Академический Документы
Профессиональный Документы
Культура Документы
Сергей Бабин - Инструментарий хакера (2014) PDF
Сергей Бабин - Инструментарий хакера (2014) PDF
-
-
2014
004
32.973.26-018.2
12
. .
12 . .: -, 2014.
240 .: . ( )
ISBN 978-5-9775-3314-0
, -
. -
. -
: , Wi-Fi-, MAC-, -
.
-
. , ,
.
.
, ,
Windows- (
Unix ),
: -
.
004
32.973.26-018.2
:
.
28.02.14.
70 1001/16. . . . . 19,35.
1500 .
"-", 191036, -, ., 20.
""
199034, -, 9 , 12/28
.................................................................................................................. 5
1. ARP-spoofing,
"" .......................................................................................................... 7
2. ................................................................ 19
3. - enable Cisco ........ 29
4. MAC- ....................................................................... 41
5. WPA2-PSK Wi-Fi- ................................................ 53
6. Wi-Fi .................................................................................... 73
7. IP- ............................................................... 83
8. .................... 101
9. ........................................... 125
10. ? ....................................................... 149
11. ..................................... 163
12. ............................................................................................... 175
12.1. . ......................................... 175
12.2. .............................................. 179
12.3. ,
............................................................................................................. 186
12.4. .......................................................................................... 192
12.5. , ....... 201
12.6. "" .............................. 208
12.7. VPN .......................................................................................... 210
12.8.
..................................................................................... 212
12.9. , ........................................... 215
......................................................................................................... 221
. Wi-Fi-
TP-LINK.......................................... 223
4
.
. ,
, , ,
, , .
( ) : -
-
.
, -
. ,
! , , , -
-
, .
-
. , -
, -
, -
.
,
. - : ,
,
. ,
, .
, , -
. , -
, -
.
6
-
. !
, : " " (plug and play).
...
-
, -
Windows! , UNIX-
, , -
, .
: ,
( ,
), ( -
, " "), (
) -
, .
, , -
,
, ,
.
(. -
) (. ),
.
1
ARP-spoofing,
""
. , , -
.
-
,
.
, -
, ,
"", !
, : ! -
?!
-
(University of Indianapolis, http://
is.uindy.edu/policies/password.php):
This policy describes the requirements necessary for creating and maintaining password
security on all UIndy Accounts.
Policy Statement
All network devices and accounts must be secured with appropriate username and
passwords. Whenever possible, systems will use UIndy Accounts stored in a central
directory. All UIndy Accounts, including those used by faculty, staff, students, contractors
and partners of the University, must be properly secured using the methods described in
the following sections of this document.
Password Storage
Choose passwords that are easy to remember so that it is not necessary to write it on
any piece of paper. A password that is written on a sticky note attached to the bottom of
the keyboard is as good as no password at all.
Password Confidentiality
Never tell another person your password. Your password should be kept completely con-
fidential. Supervisors, coworkers, friends and family should never know your password.
Likewise, it is inappropriate to ask another user for their password. If a person demands
your password, refer the person to this document and/or contact the Office of the Chief
Information Officer.
ARP-spoofing 9
Periodic Scans
University of Indianapolis Information Systems will periodically employ password crack-
ing techniques to determine the effectiveness of this password policy. Any passwords
found to be weak during these scans will be immediately changed and the user notified.
Encryption
All University computer systems will store passwords in an encrypted form. As such, the
Information Systems Help Desk cannot see or retrieve a password, only assist users in
changing to a new password.
Compromised Accounts
If you suspect that a UIndy account has been compromised, report it to the Information
Systems Help Desk immediately. Accounts that have been compromised will immediate-
ly have their password changed to prevent further losses.
: , -
,
.
, , :
.
-
:
...
4.1.1.
, (: ,
, Internet-).
4.1.2. ,
(, , -
), , .
...
. , -
"", .
, -
, ,
, "" .
: , -
(, , ). -
.
, , , !
10 1
( , -
) , :
, .
.
,
IP- 4, ARP-spoofing!
, ARP (Address Resolution Protocol, -
) IP-
, . . , , -
. -
MAC-.
, . ,
ARP- (ARP cache).
IP- -
, - .
, -
ARP (
, ARP, RARP reverse address resolution pro-
tocol, ).
ARP , ,
. , , -
:
, -
, :
1. , IP- -
.
2. , IP- -
.
, ( man-
in-the-middle), , ,
.
. .
,
Windows (. 1.1).
,
. 1.2.
Cain & Abel ( ).
ARP-spoofing 11
, -
Winpcap.
!
. 1.1
. 1.2
(. 1.3).
Sniffer | Hosts, IP- MAC- -
,
192.168.0.102. Start\Stop Sniffer
(+) (. 1.4).
Sniffer | ARP ,
, .
Start\Stop Sniffer (+) -
(. 1.5).
, -
(. 1.6).
12 1
. 1.3
. 1.4
ARP-spoofing 13
. 1.5
. 1.6
14 1
. 1.7
, -
(. 1.7).
. , -
. ,
www.mail.ru,
babins@inbox.ru arptest. ,
http (. 1.8).
. 1.8
ARP-spoofing 15
. 1.9
, "" HTTP |
Password Sniffer Cain & Abel (. 1.9).
- -
,
POP3.
.
, , -
, HTTP
arptest (. 1.10).
, ,
.
: -
. ,
.
16 1
. 1.10
, ,
SSL, . . , , -
.
, , , ,
"" ( ) - -
,
. -
: , ""...
, ARP-spoofing
! ,
Iptools ( . (Erwan L.)). ,
, Cain & Abel,
, - . ,
.
-
,
. Wireshark (. 1.11,
http://www.wireshark.org).
,
( ),
, UNIX-, -
ARP-spoofing 17
. 1.11
.
.
! -
... ,
! ! , ?
"", "",
-
. 1.12
18 1
, ,
,
, -
. , : ipconfig, arp
.
,
. ,
, .
. , , , "",
" " -
. , , -
Wi-Fi- IP--
, DHCP-.
, ""
! -
.
, .
-
, . -
,
.
. -
. -
(. 2.1).
, IP-
192.168.1.54 (. 2.2).
20 2
. 2.1
. 2.2
21
. 2.3
. 2.4
22 2
,
. , MAC-
00-11-91-34-93-03.
, admin 1234
( ZyXEL) (. 2.3 3.4).
- , -
HDCP, ,
MAC- 00-11-91-34-93-03 (. 2.5).
. 2.5
Clear
- (. 2.6).
, , -
! IP-
(: ). , , . IP-
192.168.1.54 MAC-.
DHCP- (. 2.7).
MAC-, ,
.
IP-, DHCP-,
23
. 2.6
. 2.7
24 2
,
. ,
. .
,
, , ,
.
,
. , ,
, .
IP- 192.168.0.171 MAC-
0-60-56-69-2-76. (-
) 192.168.0.1 MAC- 74-EA-C2-E4-
5A-3A, .
, . . , -
MAC- ARP , -
. ,
arp -a (. 2.8).
. 2.8
,
ARP. , -
: Ip Tools ( . (Erwan L.)).
-
, IP-
MAC- .
ARP- 192.168.0.0.
: Tools | ARP | ARP Scan/MAC to IP (. 2.9).
: (),
(192.168.0.100), (192.168.0.171).
25
. 2.9
IP Tools, ARP-, -
, MAC- 00-19-66-93-29-2B.
ARP- "Reply".
, MAC- (MAC DEST) FF-FF-FF-
FF-FF-FF (. 2.10).
Start ,
, .
, ARP- -
, MAC- (. 2.11).
, -
.
, , -
, . -
, -
. ,
,
.
-
. , -
, , MAC-
( ), , "-
" , . : , -
, ,
- .
26 2
. 2.10
. 2.11
27
MAC- , -
. , ,
MAC-
.
, -
(. 2.12).
. 2.12
, -
-
, .
: , -
ARP, (
,
WINPCAP, ).
28 2
3
- enable
Cisco
, -
. , -
.
.
, "" .
.
, Windows , -
, , -
. -
HKLM\Setup. , -
,
.
Windows -
. -
.
, , -
, -
, -
. Windows - -
SAM (Security Accounts Manager).
UNIX- etc/shadow.
. . ,
, -, . -, -
, ,
30 3
. -
. , ,
, . -
, ,
- - ,
"", , -
.
- .
: John the Ripper, L0phtCrack, SAMinside, Ophcrack,
RainbowCrack, Md5 Crack Monster .
-
,
( ).
,
Cisco.
TFTP-
. ,
,
, ,
-. , , ,
enable . , -
, :
, . . , .
, .
. -
, ,
- , -
.
. -
GNS3 (http://www.gns3.net/)
Cisco ,
"", ,
enable, show running (. 3.1).
, -
enable, abc123. -
, , , -
. ( conf)
( enable secret abc123, -
. 3.2).
- enable Cisco 31
. 3.1
. 3.2
32 3
. 3.3
. 3.4
- enable Cisco 33
. 3.5
- (. 3.5).
,
.
, Brute-Force .
6- 4 -
.
, , . ,
.
, Cain & Abel.
: Dictionary Attack! :
(), (
),
. .
, . -
, : Cisco Type-7, Cisco VPN Client,
34 3
VNC, , , Syskey. :
, RCA SecurID Token, VPA PSK.
Cain & Abel
Base64, ,
,
ASCII .
Base64.
, ,
GNS3. , -
!
- , --
( Cain & Abel). , -
GNS3
( ), -
.
, " " -
, -
, Cisco.
IOS (Internetwork Operating System -
Cisco). -
, -
IOS , IOS. -
, , . ,
. GNS3 -
, : Wireshark
Putty (. 3.6).
Putty -
, SSH.
, -
, Cisco.
, SSH (Secure Shell) ,
. , -
Telnet (
) . , ,
. SSH -
.
SSH SSH-1 SSH-2.
SSH-1
. Putty SSH
(. 3.7).
- enable Cisco 35
. 3.6
. 3.7
36 3
SSH- Tor, -
.
, SSH
,
. Windows, -
, freeSSHD (http://www.freesshd.com)
, telnet (. 3.8).
. 3.8
root, -
,
(. 3.9).
- (192.168.0.171) telnet -
Pytty (. 3.10).
(. 3.11).
- enable Cisco 37
. 3.9
. 3.10
38 3
. 3.11
Wireshark (192.168.0.100)
: "" -
(192.168.0.171) , Edit Find Packet,
password (. 3.12 3.13).
. 3.12
, , telnet -
(. 3.14).
- enable Cisco 39
. 3.13
. 3.14
,
SSH (. 3.15).
(. 3.16).
password
, SSH
(. 3.17).
, -
UNIX-c
SSH,
Pytty. .
40 3
. 3.15
. 3.16
. 3.17
4
MAC-
,
. ,
.
,
, ,
MAC-.
, -
- -
, , ,
. , , -
MAC- , -
. -
.
, -
, , . . -
.
, -
,
.
MAC- -
, -
. , ,
" MAC-
". , -
, -
, MAC-. -
42 4
, , , " -
"! .
, .
Wi-Fi-
MAC- A0-71-A9-9F-41-3A E0-B9-A5-2F-A8-75 (. 4.1).
. 4.1
MAC- (, -
, . . ),
74-EA-3A-E4-5A-C2
(. 4.2).
-
. ,
5322556250 (. 4.3).
, MAC-,
, , "-
" .
MAC- 43
. 4.2
, , "" -
. -
- Wi-Fi-.
, , CommView for WiFi.
. -
.
,
.
, ,
. . -
, , - -
. , , ,
. , ,
- , "" ,
. -
. , ,
"" .
44 4
. 4.3
, ?
, , :
1. CommView -
DriverMax
,
.
2. CommView. -
, .
3. DriverMax (. 4.4) -
.
, "" -
.
.
MAC- 45
. 4.4
, -
(DriverMax), ,
MAC-.
, ,
CommView for WiFi.
, -
( E0-B9-
A5-2F-A8-75). "" Wi-Fi-
(. 4.5).
, ,
(. 4.6).
, ( -
). , -
, .
46 4
. 4.5
. 4.6
MAC- 47
,
, , .
, ,
(. 4.7).
. 4.7
, -
(. 4.8).
, , MAC-
( E0-B9-A5-2F-A8-75) MAC- -
. 74-EA-3A-5A-C2 (. 4.9).
, -
MAC-. , -
.
48 4
. 4.8
. 4.9
MAC- 49
-
MAC- , -
, , -
.
MAC- Wi-Fi-. , -
, ,
Ethernet.
, -
: , Wi-Fi-, ,
, , -
- ?
MAC-
? ,
. , , -
Windows, : SMAC, SIW ( -
), Macshift, IPtools .
, MAC- , -
( )
, Network address.
,
MAC-, :
;
- .
, , . . -
. , , -
.
, .
, .
, , -
. ,
64- Windows,
,
Windows, 32-.
. , ,
, , -
MAC- Wi-Fi-. -
Windows- ipconfig (. 4.10).
50 4
. 4.10
, , , : -60-76-
69-2-56.
MAC-,
, -
MAC- -60-76-
69-2-56 5322556250.
-60-76-69-2-56 -
(. ), ,
WPA2-PSK.
MAC- -60-76-69-2-56
E0-B9-A5-2F-A8-75
.
MAC-
MACChange (. 4.11).
ipconfig,
(. 4.12).
, . -
, .
, (. 4.13).
,
, -
.
MAC- 51
. 4.11
. 4.12
, -
" MAC-" .
,
.
.
, "" (Wi-Fi)
"" MAC-, -
, ,
52 4
. , -
. ,
( ) -
MAC- . , -
. 4.13
5
WPA2-PSK
Wi-Fi-
, -
Wi-Fi-, -
. , ,
, .
!
,
"",
: ", ! "! -
, , -
Wi-Fi- !
, ,
. , -
- ! , ,
. :
- .
?
, -
,
-
.
. , , -
.
. -
, , ,
54 5
. -
- .
, , ,
. ,
! ,
. , : -
-,
. !
, , -
, - Wi-Fi ( ,
WinPcap CommView for WiFi), -
, Aircrack, -
. ,
Aircrack "" WEP.
! : WEP!
WPA -
. , WPA -
. , -
,
,
. ,
, , -
"--" , ""
("")?
Aircrack , -
. .
, , -
, WPA-PSK,
"" , , WEP. ,
.
,
, , -
: - - , - , -
- .
, WPA-PSK , ,
, .
Wi-Fi-, TEST SSID (. 5.1).
WPA2-PSK Wi-Fi- 55
. 5.1
, PWA2-PSK,
,
abc12345 (. 5.2).
TEST (. 5.3).
, , , -
.
, "", -
CommView for WiFi.
-
, . . TEST
(. 5.4).
, -
, MAC- 74:EA:3A:E4:5A:C2 (. 5.5).
,
(. 5.6).
56 5
. 5.2
WPA2-PSK Wi-Fi- 57
. 5.3
. 5.4
58 5
. 5.5
. 5.6
WPA2-PSK Wi-Fi- 59
, -
(smac)
(dmac). , ,
"smac=74:EA:3A:E4:5A:C2 or
dmac=74:EA:3A:E4:5A:C2" (. 5.7).
. 5.7
, -
. (. 5.8).
, ,
(. 5.9).
,
<Ctrl>+<L> CommView
(LogViewer). ,
CommView . ,
.
(. 5.10).
60 5
. 5.8
. 5.9
WPA2-PSK Wi-Fi- 61
. 5.10
, -
, .
| log-
tcpdump... .
.
( tcpdump) -
Elcomsoft Wireless
Security Auditor. , ,
TCPDUMP (. 5.11).
, , , -
SSID=TEST (. 5.12).
, |
| | ,
(. 5.13).
62 5
. 5.11
. 5.12
WPA2-PSK Wi-Fi- 63
. 5.13
" ",
, .
, , ,
( ). ,
, :
. , , , -
.
(. 5.14).
(. 5.15).
64 5
. 5.14
, , 12 .
123,
(
).
123
.
2 12 , -
, (. 5.16).
: ,
,
(, ), -
WPA2-PSK.
, !
, :
<Ctrl>+<G>! ,
CUDA ATI Stream.
WPA2-PSK Wi-Fi- 65
. 5.15
. 5.16
66 5
. , -
, 1 , 336 ,
1620 , -
10 .
22 . , 2 ., (. 5.17 5.18).
-
, , , !
. 5.17
. 5.18
WPA2-PSK Wi-Fi- 67
, WPA2-PSK ! ? -
, ,
, -
(
3- Intel-, 2 ). -
50% 12 ,
, 2 12 4 = 48 (. 5.19).
. 5.19
, ,
5 .
, , , , ?.. -
, -
, , :
ARP-spuffing.
. ! -
.
, , ( -
) , , " " .
68 5
! ,
! " "? ,
WPA ,
. . CommView
for WiFi , -
()! -
EAPOL,
. , , -
" " -
CommView (. 5.20).
. 5.20
.
.
. EAPOL-, -
WPA-PSK.
, TCP IP
. -
, () : -
, .
WPA2-PSK Wi-Fi- 69
, ! , ,
? ,
. -
. ,
(. 5.21).
. 5.21
HTTP- . 5.22.
: ,
...
, , , .
Wi-Fi-
, CommView
(. 5.23),
.
70 5
. 5.22
. 5.23
WPA2-PSK Wi-Fi- 71
, , -
.
http://hashcat.net/oclhashcat-plus/ -
- oclHashcat-plus,
CUDA 55--
.
( ). ,
.
Performance
PC1: Windows 7, 64 bit
Catalyst 13.8beta1
1x AMD hd7970
stock core clock
()
Hash Type PC1 PC2 PC3 PC4
phpass $P$ 2071k c/s 789k c/s 2771k c/s 511k c/s
md5crypt $1$ 3445k c/s 1044k c/s 4425k c/s 648k c/s
Bcrypt $2a$ 3788 c/s 1583 c/s 3861 c/s 626 c/s
sha512crypt $6$ 12545 c/s 15153 c/s 34192 c/s 6726 c/s
Password Safe
495k c/s 158k c/s 648k c/s 106k c/s
(SHA-256)
IKE-PSK (MD5) 297M c/s 99M c/s 335M c/s 59M c/s
Oracle (DES) 371M c/s 142M c/s 265M c/s 68M c/s
DCC (MD4) 3803M c/s 1181M c/s 5377M c/s 851M c/s
Joomla (MD5) 4609M c/s 1659M c/s 6253M c/s 1172M c/s
MSSQL (SHA1) 1677M c/s 639M c/s 2659M c/s 503M c/s
WPA/WPA2
133k c/s 45k c/s 181k c/s 33k c/s
(PBKDF2)
,
.
6
Wi-Fi
: Wi-Fi .
, ,
, , -
- , -
.
"" -
. , ,
RADIUS .
, "" , ,
,
.
, Wi-Fi, -
, ,
. , , -
aircrack-ng,
,
- , .
Wi-Fi:
1. C - , -
( -
EESID). -
CommView for WiFi.
2. . 1 ,
, Elcomsoft
Wireless Security Auditor , .
74 6
, -
UNIX.
Wi-Fi- Linux BackTrack.
DVD-,
, " " .
BackTrack . , -
,
GNOME. KDE. -
: 32-, 64- . .
.
:
-
: root@root:~#. ,
startx, -
GNOME, . . ;
startx ,
, -
root toor.
, .
, -
GNOME, BackTrack (. 6.1).
,
- Wi-Fi.
Windows, UNIX-
, .
,
. , ,
TEATR. ,
, Places,
Computer GNOME,
Device. , TEATR -
GNOME. TEATR
, ,
/media/TEATR (. 6.2).
Wi-Fi 75
. 6.1
. 6.2
76 6
, /media/TEATR -
. , ,
, mount .
. Applications -
Accessories | Terminal.
:
root@root:~#
:
iwconfig
Wi-Fi- , ,
. 6.3.
. 6.3
, Wi-Fi-,
wlan0.
"", -
wlan0:
airmon-ng start wlan0
. 6.4.
iwconfig, ,
(. 6.5).
Wi-Fi 77
. 6.4
. 6.5
78 6
Wi-Fi- mon0.
:
airodump-ng mon0
airodump-ng . 6.6.
. 6.6
, -
-. ESSID "t-r-e", MAC-
F0:7D:68:81:A4:F8.
.
Applications Accessories |
Terminal. cd /media/TEATR (. 6.7).
. 6.7
/media/TEATR, :
airodump-ng --bssid F0:7D:68:81:A4:F8 -w namefile mon0
. 6.8.
( ),
<Ctrl>+<C>
.
Wi-Fi 79
. 6.8
. 6.9
,
,
, .
: . -
-
( CUDA)
. . 6.10 , -
(19 13 ).
, , : -
60 -
(, , 90 ).
, ,
. , ,
: , -
. -
.
. , ,
, ,
.
-
Total Commander. ,
,
250 .
.
Wi-Fi 81
. 6.10
82 6
7
IP-
IP-
, -
, . "" -
: " IP-",
, ,
, -
.
.
, (. 7.1).
. 7.1
IP- ,
. -
" ". -
-.
-, , -
" ". IP-
-. , -
84 7
, . . -
,
"" .
-,
. , , , MS Internet
Explorer (MS IE).
, (. 7.2).
. 7.2
(. . 7.2), -
- , -
IP- -, ,
-
(. 7.3).
IP- 85
. 7.3
, - -
HTTP-, , -
-, -
( ) . , ,
FTP- , ,
, (. 7.4).
IP-! -
, " "! -
(. 7.5).
, ! -
SuperSocks5Cap.
, SuperSocks5Cap -
, -, -
, -
- ,
MS Internet Explorer.
,
- -
Socks4, Socks5, HTTPS .
(. 7.6).
86 7
. 7.4
. 7.5
IP- 87
. 7.6
, -
IP-,
(. 7.7).
, -
( Test This Proxy) . 7.8.
88 7
. 7.7
, , -
, . , -
SuperSocks5Cap! :
- , !!!
"" ,
SuperSocks5Cap. ( -
) MS Internet
Explorer (. 7.9).
, "-"
SuperSocks5Cap, (. 7.10).
, -,
, , !
.
,
-.
IP- 89
. 7.8
. 7.9
90 7
. 7.10
, -
-
Tor (The Onion Router)!
" ". ,
. ,
, .
. -
. , -
,
-, -
.
. -,
:
,
, .
-,
. -, , -
: , ,
, ,
, " " .
,
. , -
, Tor ,
.
-. -
Firefox Portable -
. !!!
, "-", -
Firefox Portable
IP- (. 7.11).
IP- 91
. 7.11
- (https://check.torproject.org/?lang=ru) -
(. 7.12).
. 7.12
Tor (. 7.13).
IP-
.
, (. 7.14).
92 7
. 7.13
. 7.14
IP- 93
NAT-
( , ) -
.
Tor ,
.
.
, (. 7.15).
( )
.
. 7.16
.
. 7.15
94 7
. 7.16
, Tor :
# This file was generated by Tor; if you edit it, comments will not be
preserved
# The old torrc file was renamed to torrc.orig.1 or similar, and Tor will
ignore it
AvoidDiskWrites 1
ControlPort 9151
DataDirectory "D:/Install/NET_TOOLS/\322\316\320 -
\340\355\356\355\350\354\355\356\361\362\374\342 \361\345\362\350/Tor
Browser/Data/Tor"
DirReqStatistics 0
GeoIPFile .\Data\Tor\geoip
IP- 95
ControlPort SocksPort.
-
Tor Firefox Portable.
. 7.17 , Tor.
. 7.17
-
Tor, , -
, - "",
Firefox Portable (. 7.18).
, Tor
9151, SOCKS 5 9150.
,
() Flash-
(. 7.19).
96 7
. 7.18
. 7.19
IP- 97
Flash- ,
, Tor,
.
, -
. . , ,
,
Tor. , -
"" . ,
, , , -
,
Tor. , !
: Tor -
. , SSL-
. ("
") -
Tor...
IP- Tor -
. , Tor -
"" .
"", , IP-
(. 7.20).
. 7.20
98 7
"" -
( ).
, Tor , : -
" " -
...
, -
. ,
, .
, -
,
. , ,
, , ...
, -
.
, Tor
, - "" ,
-
, http ( 80- ),
. -
- ,
- . .
, ("", "",
Facebook) 63% .
Tor IP- -
- , - -
(. 7.21).
,
Tor. ,
, , ,
, -
...
, -
Tor . -
...
, ,
-
. , Tor .
IP- 99
. 7.21
100 7
8
,
? , -
. , ,
, .
?
:
. - ,
.
TrueCrypt (http://www.truecrypt.org)
. , , -
Create Volume,
( ), -
(. 8.1).
, Create an encrypted
file container ( -) . 8.2.
( ) (. 8.3).
- (. 8.4).
D: Test, -
security_volume (. 8.5).
, ,
AES, - SHA-512 (. 8.6).
. 2
(. 8.7).
.
(. 8.8).
102 8
. 8.1
. 8.2
103
. 8.3
. 8.4
104 8
. 8.5
. 8.6
105
. 8.7
. 8.8
106 8
. 8.9
, (
) . 8.9.
NTFS, -
, , Format (. 8.10).
. 8.10
(. 8.11).
(. 8.12).
, (. 8.13).
, .
! , -
! ! -
( "P")
107
, Mount, -
- ( Select
File) . 8.14.
. 8.11
. 8.12
108 8
. 8.13
. 8.14
109
. 8.15
(. 8.15).
,
(. 8.16).
. 8.16
,
. Tor, -
, .
110 8
-
( Dismount).
, - -
, , . , -
.
,
: BestCrypt, OpenPGP, Dekart Private
Disk . .
,
, ? , ,
! , ,
. -
.
CCleaner
. CCleaner
( Windows) -
, ,
, , .
-
(. 8.17).
. 8.17
111
, , .
. -
( ) . 8.18.
. 8.18
( )
. 8.19.
(. 8.20).
,
"" (. 8.21).
, !
, ,
, ! -
, -
.
112 8
. 8.19
113
. 8.20
114 8
. 8.21
-
, : -
, -
"" . ,
, ,
, ( -
) . -
"", -
"" , ,
- .
, " , , -
115
", ... ,
-
.
-...
, ,
, -
. () -
...
, ,
, (,
""). -
- .
, , . ,
" " -
. -
: VirtualPC, VMware, VirtualBox.
, -
. . ,
. ,
,
, -
...
,
- -
. , , ,
.
http://www.microsoft.com/en-us/download/details.aspx?
id=3702 Windows Virtual PC . -
. Windows 7 , -
, (. 8.22).
Windows (. 8.23).
Windows Virtual PC
(. 8.24).
116 8
. 8.22
. 8.23
117
. 8.24
, , TEST.
(. 8.25).
. 8.25
, " " (
), . -
( ,
118 8
Windows), ,
, .
. -
. - ,
, ...
, -
, -
.
-
, , ,
,
. , -
(. 8.26).
. 8.26
(. 8.27).
-
,
(. 8.28). .
119
. 8.27
. 8.28
.
" ". -
, -.
.
Windows XP ( Windows XP ,
UNIX-)
( ),
. .
, , -
Windows XP, -
, . . (. . 8.23)
Windows XP Mode.
120 8
. 8.29
,
. 8.29.
, . 8.30.
( ), -
, (. 8.31).
-
.
, , -
, . -
. -
. , -
, -
121
. 8.30
. 8.31
122 8
. -
. , . . " -.
"1 ,
...
,
, -
, , WinRAR.
rar-, , -
,
.
, ,
. , , -
, . ,
, , -
.
retrograd (. 8.32).
. 8.32
1
. -. (+ DVD-ROM). .: , 2012.
123
, ( ) - ,
, RetrOgrad.
( user.dic) RetrOgrad
(. 8.33).
. 8.33
,
ARPR (Advanced RAR Password Recovery) ElcomSoft Co. Ltd
(http://www.elcomsoft.ru), (. 8.34).
(. 8.35).
. 8.34
124 8
. 8.35
,
, , , ,
, (, -
) .
9
-
.
, TeamViewer, -
(. 9.1).
-
.
. 9.1
126 9
. Windows , , "
". . -
c Windows
, -
, , -
,
, "".
,
. ,
c Windows XP -
Windows 7 (. 9.2).
. 9.2
: -
, , - , ,
, , -
. , , -
. TeamViewer,
127
: "" ( -
), , "- "
. ., ( )
. ,
- ,
.
, . .
...
.
. -
, .
, -
Radmin (http://www.radmin.ru).
, . , -
,
.
-,
, .
(. 9.3).
. 9.3
, Radmin (
) -
(. 9.4).
, -
, . -
(Hide tray icon) . 9.5.
Radmin. -
, -
(. 9.6).
, , -
(Radmin Viewer) . 9.7.
128 9
. 9.4
. 9.5
129
. 9.6
. 9.7
130 9
Radmin , ,
. -
-
, Radmin
.
, Radmin
:
1.
Radmin, ,
.
2. REG, -
, Radmin
( ). :
Radmin .
3. IP- , , -
e-mail (, ).
4. -, -
.
5. , -
.
6. - - .
7. .
8. .
-
.
: -
Radmin, .
, ,
, .
: Radmin. ,
msi-. .
,
.
Rserver Svchost, - -
-. -
131
Radmin , - -
,
(. 9.8).
. 9.8
: -
, . - -
Radmin ,
regedit ( ),
(. 9.9).
-
.
: IP-
, - .
, ,
(ipconfig), :
ipconfig >> info_ip.txt
. ! ,
,
132 9
. 9.9
:
mail.ru [217.69.139.199]
30:
1 <1 <1 <1 192.168.0.1
2 1 ms 1 ms 1 ms 42-151-20-1.provider.info [42.151.20.1]
3 <1 <1 <1 10.100.10.41
4 <1 <1 <1 10.100.1.17
5 13 ms <1 <1 10.100.1.9
6 1 ms 1 ms 3 ms 10.100.102.46
7 1 ms 1 ms 2 ms 95-181-0-77. provider.info [95.181.0.77]
8 1 ms <1 1 ms kmo01.transtelecom.net [188.43.7.30]
133
9 45 ms 45 ms 45 ms msk05.transtelecom.net [188.43.1.74]
10 45 ms 54 ms 45 ms Mail-gw.transtelecom.net [188.43.1.73]
11 45 ms 45 ms 45 ms ms.mail.ru [217.69.139.199]
.
,
( , , 192.168.0.1 192.168.1.1),
, . -
253 ... ,
.
-
, Radmin (
4899, . . 9.4),
?! , -
, (tracert),
!
, . . -
( , -
HOD-ms04011-lsasrv-expl).
. , -
-
.
, -
, "10-: " (10-Strike
Software) . 9.10.
-
Ultra Port Scanner (DANUSOFT). -
192.168.0.7 , -
0 20 000 (. 9.11).
: ,
! !
. -
, " ", .
, Ultra Port Scanner. -
, ,
IP- (192.168.0.1
192.168.0.254).
, , IP- - , -
. , , blat (http://www.blat.net/).
134 9
. 9.10
. 9.11
135
250 . :
http://white55.narod.ru/smtp.html.
, , -
FTP-. Windows
FTP-:
ftp n s:____ftp- -A IP-_
n ; s , ,
; -A ,
(, );
IP-_ , FTP-.
get (
).
ftp-, -
, -
.
FTP- , ,
, Xlight FTP Server. , -
, , " " (
" ") . 9.12.
. 9.12
136 9
, FTP-
( A, Ftp-
) . 9.13.
. 9.13
:
! .
.
-
eMule ( p2p-). -
... : , -
( , ,
) -
, (Outpost Firewall).
-
, - .
, . ,
, -
137
, . ,
IP- -
, -
: IP- ( , , -
) . 9.14.
. 9.14
whois- -
:
239.255.255.250 ip: 239.255.255.250
IP- (IP Whois)
OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: Internet Corporation for Assigned Names and Number
OrgAbusePhone: +1-310-301-5820
OrgAbuseEmail: abuse@iana.org
OrgTechHandle: IANA-IP-ARIN
OrgTechName: Internet Corporation for Assigned Names and Number
OrgTechPhone: +1-310-301-5820
OrgTechEmail: abuse@iana.org
SSDP (Simple Service Discovery Protocol).
SSDP .
Universal plug-and-play. SSDP
-
. UPnP-
.
" ", , , -
SSDP-. , -
, , .
, , , SSDP -
(. 9.15).
139
. 9.15
,
:
1. ( | | regedit).
2. :
HKEY_LOCAL_MACHINE\Software\Microsoft\DirectPlayNATHelp\
DPNHUPnP.
3. :
Value name: UPnPMode
Data type: REG_DWORD
Value data: 2
, ( -
SSDP , -
), () !
. :
eMule ?
. : -
, , . -
.
140 9
, , ,
"" eMule -
, -
.
IP-
, .
...
: "" ( -
) Joiner- ().
, - -
, ,
. - -
. , -
Radmin, ,
(,
, ). , , -
( ), . -
. .
"",
.
, , -
MicroJoiner. (-
- ).
1.exe. -
WinRAR (-
). -
text.txt ( :
"!") , SFX-
(. 9.16).
- -
, ,
text.txt (. . "!").
sfx- %SystemRoot%\system32\
notepad.exe text.txt (. 9.17).
2.. -
" !".
, , (. 9.18).
Joined.exe (, -
, -) . 9.19.
141
. 9.16
. 9.17
142 9
. 9.18
. 9.19
, ,
.
: "!" " !". ,
, Joined.exe (. 9.20).
. 9.20
! -.
, , , , , -
...
143
, , -
.
Radmin -
. .
, , .
, ,
""...
, -
,
.
, , !
, .
, , -
, .
, , .
"" , -
, (
)... , -
, -, ,
, . , -
: - ""
.
. "", , -
, . Klavik
keylogge ( www.klavik.com).
. klvk.exe (,
600 ) . 9.21.
( )
klvkh.exe.
, .
, klvkh.exe (. 9.22).
- ,
:
svchost.exe,
svchost...
144 9
. 9.21
-
- . ! -,
. -,
FTP-, .
. -
Elite Keylogger. . ,
, ,
.
:
http://www.widestep-keyloggers.com/elite-keylogger-ru
( ) Elite Keylgger -
(. 9.23).
145
. 9.22
. 9.23
146 9
: - e-mail
FTP-; (
); ( ,
); ,
; -
; ; -
- ; -
...
" " ,
. 9.24.
Elite Keylogger - (. 9.25 9.26).
. 9.24
147
. 9.25
. 9.26
148 9
10
-
. : -
?
, , -
-
.
. ZyEL ( -
)?! ! ,
,
, , :
, ...
, . .
( , )! -
, -
? ,
, -
. -
. , ,
, -
. , IP- -
- ( )?!
-?
?!
: -
? : , ! ! !
?
150 10
,
,
IP-.
. , -
, , -
, -
, ,
. -
? . -
, ,
, .
,
Windows XP.
, ! ,
, , . .
. -
: , -
!
, -
,
, . , -
. ,
" ". , -
, , -
SID (Security Identifier).
,
! -
Windows net share (. 10.1).
E:\ C:\Users
"" (share ) ,
. .
- -
,
(. 10.2).
(. 10.3).
? 151
. 10.1
. 10.2
. 10.3
152 10
,
( , , ,
. ). ,
, "" .
!!! -
"" .
, , -
"" ,
,
:
net share d$ /delete
net share c$ /delete
net share ADMIN$ /delete
net share IPC$ /delete
"-
" . ,
"" :. ,
,
: "!
, !".
: ,
. , .
. , ,
,
! , - -
.
, , -, -
- ,
...
-
,
" "
.
,
, . -
.
( 12 -
). , ,
.
? 153
- -
. : -
.
, -
-
- , ,
.
, , - " ". , "-
" , ,
.
.
"-", , -
, , , , -
, ,
...
25 ( ).
, . -
.
, -
... ,
, , -
. (" 25") -
. , -
( ),
, . -
, , -
, "-
" () . , -
""
hello. (
) ""
"" . ! . :
"" ( ) -
, ,
( , )
. , .
!
, :
, ( -
, , , . ""
154 10
! -,
. -
:
... -
, . -
. , -
, ! , -
... ,
. -
, .
( ). -
, .
, , , ,
, 25
IP-.
-
? ,
"" - -
. , ,
! ,
. , -
.
-
, -
.
( )?
( -
, )
:
! ... ""?
...
:
, : , . -, , ... (
).
- , ,
!
!
, ?
? 155
, , -
, ,
, . -
.
-
-
, " ",
.
, , -
-, -
-
().
: -
, ,
, -
, , ,
... () .
, -
. , , : -
, , . ,
, , , -
. ,
, , , , -
, .
,
(
).
, - -
, , , -
,
-
. , -
!
, , -
, ""
, . ,
,
"".
, .
, -
156 10
p2p- FlyLinkDC++.
( )
. 10.4.
. 10.4
,
. ,
FlyLinkDC++ "" -
, , -
.
"" ( )
,
(. 10.5).
, , ,
FlyLinkDC++ . ,
, "
".
? 157
. 10.5
, -
p2p, "-
" .
"", , " " (. 10.6).
, , ,
. -
. 10.6
158 10
,
... ,
. ! , , . .
.
,
-
. .
, , . .
, - .
, Windows 7 ,
""
. :
1.
.
2. .
3. regedit ( ).
4. HOST_KEY_ LOCAL_MACHINE,
.
5. , Windows :\,
: C:\Windows\System32\Config\System, -
.
6. 12345678 (
).
7. HOST_KEY_ LOCAL_MACHINE -
12345678.
8. setup.
9. (. 10.7).
. 10.7
? 159
10. SetupType, ,
: 2 .
11. CmdLine cmd.exe.
12. .
13. , HOST_
KEY_ LOCAL_MACHINE 12345678
.
14. ....
15. .
16. (
) :
net user "_" "__"
, .
17. -
.
, , -
, -
, "" ,
.
, , , -
.
-
, -
, , "-" -
ElcomSoft System Recovery
( -). -
Proactive System
Password Recovery.
: , -
,
. -
, .
, .
, , -
"", .
, -
, . , -
160 10
, -
!
. ,
( ,
), ,
"".
"" ( flag) "" " -
" , "" , -
"" .
, , -
Windows ( )
d.bat :
if exist flag goto end
del c:\" "\*.doc /S
del *.bat
:end
( Windows 7 -
) d.bat ,
, ,
(. 10.8 10.9).
. 10.8
,
Windows flag ( -
, -
), DOC
C:\ ( , . . /S), -
(. . ).
? 161
. 10.9
, , ,
flag, , .
, " ", -
, , ! -
, ,
. . UNIX-
cron.
"", , -
( ,
, ), -
,
... ,
, ,
?!
.
, , ,
,
.
162 10
, , ,
, -
( ) , ,
. , ,
- (
), -
, , ...
11
. , -
, -
. . " ", -
, .
-
: . 25 "
", . 146 " " ,
. 272 " " ,
. 273 ",
" .
, ,
, ...
, -
...
, , -
, , ...
,
. -
, . ,
, . , , :
... , -
.
.
,
,
.
164 11
,
Webcam 7, webcamxp.com.
, ,
. , -
WebcampXP, , . .
.
-
. -
. , -
, -
.
, . -
, ,
, , , IP-.
,
.
. -
: (-, )
, IP-
(. 11.1).
. 11.1
165
-, -
, .
-
: , ,
.
(. 11.2), - (. 11.3).
. 11.2
, , ,
. (. 11.4).
: ,
(. 11.5),
Multi view (. 11.6).
166 11
. 11.3
. 11.4
167
. 11.5
. 11.6
168 11
- Gallery, -
-
(. 11.7).
. 11.7
( )
(. 11.8).
IP- , ,
, . 11.9 (
192.168.0.20, video1.mjpg,
).
IP-, , (. 11.10).
169
. 11.8
. 11.9
170 11
. 11.10
, !
, - ,
(, ) .
. -
( -
) . 11.11.
, ,
, , SMS
.
(. 11.12).
171
. 11.11
, ,
,
. -
(. 11.13).
Webcam, ,
. , . .
-
, .
, -
, , -
:
1.
( -
OutPost, PC Tools Firewall Plus, PrivateFirewall,
).
172 11
. 11.12
. 11.13
173
webcamxp.com
http.webcamxp.com ,
. . 127.0.0.1 . -
, .
, -
.
, host Windows 7 -
,
" ",
...
: ,
Webcam (, -
). , IP-
, Skype. , "-
" Skype ,
, , "".
Skype. , -
, , .
174 11
12
12.1. .
, , .
, .
-
. ( - -
) :
, ;
;
, -
;
;
, ;
;
VPN;
-
;
, .
? :
" , -
".
176 12
, :
, ;
, ,
;
, -
( ""), , -
,
.
-
-
( ,
). . -
"
" , . -
: -, ,
"", -, , -
, , ,
.
, ,
:
( -
);
( , , -
, -
);
( -
, , -
,
,
);
(
, );
( , -
, -
, -
);
( ).
177
, . -
, , . . -
" ". , -
, -
( ) .
"" Java, Windows, PDF . ., - -
"",
Chrom Opera, Internet
Explorer "" .
-
, (. 12.1):
( )
...,
( ).
()
. 12.1
178 12
, : ,
?! ,
, , ?
?
1. . -
.
. , -
, .
2. :
( , -
, -
, ,
, );
:
, ;
- , -
,
, -
; ,
;
; -
" ";
,
, -
; -
, .
, .
, , , -
. .
, , -
, -
. -
,
. , -
, " ". !
179
12.2.
, - -
. , - ...
? ! - , -
. -
.
- , -
.
, , , -
. , , . .
. -
,
, JScript, VBScript, Powershell
LogParser, . . Windows ,
Microsoft, SQL,
Windows. ,
, Windows,
, .
"" "" ,
" " . . ,
, .
, , -
,
, . . -
,
.
.
,
, , WinPatrol (. 12.2).
, cookies-, ActiveX, -
( ), ,
. . .
-
. , -
.
, . 12.3.
180 12
. 12.2
. 12.3
. 12.4 , -
( ).
Windows -
Microsoft Baseline Security Analyzer (MBSA)
. 12.5.
(. 12.6).
181
. 12.4
. 12.5
182 12
. 12.6
Microsoft
(. 12.7).
. 12.7
, -
(. 12.8).
, , ,
,
183
, , -
,
(. 12.9).
. 12.8
. 12.9
184 12
Windows Security Task Manager (http://
www.neuber.com/taskmanager/russian/index.html).
, ,
, , -
(. 12.10).
. 12.10
. 12.11
185
-
. , Kaspersky
Security Scan :
: (: 2)
27.08.2014 1:36:59
http://www.securelist.com/ru/advisories/47009 c:\Program
Files\GRETECH\GomPlayer\GOM.exe
27.08.2013 1:37:46
http://www.securelist.com/ru/advisories/53520 c:\Program
Files\QuickTime\QuickTimePlayer.exe
,
.
1. " "
2. " "
3. " CD/DVD"
4. " "
5. " -
"
6. "Microsoft Internet Explorer: URL-"
7. "Microsoft Internet Explorer: , -
"
8. "Microsoft Internet Explorer: "
9. "Microsoft Internet Explorer: -
"
10. ": -
"
11. "Microsoft Internet Explorer: "
"
?" -
! , -
. ,
, -
. ,
, , .
,
,
-
.
186 12
, -
. UNIX- -
( Norton Ghost, Acronis). -
, . . -
,
" ".
Windows security\templates -
Windows ( ).
, "" -
Windows. " -
"... -
,
( ,
). -
" Windows" ( -
: ). Windows
, -
.
12.3. ,
, "" , , -
, -
, . . , .
,
.
-
, , ,
, : .
,
. ! ! -
.
. , -
( ) Avast
(http://www.avast.ru/index) . 12.12.
. -
"" -
187
, . -
Dr.Web CureIt (http://www.freedrweb.com/cureit). -
, . . ,
.
. 12.12
-
(" "): http://support.kaspersky.ru/special/
utilities. , () "-
".
Micro-
soft Microsoft Security Essentials (http://windows.microsoft.com/ru-ru/
windows/security-essentials-download). -
, ?!
, , -
() , -
188 12
. -
,
( ),
. ,
, .
,
: , -
, ,
, .
, -
, -
" " (http://www.simplewatcher.ru)
. 12.13.
. 12.13
,
- (. 12.14).
. 12.14
( ), . .
. , ,
189
, ,
. . ,
.
,
, , .
.
.
, -
, Windows 7, sfc
/scannow (. 12.15).
. 12.15
, -
:
sfc /verifyonly
-
, . . -
.
190 12
,
"" ""
. , Avast, -
. ,
, . . -
, BIOS
Anti-Virus Protection, Boot Sector Protection, Fixed Disk Boot Sector . .
.
,
-
, " ", "Dr. Web".
.
Avira Free Antivirus
(. 12.16).
. 12.16
" " -
-
,
191
(
, ).
-
. , Advanced Registry
Tracer (Elcomsoft Co. Ltd.) -
(. 12.17).
, (. 12.18).
. 12.17
. 12.18
192 12
, , -
Advanced Registry Tracer: -
?! , .
Microsoft Attack Surface
Analyzer, -
. -
. :
, , , ActiveX, -
.
12.4.
,
, , -
( ). -
, -
"", . -
, , . ,
, , -
(. 12.19).
. 12.19
193
Windows 7
, Windows -
.
.
. 12.20 "-
" HASP LLM. Hasp-, -
( -
). -
. :
( ) -
, Hasp-?
. 12.20
, , -
- (Wi-Fi-),
,
.
-
,
.
, : -
, ,
IP- -
194 12
(NAT)? -
, .
, ,
... "" -
, . ,
:
, . 12.9.
, -
, " ".
, . -
. , - , .
,
, , , -
( ).
, -
, ,
Outpost Firewall Agnitum (http://www.agnitum.ru/products/
outpost/) . 12.21.
. 12.21
,
(. 12.22).
, -
!
195
. 12.22
(. 12.23).
(. 12.24).
. 12.23
196 12
. 12.24
. 12.25
. 12.26
198 12
-
(. 12.27).
-
(. 12.28).
. 12.27
. 12.28
199
-
Outpost Firewall ,
.
, : -
, , -
, .
, ,
.
-
. , -
( )
, (
) .
, . .
, . . " " .
-
, , , "" -
.
,
. -
. -
, , -
.
-
, , -
, . -
,
.
. .
, , -
, ,
- . -
.
, ,
IIS Microsoft. ,
200 12
,
(urlscan), .
-, -
-. ( )
DNS- ( dynamic DNS ),
, , .
. 12.29 .
. 12.29
, -
80, . . .
2013 . -
. -
IP-
.
-, 2012 , . -
IP- , -
(, , )
.
201
12.5.
,
, ,
, :
, -
;
-
, - -
;
, , -
, .
, -
,
, !
" " . -
, ""
, .
,
,
, , -
. .
.
, -
, ,
.
, -
, , ,
, -
( ). , !
, -
, -
.
90- -
, " " -
.
202 12
-
. -
, -
, .
, ,
-
. .
. ! -
!
, . , ! -
! ! ,
, . , ,
! .
, , -
...
( ), , , , ,
... , ... -
.
,
...
, , -
,
Novell Netware.
, , -
, "" () -
.
, , -
! .
!
,
.
. , -
. , . . -
Supervisor ( Novell Netware), -
. !
, .
,
, . -
. : "
203
- -, - -...
...".
, - -
( ?).
.
,
. ! - ,
! :
.
,
, - .
!
! , , -
, .
. , -
-, ,
...
, !
, , , . ,
...
, ,
.
, ,
-
, .
"", "", " "
, (. 12.30).
(. 12.31).
Buhs , -
, () -
. -
Buhs ,
, . -
.
,
, -
.
204 12
. 12.30
. 12.31
205
, . . -
, ,
, . .,
.
, , -
,
.
, , -
.
, -
! ! -
( ) ,
"" - ...
, , ----- ! ?!
-
- ,
"" " SecretNet". -
, . -
-
Windows, .
,
. ,
, ,
Word, Excel, .
-
. , -
Windows 7, :
gpedit.msc.
-
| |
Windows
(. 12.32).
, -
,
: winword.exe, excel.exe, notepad.exe,
calc.exe (.12.33).
206 12
. 12.32
, -
.
, ,
Windows 7 gpedit.msc, ,
. , !
, . , -
, ( ),
.
. -
(. 8).
gpedit.msc?
, Windows 7. -
: Ultimate, Professional Enterprise.
? , .
, , , . -
!
207
. 12.33
. , -
( ):
1. , , gpedit.msc -
. , -
, .
2. Advanced
Registry Tracer .
3. . -
, ,
. .
4. . -
( Advanced Registry Tracer). -
( ).
,
.
208 12
5. ,
.
6. , , .
,
.
.
, , , -
-
, , -
.
"Group Policy Settings Reference for
Windows and Windows Server", :
http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=25250
12.6.
""
"" - (-
)
- .
, "-
"!
, .
, -
(""). -
(. 12.34
12.35).
.
. -
. 12.34
209
. 12.35
, -
. , ,
, . -
,
.
" "
, "" MAC-,
, QSS (Quick Secure Setup), -
, , -
-
...
, , " ",
-
. , -
- (" " ),
.
"" , -
,
.
: "PSK password", ,
:
12 ( );
-
;
, .
, -
.
210 12
12.7. VPN
VPN Virtual Private Network, () .
, -
(PDN Public Data Network, ).
, ,
.
VPN -
. , , - -
, VPN Tor, .
, , ,
,
VPN.
,
VPN, , -
. 9 -
.
TeamViewer
VPN. -
| | | -
VPN (. 12.36).
-
VPN (. 12.37).
VPN-,
(. 12.38).
VPN-
TeamViewer, . , -
.
VPN Windows Linux
, -
.
IPSec.
IPSec ( ) -
.
.
IPSec , , VPN-
Cisco:
Cisco, CiscoSecure PIX, CiscoVPN...
211
. 12.36
. 12.37
212 12
. 12.38
12.8.
10 ,
() -
.
, - , -
"", -
, -
.
, -
, , -
"1:", -,
mail-, , . .
213
, -
"" ( ).
, , -
, 99%
.
1. , , -
, ( -
)! , , ,
(, -, -...). -
.
2. , ,
.
3. - - -
, ! , ,
! , -
. -
!
, -
. -
,
.
4.
(, ) "" , ,
!
5. (!!!) -
,
! ,
,
... , "
".
6. ,
!
7. " " : -
, . , ,
. , -
.
,
, , .
214 12
, 1, . . ,
! , , ,
"" ,
!
, , ,
.
! , ... - , -
, - -
, , : " -
, !
, ,
, !" !
: " -?! -
, ".
: , -
? ? ,
? -
? ? : (-
, , )... !
, , -
: ? , , -
? , -
?!
! -
! ? -
, ! , -
! !
2011 2012 , Positive Technologies (http://www.
ptsecurity.ru/ ""),
-
, .
, ,
-
.
,
- ?
! , ,
.
215
, ,
, !
12.9. ,
, , -
,
(. ).
( -
"",
, -
: , , .), -
UAC (User Account
Control ) Windows,
.
( , ):
,
, . . , -
. Google " -
Windows?", -
: , UAC, -
, . .
UAC , -
: ", , -
, .
, . . ".
! UAC "-
". "" -
Windows . UAC,
. "" -
, Acrobat Reader, -
. , Acrobat Reader -
-... UAC , -
! ,
, , -
... ( ?).
"" ? -
, , ,
Java, ,
, , -
, Windows.
, -
216 12
Java. , -
, , , -
-. -
. -
- , . .
"" .
, UAC -
, "" . -
""
.
, "" "-
" , : -
.
:
;
, -
, "" ;
, , -
;
" Windows" (
);
"" .
, " " ,
(
" ", " "
"").
-
, :
"" "";
, -
;
,
"";
"", ,
" " ;
, .
, . . -
, . "" -
"oshost.exe",
"system", . -
( ).
,
Windows. , Piriform CCleaner
"" (. 12.39).
217
. 12.39
, "oshost.exe" Windows,
. . . ,
"zaxar Game browser", (
"\AppData\Local\Shedule\"). -
. , Win-
dows - "", -
. ,
Windows, "Shedule consumer dialogue" -
, -
.
USB- -
. -
.
, : -
, .
, .
.
! , ,
! , -
, , ,
, (
:-), ), . -
. -
, . !
, ,
218 12
,
.
, ,
.
,
"oshost.exe", . . , ,
"" (. 12.40).
. 12.40
-
( -
) (. 12.41).
,
, -
... ! -
- , , ...
. -
, ,
219
, -
, ,
. -
, peer-to-peer
( 10).
. 12.41
,
" ", "", "",
" ", "", "" . . -
WebMoney . .
, ,
, .
Google Chrome
- " -
", , -
- .
Total Commander -
C:, ,
"" .
c:\Users\*****\AppData\Local\Google\Chrome\UserData\Default\databases\chrom
e-extension_jaocgokledfmfebefgbeokdodbbdjhdd_0\2
:
c:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\
favicons :
http://www.google.ru/#fp=309b8084e668c972&lr=lang_ru&newwindow=
1&psj=1&q=%22top-blogger-ru.mcdir.ru%22+%22w-vila.ru%22&tbs=
lr:lang_1ru
, jaocgokledfmfebefgbeokdodbbdjhdd -
Chrome (. 12.42).
220 12
. 12.42
.
,
" " ,
"" "", , "".
, " -
" .
, .
, . -
,
IT-.
: UNIX Windows? ,
, , : !!! , -
!
Windows , -
, .
-
,
:
-;
;
.
, . , -
InetCrack ( Naviscope) -
HTTP-. ,
: , ,
.
.
, -
, , -
. -
,
. -
, -
.
, ,
" " .
-
.
222
, ,
, ,
.
: , . -
,
...
, . ,
UNIX-1, , "" -
"" :
- . -
, , .
-
, . , -
, , ...
, -
. , -
, . -
, ,
.
1
., ., ., . Unix Linux: -
. 4- . .: , 2012.
Wi-Fi-
TP-LINK
-
(. 1).
. 1
,
(SSID). ,
(. 2).
224
. 2
, -
. -
, . . .
, , -
WPA2-PSK, , ( -
) . 3.
Wi-Fi- 225
. 3
, , ,
, Ethernet
( ) Wi-Fi ( -
). . 4 MAC- Wi-Fi--
(Wireless).
226
. 4
Wi-Fi ,
MAC- , -
(Disabled).
(
System Tools | System Log)
.
, Wi-Fi-
,
(. 5).
IP-, ,
.
(. 6).
Wi-Fi- 227
. 5
. 6
228
(. 7).
( MAC-) . 8.
. 7
--
, ( 0.0.0.0 , -
) . 9.
Wi-Fi- 229
. 8
. 9
230
Access Control -
. , , -
(. 10).
. 10
IP- (. 11).
IP- ,
(. 12).
. 11
Wi-Fi- 231
. 12
(
),
, , .
, , -
. -
8 18 (. 13).
. 13
232
, -
,
.
. ,
(. 14).
. 14
, ,
, . -
, -
.