- { , ( , )}. "" - . , 4-. , ( , , , ).
( ) - .
,
, , - { , }, , . "" ( , ). , "" , .. , "" . , - .
- , . , , "-" "-", , - . , . , .
. -. -. . : . .
, , - -; . " ", " ". , . .
- , .
, ( ) , .
|
|
́ ́ ́ ́ () , [1].
[ | - ]
- ( );
- ;
- , ;
- ( , ).
[ | - ]
:
- , ,
- , , , - ,
- , ,
- ( ), .
[ | - ]
[ | -]
:
- -
- -
[ | -]
- ( )
- ( ).
[ | -]
- -
- -. ( ). . . . : ; ; , . , ; .
- , [2].
: Microsoft Access, Paradox, dBase, FoxPro, Visual FoxPro.
- -
- , . - . - . : ; ; , .
|
|
: Oracle, Firebird, Interbase, IBM DB2, Informix, MS SQL Server, Sybase Adaptive Server Enterprise, PostgreSQL, MySQL, Caché, .
, , . . . SQL .
: OpenEdge, SQLite, BerkeleyDB, Firebird Embedded, Microsoft SQL Server Compact, .
[ | - ]
, . .
, :
- ;
- , . , ;
- . , , , ;
- .
.
18 .
, , , .
:
, ;
;
, ;
, .
(). , , . .
. .
. . , . , , : , , , .
, , , , .
|
|
, :
;
;
;
;
;
.
, . . . .
, , . , . , , . .
- .
(vulnerability) , . , . , , .
1999 MITRE Corporation (http://www.mitre.org) , . CVE (Common Vulnerability Enumeration), Common Vulnerabilities and Exposures. .
CVE MITRE . , ISS, Cisco, BindView, Axent, NFR, L-3, CyberSafe, CERT, Carnegie Mellon University, SANS, UC Davis Computer Security Lab, CERIAS .. CVE Internet Security Systems, Cisco, Axent, BindView, IBM . , , CVE .
(), (. 1).
1
, . , , , ( ) .
|
|
, TCP/IP. , , TCP/IP.
( ) . - " " ("buffer overflow") , , sendmail Internet Explorer. - . Tandem, 1 1992 . 7 1993 . 3 Tandem BASE23 Nucleus, . - 1983 ., .
- . . . , Telnet, "" 6 , (accounts) , (, SYSADM DBSNMP Oracle), .. ( 3).
3.
/ | |
( ) | |
- .
" " (.1) " " (.2), .. . ( , ..) . () , . , .. ( 1998 ) - .
. " " (.3) " " (.4).
"" " ", , Flood- Storm- ( "", "" ""). . , "" . SYN-Flood, Smurf, UDP Flood, Targa3 .. , , "" . , . Internet, , .
21
:
- " ",
- " ",
|
|
- .
, , , . (" ") ( 11.5).
C - . "" . ( , , ..). , . . , . , Unix Windows NT. , - . , , , , .. , , , .
:
- SYN Flood, Teardrop, UDP Bomb - ;
- CGI- - ;
- PHF - ..
, , , "" . , . - . , , .. . , . , .. . , .
.
:
- , ;
- .
. . , - .
11.2.1
- . , , .. .
11.2.1.1
. , , - "" . "" (, ) , (, ISP) .. , , ( , ..).
11.2.1.2
, :
- TTL (TTL modulation),
- (record route).
traceroute Unix tracert Windows. Time to Live (" ") IP-, . ICMP- ping. SNMP, , . RIP .. (, HP OpenView, Cabletron SPECTRUM, MS Visio ..) . .
11.2.1.3
, , ping ECHO_REQUEST ICMP. ECHO_REPLY , . , , , fping nmap. , ECHO_REQUEST . , .
. .
1 ICMP- ( ). , MS Proxy Server 2.0 ICMP. . , ICMP- " " - , ..
2 ICMP- , , , .
- "" , . , , .. . DNS, .
11.2. 1.4
, , (port scanning). , TCP UDP. :
- 80- Web-,
- 25- - SMTP-,
- 31337- - BackOrifice,
- 12345- 12346- - NetBus ..
, .. . , nmap netcat.
11.2.1.5
- , TCP/IP- . - TCP/IP, , .
, , - , . , 139- , , , Windows. . , nmap queso.
11.2.1.6
, , Web-. , , .. , 80- Web-, ICMP- , DNS- proxy.domain.ru fw.domain.ru .
11.2.1.7
- . , . ShadowSecurityScanner, nmap, Retina ..
11.2.2
. , .. , , , " ". :
- ;
- .
11.2.2.1
(, ). . , , "" () Java. "" ( VPN), . (, L0phtCrack Crack).
11.2.2.2
. " " (, NetBus BackOrifice). "" , . . . , EEPROM . (, Novell Netware).
11.2.2.3
, . -, . -, . , , . , . , .
11.2.3
" " . , , "" .
22
:
- , , ; ;
- , , ; ;
- , , ; , ;
- , , , , ; , , - , , - , .
:
- , ^ , ;
- - ;
- - , , ;
- , ;
- , , , , ;
- - , , .
- .
24 .
, .1 . 2009 .
, , , , . .
5092296.
, .
, , .
. , , / .
.
, () .
.
. , , , , , . . , .
/ , , , , , - .
, , , . .
, , , (, , ) . .
() , , . . :
(, , , , , , , . .);
, , , ; (, .), , . .;
, , , , . .;
.
, , , , :
(, , , ), , , . .;
, , . ;
, . , .
, , . .
, . , , : ; ( ); ; ; . () (, , ). .
( ) .