://www.sans.org/newsletters/risk/display.php?v=4&i=42#other4 (AhnLab) http://www.sans.org/newsletters/risk/display.php?v=4&i=40#other3 (Kaspersky) b Anti-virus Evasion Issues http://www.kb.cert.org/vuls/id/968818 http://www.uniras.gov.uk/niscc/docs/re-20040913-00591.pdf?lang=en http://www.sans.org/newsletters/risk/display.php?v=4&i=43#other4 c Other Anti-virus Resources http://www.cert.org/other_sources/viruses.html http://www.virusbtn.com/ http://www.eicar.com/ http://www.wildlist.org/ Cac ng dung viet baăng PHP a Cac loã hoĂng tre“n PHP http://www.hardened-php.net/advisory_202005.79.html http://www.hardened-php.net/advisory_152005.67.html http://www.hardened-php.net/advisory_142005.66.html http://www.sans.org/newsletters/risk/display.php?v=3&i=50#widely4 http://www.sans.org/newsletters/risk/display.php?v=3&i=23#other1 http://www.sans.org/newsletters/risk/display.php?v=3&i=28#widely4 http://www.sans.org/newsletters/risk/display.php?v=3&i=48#exploit1 b Hardened PHP Project http://www.hardened-php.net/ c OWASP Webpage (Ch•‹a ca‹c co“ng cu• vaŸ taŸi lieŒu cho vieŒc kie¡m tra ca‹c lo• ho¡ng cuša •‹ng du•ng web) http://www.owasp.org/ d Ca‹c t£nh na˜ng bašo maŒt PHP http://au.php.net/features.safe-mode 205 Pha¡n me¡m c‘ s‘• d‹š lie•u a SANS Reading Room on Database Security http://www.sans.org/rr/catindex.php?cat_id=3 b Oracle SANS Comprehensive Security Checklist for Oracle http://www.sans.org/score/oraclechecklist.php https://store.sans.org/store_item.php?item=80 CIS Oracle Benchmark Tool http://www.cisecurity.org/bench_oracle.html Oracle security information can be found at http://www.petefinnigan.com/orasec.htm http://otn.oracle.com/deploy/security/index.html c MySQL SecurityFocus step-by-step guide to securing MySQL http://www.securityfocus.com/infocus/1726 MySQL Security http://dev.mysql.com/doc/mysql/en/Security.html PostgreSQL Security Guide http://www.postgresql.org/docs/7/interactive/security.html Microsoft SQL Security Guide http://www.microsoft.com/sql/techinfo/administration/2000/security/default.mspx d IBM DB2 http://www.net-security.org/dl/articles/Securing_IBM_DB2.pdf –•ng duŸng chia se• ta•p tin a US DHS Information Bulletin "Unauthorized Peer-to-Peer (P2P) Programs on Government Computers" http://www.dhs.gov/interweb/assetlibrary/IAIP_UnauthorizedP2PProgramsGovtComp_041905.pdf b Federal Law Enforcement Announces Operation D-Elite, Crackdown on P2P Piracy Network: First Criminal Enforcement Against BitTorrent Network Users http://www.usdoj.gov/criminal/cybercrime/BitTorrent.htm c Cyber Security Tip ST05-007 - Risks of File-Sharing Technology http://www.us-cert.gov/cas/tips/ST05-007.html d Risks of P2P File Sharing http://www.ftc.gov/bcp/workshops/filesharing/presentations/hale.pdf e Symantec Internet Security Threat Report - Trends for July 04- December 04 Volume VII, Published March 2005 http://ses.symantec.com/pdf/ThreatReportVII.pdf 206 f Securing Windows XP Professional in a Peer-to-Peer Networking Environment http://www.microsoft.com/technet/security/smallbusiness/prodtech/windowsxp/sec_winxp_pro_p2p mspx g Identifying P2P users using traffic analysis - Yiming Gong - 2005-07-21 http://www.securityfocus.com/infocus/1843 h Sinit P2P Trojan Analysis http://www.lurhq.com/sinit.html i How to block specific network protocols and ports by using IPSec (MS KB article 813878) http://support.microsoft.com/kb/813878 j Using Software Restriction Policies to Protect Against Unauthorized Software http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/rstrplcy.mspx k Availability and description of the Port Reporter tool (MS KB article 837243) http://support.microsoft.com/kb/837243 l New features and functionality in PortQry version 2.0 (MS KB article 832919) http://support.microsoft.com/default.aspx?kbid=832919 m Log Parser 2.2 http://www.microsoft.com/technet/scriptcenter/tools/logparser/default.mspx n Browsing the Web and Reading E-mail Safely as an Administrator (DropMyRights) http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode/html/secure11152004.asp o Peer-to-Peer (P2P) Security and QoS Frequently Asked Questions (CheckPoint) http://secureknowledge.checkpoint.com/pub/sk/docs/public/firewall1/ng/pdf/p2p_faq.pdf Pha¡n me¡m DNS a DNS Vulnerabilities http://www.sans.org/newsletters/risk/display.php?v=4&i=11 http://www.sans.org/newsletters/risk/display.php?v=4&i=14#widely1 http://isc.sans.org/presentations/dnspoisoning.php http://thekelleys.org.uk/dnsmasq/doc.html http://www.icir.org/vern/papers/reflectors.CCR.01/node8.html b DNS Version Survey and Server Software http://mydns.bboy.net/survey/ http://www.dns.net/dnsrd/servers/ c Inner Workings of DNS http://www.internic.net/faqs/authoritative-dns.html 207 http://www.sans.org/rr/whitepapers/dns/ http://www.cert.org/archive/pdf/dns.pdf http://www.isc.org/index.pl http://www.microsoft.com/windows2000/technologies/communications/dns/default.mspx http://www.dns.net/dnsrd/ d DNSSEC Deployment http://www.dnssec-deployment.org/ http://www.dnssec.net/ http://csrc.nist.gov/publications/drafts/DRAFT-SP800-81.pdf e DNS Security Best Practices http://www.cymru.com/Documents/secure-bind-template.html http://www.softpanorama.org/DNS/security.shtml http://cookbook.linuxsecurity.com/sp/bind_hardening8.html http://www.isc.org/index.pl?/sw/bind/bind-security.php CaŒc ch‹‘ng tr¢nh xem phim, ch‘i nhaŸc a DNS Vulnerabilities http://www.sans.org/newsletters/risk/display.php?v=4&i=11 http://www.sans.org/newsletters/risk/display.php?v=4&i=14#widely1 http://isc.sans.org/presentations/dnspoisoning.php http://thekelleys.org.uk/dnsmasq/doc.html http://www.icir.org/vern/papers/reflectors.CCR.01/node8.html b RealNetworks Media Player Products Home Page http://www.realnetworks.com/products/media_players.html Security Reports http://service.real.com/help/faq/security/ http://service.real.com/help/faq/security/051110_player/EN/ http://www.sans.org/newsletters/risk/display.php?v=4&i=40#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=25#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=16#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=10#exploit1 http://www.sans.org/newsletters/risk/display.php?v=4&i=9#widely2 http://www.sans.org/newsletters/risk/display.php?v=3&i=43#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=39#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=23#widely4 c Helix Player Home Page https://player.helixcommunity.org/ News, Including Security Announcements https://helixcommunity.org/news/ d Apple 208 QuickTime Home Page http://www.apple.com/quicktime/ iTunes Home Page http://www.apple.com/itunes/ Apple Security Updates http://docs.info.apple.com/article.html?artnum=61798 QuickTime Support http://www.apple.com/support/quicktime/ Security Reports http://www.sans.org/newsletters/risk/display.php?v=4&i=45#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=19#widely3 http://www.sans.org/newsletters/risk/display.php?v=4&i=2#widely3 http://www.sans.org/newsletters/risk/display.php?v=4&i=3#exploit1 e Nullsoft Winamp Home Page http://www.winamp.com/ http://www.winamp.com/about/news.php Security Reports http://www.sans.org/newsletters/risk/display.php?v=4&i=5#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=47#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=36#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=34#widely1 f Microsoft Windows Media Player Home Page http://www.microsoft.com/windows/windowsmedia/default.aspx Windows Media Player 10 Security http://www.microsoft.com/windows/windowsmedia/mp10/security.aspx Microsoft Security Bulletin Search http://www.microsoft.com/technet/security/current.aspx Security Reports http://www.sans.org/newsletters/risk/display.php?v=3&i=51#04.51.1 http://www.sans.org/newsletters/risk/display.php?v=4&i=6#widely5 g Macromedia Flash Player Homepage http://www.macromedia.com/software/flashplayer Security Reports http://www.sans.org/newsletters/risk/display.php?v=4&i=45#widely3 CaŒc ch‹‘ng trÂnh nhaân tin a Threats to Instant Messaging 209 http://securityresponse.symantec.com/avcenter/reference/threats.to.instant.messaging.pdf http://www.eweek.com/article2/0,1895,1864869,00.asp b IM Buffer Overflows http://www.sans.org/newsletters/risk/display.php?v=3&i=32#widely1 (AOL) (Windows and http://www.sans.org/newsletters/risk/display.php?v=4&i=6#widely5 Messenger) http://www.sans.org/newsletters/risk/display.php?v=4&i=15#widely7 (MSN Messenger) http://www.sans.org/newsletters/risk/display.php?v=4&i=43#other1 (Skype) TrÂnh duyeãt Mozilla va“ Firefox Mozilla Firefox Vulnerabilities http://www.sans.org/newsletters/risk/display.php?v=4&i=39#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=38#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=37#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=38#exploit1 http://www.sans.org/newsletters/risk/display.php?v=4&i=28#widely8 http://www.sans.org/newsletters/risk/display.php?v=3&i=37#widely2 10 Lo• hoŽng caŒc sa•n phaŽm maŸng a CA License Manager Overflows http://supportconnectw.ca.com/public/reglic/downloads/licensepatch.asp#alp http://supportconnectw.ca.com/public/ca_common_docs/security_notice.asp http://www.sans.org/newsletters/risk/display.php?v=4&i=9#widely1 b Novell eDirectory iMonitor and ZENWorks Overflow http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098568.htm http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972038.htm http://www.sans.org/newsletters/risk/display.php?v=4&i=33#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=20#widely1 c Computer Associates Message Queuing Vulnerabilities http://archives.neohapsis.com/archives/bugtraq/2005-08/0292.html http://www.sans.org/newsletters/risk/display.php?v=4&i=34#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=42#exploit2 d Sun Java Security Vulnerabilities http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101748-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101749-1 http://www.sans.org/newsletters/risk/display.php?v=3&i=47#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=12#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=24#widely10 e HP Radia Management Software Overflows http://archives.neohapsis.com/archives/bugtraq/2005-06/0009.html http://www.sans.org/newsletters/risk/display.php?v=4&i=22#other1 MSN 210 http://www.sans.org/newsletters/risk/display.php?v=4&i=18#other2 http://www.sans.org/newsletters/risk/display.php?v=4&i=30#exploit1 f Snort BackOrifice Preprocessor Overflow http://www.snort.org/pub-bin/snortnews.cgi#99 http://www.sans.org/newsletters/risk/display.php?v=4&i=42#widely1 g RSA SecuID Web Agent Overflow http://www.kb.cert.org/vuls/id/790533 http://www.sans.org/newsletters/risk/display.php?v=4&i=42#widely1 III Tham kha•o chi tie”t ve¡ caŒc lo• hoŽng he• tho”ng UNIX iem yeu cau hÂnh heã thong UNIX a SSH Brute Force Attacks and Counter Measures http://isc.sans.org/diary.php?date=2004-11-04 http://isc.sans.org/diary.php?date=2004-11-02 http://isc.sans.org/diary.php?date=2004-09-11 http://isc.sans.org/diary.php?date=2004-08-30 http://isc.sans.org/diary.php?date=2004-08-29 http://isc.sans.org/diary.php?date=2004-08-22 http://seclists.org/lists/firewall-wizards/2005/Jun/0154.html http://www.counterpane.com/alert-cis20040910-1.html http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1094140,00.html http://www.frsirt.com/exploits/08202004.brutessh2.c.php b General UNIX Security Resources http://www.cisecurity.org/ http://www.bastille-linux.org/ Mac OS X a Mac OS X Vulnerabilities http://www.sans.org/newsletters/risk/display.php?v=4&i=23#widely3 b Apple Product Security http://www.apple.com/support/security/ c SecureMac http://www.securemac.com/ d Macintosh Security http://www.macintoshsecurity.com/ e Security Announce http://lists.apple.com/mailman/listinfo/security-announce f CISecurity MAC OS X Benchmark http://www.cisecurity.org/bench_osx.html g Securing Mac OS X 10.4 Tiger 211 http://www.corsaire.com/white-papers/050819-securing-mac-os-x-tiger.pdf h Securing Mac OS X 10.3 Panther http://www.corsaire.com/white-papers/040622-securing-mac-os-x.pdf IV Tham kha•o chi tie”t ve¡ caŒc lo• hoŽng caŒc sa•n phaŽm maŸng CaŒc sa•n pham cuãa Cisco co heã ieĂu hanh mang IOS hoaƠc khoŠng coŒ IOS a (Requires a Cisco account) http://www.cisco.com/en/US/products/products_security_advisories_listing.html b Hardening Cisco IOS Against Buffer Overflow Attacks http://www.cisco.com/warp/public/707/cisco-sa-20051102-timers.shtml c Cisco Security Advisories Remote Denial-of-Service in BGP Processing http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml Remote Denial-of-Service in SNMP Processing http://www.cisco.com/warp/public/707/cisco-sa-20040420-snmp.shtml Remote Denial-of-Service in OSPF Processing http://www.cisco.com/warp/public/707/cisco-sa-20040818-ospf.shtml Remote Code Execution in IPv6 Processing http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml Remote Code Execution in Firewall Authentication Proxy http://www.cisco.com/warp/public/707/cisco-sa-20050907-auth_proxy.shtml Remote Code Execution in Cisco CallManager http://www.cisco.com/warp/public/707/cisco-sa-20050712-ccm.shtml Hardcoded Username and Password in Cisco Wireless LAN Solution Engine http://www.cisco.com/warp/public/707/cisco-sa-20040407-username.shtml Hardcoded SNMP Community Strings in Cisco IP/VC http://www.cisco.com/public/technotes/cisco-sa-20050202-ipvc.shtml Remote Code Execution in Cisco Collaboration Server http://www.cisco.com/warp/public/707/cisco-sa-20040630-CCS.shtml Cisco Devices IPSec Handling Vulnerabilities http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml CaŒc sa•n phaŽm cu•a Juniper, CheckPoint va“ Symantec a Juniper OS Vulnerabilities http://www.kb.cert.org/vuls/id/409555 http://www.kb.cert.org/vuls/id/658859 http://www.sans.org/newsletters/risk/display.php?v=4&i=4#widely3 http://www.sans.org/newsletters/risk/display.php?v=3&i=26#other5 http://secunia.com/advisories/17568 212 b CheckPoint Advisories http://www.checkpoint.com/techsupport/alerts/asn1.html http://www.sans.org/newsletters/risk/display.php?v=3&i=30#widely2 c Symantec Advisory http://www.sarc.com/avcenter/security/Content/2004.09.22.html http://www.sans.org/newsletters/risk/display.php?v=3&i=38#other1 …ieŽm ye”u ca”u h¢nh cac thiet bÔ Cisco http://www.cisco.com/warp/public/707/21.html a No Remote Logging By Default http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/fun_r/frprt3/frtroubl.htm#1 017943 b Default SNMP Community Strings http://www.cisco.com/en/US/tech/tk648/tk362/tk605/tsd_technology_support_subprotocol_home.html c Default or Nonexistent Default Passwords http://nvd.nist.gov/nvd.cfm?cvename=CVE-1999-0508 d IP Source Routing Enabled http://www.iss.net/security_center/advice/Underground/Hacking/Methods/Technical/Source_Routin g/default.htm e TCP and UDP Small Services http://www.cisco.com/en/US/products/sw/iosswrel/ps1818/products_tech_note09186a008019d97a.sht ml f Finger Service http://www.cisco.com/en/US/products/sw/iosswrel/ps1818/products_tech_note09186a008019d97a.sht ml g IP Directed Broadcast Enabled http://www.netscan.org/broadcast/problem.html h HTTP Configuration http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/fun_r/frprt1/frd1005.htm 213 LY• L¯CH TR-CH NGANG Ho• vaŸ te“n : NgaŸy, tha‹ng, na˜m sinh : Ni sinh : Ôa chƠ lien laãc : LYã TIEÊU BA°NG 09/06/1978 B—nh D•Žng H172/83 khu 9, ph•ŽŸng Cha‹nh Ngh’a, thÔ xa Thu Dau Mot, tƠnh Bnh Dãng QUA TRầNH ÉO TO 1996 2001 : Sinh vie“n khoa Co“ng NgheŒ Tho“ng Tin, ‚a•i ho•c Ba‹ch Khoa TP.HCM 2004 2006 : Ho•c vie“n Cao ho•c Co“ng NgheŒ Tho“ng Tin, ‚a•i ho•c Ba‹ch Khoa TP.HCM QUẨ TRÇNH CNG TẨC 2001 2007 : Ky” s• •‹ng du•ng, co“ng ty TNHH ‚o– ho•a vaŸ o aãc ban o Ôa Viet ... hoa•c ho• ngh ra? ?ng o la trach nhiem cua ngãi sã duãng Rat nhieu ngãi quan trÔ khong nhan biet ããc cac dÔch vuã ang chaãy tren may chu cua hoã, v ngaŸy ha–u he‘t ca‹c •‹ng du•ng ™e–u ra? ??t ph•‹c... Tr•Ž‹c ™a“y, nh•”ng ng•ŽŸi quan trÔ he thong bao cao ra? ?ng hoã a khong s•ša ch•”a ra? ??t nhie–u ™ie¡m ye‘u ™•Ž•c bie‘t bŽši ™Žn gian la hoã khong biet ra? ?ng ieĂm yeu nao la nguy hie¡m nha‘t vaŸ thaŒt... ha•n che‘ va‘n ™e– bašo maŒt tho“ng tin laŸ moŒt mašng ra? ??t roŒng, vŽ‹i s•• pha‹t trie¡n ra? ??t nhanh cho‹ng cuša co“ng ngheŒ tho“ng tin hieŒn nay, ™o‹ thaŒt s•• laŸ moŒt cuoŒc r•Ž•t ™uo¡i gi•”a co“ng

Ngày đăng: 10/02/2021, 09:27

TÀI LIỆU CÙNG NGƯỜI DÙNG

TÀI LIỆU LIÊN QUAN

w