Professional Documents
Culture Documents
vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
NG DNG THC T
M t ni dung: Cng ty ITVietnam hot ng trong lnh vc CNTT, nhm nng cao tnh bo mt cho h tng CNTT ca Cty bn hy tm tt c cc l hng nu c v a ra bin php gii quyt cc l hng . Yu cu thc hin: Tm thng tin v Domain Hng dn thc hin step by step Ta vo trang www.whois.net tm kim thng tin. Nhp vo domain m mnh mun tm kim thng tin.
Thu thp cc thng tin ca doanh nghip. a ra cc gii php bo mt cho doanh nghip.
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NG DNG THC T
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NG DNG THC T
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
NG DNG THC T
S dng tin ch: Reverse IP domain lookup c th xem cc host tn ti trn mt IP www.domaintools.com/reverse-ip
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NI DUNG THC HNH vic tm kim c thng tin ny rt cn thit vi Hacker, bi v da vo thng tin s dng chung Server ny, Hacker c th thng qua cc website b li trong danh sch trn v tn cng vo server t kim sot tt c cc website c hosting trn Server. Tnh hung 2 M t ni dung: nhm nng cao tnh bo mt cho domain: www.vnexpress.net bn hy tm tt c cc l hng nu c v a ra bin php gii quyt cc l hng . Yu cu thc hin: tm thng tin domain. Gi thc hin Sinh vin ghi tm tt qu trnh thc hin: .. BI TP 02 Tnh hung 1
NG DNG THC T
M t ni dung: s dng cc k thut Footprinting tm kim thng tin Yu cu thc hin: tm thng tin Email Hng dn thc hin step by step S dng phn mm 1st Email address Spider 2006 tm kim thng tin email
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NG DNG THC T
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC Tnh hung 2
NG DNG THC T
M t ni dung: cng ty bn lm trong lnh vc qung co, bn mun tm cc a ch email c ui: vnn.vn gi mail qung co Yu cu thc hin: tm thng tin email c ui @vnn.vn Gi thc hin
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NG DNG THC T
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NG DNG THC T
im nh gi:...GVHD k tn:.
Module 02 Lession 02 Scan Network K nng t c 3 D tm cc l hng ca h iu hnh. D tm cc l hng ca cc ng dng. Cc phng php tm kim vi Gii thiu v Scanning: Scanning hay cn gi l qut mng l bc khng th thiu c trong qu trnh tn cng vo h thng mng ca hacker. Nu lm bc ny tt Hacker s mau chng pht hin c li ca h thng v d nh li RPC ca Window hay li trn phn mm dch v web nh Apache v.v. V t nhng li ny, hacker c th s dng nhng on m c hi(t cc trang web) tn cng vo h thng, ti t nht l ly shell. Phn mm scanning c rt nhiu loi, gm cc phm mm thng mi nh Retina, GFI, v cc phn mm min ph nh Nmap, Nessus. Thng thng cc n bn thng mi c th update cc bug li mi t internet v c th d tm c nhng li mi hn. Cc phn mm scanning c th gip ngi qun tr tm c li ca h thng, ng thi a ra cc gii php sa li nh update Service patch hay s dng cc policy hp l hn. BI TP 03: Tnh hung 1 M t ni dung: Cty bn s dng h iu hnh Windows phc v cho cc ng dng trong doanh nghip, m bo h thng l an ton. Bn cn? Yu cu thc hin: s dng cc cng c cn thit d tm cc l hng ca h iu hnh Windows
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
NI DUNG THC HNH Hng dn thc hin step by step S dng Nmap tm kim l hng ca h diu hnh Cc lnh thng s dng trong Nmap
NG DNG THC T
10
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NG DNG THC T
11
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NG DNG THC T
12
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NG DNG THC T
Ta c kt qu nh sau:
13
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NI DUNG THC HNH Starting Nmap 5.51 ( http://nmap.org ) at 2012-02-10 13:48 SE Asia Standard Time NSE: Loaded 57 scripts for scanning. Initiating ARP Ping Scan at 13:48 Scanning 192.168.204.129 [1 port] Completed ARP Ping Scan at 13:48, 0.17s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 13:48 Completed Parallel DNS resolution of 1 host. at 13:48, 16.53s elapsed Initiating SYN Stealth Scan at 13:48 Scanning 192.168.204.129 [1000 ports] Discovered open port 587/tcp on 192.168.204.129 Discovered open port 25/tcp on 192.168.204.129 Discovered open port 143/tcp on 192.168.204.129 Discovered open port 110/tcp on 192.168.204.129 Discovered open port 443/tcp on 192.168.204.129 Discovered open port 995/tcp on 192.168.204.129 Discovered open port 993/tcp on 192.168.204.129 Discovered open port 139/tcp on 192.168.204.129 Discovered open port 80/tcp on 192.168.204.129 Discovered open port 445/tcp on 192.168.204.129
NG DNG THC T
14
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NI DUNG THC HNH Discovered open port 135/tcp on 192.168.204.129 Discovered open port 1025/tcp on 192.168.204.129 Discovered open port 53/tcp on 192.168.204.129 Discovered open port 88/tcp on 192.168.204.129 Discovered open port 6001/tcp on 192.168.204.129 Discovered open port 389/tcp on 192.168.204.129 Discovered open port 3268/tcp on 192.168.204.129 Discovered open port 1031/tcp on 192.168.204.129 Discovered open port 6004/tcp on 192.168.204.129 Discovered open port 593/tcp on 192.168.204.129 Discovered open port 464/tcp on 192.168.204.129 Discovered open port 3269/tcp on 192.168.204.129 Discovered open port 1166/tcp on 192.168.204.129 Discovered open port 1049/tcp on 192.168.204.129 Discovered open port 6002/tcp on 192.168.204.129 Discovered open port 636/tcp on 192.168.204.129 Completed SYN Stealth Scan at 13:48, 1.31s elapsed (1000 total ports) Initiating Service scan at 13:48 Scanning 26 services on 192.168.204.129
NG DNG THC T
15
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NI DUNG THC HNH Completed Service scan at 13:50, 80.30s elapsed (26 services on 1 host) Initiating OS detection (try #1) against 192.168.204.129 NSE: Script scanning 192.168.204.129. Initiating NSE at 13:50 Completed NSE at 13:50, 22.41s elapsed Nmap scan report for 192.168.204.129 Host is up (0.00s latency). Not shown: 974 closed ports PORT STATE SERVICE VERSION Microsoft Exchange ESMTP 25/tcp open smtp
NG DNG THC T
| smtp-commands: SRVEX.trantot.com Hello [192.168.204.128], SIZE, PIPELINING, DSN, ENHANCEDSTATUSCODES, STARTTLS, X-ANONYMOUSTLS, AUTH NTLM LOGIN, X-EXPS GSSAPI NTLM, 8BITMIME, BINARYMIME, CHUNKING, XEXCH50, XRDST |_ This server supports the following commands: HELO EHLO STARTTLS RCPT DATA RSET MAIL QUIT HELP AUTH BDAT 53/tcp open domain 80/tcp open http Microsoft DNS Microsoft IIS httpd 6.0
|_http-title: The page must be viewed over a secure channel |_http-methods: No Allow or Public header in OPTIONS response (status code 403) 88/tcp open kerberos-sec Microsoft Windows kerberos-sec
16
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC 110/tcp open pop3 135/tcp open msrpc 139/tcp open netbios-ssn 143/tcp open imap 389/tcp open ldap 443/tcp open ssl/http
NI DUNG THC HNH MS Exchange 2007 pop3d Microsoft Windows RPC Microsoft Exchange 2007-2008 imapd
NG DNG THC T
| http-methods: OPTIONS TRACE GET HEAD POST | Potentially risky methods: TRACE |_See http://nmap.org/nsedoc/scripts/http-methods.html |_sslv2: server still supports SSLv2 |_http-title: Under Construction 445/tcp open microsoft-ds Microsoft Windows 2003 or 2008 microsoft-ds 464/tcp open kpasswd5? 587/tcp open smtp Microsoft Exchange ESMTP | smtp-commands: SRVEX.trantot.com Hello [192.168.204.128], SIZE 10485760, PIPELINING, DSN, ENHANCEDSTATUSCODES, STARTTLS, AUTH GSSAPI NTLM LOGIN, 8BITMIME, BINARYMIME, CHUNKING |_ This server supports the following commands: HELO EHLO STARTTLS RCPT DATA RSET MAIL QUIT HELP AUTH BDAT
17
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NI DUNG THC HNH 593/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0 636/tcp open ldapssl? 993/tcp open ssl/imap 995/tcp open ssl/pop3 1025/tcp open msrpc 1049/tcp open msrpc 1166/tcp open msrpc 3268/tcp open ldap 3269/tcp open ssl/ldap |_sslv2: server still supports SSLv2 6001/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0 6002/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0 6004/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0 MAC Address: 00:0C:29:E7:53:9B (VMware) Device type: general purpose Running: Microsoft Windows XP|2003 Microsoft Exchange 2007-2008 imapd MS Exchange 2007 pop3d Microsoft Windows RPC Microsoft Windows RPC Microsoft Windows RPC |_imap-capabilities: CAPABILITY |_pop3-capabilities: OK(K) EXPIRE(1800 SECONDS) UIDL USER TOP SASL(GSSAPI) 1031/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0
NG DNG THC T
18
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NI DUNG THC HNH OS details: Microsoft Windows XP SP2 or Server 2003 SP1 or SP2 Network Distance: 1 hop TCP Sequence Prediction: Difficulty=259 (Good luck!) IP ID Sequence Generation: Incremental Service Info: Host: SRVEX.trantot.com; OS: Windows Host script results: | nbstat: | NetBIOS name: SRVEX, NetBIOS user: <unknown>, NetBIOS MAC: 00:0c:29:e7:53:9b (VMware) | Names | | | | |_ SRVEX<00> SRVEX<20> TRANTOT<00> TRANTOT<1c> TRANTOT<1e> Flags: <unique><active> Flags: <unique><active> Flags: <group><active> Flags: <group><active> Flags: <group><active>
NG DNG THC T
|_smbv2-enabled: Server doesn't support SMBv2 protocol | smb-os-discovery: | OS: Windows Server 2003 3790 Service Pack 2 (Windows Server 2003 5.2) | Name: TRANTOT\SRVEX
19
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NI DUNG THC HNH |_ System time: 2012-02-10 13:50:20 UTC+7 TRACEROUTE HOP RTT ADDRESS 1 0.00 ms 192.168.204.129 Read data files from: C:\Program Files\Nmap OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 124.12 seconds Raw packets sent: 1101 (49.142KB) | Rcvd: 1017 (41.326KB) Tnh hung 2 M t ni dung: Cty bn s dng h iu hnh Linux phc v cho cc ng dng trong doanh nghip, m bo h thng l an ton. Bn cn? Yu cu thc hin: s dng cc cng c cn thit d tm cc l hng ca h iu hnh Linux Gi thc hin Sinh vin ghi tm tt qu trnh thc hin: .. ..
NG DNG THC T
20
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NG DNG THC T
im nh gi:...GVHD k tn:.
BI TP 04 Tnh hung 1 M t ni dung: Cty bn ang cn tm kim cc thng tin ca cc doanh nghip hot ng trong lnh vc CNTT hp tc. Bn cn? Yu cu thc hin: s dng cng c tm kim thc hin cc cng vic trn. Hng dn thc hin step by step
21
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NG DNG THC T
22
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC Tnh hung 2
NG DNG THC T
M t ni dung: Cty bn nhn c d n kim tra s an ton ca website thng mi in t 5giay.vn, nhim v ca bn l tm kim l hng ca webserver, v cc thng tin trn website. Yu cu thc hin: tm kim l hng ca webserver, v cc thng tin trn website Gi thc hin Sinh vin ghi tm tt qu trnh thc hin: .. ..
im nh gi:...GVHD k tn:.
Module 02 Lesson 04: Enumeration 3 K nng t c D tm cc l hng lin quan n username/pa BI TP 05 - Enumeration l k thut khai thc tn ngi dng, tn my tnh ti nguyn mng, ti nguyn share v dch v. Enumeration l k thut c s dng trong mng LAN. Cc dng dng thng tin Enumeration: Network resources and shares Users and groups Applications and banners Auditing settings
23
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
NG DNG THC T
M t ni dung: Cty bn nhn c d n kim tra s an ton ca h thng cng ngh thng tin cho doanh nghip i Nam Yu cu thc hin: s dng Network Share Browser truy tm ti nguyn share trn mng WORKGROUP Hng dn thc hin step by step Ci t chng trnh Network Share Browser
Cc phng php ly thng tin, n thng tin ca cc process ang hot Chy chng trnh s t ng d tm tt c cc WORKGROUP c trong h thng ni b ng, xo du vt(log)
24
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NG DNG THC T
25
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NI DUNG THC HNH Ta c th s dng mt s tnh nng khc ca Shadow Scan nh scan port, Bom mail, scan Trojan,
NG DNG THC T
26
VIN NGHIN CU AN NINH MNG iStudy Security 240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.diendancntt.vn Email: istudy@ispace.edu.vn Tel : (848) 6267 8999 - Fax: (848) 6283 7867
ST T
BI HC
NG DNG THC T
Tnh hung 2 M t ni dung: Cty bn nhn c d n kim tra s an ton ca h thng cng ngh thng tin cho doanh nghip i Nam Yu cu thc hin: s dng cc cng c cn thit tm kim cc user trong h thng ni b. Gi thc hin Sinh vin ghi tm tt qu trnh thc hin: .. .. ...
27