uccu 朕不給的你不能看
TRANSCRIPT
![Page 1: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/1.jpg)
朕不給的 你不能看
![Page 3: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/3.jpg)
•前言
•資訊洩漏介紹
•防止資訊洩漏
•基礎設定
•防火牆
![Page 4: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/4.jpg)
前言前言
Recon Gain AccessExploit
Vulnerability
![Page 5: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/5.jpg)
前言前言
Recon
![Page 6: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/6.jpg)
![Page 7: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/7.jpg)
小測驗如何做DMZ功能?
![Page 8: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/8.jpg)
•人為疏失
• 員工、合作夥伴洩漏資訊…
•不當的服務配置
• EX:網路設置錯誤、錯誤權限…
•其他
資訊洩漏種類
![Page 9: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/9.jpg)
人為疏失
![Page 10: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/10.jpg)
豬一般的隊友
![Page 11: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/11.jpg)
開發人員疏忽(KEY、DS_STORE…)
![Page 12: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/12.jpg)
這不是漏洞,這是功能!
![Page 13: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/13.jpg)
不當的服務配置
![Page 14: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/14.jpg)
•各種版本控制
• GIT、SVN、HG…
•各種掃描工具:
• DVCS-RIPPER、GITDUMPER…
版控資訊洩漏
![Page 15: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/15.jpg)
別以為403 就是安全的
• 403 = 權限不足??
• Web engine’s feature
![Page 16: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/16.jpg)
• JAVA WEB的安全目錄
•無法直接被存取
•情境:NGINX WITH TOMCAT
• 非標準部署方式
WEB-INF/WEB.XML洩露
![Page 17: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/17.jpg)
錯誤配置
•未做驗證、授權
• EX : DNS ZONE TRANSFER
•不熟悉
![Page 18: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/18.jpg)
防止資訊洩漏
![Page 19: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/19.jpg)
![Page 20: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/20.jpg)
隱藏版本號、敏感資訊
•隱藏版本號、敏感資訊
• Apache
•停用 Directory Listing
ServerSignature Off
ServerTokens Prod
![Page 21: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/21.jpg)
Robots.txt 的設定
•支援正則
•視情況避免直接透漏重要網頁
• /admin = /admin.*
![Page 22: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/22.jpg)
一些細節
•程式彩蛋
• EX: PHP彩蛋透漏約略版本號
• WEB 避免使用常用目錄命名
•前端註解不要包含敏感資訊
![Page 23: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/23.jpg)
混淆敵人
•更改PORT 號
•修改服務 BANNER
•不影響開發下順便混淆敵人
![Page 24: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/24.jpg)
從網路方面做保護
![Page 25: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/25.jpg)
駭客到底想獲得甚麼資訊?● NUMBER OF SYSTEMS
– ARP SWEEP SCAN / ICMP ECHO
● TYPES (OS) OF SYSTEMS
– OS DETECTION SCANS
● OPEN PORTS
– TCP SYN / CONN (ETC...) SCANS
● NETWORK TOPOLOGY
– TRACEROUTE
● RUNNING SERVICES
– SERVICE DETECTION SCANS
![Page 26: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/26.jpg)
科普時間
TCP 運作
![Page 27: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/27.jpg)
防火牆是你的好幫手
•設定好的Firewall rules
•非對外服務不要對外開啟
•內部對內部也要做好控管(DMZ)
![Page 28: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/28.jpg)
越少資訊越難針對(OS)
• TCP INITIAL SEQUENCE NUMBER (ISN)
• TCP INITIAL WINDOW SIZE
• TCP OPTIONS (THEIR TYPES, VALUES AND ORDER IN
THE PACKET)
• IP ID NUMBERS
• ANSWERS TO SOME PATHOLOGICAL TCP PACKETS
• ANSWERS TO SOME UDP PACKETS
![Page 29: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/29.jpg)
防止方式
![Page 30: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/30.jpg)
防止方式
• IPTABLES MANGLE 修改送出封包資訊Iptables -t mangle -A PREROUTING -s 192.168.0.50 -d192.168.0.19 -j PERS --tweak dst --local --conf
dreamcast.conf
iptables -t mangle -A OUTPUT -s 192.168.0.19 -d192.168.0.50 -j PERS --tweak src --local --conf
dreamcast.conf
![Page 31: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/31.jpg)
結語&額外補充
•增加駭客的攻擊成本
•防禦是一件全面的事情
•了解自己,才能防禦敵人
• https://github.com/ysrc/xunfeng
![Page 32: UCCU 朕不給的你不能看](https://reader030.vdocuments.site/reader030/viewer/2022021421/58ed3f7b1a28abb8778b467b/html5/thumbnails/32.jpg)
QA