Unfortunately, I missed a significant portion of the afternoon of Day 4 due to a combination of illness and client demands. Again, over these two days, the balance of lecture to hand-on seemed to be off although the content of the lectures continued to be detailed, wide ranging, well researched, and more than a little frightening.
Summary
- Day: Days 4 and 5
- Topics: Password cracking, getting a shell, worms, web app attacks, DoS, backdoors, app level trojans, backdoor wrappers, rootkits, hinding files, covering tracks in logs, covert networking, more stego
- Tools: brutus, hydra, Cain and Abel, Rainbow Crack, SYSKEY, John the Ripper*, PAM, shred, netcat*, phatbot, SQL Slammer, OWASP suite of tools, Achilles, Paros, Windows at command, CpuHog, Ping of Death, Rose, Smurf, synflood, Tribe Flood Network 2000, tini*, VNC, WinVNC, Sub7, Back Orifice 2000, Setiri, wrappers, burneye, Ollydbg, LRK, AFX, Solaris kernel-mode rootkit, KIS, Adore, FU, Rootkit Revealer, LADS*, WinZapper, reverse www shell, Loki, Covert_TCP*, cd00r, s-tools, stegdetect, xsteg (In the appendix but not discussed: red button, campas, aglimpse, crack, lc5, GetAdmin, SecHole, NetMeeting Buffer Overflow, Tooltalk Buffer Overflow, IMAPd Buffer Overflow, WinNuke, land, redir, SMBRelay, TBA Palm OS War Dialer, QAZ, T0rnkit, RDS, jolt2, DumpSec, Tin00, knark)
- Overall value: 3 out of 5
- Coolness: 4 out of 5
* Starred items were part of hands on exercises.
1 comment:
Sebelum dan sesudahnya saya ucapkan terima kasih untuk penulis blog ini karena telah membuka komentar publik untuk semua orang dan untuk berbagi pengalaman dengan setiap pengunjung blog ini....
penjelasan seterusnya
penjelasan selanjutnya
penjelasan lebih terpercaya
penjelasan lebih akurat
penjelasan lebih detail
penjelasan lebih lengkap
Post a Comment