1. Trang chủ
  2. Luận Văn - Báo Cáo

Nghiên cứu các lỗ hổng bảo mật gây ra bời các chính sách bảo mật của người dùng trên các hệ thống hiện nay

214 4 0
Nghiên cứu các lỗ hổng bảo mật gây ra bời các chính sách bảo mật của người dùng trên các hệ thống hiện nay

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

Thông tin tài liệu

€•i H‚c Quƒc Gia Tp H„ Ch… Minh TR€•NG ‚ƒI H„C B…CH KHOA L† TI‡U BˆNG ‚‰ TŠI: Nghi‹n cŒu c•c lŽ h•ng b•o m‘t g’y b“i c•c ch”nh s•ch b•o m‘t c•a ng–—i d˜ng tr‹n c•c h™ thšng hi™n Chuy†n ng‡nh : Cˆng Ngh‰ Thˆng Tin MŠ ng‡nh : 01.02.10 LU›N VœN THƒC S• TP H‹ CHŒ MINH, th•ng 12 nŽm 2006 CO€NG TR•NH ‚ƒ„…C HOA†N THA†NH TA…I TRƒ„†NG ‚A…I HO…C BA‡CH KHOA ‚A…I HO…C QUOˆC GIA TP HO‰ CHŠ MINH Ca‹n boŒ h•Ž‹ng da•n khoa ho•c : Tie‘n s’ Nguye•n Xua“n Du”ng Ca‹n boŒ cha‘m nhaŒn xe‹t : Tie‘n s’ ‚a•ng Tra–n Kha‹nh Ca‹n boŒ cha‘m nhaŒn xe‹t : Tie‘n s’ Nguye•n ‚—nh Thu‹c LuaŒn va˜n tha•c s’ ™•Ž•c bašo veŒ ta•i HO›I ‚O‰NG CHAˆM BAœO VE› LUA›N VA•N THA…C Sž TRƒ„†NG ‚A…I HO…C BA‡CH KHOA, ngaŸy 13 tha‹ng 12 na˜m 2006 TRƒ„†NG ‚A…I HO…C BA‡CH KHOA PHO•NG …A•O TA†O S…H CO€NG HO•A XA‚ HO€I CHUƒ NGH„A VIE€T NAM ‚O›C LA›P Tƒ… DO HA…NH PHU‡C Tp HCM, nga€y 06 tha•ng 10 na‚m 2006 NHIE€M VU† LUA€N VA‡N THA†C S Hoã ten hoãc vien: Ly TieĂu BaÂng Pha‹i: Nam NgaŸy, tha‹ng, na˜m sinh: 09/06/1978 NŽi sinh: B—nh D•Žng Chuye“n ngaŸnh: Co“ng NgheŒ Tho“ng Tin MSHV: 00704157 I- TEˆN …E‰ TA•I: NghieŠn c‹Œu caŒc lo• hoŽng ba•o ma•t gaŠy b‘•i caŒc ch’nh saŒch ba•o ma•t cu•a ng‹‘“i du“ng treŠn caŒc he• tho”ng hie•n II- NHIE€M VU† VA• NO€I DUNG: - Pha“n t£ch chi tie‘t nguye“n nha“n cuša ca‹c lo• ho¡ng, ca‹c ph•Žng pha‹p ta‘n co“ng vaŸ phoŸng thuš - ‚•a demo th••c te‘ cho ta‘t caš ca‹c nghie“n c•‹u ™a” th••c hieŒn - Nghie“n c•‹u ™e¡ ™•a moŒt heŒ tho‘ng ph•Žng pha‹p giu‹p xa‹c laŒp ca‹c ch£nh sa‹ch bašo maŒt hŽ•p ly‹ Žš m•‹c to¡ng qua‹t ch•‹ kho“ng phaši Žš m•‹c x•š ly‹ t—nh huo‘ng nh• ™a” nghie“n c•‹u tr•Ž‹c ™o‹ - Xa“y d••ng ch•Žng tr—nh pha‹t hieŒn lo• ho¡ng III- NGA•Y GIAO NHIE€M VU†: 10/10/2005 IV- NGA•Y HOA•N THA•NH NHIE€M VU†: 06/10/2006 V- CA•N BO€ H–—•NG DA˜N: Tie‘n s’ Nguye•n Xua“n Du”ng CA•N BO€ H–—•NG DA˜N CN BO€ MOˆN QL CHUYEˆN NGA•NH Tie”n s™ Nguye•n XuaŠn Dušng NoŒi dung vaŸ ™e– c•Žng luaŒn va˜n tha•c s’ ™a” ™•Ž•c HoŒi ™o–ng chuye“n ngaŸnh tho“ng qua NgaŸy TR–—ƒNG PHO•NG …T › S…H tha‹ng na˜m TR–—ƒNG KHOA QL NGA•NH L—•I CAƒM —N Bašn tha“n to“i kho“ng the¡ hoaŸn thaŸnh luaŒn va˜n naŸy moŒt ca‹ch to‘t nha‘t ne‘u kho“ng co‹ s•• giu‹p ™Ž” vaŸ go‹p y‹ cuša ca‹c tha–y vaŸ s•• ™oŒng vie“n cuša gia ™—nh vaŸ ca‹c ba•n ™o–ng nghieŒp Xin cha“n thaŸnh cašm Žn tha–y TS Nguye•n Xua“n Du”ng (Khoa CNTT, ‚a•i ho•c Va˜n Lang) ™a” he‘t loŸng giu‹p ™Ž” qua‹ tr—nh nghie“n c•‹u vaŸ th••c hieŒn ™e– taŸi Xin cašm Žn ba•n ‚o• Ngo•c Duy Tra‹c, gia‹m ™o‘c ma•ng An toaŸn Tho“ng tin VSEC ™a” nhieŒt t—nh giu‹p ™Ž” to“i nh•”ng tho“ng tin taŸi lieŒu nghie“n c•‹u vaŸ kinh nghieŒm th••c tie•n he‘t s•‹c quy‹ gia‹ lu‹c hoaŸn thaŸnh luaŒn va˜n naŸy Xin cašm Žn ca‹c tha–y, co“ khoa Co“ng ngheŒ Tho“ng tin, phoŸng Quašn ly‹ Sau ™a•i ho•c tr•ŽŸng ‚a•i ho•c Ba‹ch Khoa TP.HCM ™a” cung ca‘p kie‘n th•‹c cho to“i suo‘t thŽŸi gian ho•c taŒp cu”ng nh• hoaŸn ta‘t luaŒn va˜n naŸy Xin cha“n thaŸnh cašm Žn ba, me•, vŽ•, vaŸ nh•”ng ng•ŽŸi tha“n gia ™—nh, ba•n beŸ vaŸ ca‹c ba•n ™o–ng nghieŒp co“ng ty ™a” ™oŒng vie“n giu‹p ™Ž” qua‹ tr—nh nghie“n c•‹u vaŸ xa“y d••ng luaŒn va˜n TP.HCM, ngaŸy tha‹ng na˜m 2006 Ly‹ Tie¡u Ba¢ng 199 PHU† LU†C I Tham kha•o chi tie”t ve¡ caŒc lo• hoŽng baão maãt tren Windows Cac dÔch vu cuãa Windows http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfintro.mspx http://www.microsoft.com/windows2000/en/advanced/help/sag_TCPIP_ovr_secfeatures.htm http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/4dbc4c95-935b4617-b4f8-20fc947c7288.mspx a Remote Code Execution in MSDTC and COM+ Services http://www.microsoft.com/technet/Security/bulletin/ms05-051.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=41#widely2 b Remote Code Execution in Print Spooler Service http://www.microsoft.com/technet/Security/bulletin/ms05-043.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=32#widely3 c Remote Code Execution in Plug and Play Service http://www.microsoft.com/technet/Security/bulletin/ms05-047.mspx http://www.microsoft.com/technet/Security/bulletin/ms05-039.mspx http://www.microsoft.com/security/incident/zotob.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=41#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=43#exploit1 http://www.sans.org/newsletters/risk/display.php?v=4&i=32#widely1 http://www.sans.org/newsletters/newsbites/newsbites.php?vol=7&issue=47#305 d Remote Code Execution in Server Message Block Service http://www.microsoft.com/technet/security/bulletin/ms05-027.mspx http://www.microsoft.com/technet/security/bulletin/ms05-011.mspx http://www.qualys.com/research/alerts/view.php/2005-06-14 http://www.sans.org/newsletters/risk/display.php?v=4&i=24#widely3 http://www.sans.org/newsletters/risk/display.php?v=4&i=6#widely6 e Remote Code Execution in Exchange SMTP Service http://www.microsoft.com/technet/security/Bulletin/MS05-021.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=15#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=16#exploit1 f Remote Code Execution in Message Queuing Service http://www.microsoft.com/technet/security/bulletin/ms05-017.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=15#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=19#exploit2 http://www.sans.org/newsletters/risk/display.php?v=4&i=26#exploit2 g Remote Code Execution in License Logging Service http://www.microsoft.com/technet/security/bulletin/ms05-010.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=6#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=11#exploit1 200 h Remote Code Execution in WINS Service http://www.microsoft.com/technet/security/bulletin/MS04-045.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=48#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=50#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=1#exploit1 http://www.sans.org/newsletters/risk/display.php?v=4&i=2#exploit2 i Remote Code Execution in NNTP Service http://www.microsoft.com/technet/security/bulletin/MS04-036.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=41#widely2 j Remote Code Execution in NetDDE Service http://www.microsoft.com/technet/security/bulletin/MS04-031.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=41#widely4 k Remote Code Execution in Task Scheduler http://www.microsoft.com/technet/security/bulletin/ms04-022.asp http://www.sans.org/newsletters/risk/display.php?v=3&i=28#widely1 Internet Explorer € Ca‹c caŒp nhaŒt bašo maŒt cuša Internet Explorer • http://www.microsoft.com/technet/security/Bulletin/MS05-052.mspx • • • • • • • • http://www.sans.org/newsletters/risk/display.php?v=4&i=41#widely3 http://www.microsoft.com/technet/security/Bulletin/MS05-038.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=32#widely2 http://www.microsoft.com/technet/security/Bulletin/MS05-037.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=28#widely1 http://www.microsoft.com/technet/security/Bulletin/MS05-025.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=24#widely1 http://www.microsoft.com/technet/security/Bulletin/MS05-020.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=15#widely3 http://www.sans.org/newsletters/risk/display.php?v=4&i=17#exploit2 http://www.microsoft.com/technet/security/bulletin/ms05-014.mspx http://www.microsoft.com/technet/security/bulletin/ms05-008.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=6#widely2 http://www.microsoft.com/technet/security/bulletin/MS04-040.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=48#widely2 http://www.microsoft.com/technet/security/bulletin/MS04-038.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=41#widely1 http://www.microsoft.com/technet/security/bulletin/MS04-025.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=30#widely1 € Ca‹c lo• ho¡ng Internet Explorer da•ng 0-day (vaŸo thŽŸi ™ie–m co“ng bo‘) http://www.sans.org/newsletters/risk/display.php?v=4&i=33#widely3 http://www.sans.org/newsletters/risk/display.php?v=4&i=29#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=26#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=27#widely1 201 http://www.sans.org/newsletters/risk/display.php?v=3&i=51#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=51#widely4 http://www.sans.org/newsletters/risk/display.php?v=3&i=52#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=46#widely2 http://www.sans.org/newsletters/risk/display.php?v=3&i=45#widely4 http://www.sans.org/newsletters/risk/display.php?v=3&i=44#widely2 http://www.sans.org/newsletters/risk/display.php?v=3&i=43#widely2 http://www.sans.org/newsletters/risk/display.php?v=3&i=44#widely3 http://www.sans.org/newsletters/risk/display.php?v=3&i=42#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=43#widely2 http://www.sans.org/newsletters/risk/display.php?v=3&i=34#exploit1 http://www.sans.org/newsletters/risk/display.php?v=3&i=33#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=28#widely2 CaŒc th‹ vie•n Windows a Th••c thi ma” t•Ÿ xa cŽ ca‘u d••ng h—nh ™o– hoa• cuša Windows http://www.microsoft.com/technet/security/Bulletin/MS05-053.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=45#widely1 b Th••c thi ma” t•Ÿ xa Microsoft DirectShow http://www.microsoft.com/technet/security/Bulletin/MS05-050.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=41#widely1 c Th••c thi ma” t•Ÿ xa module quašn ly‹ maŸu cuša Microsoft http://www.microsoft.com/technet/security/Bulletin/MS05-036.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=28#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=29#exploit1 d Th••c thi ma” t•Ÿ xa HTML Help http://www.microsoft.com/technet/security/bulletin/MS05-026.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=24#widely2 http://www.microsoft.com/technet/security/bulletin/MS05-001.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=2#widely1 http://www.microsoft.com/technet/security/bulletin/MS04-023.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=28#widely3 e Th••c thi ma” t•Ÿ xa Web View http://www.microsoft.com/technet/security/bulletin/MS05-024.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=19#widely2 f Th••c thi leŒnh t•Ÿ xa Windows Shell http://www.microsoft.com/technet/security/bulletin/MS05-016.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=15#widely6 http://www.microsoft.com/technet/security/bulletin/MS04-037.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=41#widely5 http://www.microsoft.com/technet/security/bulletin/MS04-024.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=28#widely5 g Th••c thi ma” t•Ÿ xa ca‹c th• vieŒn lie“n ke‘t cuša Windows 202 http://www.microsoft.com/technet/security/bulletin/ms05-015.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=6#widely10 h Th••c thi ma” t•Ÿ xa qua‹ tr—nh x•š ly‹ ašnh PNG http://www.microsoft.com/technet/security/bulletin/ms05-009.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=6#widely i Th••c thi ma” t•Ÿ xa qua‹ tr—nh x•š ly‹ bie¡u t•Ž•ng vaŸ cursor http://www.microsoft.com/technet/security/bulletin/ms05-002.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=2#widely2 http://www.sans.org/newsletters/risk/display.php?v=3&i=51#widely2 j Th••c thi ma” t•Ÿ xa ca‹c th• mu•c ne‹n cuša Windows http://www.microsoft.com/technet/security/bulletin/MS04-034.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=41#widely3 k Th••c thi ma” t•Ÿ xa qua‹ tr—nh x•š ly‹ ašnh JPEG http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx http://www.sans.org/newsletters/risk/display.php?v=3&i=37#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=38#widely2 Bo• pha¡n me¡m Office va“ Outlook Express a Microsoft Office XP Buffer Overflow http://www.microsoft.com/technet/Security/bulletin/ms05-005.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=6#widely4 b Microsoft OLE and COM Remote Code Execution http://www.microsoft.com/technet/Security/bulletin/ms05-012.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=6#widely7 c Cumulative Security Update for Outlook Express http://www.microsoft.com/technet/security/bulletin/ms05-030.mspx http://www.sans.org/newsletters/risk/display.php?v=4&i=24#widely4 http://www.sans.org/newsletters/risk/display.php?v=4&i=26#exploit3 d Office Access Buffer Overflow http://www.sans.org/newsletters/risk/display.php?v=4&i=15#exploit1 http://securityresponse.symantec.com/avcenter/venc/data/backdoor.ryejet.b.html S‹Ÿ ye”u keŒm ca”u h¢nh Windows a Tho“ng tin ve– GaoBot http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.gaobot.gen.html b DuŸng Brute force ™e¡ que‹t taŸi khoašn MS SQL server http://isc.sans.org/diary.php?date=2004-12-30 c SQL Server kho“ng bašo maŒt vŽ‹i maŒt kha¡u ro•ng cuša taŸi khoašn SA se” ™e¡ la•i lo• ho¡ng cho sa“u ta‘n co“ng http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q313418 d Ghi chu‹ ve– lo• ho¡ng bašo maŒt cuša CERT 203 http://www.kb.cert.org/vuls/id/635463 e Bašo maŒt to‘t nha‘t cho IIS 6.0 http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/596cdf5a-c8524b79-b55a-708e5283ced5.mspx f LaŸm the‘ naŸo eĂ sã duãng gia trÔ RestrictAnonymous registry cua Windows 2000 http://support.microsoft.com/kb/q246261 II Tham kha•o chi tie”t ve¡ caŒc lo• hoŽng caŒc ‹Œng duŸng a moŠi tr‹‘“ng CaŒc pha¡n me¡m l‹u d‹š lie•u a Computer Associates Advisories http://archives.neohapsis.com/archives/bugtraq/2005-08/0033.html http://archives.neohapsis.com/archives/bugtraq/2005-04/0202.html http://www.sans.org/newsletters/risk/display.php?v=4&i=31#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=15#other1 http://www.ca.com/at/local/partner/techtalk_mar05_faq.pdf (Ports Used by Backup Products) b Symantec Veritas Advisories http://seer.support.veritas.com/docs/279553.htm http://seer.support.veritas.com/docs/276604.htm http://seer.support.veritas.com/docs/276605.htm http://seer.support.veritas.com/docs/276606.htm http://seer.support.veritas.com/docs/276533.htm http://seer.support.veritas.com/docs/276607.htm http://seer.support.veritas.com/docs/277567.htm http://seer.support.veritas.com/docs/277566.htm http://www.sans.org/newsletters/risk/display.php?v=4&i=45#widely4 http://www.sans.org/newsletters/risk/display.php?v=4&i=38#other3 http://www.sans.org/newsletters/risk/display.php?v=4&i=25#widely1 http://www.us-cert.gov/current/current_activity.html#VU378957 c EMC Legato and Sun Advisories http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1 http://www.sans.org/newsletters/risk/display.php?v=4&i=33#widely2 d Arkeia Advisory http://www.arkeia.com/securityfix/ http://www.sans.org/newsletters/risk/display.php?v=4&i=8#widely1 e BakBone Advisory http://www.sans.org/newsletters/risk/display.php?v=4&i=19#other1 (unpatched) http://www.sans.org/newsletters/risk/display.php?v=4&i=14#other1 204 CaŒc pha¡n me¡m die•t virus Be“n d•Ž‹i laŸ danh sa‹ch ca‹c nhaŸ cung ca‘p ch•Žng tr—nh dieŒt virus ™e¡ kie¡m tra ca‹c bašn caŒp nhaŒt, va‹ lo•i hoa•c ca‹c lŽŸi khuye“n bašo maŒt a Anti-virus Security Advisories http://www.sans.org/newsletters/risk/display.php?v=4&i=6 (Symantec) http://www.sans.org/newsletters/risk/display.php?v=4&i=6 (F-Secure) http://www.sans.org/newsletters/risk/display.php?v=4&i=8#widely2 (Trend Micro) http://www.sans.org/newsletters/risk/display.php?v=4&i=12#widely1 (McAfee) http://www.sans.org/newsletters/risk/display.php?v=4&i=21#widely1 (Computer Associates) http://www.sans.org/newsletters/risk/display.php?v=4&i=30#widely1 (ClamAV) http://www.sans.org/newsletters/risk/display.php?v=4&i=38 (ClamAV) http://www.sans.org/newsletters/risk/display.php?v=4&i=34#other2 (HAURI) http://www.sans.org/newsletters/risk/display.php?v=4&i=35#widely2 (Sophos) http://www.sans.org/newsletters/risk/display.php?v=4&i=38#other2 (AhnLab and AVIRA) http://www.sans.org/newsletters/risk/display.php?v=4&i=42#other4 (AhnLab) http://www.sans.org/newsletters/risk/display.php?v=4&i=40#other3 (Kaspersky) b Anti-virus Evasion Issues http://www.kb.cert.org/vuls/id/968818 http://www.uniras.gov.uk/niscc/docs/re-20040913-00591.pdf?lang=en http://www.sans.org/newsletters/risk/display.php?v=4&i=43#other4 c Other Anti-virus Resources http://www.cert.org/other_sources/viruses.html http://www.virusbtn.com/ http://www.eicar.com/ http://www.wildlist.org/ Cac ng dung viet baăng PHP a Cac loã hoĂng tre“n PHP http://www.hardened-php.net/advisory_202005.79.html http://www.hardened-php.net/advisory_152005.67.html http://www.hardened-php.net/advisory_142005.66.html http://www.sans.org/newsletters/risk/display.php?v=3&i=50#widely4 http://www.sans.org/newsletters/risk/display.php?v=3&i=23#other1 http://www.sans.org/newsletters/risk/display.php?v=3&i=28#widely4 http://www.sans.org/newsletters/risk/display.php?v=3&i=48#exploit1 b Hardened PHP Project http://www.hardened-php.net/ c OWASP Webpage (Ch•‹a ca‹c co“ng cu• vaŸ taŸi lieŒu cho vieŒc kie¡m tra ca‹c lo• ho¡ng cuša •‹ng du•ng web) http://www.owasp.org/ d Ca‹c t£nh na˜ng bašo maŒt PHP http://au.php.net/features.safe-mode 205 Pha¡n me¡m c‘ s‘• d‹š lie•u a SANS Reading Room on Database Security http://www.sans.org/rr/catindex.php?cat_id=3 b Oracle SANS Comprehensive Security Checklist for Oracle http://www.sans.org/score/oraclechecklist.php https://store.sans.org/store_item.php?item=80 CIS Oracle Benchmark Tool http://www.cisecurity.org/bench_oracle.html Oracle security information can be found at http://www.petefinnigan.com/orasec.htm http://otn.oracle.com/deploy/security/index.html c MySQL SecurityFocus step-by-step guide to securing MySQL http://www.securityfocus.com/infocus/1726 MySQL Security http://dev.mysql.com/doc/mysql/en/Security.html PostgreSQL Security Guide http://www.postgresql.org/docs/7/interactive/security.html Microsoft SQL Security Guide http://www.microsoft.com/sql/techinfo/administration/2000/security/default.mspx d IBM DB2 http://www.net-security.org/dl/articles/Securing_IBM_DB2.pdf –•ng duŸng chia se• ta•p tin a US DHS Information Bulletin "Unauthorized Peer-to-Peer (P2P) Programs on Government Computers" http://www.dhs.gov/interweb/assetlibrary/IAIP_UnauthorizedP2PProgramsGovtComp_041905.pdf b Federal Law Enforcement Announces Operation D-Elite, Crackdown on P2P Piracy Network: First Criminal Enforcement Against BitTorrent Network Users http://www.usdoj.gov/criminal/cybercrime/BitTorrent.htm c Cyber Security Tip ST05-007 - Risks of File-Sharing Technology http://www.us-cert.gov/cas/tips/ST05-007.html d Risks of P2P File Sharing http://www.ftc.gov/bcp/workshops/filesharing/presentations/hale.pdf e Symantec Internet Security Threat Report - Trends for July 04- December 04 Volume VII, Published March 2005 http://ses.symantec.com/pdf/ThreatReportVII.pdf 206 f Securing Windows XP Professional in a Peer-to-Peer Networking Environment http://www.microsoft.com/technet/security/smallbusiness/prodtech/windowsxp/sec_winxp_pro_p2p mspx g Identifying P2P users using traffic analysis - Yiming Gong - 2005-07-21 http://www.securityfocus.com/infocus/1843 h Sinit P2P Trojan Analysis http://www.lurhq.com/sinit.html i How to block specific network protocols and ports by using IPSec (MS KB article 813878) http://support.microsoft.com/kb/813878 j Using Software Restriction Policies to Protect Against Unauthorized Software http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/rstrplcy.mspx k Availability and description of the Port Reporter tool (MS KB article 837243) http://support.microsoft.com/kb/837243 l New features and functionality in PortQry version 2.0 (MS KB article 832919) http://support.microsoft.com/default.aspx?kbid=832919 m Log Parser 2.2 http://www.microsoft.com/technet/scriptcenter/tools/logparser/default.mspx n Browsing the Web and Reading E-mail Safely as an Administrator (DropMyRights) http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode/html/secure11152004.asp o Peer-to-Peer (P2P) Security and QoS Frequently Asked Questions (CheckPoint) http://secureknowledge.checkpoint.com/pub/sk/docs/public/firewall1/ng/pdf/p2p_faq.pdf Pha¡n me¡m DNS a DNS Vulnerabilities http://www.sans.org/newsletters/risk/display.php?v=4&i=11 http://www.sans.org/newsletters/risk/display.php?v=4&i=14#widely1 http://isc.sans.org/presentations/dnspoisoning.php http://thekelleys.org.uk/dnsmasq/doc.html http://www.icir.org/vern/papers/reflectors.CCR.01/node8.html b DNS Version Survey and Server Software http://mydns.bboy.net/survey/ http://www.dns.net/dnsrd/servers/ c Inner Workings of DNS http://www.internic.net/faqs/authoritative-dns.html 207 http://www.sans.org/rr/whitepapers/dns/ http://www.cert.org/archive/pdf/dns.pdf http://www.isc.org/index.pl http://www.microsoft.com/windows2000/technologies/communications/dns/default.mspx http://www.dns.net/dnsrd/ d DNSSEC Deployment http://www.dnssec-deployment.org/ http://www.dnssec.net/ http://csrc.nist.gov/publications/drafts/DRAFT-SP800-81.pdf e DNS Security Best Practices http://www.cymru.com/Documents/secure-bind-template.html http://www.softpanorama.org/DNS/security.shtml http://cookbook.linuxsecurity.com/sp/bind_hardening8.html http://www.isc.org/index.pl?/sw/bind/bind-security.php CaŒc ch‹‘ng tr¢nh xem phim, ch‘i nhaŸc a DNS Vulnerabilities http://www.sans.org/newsletters/risk/display.php?v=4&i=11 http://www.sans.org/newsletters/risk/display.php?v=4&i=14#widely1 http://isc.sans.org/presentations/dnspoisoning.php http://thekelleys.org.uk/dnsmasq/doc.html http://www.icir.org/vern/papers/reflectors.CCR.01/node8.html b RealNetworks Media Player Products Home Page http://www.realnetworks.com/products/media_players.html Security Reports http://service.real.com/help/faq/security/ http://service.real.com/help/faq/security/051110_player/EN/ http://www.sans.org/newsletters/risk/display.php?v=4&i=40#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=25#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=16#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=10#exploit1 http://www.sans.org/newsletters/risk/display.php?v=4&i=9#widely2 http://www.sans.org/newsletters/risk/display.php?v=3&i=43#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=39#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=23#widely4 c Helix Player Home Page https://player.helixcommunity.org/ News, Including Security Announcements https://helixcommunity.org/news/ d Apple 208 QuickTime Home Page http://www.apple.com/quicktime/ iTunes Home Page http://www.apple.com/itunes/ Apple Security Updates http://docs.info.apple.com/article.html?artnum=61798 QuickTime Support http://www.apple.com/support/quicktime/ Security Reports http://www.sans.org/newsletters/risk/display.php?v=4&i=45#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=19#widely3 http://www.sans.org/newsletters/risk/display.php?v=4&i=2#widely3 http://www.sans.org/newsletters/risk/display.php?v=4&i=3#exploit1 e Nullsoft Winamp Home Page http://www.winamp.com/ http://www.winamp.com/about/news.php Security Reports http://www.sans.org/newsletters/risk/display.php?v=4&i=5#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=47#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=36#widely1 http://www.sans.org/newsletters/risk/display.php?v=3&i=34#widely1 f Microsoft Windows Media Player Home Page http://www.microsoft.com/windows/windowsmedia/default.aspx Windows Media Player 10 Security http://www.microsoft.com/windows/windowsmedia/mp10/security.aspx Microsoft Security Bulletin Search http://www.microsoft.com/technet/security/current.aspx Security Reports http://www.sans.org/newsletters/risk/display.php?v=3&i=51#04.51.1 http://www.sans.org/newsletters/risk/display.php?v=4&i=6#widely5 g Macromedia Flash Player Homepage http://www.macromedia.com/software/flashplayer Security Reports http://www.sans.org/newsletters/risk/display.php?v=4&i=45#widely3 CaŒc ch‹‘ng trÂnh nhaân tin a Threats to Instant Messaging 209 http://securityresponse.symantec.com/avcenter/reference/threats.to.instant.messaging.pdf http://www.eweek.com/article2/0,1895,1864869,00.asp b IM Buffer Overflows http://www.sans.org/newsletters/risk/display.php?v=3&i=32#widely1 (AOL) (Windows and http://www.sans.org/newsletters/risk/display.php?v=4&i=6#widely5 Messenger) http://www.sans.org/newsletters/risk/display.php?v=4&i=15#widely7 (MSN Messenger) http://www.sans.org/newsletters/risk/display.php?v=4&i=43#other1 (Skype) TrÂnh duyeãt Mozilla va“ Firefox Mozilla Firefox Vulnerabilities http://www.sans.org/newsletters/risk/display.php?v=4&i=39#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=38#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=37#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=38#exploit1 http://www.sans.org/newsletters/risk/display.php?v=4&i=28#widely8 http://www.sans.org/newsletters/risk/display.php?v=3&i=37#widely2 10 Lo• hoŽng caŒc sa•n phaŽm maŸng a CA License Manager Overflows http://supportconnectw.ca.com/public/reglic/downloads/licensepatch.asp#alp http://supportconnectw.ca.com/public/ca_common_docs/security_notice.asp http://www.sans.org/newsletters/risk/display.php?v=4&i=9#widely1 b Novell eDirectory iMonitor and ZENWorks Overflow http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098568.htm http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972038.htm http://www.sans.org/newsletters/risk/display.php?v=4&i=33#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=20#widely1 c Computer Associates Message Queuing Vulnerabilities http://archives.neohapsis.com/archives/bugtraq/2005-08/0292.html http://www.sans.org/newsletters/risk/display.php?v=4&i=34#widely1 http://www.sans.org/newsletters/risk/display.php?v=4&i=42#exploit2 d Sun Java Security Vulnerabilities http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101748-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101749-1 http://www.sans.org/newsletters/risk/display.php?v=3&i=47#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=12#widely2 http://www.sans.org/newsletters/risk/display.php?v=4&i=24#widely10 e HP Radia Management Software Overflows http://archives.neohapsis.com/archives/bugtraq/2005-06/0009.html http://www.sans.org/newsletters/risk/display.php?v=4&i=22#other1 MSN 210 http://www.sans.org/newsletters/risk/display.php?v=4&i=18#other2 http://www.sans.org/newsletters/risk/display.php?v=4&i=30#exploit1 f Snort BackOrifice Preprocessor Overflow http://www.snort.org/pub-bin/snortnews.cgi#99 http://www.sans.org/newsletters/risk/display.php?v=4&i=42#widely1 g RSA SecuID Web Agent Overflow http://www.kb.cert.org/vuls/id/790533 http://www.sans.org/newsletters/risk/display.php?v=4&i=42#widely1 III Tham kha•o chi tie”t ve¡ caŒc lo• hoŽng he• tho”ng UNIX iem yeu cau hÂnh heã thong UNIX a SSH Brute Force Attacks and Counter Measures http://isc.sans.org/diary.php?date=2004-11-04 http://isc.sans.org/diary.php?date=2004-11-02 http://isc.sans.org/diary.php?date=2004-09-11 http://isc.sans.org/diary.php?date=2004-08-30 http://isc.sans.org/diary.php?date=2004-08-29 http://isc.sans.org/diary.php?date=2004-08-22 http://seclists.org/lists/firewall-wizards/2005/Jun/0154.html http://www.counterpane.com/alert-cis20040910-1.html http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1094140,00.html http://www.frsirt.com/exploits/08202004.brutessh2.c.php b General UNIX Security Resources http://www.cisecurity.org/ http://www.bastille-linux.org/ Mac OS X a Mac OS X Vulnerabilities http://www.sans.org/newsletters/risk/display.php?v=4&i=23#widely3 b Apple Product Security http://www.apple.com/support/security/ c SecureMac http://www.securemac.com/ d Macintosh Security http://www.macintoshsecurity.com/ e Security Announce http://lists.apple.com/mailman/listinfo/security-announce f CISecurity MAC OS X Benchmark http://www.cisecurity.org/bench_osx.html g Securing Mac OS X 10.4 Tiger 211 http://www.corsaire.com/white-papers/050819-securing-mac-os-x-tiger.pdf h Securing Mac OS X 10.3 Panther http://www.corsaire.com/white-papers/040622-securing-mac-os-x.pdf IV Tham kha•o chi tie”t ve¡ caŒc lo• hoŽng caŒc sa•n phaŽm maŸng CaŒc sa•n pham cuãa Cisco co heã ieĂu hanh mang IOS hoaƠc khoŠng coŒ IOS a (Requires a Cisco account) http://www.cisco.com/en/US/products/products_security_advisories_listing.html b Hardening Cisco IOS Against Buffer Overflow Attacks http://www.cisco.com/warp/public/707/cisco-sa-20051102-timers.shtml c Cisco Security Advisories Remote Denial-of-Service in BGP Processing http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml Remote Denial-of-Service in SNMP Processing http://www.cisco.com/warp/public/707/cisco-sa-20040420-snmp.shtml Remote Denial-of-Service in OSPF Processing http://www.cisco.com/warp/public/707/cisco-sa-20040818-ospf.shtml Remote Code Execution in IPv6 Processing http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml Remote Code Execution in Firewall Authentication Proxy http://www.cisco.com/warp/public/707/cisco-sa-20050907-auth_proxy.shtml Remote Code Execution in Cisco CallManager http://www.cisco.com/warp/public/707/cisco-sa-20050712-ccm.shtml Hardcoded Username and Password in Cisco Wireless LAN Solution Engine http://www.cisco.com/warp/public/707/cisco-sa-20040407-username.shtml Hardcoded SNMP Community Strings in Cisco IP/VC http://www.cisco.com/public/technotes/cisco-sa-20050202-ipvc.shtml Remote Code Execution in Cisco Collaboration Server http://www.cisco.com/warp/public/707/cisco-sa-20040630-CCS.shtml Cisco Devices IPSec Handling Vulnerabilities http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml CaŒc sa•n phaŽm cu•a Juniper, CheckPoint va“ Symantec a Juniper OS Vulnerabilities http://www.kb.cert.org/vuls/id/409555 http://www.kb.cert.org/vuls/id/658859 http://www.sans.org/newsletters/risk/display.php?v=4&i=4#widely3 http://www.sans.org/newsletters/risk/display.php?v=3&i=26#other5 http://secunia.com/advisories/17568 212 b CheckPoint Advisories http://www.checkpoint.com/techsupport/alerts/asn1.html http://www.sans.org/newsletters/risk/display.php?v=3&i=30#widely2 c Symantec Advisory http://www.sarc.com/avcenter/security/Content/2004.09.22.html http://www.sans.org/newsletters/risk/display.php?v=3&i=38#other1 …ieŽm ye”u ca”u h¢nh cac thiet bÔ Cisco http://www.cisco.com/warp/public/707/21.html a No Remote Logging By Default http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/fun_r/frprt3/frtroubl.htm#1 017943 b Default SNMP Community Strings http://www.cisco.com/en/US/tech/tk648/tk362/tk605/tsd_technology_support_subprotocol_home.html c Default or Nonexistent Default Passwords http://nvd.nist.gov/nvd.cfm?cvename=CVE-1999-0508 d IP Source Routing Enabled http://www.iss.net/security_center/advice/Underground/Hacking/Methods/Technical/Source_Routin g/default.htm e TCP and UDP Small Services http://www.cisco.com/en/US/products/sw/iosswrel/ps1818/products_tech_note09186a008019d97a.sht ml f Finger Service http://www.cisco.com/en/US/products/sw/iosswrel/ps1818/products_tech_note09186a008019d97a.sht ml g IP Directed Broadcast Enabled http://www.netscan.org/broadcast/problem.html h HTTP Configuration http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/fun_r/frprt1/frd1005.htm 213 LY• L¯CH TR-CH NGANG Ho• vaŸ te“n : NgaŸy, tha‹ng, na˜m sinh : Ni sinh : Ôa chƠ lien laãc : LYã TIEÊU BA°NG 09/06/1978 B—nh D•Žng H172/83 khu 9, ph•ŽŸng Cha‹nh Ngh’a, thÔ xa Thu Dau Mot, tƠnh Bnh Dãng QUA TRầNH ÉO TO 1996 2001 : Sinh vie“n khoa Co“ng NgheŒ Tho“ng Tin, ‚a•i ho•c Ba‹ch Khoa TP.HCM 2004 2006 : Ho•c vie“n Cao ho•c Co“ng NgheŒ Tho“ng Tin, ‚a•i ho•c Ba‹ch Khoa TP.HCM QUẨ TRÇNH CNG TẨC 2001 2007 : Ky” s• •‹ng du•ng, co“ng ty TNHH ‚o– ho•a vaŸ o aãc ban o Ôa Viet ... hoa•c ho• ngh ra? ?ng o la trach nhiem cua ngãi sã duãng Rat nhieu ngãi quan trÔ khong nhan biet ããc cac dÔch vuã ang chaãy tren may chu cua hoã, v ngaŸy ha–u he‘t ca‹c •‹ng du•ng ™e–u ra? ??t ph•‹c... Tr•Ž‹c ™a“y, nh•”ng ng•ŽŸi quan trÔ he thong bao cao ra? ?ng hoã a khong s•ša ch•”a ra? ??t nhie–u ™ie¡m ye‘u ™•Ž•c bie‘t bŽši ™Žn gian la hoã khong biet ra? ?ng ieĂm yeu nao la nguy hie¡m nha‘t vaŸ thaŒt... cung ca”p thie”u traŒch nhie•m: ra? ??t nhie–u nhaŸ cung ca‘p kho“ng quan ta“m ™e‘n ™ie–u g— xašy ch•Žng tr—nh cuša ho• VieŒc ™ašm bašo cha‘t l•Ž•ng ngaŸnh co“ng nghieŒp pha–n me–m ra? ??t ye‘u ‚e¡ tie‘t

Ngày đăng: 16/04/2021, 04:19

Xem thêm: Nghiên cứu các lỗ hổng bảo mật gây ra bời các chính sách bảo mật của người dùng trên các hệ thống hiện nay

Tài liệu cùng người dùng

Tài liệu liên quan