Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > invades the examination > Content
Hot Articles
Based on CallStack count
Bypasses the web key wor
Security precious book m
pcshare official net exa
How to use double WAN ro
php.ini explains in deta
Only opens 80 port's saf
pcshare official net exa
To the Image File Execut
The invasion examination
Serv-U bounce attack and
IDS invasion examination
Bypasses the CallStack f
Four next generation inv
The network invasion exa
Recommend Articles
Only opens 80 port's saf
Bypasses the web key wor
Bypasses the CallStack f
Security precious book m
Based on CallStack count
pcshare official net exa
SQL Server SA idle talk
Honey jar and honey net
The invasion examines th
Four next generation inv
An accidental invasion e
The invasion examines (I
How to use IDS to invade
The invasion examination
A winding safe examinati
New Articles
After one time by DNS at
Analyzes tool bag which
The part prevents the me
About Ramen package of f
Captures IDS using the U
Realizes simple NIDS wit
High-level WIN2K ROOTKIT
Realizes simple NIDS wit
Discusses the network at
Linux invasion observati
Linux invasion observati
Linux invasion observati
Is invaded system's rest
Is invaded system's rest
Discusses the network sh
Win2000 Server invasion monitor
  Add date: 10/10/2008   Publishing date: 10/10/2008   Hits: 2
Total 8 pages, Current page:1, Jump to page:
 
The invasion examination is preliminary

  Previous chapter of we talked about the Win2000 Server safe disposition, undergoes the careful disposition the Win2000 server to be possible to defend 90% above invasions and the seepage, but, on elephant time a chapter of conclusion I mentioned: The system safety is a continual process, along with the new crack's appearance and the server application's change, system's safe condition unceasingly is also changing; Simultaneously because the attack and defense is the contradictory entity, the road disappears the evil spirit length and the evil spirit disappears the Daoist priest also in the unceasing transformation, therefore, the wise system manager cannot guarantee that is providing the service the server long time not to invade absolutely.

  Therefore, the security disposed the server is not the trouble-free service conclusion, on the contrary will actually be the long tasteless trouble-free service start, this article we will discuss the Win2000 server invasion examination initially the preliminary skill, hoped that could help you to maintain server's security for a long time.

  In this article said what the invasion examination refers to the examination which using Win2000 Server is own function and system manager compiles the software/script which carries on, uses the firewall (Firewall) or invades the observation system (IDS) skill not in this article discussion scope.

  Now supposes: We have a Win2000 Server server, and underwent the preliminary safe disposition (to be possible to refer to Win2000 about the safe disposition details the Server safe disposition to cross the threshold < one >), in this case, the majority of intruder will keep them out. (ha, my manager might go home to sleep) has been being slow, what I said was majority, was not completely, underwent the preliminary security disposition the server, although might defend (procedure which the overwhelming majority Script kid script race - will only use others to write to invade server's person), has run into the genuine master, collapsed at the first blow. Although said that the genuine master will not enter others' server casually, but was also unable to say for certain to have several bad conduct the evil faction master to have a liking for your server. (I really such fades? ) moreover, at crack's discovery and between the patch issue often some period of time's vacuum, any knew crack material the human may seize the opportunity to sneak, by now, the invasion examination technology appeared unusual important.

  The invasion examination mainly carried on according to the application, provides the corresponding service to have the corresponding examination analysis system to carry on the protection, regarding the common main engine, mainly should pay attention to the following several aspects:

1st, invades the examination based on 80 ports

  The WWW service was probably one of most common services, moreover, because this service facing the user community, the service current capacity and the order of complexity was very high, therefore were also most in view of this service's crack and the invasion skill. Regarding NT, IIS has been a part which the system manager compared has a headache (wishes one could to turn off 80 ports), but was good because of the IIS bringing journal function the efficient helper who might become the invasion examination from some kind of degree. The IIS bringing journal file default deposits under the System32/LogFiles table of contents, generally is according to 24 hour trundle, may carry on the detailed disposition in the IIS supervisor to it. (how to match me specifically, no matter you, but you, if detailed record, turns head does not look up intruder's IP to be possible not to need to cry)

 
Other pages: : 1 * 2 * 3 * 4 * 5 * 6 * 7 * 8 * Next>>
Prev:Invasion examination system: Theory and practice Next:Brief analysis network invasion observation system - IDS application

Comment:

Category: Home > invades the examination
Home