8/18/09

很早就把這些抄了下來的，
今天得閑，就再加深一下印象而已。

中文名：堆棧攻擊——8層網絡安全攻防實踐
原書名：Hack The Stack——Using Snort
And Ethereal To Master The 8
Layers Of An Insecure NetWork

這本講網絡安全的書，上個月就匆匆看完了；
特別是按照OSI網絡各層的漏洞/安全問題進行分析的思路，
在同類安全書籍中確屬稀物；雖然此書的翻譯本人覺得不是討好；
但內容中列舉了不少工具的地址，仍然不算差吧。

下面依照本書各頁中提及的工具或實用網址進行摘錄
以期與興趣相似者共享之：

p2：閱讀介紹及常用工具

1）RFC文檔： http://www.faqs.org/rfcs
2）嗅探器： http://www.ethereal.com
or http://www.wirehack.org
3）入侵檢測：IDSes/Snort http://www.snort.org

一、物理層

p13 http://www.cert.org
p24 http://code.writers.com
p30 http://www.secruitypipeline.com/news/18902074
p35 Bluewatch http://www.airdefense.net
p38 http://www.secruityfocus.com
p43 http://www.remote-exploit.org
p44 http://phenolit.de
p45 home.eunet.no/pnordahl/ntpasswd
p45 http://st-d.org
p45 www.insidepro.com/eng/saminside.shtml

二、數據鏈路層

p54 http://www.coffer.com
p56 Pcap
http://sourceforge.net/projuects/libcap/.ht(for linux)
http://www.winpcap.org (for win)
p62 tcpdump
http://www.tcpdump.org(for linux)
http://www.winpcap.org/windump(for win)
p66 Cain and Abel
http://www.oxid.it/cain.html
p67 WinArpAttrack
http://www.xfocus.net/tools
p69 Netstumbler
http://www.netstumbler.org
p70 Kismet
http://www.renderlab.net(for win)
http://www.kismetwireless.net(for linux)

p72 openssh
http://www.openssh.com
putty
http://www.chiak.greenend.org.uk/~sgtatham/.putty

三、網絡層

P103 http://www.sys-secruity.com
pofv2
http://lcamfuf.coredump.cx/pof.tgz
p117 http://www.nas.gov/snac/downloads_all.cfm
Nemesis
http://sourceforge.net/projects/nemesis

p117 ptunnel
http://www.cs.uit.no/~daniels/pingtunnel
p119 ackcmd
http://netsecruity.nu/toolbox/ackcmd

四、傳輸層

P128 http://iana.org
p135 Nmap
http://www.insecure.org
p141 Amap
http://thc.segfault.net/thc-amap
p143 Scanrand
http://www.doxpara.com/read.php/code/packetto.html
p148 Xprobe2
http://www.sys-secruity.com
p156 Stunnel
http://www.stunnel.org

五、對話層

p171 http://www.hping.org
p176 Ettercap
http://ettercap.sourceforge.net
p182 Kerberos
http://web/mit.edu/kerboros/www/dialogue.html
p183 shmoo
http://rainbowtables.shmoo.com
dsniff
http://www.datanerds.net/!mike/dsniff.html
John the Ripper
http://www.openwall.com/john
p188 Arpwatch
http://ee.lbl.gov

六、表示層

p201 Netbios
http://timothydevams.me.uk/n2c.html
p203 Euam
http://cotse.com/tools/netbios.html
p204 Winfo
http://ntsecurity.nu/toolbox/winfo
p206 DumpSec/Hyena
http://www.somarsoft.com
NBTScan
http://www.inetcat.org/software/nbtscan
p212 BurpProxy
http://www.portswigger.nt/proxy
p217 Achilles
http://www.mavensecurity.com/achilles

七：應用層
p255 DNSA
http://packetfactory.net/projects/dnsa
p263 w00W00 On Heap Overflows
http://w00w00.org/files/articles/helptut.tex
Vudo Malloc Tricks
http://www.phrack.org/phrack/57/p57-x08
p269 http://www.sysinternationals.com
p273 MetaSploit
http://www.metasploit.com
p284 Nessus
http://nessus.org
p286 http://www.securityfocus.com
http://www.milw0rm.com

八：人工層 p291 http://www.myoids.com
p292 http://www.facetime.com
ad-ware
http://www.lavasoftusa.com
http://www.spybot.info
http://www.webroot.com

spyware doctor
http://www.pctools.com/spyware-doctor

http://www.xtool.com
http:///www.ztrace.com
http://www.pccrack.com
http://www.reference.com
http://www.petrico.il

“盡信書則不如無書”！
還是多靠平時的多練習和總結啊！
以上地址未一一驗證是否有效，絮不多言。