7 Windows Linux.

Transcription

1 7 Windows Linux

2 Windows 7.3 Windows 7.4 Linux(Unix) 7.5 Linux

3 7.1 TCSEC (Trusted Computer System Evaluation Criteria- ) ADP(Automatic Data Processing) TCSEC DEPARTMENT OF DEFENSE TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA DoD STD 119 D C B A C B

4 D C (MINIMAL PROTECTION) (DISCRETIONARY PROTECTION) 2 C1: (DISCRETIONARY SECURITY PROTECTION ) C2: (CONTROLLED ACCESS PROTECTION ) B (MANDATORY PROTECTION) 3 B1: (LABELED SECURITY PROTECTION) B2: (STRUCTURED PROTECTION) B3: (SECURITY DOMAINS) A: (VERIFIED PROTECTION) A1 A1: (VERIFIED DESIGN)

5 TCSEC TCSEC B2 A1 TCSEC TCB TCSEC TCB TCSEC

6 ITSEC ISO ITSEC CC (common criteria) TCSEC ISO CC for ITSEC ISO CC 2.0 ISO 15408

7 SO/IEC CC for ITSEC ISO/IEC permits comparability between the results of independent security evaluations. ISO/IEC does so by providing a common set of requirements for the security functionality of IT products and for assurance measures applied to these IT products during a security evaluation. These IT products may be implemented in hardware, firmware or software. The evaluation process establishes a level of confidence that the security functionality of these IT products and the assurance measures applied to these IT products meet these requirements. The evaluation results may help consumers to determine whether these IT products fulfil their security needs.

8 GB GB

9 Windows NT Unix C Windows NT 3 NT3.5 TCSEC( ) C2 Windows2000 ( 2003 vista 2008 window7) Windows NT C2 Unix ( Linux) Windows C2 I T S E C ( I n f o r m a t i o n Technology Security Evaluation Criteria) E3 C2

10 C2 C2 4 ( )

11 NT NT B C2 Windows Unix

12 Windows 7.2 Windows C Windows 2003

13 1. NTFS NTFS NT ACL FAT32 ACL FAT ACL 7-1

14

15 7-2 Everyone Web 7-3

16

17

18 2. 3 Internet Guest

19 3. Windows

20 7-4

21 (1) (2) (3) (4)

22 7-5 TCP/IP

23 7-6 Windows7 Windows8

24 Windows10

25 5. Windows2003 IPSEC ( Windows2003 ) 7-7 ICMP

26 7-7

27 6. Windows 2003 win

28 7-8

29 7. cmd.exe win2003 CMD 7-9

30 7-9

31 8. 360

32 9. (1) (2) (VMWare VirtualBox) (3) 1) 2) USB U 3) ftp

33 Windows 10 Windows 10 Windows 10 (1) Microsoft Passport Windows Windows Hello (MFA) Credential Guard (VBS)

34 (2) BitLocker BitLocker To Go Windows 10 Services Windows 10 Internet Rights Management (VPN)

35 (3) Windows 10 Microsoft Edge Windows 8.1 VBS Device Guard Windows Defender AppContainers Windows 10

36 7.3 Windows Windows C2 Windows Windows

37 7.3.1 Windows / Administrator

38 6 net use / : C:\>net use \\victim\ipc$ password /u:username / enum NAT(NetBIOS Auditing Tool), SMBGrind, Windows

39 7.3.2 Windows windows Windows ( windows

40 Windows2000 Windows2000 Windows2000

41 (1) ( ) 3389 Windows2000 Ctrl+Shift

42 Windows2000 c:\winnt\ SYSTEM32

43 7-10

44

45 7-11 Windows2000 SYSTEM32

46 c:\winnt\system32\net.exe user guest /active:yes guest net.exe user

47 guest user guest (open) guest guest / guest localgroup administrators

48

49 (2) guest (3) net.exe winnt\system32\logfiles

50 7.3.3 MSRPC Kaht2.exe windows2000

51 Kaht2.exe windows2000 Kaht2 MSRPC DCOM Kaht2 (windows2000) SYSTEM Kaht

52 7-12 kaht2 Windows2000

53 7-13

54 7.4 Linux(Unix) Linux Linux Linux Linux

55 7.4.1 Linux (1) Linux Linux Linux root

56 root root root root ( root httpd(apache Web ) httpd 80 root ) root root ID 0 ID 0 root

57 root 0 ID UID=0 Linux (redhat9.0 ) UID=0 Linux UID root Linux (Fedora root Ubuntu)

58 ) ( Linux adduser

59 (/etc/passwd /etc/passwd shell shell /bin/false /sbin/nologin ftp apache lp ftp FTP apache HTTP lp Login Shell=/sbin/nologin Linux )

60 Linux /etc/passwd /etc/passwd /etc/passwd Linux /etc/shadow ( ) root /etc/passwd shell (UID) (GID) Unix

61 / etc/shadow passwd /etc/ shadow /etc/passwd LOGNAME : x : UID : GID : USERINFO : HOME : SHELL root:x:0:0:root:/root:/bin/bash ftp:x:14:50:ftp User:/var/ftp:/sbin/nologin hadoop:x:1000:1000:hadoop:/home/hadoop:/bin/bash

62 (2) ls -l : -rwxrwxrwx. 1 ns ns 7263 Mar 3 14:31 exit_asm -rw-rw-r--. 1 ns ns 140 Oct 6 15:49 exit_asm.c - rwx rwx rwx

63 s S - s S s S x s - S chmod 3 8 r 4 w 2 x 1 rwxr-xr-- 754

64 (3) Unix ls -l d ls rm mv

65 (4) ID ID ID (SUID) ID (SGID) ( ) 4 UID euid GID egid UID GID UID GID ( UID GID) UID GID SUID

66 SUID euid euid euid SGID GID chmod u+s chmod u-s SUID chmod g+s chmod g-s SGID SUID SGID chown chgrp

67 suid sgid SUID root euid root suid root

68 SUID #include <stdio.h> #include <stdlib.h> int main(int argc, char * argv[]) { FILE *fp; char *line = NULL; size_t len = 0; ssize_t read; fp = fopen("/etc/shadow", "r"); if (fp == NULL){ puts("cannot open the file /etc/shadow"); exit(exit_failure); } while ((read = getline(&line, &len, fp))!= -1) { printf("%s", line); } free(line); exit(exit_success); } demo.c [fanping@f16x32 c]$ gcc -o t demo.c [fanping@f16x32 c]$./t Cannot open the file /etc/shadow [fanping@f16x32 c]$ su [root@f16x32 c]# chown root t [root@f16x32 c]# chmod a+s t [root@f16x32 c]# exit exit [fanping@f16x32 c]$./t /etc/shadow

69 7.4.2 Linux (1) Linux Ubuntu Fedora 7-14

70 7-14 Ubuntu

71 (2) Ubuntu

72 (3) services lilo.conf 600 # chmod 600 /etc/services root # chattr +i /etc/services root # chattr -i /etc/services

73 (4) Unix /etc/hosts.allow /etc/hosts.deny 2 (1) hosts.deny # Deny access to everyone. ALL: ALL@ALL hosts.allow (2) hosts.allow #Just an example: ftp: aaa.aaa.aaa.aaa xxxxxx.com IP aaa.aaa.aaa.aaa xxxxxx.com Client FTP

74 (5) Shell bash shell $HOME/.bash_history 500 ( ) /etc/profile HISTFILESIZE=30 HISTSIZE=30

75 (6) /etc/skel/.bash_logout rm -f $HOME/.bash_history /$HOME/.bash_history root

76 (7) SUID SUID root find root s # chmod a-s program_name

77 (8) Unix Unix

78 (9)

79 7.5 Linux Linux Linux Linux /

80 John the Ripper Brutus ObiWan THC-Hydra pop.c TeeNet Pwscan.pl SNMPbrute DM/ADM-pop.c ex.shtml (VLAD ) snmpbrute-fixedup.c

81 7.5.2 ( ) nsfocus Linux Linux

82 7.5.3

83 (1) ) overflow condition) C strcat() sprintf() ( (buffer strcpy() shellcode hellkit-1.2.tar.gz

84 2 1) gcc 2)

85 (2) sprintf()) ( printf()

86 (3) SQL

87 1. windows VirtualBox Linux VirtualBox vboxfs alice usermod vboxfs

88 1. windows2000 test 2. linux /etc/passwd