Th ng,

Cho mng cc bn quay tr li vi Tp Ch Security365, trong 2 s u tin chng ta tho lun v mt s ch an tan thng tin trong khi s dng internet wifi cng cng hay k thut n danh khi lt web. Bn cnh l cc kin thc cn bn ca mt Web Master Trong s tip theo, chng ta s tm hiu thm v nhng khi nim ca gii hacker nh Foot Printing, Phn 2 ca Web Master : Xy Nh Trong Th Gii Phng, Tng Quan Firewall, Xy Dng Email trn nn Google App hay hng dn thit lp h thng Domain Controllercng nhiu thng tin th v khc. V cng nh mi khi, tp ch Security365 c km theo nhng phn demo cc bn c th xem hng dn trc tip mt cch nhanh chng, d dng. Cc bn hy ci t chng trnh Acrobat Reader c th c v xem tp ch! Ban Bin Tp Tp Ch Security365 xin cm n s quan tm ca cc bn, hy vng trong thi gian ti s c ng hnh cng cc bn nhiu hn na trong th gii thng tin nhiu bin i ny! Website Tp Ch Security365 http://www.security365.vn

Tin Cng Ngh

Mac OS X Lion "l din" nhiu tnh nng mi
Apple gii thiu phin bn Mac OS X Lion dnh cho cc nh pht trin h xem v nh gi trc v phin bn h iu hnh k tip ca Mac.

Tnh nng mi u tin trong Mac OS X Lion l AirDrop. y l ng dng c th thay th Dropbox. Apple m t AirDrop nh l mt phng thc cc k n gin sao chp cc tp tin t my tnh Mac sang mt my khc qua cng ngh khng dy m khng cn phi ci t. Mt tnh nng mi khc l Versions c th t ng lu lin tip cc phin bn ca ti liu v Apple cng cho bit ti liu cng d dng tr li tnh trng nh cc phin bn trc . Tnh nng ny cng n khp hon ton vi tnh nng AutoSave m cng cho php lu t ng cc ti liu khi ngi dng ang thao tc. Resume, mt tnh nng mi na, cho php hi phc li cc ng dng khi ngi dng m li hay khi ng li my tnh Mac, phn ln cc ng dng a tc v c thc hin di iOS 4.0. Vic h iu hnh Lion c v tng t vi iOS th khng phi l ngu nhin. Do trc y, Apple tng tuyn b h iu hnh Lion s tha hng nhng tnh nng tt nht t h iu hnh trn

thit b i ng ca Apple mang sang my tnh bn. Lion h tr ng dng c th chy ch ton mn hnh v h tr c ng a chm. Mt tnh nng khc c Apple thng bo trc l Mission Control s cung cp cho ngi dng m xem ng dng trn ton mn hnh v tnh nng Launchpad. Nu l thnh vin ca Mac Developer Program, cc nh pht trin s c c hi lm vic trc tip vi Lion t kho d liu trc tuyn Mac App Store. Theo thng tin t Apple, phin bn cui cng ca Lion s c mt trn th trng vo ma h ny. Phil Schiller, Ph ch tch ph trch tip th sn phm trn ton cu ca Apple, cho bit iPad chnh l ngun cm hng Lion c nhng bc ci tin ng k v hy vng cc nh pht trin s a chung mt s tnh nng nh Mission Control v Launchpad. Nh pht trin gi y cng c th dng cc tnh nng tuyt vi ca Lion mi nh ch xem ton mn hnh, dng c ng, hay tn dng tnh nng Versions v Auto Save dng cho cc ng dng ca ring h. Theo PCWorld VN

Sng gi trong ch thng mi in t Trung Quc

Trang web Alibaba.com tng c c mnh danh l mt ch trong lnh vc thng mi in t Trung Quc. Trong bi cnh bt n ca th trng c phiu thi gian qua, Alibaba.com lp mt k tch, tr thnh cng ty Internet u tin ca Trung Quc c gi tr c phiu nim yt ln n hn 20 t USD. Theo bo co hi thng 12 nm ngoi ca hng nghin cu Analysys International c tr s ti Bc Kinh, Alibaba vt qua Google v ng v tr th 2 trn th trng tm kim trc tuyn Trung Quc. C c v tr ny l nh Alibaba c trang mua sm trc tuyn Taobao. Hin nay, Alibaba s hu 9,3% th phn, trong khi Google b gim 2% cn li 8,9% th phn trong qu 3/2010.

Trong cuc hp bo hm 19/1/2011, Trng b phn chin lc Zeng Ming ca Alibaba cho bit, ngnh thng mi in t Trung Quc ang tng trng qu nhanh, v vt qu kh nng ca cc cng ty vn chuyn ca nc ny. khc phc tr ngi ny, Alibaba ang hy vng v mun pht trin ngnh kho vn. Hng ny v cc i tc ti chnh ca h s dnh khong 3,01 - 4,52 t USD trong 3-5 nm ti pht trin mng li kho vn. Alibaba hy vng giai on ti tr u tin ny s ku gi u t t cc i tc khc trong ngnh thng mi in t, nng tng s tin u t ln n 15,05 t USD. Tuy nhin, hin, bo ni trong ch ny. Alibaba va cho hay, hai lnh o hng u ca trang ny t chc nhn trch nhim sau khi mt cuc iu tra pht hin hn 2.000 nh cung cp la o khch hng, i khi vi s thng ng c cho l ca cc nhn vin bn hng. Trong thng bo gi n S giao dch chng khon Hng Kng hm 21/2, Alibaba cho bit Gim c iu hnh David Wei v Gim c kinh doanh Elvis Lee ca trang ny, nhng ngi khng lin quan n cuc iu tra, t chc nhn trch nhim v "vic vn ha ton vn ca cng ty b ph v".

Cng ty cho bit 100 i din bn hng, trong tng s 14.000 nhn vin, b sa thi v b tnh nghi lin quan n hnh vi la o khch hng. Mt s nhn vin gim st v qun l bn hng c hoc v tnh tip tay cho vic to ra cc "ca hng" gian ln bng cch cho php 2.326 nh cung cp n trnh cc bin php chng thc v kim tra. Hu ht cc cuc mua bn lin quan n vic mua hng in t tiu dng ph bin mc gi thp vi cc n t hng ti thiu theo yu cu. "Th phm thit k mt cuc tn cng c t chc nhm vo s ton vn ca nn tng Alibaba.com ginh li ch bt hp php. Vic theo ui cc li ch ti chnh ngn hn bng mi gi lm hng cc b phn cu thnh t chc bn hng ca chng ti, v c nguy c gy thit hi nghim trng cho cc gi tr ct li ca cng ty", bo co ca Alibaba vit. Alibaba bt u iu tra khi nhn thy s gia tng cc khiu ni v gian ln ca ngi mua s dng trang web Alibaba vo cui nm 2009. Cuc iu tra cho thy 1.219 nh cung cp theo dch v "Gold Supplier" gia nhp trong nm 2009 v 1.107 nh cung cp gia nhp nm 2010 gian ln i vi ngi mua. Pht ngn vin ca Alibaba cho bit, cng ty ny xa s cc ca hng ca nhng khch hng b co buc gian ln v s hp tc vi chnh quyn tm kim s n b. Nhng n lc s ph thuc mt phn vo vic ngi mua quyt nh phi c hnh ng php l. Alibaba, c tr s ti thnh ph Hng Chu Trung Quc. Doanh tri ca Alibaba Hng Chu trng ging vi cc vn phng Silicon Valley. Kin trc thong v rt phong thy. Nhn vin c th chi bng bn v mt-xa min ph. Alibaba c s h tr mnh m ca cc hng nc ngoi, l Yahoo ca M v Softbank ca Nht. K t khi thnh lp nm 1999 n nay, Alibaba.com khng ngng ln mnh. Nm 2005, Alibaba tr thnh tm im thu ht ca th gii cng ngh khi quyt nh bn cho Yahoo 35% c phn vi gi 1,7 t USD. Ngy 6/11/2007, Alibaba.com li mt ln na khin c th gii phi ch khi tin hnh pht hnh c phiu ln u ra cng chng (IPO) v huy ng c lng vn ln ti gn 2 t USD, ngang nga vi s vn m Google thu c trong t IPO nm 2004. Sau , cc nh u c y c phiu ca Alibaba.com tng gi thm 193% trong ngy giao dch u tin, khin gi tr ca cng ty vt ln 26 t USD. Theo VnEconomy

Chong vi clip Megan Fox khoe ni y nng bng

Trong mt clip qung co gn y ca Megan Fox, c din vin gi cm nht nh Holly wood ny "lt sch" qun o khoe nhng ng cong quyn r n nght th. N din vin 24 tui xut hin trong mt on qung co ngn mi b r r khoe ng cong v cng gi cm y cng l l do gii thch v sao c li c tn trong danh sch TOP 100 ca Maxim sut 4 nm qua.

Nhng ng cong nng bng ca Megan Fox Trong on clip ko di khong 40 giy, Megan Fox chn mt b lt mu en vi mt tm vi voan en trm ln c c th. Sau , c nm di trn mt chic gh bng da khoe c th sn chc cng nhng hnh xm ni ting.

Microsoft tung ra gi dit virus mi v Service Pack 1 cho Windows 7

L ra mt Service Pack 1 cho Windows 7 c t chc. Microsoft Security Essentians - gi ng dng dit virus min ph gip ngi dng Windows bo v my tnh cng c trnh lng... Cng ty Microsoft va thng bo pht hnh gi cp nht Service Pack 1 cho cc h iu hnh Windows 7 v Windows 2008 R2 ca h, theo CNews.ru. i din ca nh khng l phn mm cho bit, vic cp nht cho Windows 7 bao gm mi ci tin hin ti ca h iu hnh tng c gii thiu thng qua trung tm cp nht Windows cng nh nhng cp nht b sung thng xuyn ca nn tng ny. Gi cp nht cho Windwos Service 2008 R2 l nhng ci tin o ho nh c ch b nh ng Dynamic Memory v chc nng Microsoft RemoteFX. N cng bao gm nhng ci tin trc y vn c gii thiu thng qua trung tm cp nht v c tnh n cc nhn xt, phn hi ca khch hng v ngi dng ni chung. C ch b nh ng Dynamic Memory l phn b sung cho phn mm o ho Microsoft Hyper-V v cho php cc qun tr h thng phn b linh hot ton b khi lng b nh vt l truy cp c gia cc my tnh o. Trong khi , RemoteFX b sung chc nng bn lm vic o, thm s h tr vi Silverglight, Flash v ni dung ca cc nh dng khc. Ngoi ra, RemoteFX m bo kh nng lm vic nhp nhng trong cc ng dng vi ho 3 chiu phc tp (kiu nh AutoCAD) v xem video phn gii cao trn nhng my trm th hin chi tit.

Ngoi ra, Microsoft cng thng bo pht hnh phin bn mi ca phn mm dit virus min ph Microsoft Essentials 2.0. So vi Security Essentials pht hnh hi thng 9/2009, trong Security Essentials 2.0 c cp nht cng c dit virus m bo t l pht hin cao hn v tc lm vic nhanh hn.

ng dng c cp nht cng tng thch vi tng la ca Windows, cho php ngi dng kch hot hay v hiu ho tch hp ny trong thi gian ci t. Ngoi ra, Security Essentials 2 cng c tch hp vi trnh duyt Internet Explorer v bo v ngi dng trc cc cuc tn cng thng qua website. Phin bn th hai ca phn mm c kh nng bo v trc nhng tn cng trn mng nhng chc nng ny ch lm vic trn h iu hnh Windows Vista v Windows 7. Ngi dng c th ti v gi Service Pack 1 cho Windows 7 qua trung tm ti v ca Microsoft y. Phin bn mi ca phn mm dit virus Microsoft Essentials c ti v trn website chnh thc ca phn mm ny y. PCWorld VN

Tp Ch Security365 S 3 (21/2 28/2 | 2011)

WWW.SECURITY365.VN

ng K Domain V Web Hosting

ng K Domain V Hosting Nh Th No Trong phn tip theo chng ta s tin hnh ng k domain v hosting. a s cc nh cung cp web hosting u min ph domain khi chng ta ng k dch v t 1 nm tr ln. V vy cc bn nn tin hnh ng k tn min min ph khi mua host. mua host cc trang nh www.ipower.name hay www.dreamhost.com, chng ta cn c th thanh tan quc t nh Visa hay Master Card. Ngy nay cc th ny c th ng k d dng ti cc ngn hng nhACB, EAB, EXIM BANK Ly v d ti s ng k mt domain l host4web.org min ph ti nh cung cp IPOWER, cc bn hy m trang www.ipower.com : Lu : Nu cc bn chn ng k Domain v Hosting t nh cung cp DreamHost www.dreamhost.com hy nhp vo Promo code l VIETNAM c gim 50 $. Trn trang web hin th hy nhp vo tn domain nh host4web.org v nhn Go!

Nu tn min host4web.org c ngi ng k th h thng s thng bo v yu cu bn chn li, v d cc bn nhp vo tn hoctructuyen.org th s thy thng bo tng t nh hnh minh ha v cc domain ny c ngi ng k.

Thng bo domain hoctructuyen.org khng kh dng Chnh v tiu ch ai n trc s c ng k trc cho nn kinh doanh tn min l mt ngnh kinh doanh em li nhiu li nhun. Nhng tn min ni ting nh Business.Com hay Man.Com tng c bn vi gi nhiu triu USD. Cn i vi domain host4web.org hin cha c ai ng k nn cc bn s thy du chn mu xanh, hy b chn Domain Privacy tit kim 8.99 $ v nhn Continue qua Step 2.

Trn mn hnh Step 2 : Confirm Selection cc bn hy chn gi Pro Plan (min ph domain v chi ph ci t)

Sau nhn Continue qua bc 3 (lu khng chn vo bt c mc no trong Other Great Products tr khi bn thy tht s cn thit, theo chng ti cc bn khng nn chn vo dch v no c v sau ny nu cn chng ta c th ng k thm):

Trong bc 3 (Step 3 : Account Information) cc bn nhp vo cc thng tin ng k nh username (dng ng nhp trang qun l hosting sau ny), mt m ng nhp, a ch email :

Cng cc thng tin nh Phone number, trang web gii thiu (khng bt buc) v nhn Continue chuyn qua bc 4

Trong Step 4 : Check Out cc bn hy chn phng thc thanh tan l Credit Card (hoc s dng Check hay PayPal), cung cp thng tin Street Address, City, Postal Code v Bill State l None (International).

Cui cng l cc thng tin th tn dng ca mnh (lu ch nhp nhng thng tin ny trn cc my tnh tin cy, khng nn nhp vo trn cc my tnh cng cng hay nhng phng my internet phng bi cc chng trnh keylogger nh cp). Sau khi kim tra cc thng tin chnh xc hy nhn Check Out han tt qu trnh ng k, nu mi thng tin u hp l nh ng m s th, cn tin mua host th nh cung cp s xc nhn v cung cp ti khan web hosting trong vng 15 pht. Nu cc bn mun quay tr li nhng bc trc th hy chn Go Back kim tra li cc thng tin mnh khai bo.

Trong trng hp cc bn mun ng k hostng t Dream Host th hy vo trang www.dreamhost.com. Qu trnh ng k s tng t nh khi mua t iPower, nhng cc bn lu l ki ng k s c mt thng tin l Promode Code, hy nhp vo m u i cho khch hng Vit Nam l VIETNAM c gim gi 50 $ (bo m s c gim ngay).

Trang ng k hosting http://www.dreamhost.com/hosting.html Nh vy, cc bn c y nguyn vt liu cn thit cho qu trnh xy dng ngi nh trong th gii phng ca mnh, hay c th khi s mt cng vic kinh doanh trc tuyn, lm giu online. iu cn thit tip theo l n c cc phn cn li v tin hnh theo hng dn. Theo nhn nh ring ca chng ti cc bn nn ng k hosting t Dream Host v d s dng v c nhng tin ch nng cao rt thch hp cho mt web master mi vo ngh. V d chng ta c trang web www.hoctructuyen.org nhng sau ny ta mun i tn thnh www.security365.vn m khng mun ci li ton b trang web th c th thc hin d dng vi DreamHost.

Foot Printing
Trong hnh trn l nhng du chn in trn ct ca Web Master u tin Red Komodo ti bi bin Long Hi khi i tm kim nhng tng mi cho qu trnh pht trin ca Security365. Footprinting theo ngha en l In du n cn i vi cc CEH hay nhng Ethical Hacker th tin trnh ny bao gm nhng cng vic tm kim, thu thp nhng thng tin v mt mc tiu cn tn cng. Nh vy tin trnh Footprinting s nm trong giai an u tin ca 5 bc tn cng l Reconnaissance

Trong bi ny chng ta s tho lun v nhng ch sau:

-

Cc bc ca qu trnh Reconnaissance - Gii thiu v Footprinting - M hnh thu thp thng tin ca cc hacker/attacker Cc cng c dng tin hnh Footprinting v cc bc thc hin.

Reconnaissance l qu trnh thu thp cng nhiu thng tin cng tt v mt mc tiu cn tn cng, c th l mt trang web hay mt h thng my ch, router . Qu trnh ny bao gm 3 bc l Footprinting, Scanning (qut li mt h thng t bn trong hay bn ngai) v Enumeration, y l 3 bc pre-attack ca mt hacker m chng ta cn nh k cho k thi CEH. Trong Footprinting l tin trnh u tin dng thu thp cc thng tin cn thit ca mt t chc thng qua cc c s d liu cng khai nh cc thng tin v tn min ca t chc, danh bn in thai, cc trang vng doanh nghip tm kim a ch, s in thai,

a ch email ca cc b phn .v.v. y l bc rt quan trng v cc attacker thng dnh ra n 90% thi gian tin hnh thu thp thng tin, cn qu trnh tn cng ch din ra trong 10% trong ton b qu trnh. iu ny cng ging nh bc chun b khi chng ta cn tin hnh trin khai mt cng vic no trong qu trnh kinh doanh hay pht trin tng mi. Ging nh khi x th cn tiu dit mt mc tiu th cc cng an m anh ta cn tin hnh l : Xc nh mc tiu, Nhm/Nhm cho tht k va Bn. Trong qu trnh xc nh tm kim mc tiu v nhm bn chim nhiu thi gian nht trong tan b tin trnh.

tin hnh thu thp thng tin mt cch khoa hc, cc hacker/attacker cn thc hin theo mt s nh sau: Information Gathering Methodology

3. 4. 5. 6. 7.

1. Tm kim t cc ngun thng tin. 2. Xc nh cc dy a ch mng.

Xc nh cc my cn hat ng Tm kim nhng port m (open port) hay im truy cp ca mc tiu (access point) D tm h iu hnh ca mc tiu. Tm kim cc dch v ang hat ng trn nhng port m. Lp m hnh mng.

Trong 7 bc trn th bc 1 v 2 chinh l tin trnh Footprinting, cc bc cn li thuc giai n scanning v enumeration. Tip theo chng ta s i vo phn tch chi

tit cc bc trn v nhng thao tc k thut cn tin hnh. Trong cng an u tin Unearth initial information cc bn cn tn dng cc ngun ti nguyn

Thng tin tm kim:

Domain name. V tr. Thng tin lin lc (Telephone / mail)

Cc ngun thng tin:

Open source : Cc ngun tai nguyn m l nhng d liu cng khai nh trang vng doanh nghip, danh bn in thai. Whois Nslookup

Hacking Tool:
Sam Spade.

Trong qu trnh ny cng c tm kim Google lun l lc chn hng u ca cc attacker. Rt nhiu ngun ti liu sp xp Google l mt trong nhng cng c hacking hng u ca cc

atckker/ hacker, thm ch c c mt ti liu hng dn s dng Google tin Hacking gi l Google Hacke ca Jonhny ti trang web http://johnny.ihackstuff.com/

Internal URL : khi bit c tn domain ca cng ty, hacker c th tm ra cc my ch bn trong h thng bng cch an nhng tn my ch thng dng nh mail.domainname.com, hay www.domainname,com, Khc vi cc hnh thc thu thp thng tin trc tip th phng php thu thp thng tin b ng (Passive Information Gathering)

cng rt c a chung. Passive Information Gathering l bin php tm kim

thng tin v mc tiu t cc ngun d liu min ph trn Internet thay v lin h trc tip vi cc nhn vin hay ngi dng ca t chc. V d mt s trng hp thng tin cung cung trn web site khng p ng c yu cu cc hacker c th s dng tnh nng Way Back Machine ca trang web http://www.archive.org/index.php

V d sau l thng tin ca trang web www.security365.org vo ngy 4.12.2006 c lu tr trn archive.org. Cc bn c th tham kho Video hng dn v cch s dng Way Back Machine ti www.security365.vn v p dng thm cho mt s web site khc.

Ngai ra, c mt s trang web cung cp cc thng tin c nhn nh http://people.yahoo.com hay tm kim trn nhng trang tuyn dng nh Vietnamworks.Com hoc cc trang tuyn dng quc t.

Cc hacker cn c th s dng nhng tin ch cung cp bn trc tuyn nh Google Map hay Intelius.com tm kim v tr ca c nhn hay t chc. Chng ta cng tng nghe nguy c cc t chc khng b quc t

s dng cc cng c ny xc nh v tr tn cng trong hay hang gia Brunei b nhn dn ca mnh s dng Google Earth pht hin s t ai m h chim gi.

Xy Dng H Thng Email Mnh M Cho Doanh Nghip Vi Google App

Google App l ng dng in tan m my vi b cng c office gm x l vn bn, bng tnh, to trang web, ng dng chat v email c k hu ch ca Google. V c bit hn l cc bn c th ng k s dng min ph vi tn min ring cho doanh nghip ca mnh, hy tham kho cc hng dn sau 1 - ng k dch v Google APP: s dng dch v Google App cc bn cn s hu mt domain name (tn min ca trang web) v d nh Security365.VN. Nu cha c th cc bn c th chn mua trc tip t google vi chi ph 10 USD / 1nm hoc mua t nh cung cp trong nc nh PA, Mt Bo, FPT vi chi ph tng ng. 1 .u tin cc bn hy vo trang web http://www.google.com/a, trn trang web hin th hy chn tab Businesses and employees (phn c bao bng khung mu trn hnh)

2 .Tip theo, hy chn nt Get Start nh trong hnh minh ha. Cc bn lu l chng ta s chn nt Get Start khung bn tri ca trang web, mc Get email, productivity and collaboration tools for business

3. Trang web ng k s xut hin nhanh chng, chng ta s chn dch v min ph Standard Edition v nhn nt Sign Up :

4. Bc u tin ca tin trnh ng k l nhp vo tn domain. Hy chn button Administrator, I own or control this domain v nhp vo tn domain ca bn trong Enter your domain name (trong trng hp cha c domain name c th t mua mt tn ti nh cung cp Google bng cch chn I want to buy a domain name). Trong phn hng dn ny chng ta s nhp vo tn hoctructuyen.org v chn Get Started.

5. Bc tip theo ca tin trnh ng k, cc bn s in vo nhng thng tin c nhn ca mnh trn ca s Sign Up nh s lng ngi dng (nn nhp l 500), tn ti khan qun tr, a ch email cng vi cc thng tin v quc gia, chc danh v s in thai. Cc bn lu , nh du chn vo I understand that if I cannot alter DNS record for my domain, I may impact my organizations ability to use Google Apps (iu ny c ngha l nu nh bn khng c quyn thay i cc thit lp v DNS trn domain ca mnh th cc bn s khng s dng c mt s chc nng ca Google App nh mail, web..)

Trong phn Organization Information cc bn in vo thng tin ca t chc nh tn cng ty, ngnh ngh kinh doanh, s lng ngi dng, nhn vin trong cng ty.

Trong Does your organization currently provide email account cc bn chn No s dngchc nng email ca GMail. Sauk hi han tt hy chn Continue.

6. Tip tc bc 3, chng ta s nhp vo cc thng tin dnh cho ti khan qun tr, trong trng hp ny ti dng tn ca mnh l nttvinh, cc bn hy chn tn thch hp cng mt m ng nhp nh hnh minh ha di y han tt qu trnh khi to ti khan. Lu mt m nn c di trn 8 k t v kt hp gia s v ch hoa, ch thng tng phc tp nhm phng trnh cc chng trnh b kha theo c ch brute force (qut cn). Sau chn I accept Continue with set up :

Lc ny, qu trnh ng k dch v GoogleApp vi domain hoctructuyen.org han tt, trang web qun tr s hin th vi cc dch v m bn c th s dng vi domain ca mnh nh Chat, Mail, Docs, Calendar, Site cng tnh trng ca chng. Lc ny trng thi hat ng ca cc dch v trn l Not Active, c ngha l chng ta cn phi tin hnh mt s thao tc xc nhn tn domain. V ny gi chng ta cha chng minh vi Google mnh l ch s h hay c quyn kim sat domain trn.

Tc gi : Security365 Editor Group

Cn tip Mi cc bn n c trong cc s Tp Ch Security365 tip theo !

Khai Thc L Hng Bo Mt Ca H iu Hnh Windows

[Security365 E.Magazine] y l bi hng dn ca IT Prof Nguyn Ngc Khnh, mt bi vit c ng rt hay v d hiu. Bn cnh bi hng dn Security365 c trnh by mt bn demo km theo hng dn khai thc li bo mt DNS ca Windows Server 2003, mt l hng kh nguy him trong nm 2009. Windows l mt h iu hnh kh ph bin hin nay bi cch s dng kh thn thin. Tuy nhin n cng c rt nhiu li nguy him, trong bi vit ny ti s dng mt li kh nghim trng xm nhp vo my tnh ca victim vi ton quyn. Sau y l hng dn chi tit :

Bc 1: Khi ng chng trnh cha li ca Window thc hin Exploit Bc 2: Xem thng tin cc li hin ti:

Bc 3: Chng ta s dng li sau

Bc 4: Bn cn hon thnh cc thng s cn thit sau:

Bc 5: Cc thng s RHOST, PAYLOAD c hon thnh nh sau

Bc 6: Sau khi hon thnh ta g lnh exploit v s chim c quyn ca my i phng nh hnh sau:

Bc 7: y l giao din dng lnh ging nh trong cmd. Bn cn tm hiu v cc dng lnh trong DOS thc hin cc cng vic cn thit v d nh: chuyn sang D v xem thng tin

a nh hnh di y:

y l mt li nguy him, bn cn nhanh chng khc phc li ny. Chc bn thnh cng ! T/g : Nguyn Ngc Khnh Demo : Security365 Support Team

TNG QUAN V FIREWALL

Firewall l thut ng gy n tng mnh m trong mi trng an ton thng tin, vy bn bit g v Firewall ngai b phim cng tn do ti t go ci Harrison Ford th dinhy tham kho chuyn v Firewall do Tc gi Nguyn Tn Khoa trnh by .

1.1 nh ngha v Firewall : Firewall theo ting vit c ngha l Bc Tng la . Dng ngn chn v bo v nhng thng tin v chng vic truy cp bt hp php ca cc hacker . Firewall cng c th l mt gii php da trn phn cng v phn mm dng kim tra d liu i t bn ngoi vo my tnh hoc t my tnh ra ngoi mng Internet , c th ni Firewall l ngui bo v c nhim v kim tra giy thng hnh ca bt k gi d liu i vo hoc i ra . N ch cho php nhng gi d liu hp l i qua v loi b tt c cc gi d liu khng hp l .V vy m Firewall rt cn thit cho h thng mng. 1.2 Ti sao cn c Firewall ? Chng ta cn phi c Firewall trong h thng mng bi v n s gip hn ch trnh khi cc cuc tn cng ca cc hackers, nhng ngi mun ly cp thng tin bn trong h thng mng v mt ng c xu no thc y, cng nh l cc loi virus c hi c tnh ph hoi h thng mng my tnh bn trong cc t chc, cng ty hay my tnh c nhn ca ngi dng. 1.3. Tng quan Cc Kiu khc nhau ca cc Firewalls 1.3.1 Proxy: Cc Proxy Firewalls c chc nng l ly thng tin da trn cc yu cu ca ngi dng gi n. Cng ging nh cc loi Firewalls khc, proxy firewalls c cc lut kim sot ai c th yu cu ci g.

Khuyt im ca proxy l tr p ng cc yu cu vi thi gian kh chm v cc ng dng i khi xung t khng hot ng chnh xc c. VD: 1 my ISA Server c th ng vai tr l proxy firewall (cng nh l SPI). 1.3.2 Packet Filter Packet Filter Firewalls hay cn gi l b lc gi tin thng qua Firewall c chc nng lc tng gi tin khi m cc gi tin ny i qua Firewall, mc ch chnh l xem cc gi tin ny c hp php hay khng. Thng thng nhng cng vic lc gi thng da trn source ( ngun xut pht ca gi tin), destination (ch n), cc giao thc protocol, s hiu cng port number. Khuyt im ny l cc thng s v cc gi tin c th b cc Hackers gi mo nh la m vt qua c ch lc ca Firewall. VD: Danh sch kim sot truy cp Access Control List ca cc thit b Cisco. 1.3.3 Stateful Packet Inspection (SPI) Stateful Packet Inspection Firewalls c th hiu l trng thi ca cc knh thng tin lin lc TCP. SPI thy ton b dng chy thng tin (flow conversation) v s ghi du cc cc dng chy thng tin ny (keep track). Do n khng c d dng b nh la bi cc Hackers. VD: ISA hay cc tng la hin i khc. 1.4 Chc nng ca Firewall: Kim sot ngun thng tin gia mng Internet v my tnh. Cho php hoc khng cho php nhng dch v truy cp t h thng ra bn ngoi. Cho php hoc cm cho php nhng dch v truy cp t ngoi vo trong h thng. Chc nng theo di lung d liu mng gia Internet v my tnh kt ni mng. Kim sot a ch truy cp ca ngi s dng v ni dung nhn c t Internet. Chng li nhng t truy cp bt hp php ca cc hacker. 1.5 Kin Trc Firewall c bn Khi ni n vic lu thng d liu gia cc mng vi nhau thng qua firewall th iu c ngha rng firewall hot ng kt hp cht ch vi giao thc TCP/IP.V giao thc ny lm vic theo thut ton chia nh cc d liu nhn c t cc ng dng trn mng, hay chnh xc hn l cc dch v chy trn cc giao thc (Telnet, SMTP, DSN, SMNP, NFS,...) thnh cc gi d liu (data packets) ri gn cho cc packet ny nhng a ch c th nhn dng ti lp li ch cn gi n, do cc loi firewall cng lin quan rt nhiu n cc packet v nhng con s a ch ca chng .Ngy nay:Firewall c xy dng da trn c s b lc gi (packet filter) v Firewall xy dng trn cng ng dng (Application gateway) v 1 s firewall khc Bastion Host Firewall (pho i Phng Ng). 1.5.1 Tng la b lc gi tin ( Packet filtering firewall ) Loi firewall ny thc hin vic kim tra s nhn dng a ch ca cc packet cho php chng c th lu thng qua li hay khng. Cc thng s c th lc c ca mt packet nh sau: a ch IP ni xut pht (source IP address). a ch IP ni nhn (destination IP address). Cng TCP ni xut pht (TCP source port). Cng TCP ni nhn (TCP destination port).

Nh vy m firewall c th ngn cn c cc kt ni vo nhng my ch hoc mng no c xc nh, hoc kha vic truy cp vo h thng ni b t nhng a ch khng cho php. Hn na vic kim sot cc cng lm cho firewall c kh nng ch cho php mt s loi kt ni nht nh vo my ch no , hoc ch c nhng dch v no (Telnet, SMTP, FTP,...) c php mi chy c trn h thng mng ni b.

Hnh 1. Tng la b lc gi

1.5.2 Cng tn ng dng (Application gateway) Cng tng ng dng l mt thit b bnh phong bo mt dng phn tch cc gi d liu c chuyn vo. Khi cc gi d liu t bn ngoi n cng, chng c kim tra v lng gi xc nh xem chnh sch bo mt c cho php chng vo mng hay khng. My phc v khng ch nh gi tr cc a ch IP m cn xem xt d liu trong cc gi tm li v sa sai.

Hnh 2. Tng la cng tn ng dng

Mt cng tng ng dng in hnh c th cung cp cc dch v y quyn cho cc ng dng v giao thc nh Telnet, FTP ( File Transfer Protool), HTTP ( Hypertext Transfer Protocol), v SMTP ( Simple Mail Transfer Protocol). Cng ng dng ny khng cho php bt k mt gi tin no i thng trc tip gia hai mng, m loi Firewall ny c thit kt tng cng kh nng kim sot thng qua dch v ngi i din (Proxy Service). Khi mt trm bn ngoi mun kt ni vi cc trm bn trong tng la thng qua mt dch v no th trm bn ngoi phi thng qua Proxy Service. Nu dch v v a trm bn ngoi khng thuc din cm thng qua i vi Proxy th Proxy Service s i tm trm ch bn trong tng la to kt ni vi trm bn ngoi v ngc li cc trm bn trong mun kt ni ra ngoi cng vy. Vi cch thc ny th s nh bi c mt s loi tn cng c bn nh gy trn b m ca tng la. Tuy nhin cng c mt s hn ch i vi dng tng la loi ny l: y l loi tng la c ci t cho tng loi dch v ring r trn mng v d nh Telnet, Mail, FPT. Nu chng ta mun h tr mt dch v no cho mng ca mnh thng qua tng la th chng ta nht thit phi thm vo proxy cho loi dch v . V vy nu trn mng bn ngoi c thm mt dich v mi no th ngi qun tri tng la phi xy dng chnh sch i din thch hp vi dch v . C hai nguyn tc to ra chnh sch i din mc nh y l hoc t chi tt c nhng th khng c i din, hoc l chp nhn tt c nhng dch v khng c dch v i din trn tng la. Nhng c hai cch ny du gy ra nhng nguy c an ninh v bt tin mi cho h thng mng bn trong tng la. 1.5.3 Bastion Host Firewall (Pho i phng ng) L mt trm c cu hnh chn ng mi cuc tn cng t pha bn ngoi vo. y l im giao tip trc tip vi mng khng tin cy bn ngoi do d b tn cng nht. C hai dng ca my phng th.

Hnh 3. Screened Subnet My phng th c hai card mng, mt ni vi h thng bn trong ( mng ni b ) v card cn li ni vi bn ngoi mng Internet. y l dng tng la c t rt sm, n yu cu ngi s dng bn trong phi kt ni vi tng la trc khi lm vic vi mng bn ngoi. Vi gii php ny tng la c lp c mng bn trong vi mng bn ngoi bng nhng my phng th ( host) nhng n cng to ra mt s thiu t nhin trong vic kt ni gia ngi s dng bn trong vi mng bn ngoi.

Dng th hai ca c cu phng th ny l my phng th c mt card mng c ni trc tip n mt h ring bit trn mng gateway mc ng dng. Gateway ny cung cp iu khin vo ra. B nh tuyn ( rounter) c nhiu chc nng trong cu hnh ny N khng ch nh hng cc gi n h ni b, m cn cho php cc h thng ni m kt ni vi Internet hoc khng cho php kt ni. Kin trc screening subnet cn b sung thm tng an ton tch mng ni b vi Internet. L do lm vic ny l trnh cho mng ni b khi b tn cng nu nh bastion host b nh sp. 1.6 Nguyn tc hot ng ca Firewall Trong phn ny s i su vo 3 hot ng chnh ca mt tng la l : iu khin truy nhp (Access control), qun l xc thc(Authentication) v ghi nht k truy nhp (activity logging). Nh trn gii thiu c hai loi tng la vi 2 cch iu khin truy nhp khc nhau l quy ch b lc gi (packet filter ) v chnh sch ngi i din ng dng. iu khin truy nhp ph thuc vo s nhn dng ng n ca cc yu cu i khi cn ph thuc vo nh ngha quyn xc thc ca ngi s dng. 1.7 iu khin truy cp (Access Control) 1.7.1 V tr xy ra qu trnh x l gi hiu c firewall hot ng nh th no th trc ht hy quan tm n ng i ca cc gi tin s dn n firewall . C 3 ng dn ph bin m mt gi tin c th i qua ty thuc vo dng tng la c ci t. Mt gi tin c th vt qua mt tng la mc tng ng dng, mc nhn h iu hnh hoc l mc card giao tip mng. Hu ht cc tng la u kim sot v cho php cc gi i qua 3 mc ny.

Hnh 4. iu Khin truy cp

c c tc x l cao hn cc router, b lc gi c thit lp trn phn m rng ca thit b trn card giao tip mng vi mt b x l c bit ti u qu trnh x l cc gi. lu cha y vi tc cao b x l trn card giao tip mng ch h tr nhng lut x l n gin nh cc php so snh nh phn. Nhng dch v khc khng c h tr y. Nhng router v nhng trm lun chuyn gi khc th qu trnh lc cc gi tin thng din ra mc nhn h iu hnh hn l mc card giao tip mng. Thng thng qu trnh lc c thc thi trn cc b x l chuyn dng cho php tng la c th thc hin qu trnh lc v kim nh mt cch chun xc,

tinh xo hn l trn cc card giao tip mng tch hp tnh lc. Hn na qu trnh x l cc gi ti mc nhn h iu hnh nhanh hn mc tng ng dng bi v qu trnh lp lch v trn b nh c trnh. Tuy nhin qu trnh x l nhn thng i hi tt c cc thng tin cn thit cho vic lc gi phi c cha trong b nh thay v trn a. Mt gi phi c x l v c cho qua m khng cn phi i trn a iu ny s lm hn ch cc dng gi v s lng cc gi c x l mc ny. Qu trnh x l mc tng ng dng c th cung cp mt chnh sch an ninh tt nht. Mc ng dng c th truy cp n tt c cc ti nguyn h thng bao gm a, cc mng, b nh, th vin cc chng trnh v c nhng tin trnh khc. Tng ng dng l tng trn cng trong cu trc phn tng ca giao thc mng do n khng b gii hn bi cc tng thp hn n. 1.7.2 Hot ng lc gi. Hot ng lc cc gi c th din ra mt trong 3 mc x l gi nh trn trnh by nhng n thng c h tr mc card giao tip mng hoc mc nhn h iu hnh. Mt b lc gi s cn c vo phn a ch IP cha trong gi tin quyt nh xem gi c c cho php vt qua hay b chn li. Gi c cho qua s c chuyn n trm ch hoc router tip theo. Gi b chn li s b loi b. 1.7.3 Lut lc : B lc s kim tra 5 mng thng tin trong khi IP phn u ca gi tin cc thng tin bao gm : + Field Purpose + Source IP address a ch IP ca trm ngun gigi tin. + Destination IP address a ch IP ca trm ch gi tin s i ti + Upper level Protocol ( l TCP hocUDP) + Cho giao thc khc v dch v khc. + TCP or UDP source port number S hiu cng ca trm ngun gigi ra. + TCP or UDP destination port number S hiu cng ca trm dch s nhn gi tin. Khi c c cc thng tin trn ca cc gi, b lc s so snh chng vi mt tp hp cc lut a ra quyt nh. Mt lut lc l s kt hp mt gi tr hoc min gi tr ca mi trng thng tin trn v quyt nh s c a ra nu tt c cc thng tin ca gi c so khp vi cc thng tin ca cc lut. Mt b lc gi s thc hin vic kim tra s hp l ca cc gi rt n gin v rt nhanh ch bng cc php so snh nh phn. Quyt nh (cho php hoc cm) s c a ra ngay sau khi b lc tm thy mt lut no hon ton so khp vi thng tin m n c c v gi tin do trt t sp xp cc lut cng rt quan trng n gp phn lm cho qu trnh lc c nhanh hn. C mt iu ng quan tm y l danh sch lut l hu hn v ta khng th lng ht c cc tnh hung a ra tt c cc lut c v vy phi c mt lut mc nh y nu nh khi xem xt ht tt c cc lut trong danh sch lut ri m b lc vn khng th a ra c quyt nh th lut mc nh ny s gip b lc a ra quyt nh. C 2 tng ch o trong vic to ra lut mc nh ny l hoc l t chi tt c hoc chp nhn tt c, c ngha l tt c cc gi c thng tin khng tho mn tp lut th b t chi cho qua hoc chp nhn cho qua ht.

1.7.4 Hot ng ca tng la ngi i din ng dng

Hnh 5. Hot ng ca 1 Proxy Application Ngi s dng trc ht phi thit lp mt kt ni n ngi i din ng dng trn tng la (1). i din ng dng ny s tp hp cc thng tin lin quan n mi lin kt v yu cu ca ngi s dng ( 2). Tng la s s dng thng tin ny quyt nh liu yu cu c c cho php thc thi hay khng. Nu yu cu t pha ngi dng l tho ng th ngi i din trn tng la s to mt kt ni khc t tng la n ch d kin (3). Sau ngi i din s ng vai tr nh mt con thoi truyn ti d liu gia 2 mi kt ni (4 ). C 2 im cn lu y l: Th nht, kt ni u tin phi c thit lp n ngi i din trn tng la thay v ni trc tip n trm mong mun kt ni. Th hai, ngi i din trn tng la phi c c a ch IP ca trm ch. Trc khi ngi s dng hoc mt ng dng no mun kt ni n ngi i din ng dng th phi thit lp kt ni n tng la, kt ni ny phi s dng phng php chun cung cp tn hoc a ch IP ca trm trm ch mong mun. y khng phi l mt cng vic d dng v giao thc tng ng dng lun c inh v thng khng h tr s vt qua ca nhng thng tin c thm vo. khc phc c im ny c rt nhiu gii php bt buc ngi s dng v cc ng dng phi tun theo. Kt ni trc tip. y l gii php u tin cho php ngi s dng thit lp kt ni trc tip n tng la thng qua a ch v s hiu cng ngi i din sau ngi i din s hi ngi s dng bit c a ch ca trm mong mun kt ni. y l mt phng php th c s dng bi nhng tng la s khai v th khng c a dng. S dng chng trnh h tr my khch. Gii php tip theo s dng trong vic ci t ngi i din l phi c mt chng trinh h tr t trn my ca ngi s dng. Ngi s dng s chy ng dng c bit to kt ni n tng la. Ngi s dng ch vic cung cp a ch hoc tn ca trm ch cho ng dng b tr. a ch tng la s c ng dng b tr ny ly ra t file cu hnh cc b sau n s thit lp kt ni n ngi i din trn tng la.

Gii php ny t ra hu hiu v trong sut i vi ngi s dng tuy nhin hn ch ca n l mi chng trnh h tr my khch ch thc hin tng ng vi mt dch v no ca mng m thi. S dng ngi i din tng hnh. Mt phng php na c s dng hin nay cho vic kt ni n i din ng dng trn tng la l s dng i din tng hnh ( n). Vi gii php ny th ngi s dng khng cn n chng trnh h tr my khch hoc kt ni trc tip n tng la. y ngi ta s dng phng php d ng cn bn, mi kt ni n cc mng bn ngoi u phi nh hng thng qua tng la. Cc gi khi vo trong tng la t ng s i hng n mt i din ng dng mng mun. ng dng i din c c a ch trm ch mt cch chnh xc bng cch ly a ch trm ch ca phin. Trong trng hp ny tng la gi mo thnh mt trm ch v chn cc phin li. Khi mt kt ni c thit lp n i din trn tng la th trnh ng dng my khch s ngh rng n ang kt ni n mt trm ch tht s. Nu c phn quyn th i din ng dng trn tng la s dng mt hm i din to ra lin kt th hai n trm ch tht. 1.7.5 Qun l xc thc y l chc nng ngn cn vic truy cp tri php vo h thng mng ni b. Cc h iu hnh qun l mng ch kim sot mt cch khng cht ch tn ngi s dng v password c ng k, v i lc chnh ngi s dng c y nhim li v l password ca mnh. Hu qu ca vic ny c khi l rt nghim trng. N tr nn cng quan trng hn i vi nhng h thng mng ln c nhiu ngi s dng. C hai giao thc chun thng dng nht hin nay kt hp lm vic vi LAN. RADIUS (Remote Authen-tication Dial-In User Service) TACAC+ (Terminal Access Controller Access Control System Extended) Thng thng chc nng authentication c thc hin vi s phi hp ca mt thit b phn cng hoc phn mm c tch hp sn bn trong cc phn mm (gii m theo thut ton v tiu chun kha m nh trc). Khi mt thao tc truy cp vo mng c thc hin (kim tra ng User Name v Password), h qun l xc thc s gi n my tnh ca ngi dng ang xin truy cp vo mng mt chui cc k t gi l Challenge (cu thch ), ngi dng ny s nhp vo Token chui Challenge v s nhn c mt chui k t mi gi l PIN (Personal Identification Number - s nhn dng c nhn). Nh PIN m ngi dng c th truy cp vo h thng mng. iu c bit l Challenge v PIN thay i tng pht mt, cc Token c th c nh v thay i Cryptor Key (kha m) ty ngi s dng nn vic bo mt gn nh l tuyt i. 1.7.6 Kim tra v Cnh bo cung cp thng tin v nhng hot ng ca mng ti ngi qun tr hu ht cc tng la ghi chp cc thng tin vo files (log files) v lu gi trn a. Mt tng la hon chnh phi ghi chp y cc thng tin v cc kt ni thnh cng v c khng thnh cng. Cc thng tin ny rt hu ch cho vic pht hin kp thi nhng l hng trn tng la. Mt log file chun phi c cc thng tin sau: Thi gian bt u v kt thc ca mt phin

 a ch trm ngun. a ch trm ch. Giao thc s dng (TCP hay UDP) Cng c m trn trm ch. Kt qu ca vic kt ni ( thnh cng hay b t chi). Tn ngi s dng nu xc thc c s dng. Ngoi ra cn c th c thm cc thng tin v s gi c chuyn qua, s ln lp li ca kt ni . 1.8. Chnh sch an ninh bo mt Security Policy tng cng cc bin php bo v h thng mng th ngoi cc tiu chun v k thut th bao gi vic thit k 1 chnh sch an ninh bo mt l rt quan trng trong vic trin khai h thng Firewalls . Bi v chnh sch ny s lit k chi tit cc Firewall rules ca h thng bn ang qun l. V d: 1 Chnh sch Policy s nh ngha lung d liu bng thng traffic no c php i vo v i ra h thng mng ca cng ty bi ai, khi no, v cc s kin no s b log (ghi vt trong nht k ). Vi nhng thng tin t v d trn th nhn vin qun tr firewall s to ra cc firewall rules bo v h thng mnh ang qun l. Do chnh sch an ninh bo mt Security Policy nn c vit ra trc khi m tin hnh p dng cc bin php k thut cu hnh da trn chnh sch ny. Tc gi : Nguyen Tan Khoa
Cn tip Mi cc bn n xem trong s tip theo ca Tp ch Security365