Excelente artigo da Windows Security (atualmetne na parte 3), aborda a análise em detalhes de um ataque a uma rede que possui uma falha de segurança, abordando desde as ferramentas utilizadas no reconhecimento e idenficação da falha, até a sua exploração. As ferramentas citadas incluem Snort, Metasploit e Netcat. Uma leitura muito interessante para administradores preocupados com segurança.
This article series will be based upon a network system breach. What we shall cover is the actual hack itself, from the reconnaissance stage, through to enumeration, network service exploitation, and ending with post-exploitation strategies. All of these steps will then be viewed at the packet level, and then explained. Being able to view, and understand an attack at the packet level is critically important for both system administrators (sys admin) and network security personnel. The output of firewalls, Intrusion Detection Systems (IDS) and other security devices will always in turn lead you to look at the actual network traffic. If you don’t understand what you are looking at, at the packet level, then all of the network security technology you have is utterly useless. This will then be followed by how to write a Snort signature based off of the attack traffic.
Nenhum comentário:
Postar um comentário