лекц+лаб по Windows
.pdf2.7 |
|
|
|
|
Cain&Abel |
|
. |
|
, |
|
, |
, |
- |
, |
, |
|
PWL- |
. Cain&Abel |
|
|
, |
|
. |
, |
Cain&Abel |
, |
|
. |
|
||
|
|
|
|
, |
Arp Poison |
Routing |
(APR), |
' |
' |
|
|
' |
. |
|
' |
|
. |
|
Cain&Abel |
|
ARP spoofer |
|
RDP |
.
2.8 IPSec
IPSec: .
|
IP- |
IP- |
. |
|
, |
|
|
|
, |
. |
|
, |
|
|
, |
|
' |
|
. |
|
|
|
|
, |
|
, |
|
- |
|
|
, IP tunnel, GRE. |
|
|
|
|
|
|
IP- |
. |
, |
|
|
IP- |
. |
|
|
IP- |
, |
|
' |
|
|
|
||
|
|
|
' |
, |
, |
|
|
, |
|
' |
|||
|
|
|
|
|
||
|
. |
|
|
|
|
|
|
IPSec |
|
. |
. |
|
, |
|
|
|
- |
|
|
|
|
. |
|
|
|
|
|
|
|
|
|
|
|
|
' |
1 |
|
' |
2, |
|
|
' |
|
|
, |
. |
|
|
IPSec, |
|
|
. |
|
|
|
|
|
|
|
|
||
|
|
|
|
IPSec |
|
|
.
97
IPSec , ,
.
(Encapsulating Security Payload). |
|
, |
|
ESP |
||
|
|
|
|
|||
|
|
IPSec |
(Authentication Header). |
|
|
|
|
|
|
|
|
||
|
, |
|
, |
|
. |
|
|
|
, |
|
|
||
|
|
|
|
|
|
|
. |
|
, |
, |
ESP. |
|
|
|
|
|
|
|
||
|
ESP |
IP- |
50, |
IPSec |
IP- |
51. |
|
, |
' |
|
IPSec. |
||
|
|
|
|
|||
Windows. |
IPSec |
|
, |
|
, |
|
|
|
, |
IPSec. |
|
. |
|
|
|
|
|
|
|
|
\Windows Settings\Security Settings\IPSec Policies, |
|
|
|
|||
|
Client (Respond Only) ( |
|
|
), Secure Server |
||
(Require |
Security) |
( |
|
) |
Server |
(Request |
Security) |
( |
|
). |
|
|
|
|
|
|
. |
|
|
|
2.9 Windows
Outpost Firewall
Outpost Firewall Pro:
;
;
|
; |
|
|
|
|
|
|
|
|
Windows; |
|
|
|
|
, |
|
; |
|
|
|
, |
|
, |
|
|
, |
|
|
; |
|
|
|
|
|
, |
|
|
, |
|
web- |
, |
|
|
web- |
; |
|
|
|
Java- |
, ActiveX Java- |
; |
|
|
web- |
, |
|
|||
|
|
|
cookies; |
|
|
98
« » IP- ,Outpost
;
- .
Outpost Firewall:Outpost Firewall;
;;;
; .
:
« » - ,
;
« », « » - ;
«», «» - ;
«», «» -;
« », « » -
Outpost Firewall;
« », « » - .
« », « » -
Outpost Firewall.
, Outpost Firewall,
« |
» |
«».« » :
« » - ,
;
« » - ;
«» - ',
Outpost Firewall. |
|
|
, |
, |
; |
« » - ', Outpost Firewall;
« » - ,'.
. |
|
|
- |
, |
Outpost Firewall |
' |
|
. |
99
2.1
|
' |
' |
, |
|
, |
',
'
.
Outpost Firewall3 :
« » - . , ' .
« » - ', ,.
« » -.
|
|
|
. |
|
|
« |
|
/ |
». |
|
: |
|
« |
|
» |
- |
|
, |
«ICMP» |
NetBIOS, |
IP- |
. |
|
|
- |
|
|
||
|
|
ICMP. |
|
|
|
« |
|
». |
|
|
|
« |
|
». |
|
|
|
|
|
|
Outpost Firewall |
|
: |
« |
|
» - |
|
web- |
:
ActiveX.
Java.
,Java ScriptVBScript.Cookies.
.
Referrers.
«DNS» - .
« » - .
« » -:
« » -
' |
( |
- 60 |
). |
« |
» |
- |
|
, |
' |
. |
|
100
« |
DOS- |
, |
DoS- |
» |
|
|
. |
|
|
|
|
« |
» - |
. |
|
|
|
|
. |
|
|
|
|
|
Outpost Firewall |
|
|
, |
|
, |
: |
|
|
|
Outpost |
|
' |
, |
|
|
|
Firewall. |
Outpost Firewall. |
|
|
|
|
|
|
|
|
||
|
. |
|
|
, |
|
|
, : |
|
|
|
|
|
|
|
|
|
|
|
, |
, |
, |
|
|
|
, |
. |
|
|
|
|
|
. |
|
|
|
|
|
SQL- |
|
. |
|
|
|
|
« |
|
|
Microsoft» (MMC). |
|
|
|
|
|
2.10 |
|
|
IPFW |
Unix |
|
|
|
|
|
|
|
|
syslogd. |
, |
log, |
|
, |
|
|
|
|||
|
, |
net.inet.ip.fw.verbose |
|
||
1. |
1 |
, |
|
|
|
|
IPFIREWALL_VERBOSE. |
|
|
|
|
|
' |
, |
|
, |
|
|
. |
: |
|
|
|
|
; |
|
|
|
|
|
; |
|
|
|
|
|
|
; |
|
|
|
|
|
. |
|
, |
|
|
. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
, |
, |
|
, |
. |
|
|
0 |
4 |
|
, |
|
|
. |
|
|
. |
|
|
, |
|
|
|
|
|
|
|
, |
, |
|
|
|
|
. |
|
|
|
- |
, |
, |
|
, |
|
. |
, |
|
|
. |
||
|
|
|
|
101
, |
count, |
|
. |
ipfw |
|
, |
|
, |
|
deny |
. |
. |
65535 |
allow |
|
|
|
||
|
|
keep-state |
limit, |
|
, . « ».
.
: ,
.
ipfw -at list. ipfw zero.
102
1
WINDOWS XP
Windows. , . ' .
|
|
Microsoft |
Windows |
|
. |
, |
|
|
|
, : |
|
|
« |
' |
» (Active |
Directory |
Users And |
Computers), |
|
.
« » (Local User and Groups),
|
' |
. |
|
|
|
|
Windows |
|
, |
|
|
|
. |
|
, |
|
104 |
« |
Active Directory» |
14 |
« |
, |
Windows». |
. |
|
|
|
||
|
|
|
|
, |
|
|
. |
, |
, |
|
|
, |
|
, |
|
|
. |
|
|
1.
Windows?
2. , ?
3.msconfig.
4.boot.ini?
5.
« »?
6.
?
?
7. ?
8. ?
?
103
1. |
Windows. |
|
|
, |
« |
|
|
|
|
||
|
», |
|
|
' |
control |
userpasswords2 |
« |
' |
/ |
/ |
|
». |
|
|
. |
|
|
2. |
|
|
|
|
|
Windows,
« » «Security». , .
3. |
|
|
|
|
|
|
|
|
Windows |
|
|
secpol.msc. |
|
, |
. |
|
|
|
|
|
|
|
|
|||
4. |
|
|
|
|
|
|
' |
, |
|
|
, |
|
|
|
services.msc. |
|
|
|
|
, |
|
|
|
|
|
|
cmd.exe |
|
net start. |
|
|
|
|
|
|
5. |
|
« |
|
|
», |
|
Windows, |
|
|
|
|
|
|
|
|
||
|
|
msconfig. |
|
|
|
. |
|
|
6. |
|
|
|
. |
|
|
, |
|
7. |
, |
|
|
|
|
|
:\boot.ini. |
|
|
|
|
|
|
|
|
|
|
Windows Internet Explorer ( |
, |
, |
|
). |
, |
|
||
8. |
. |
|
|
|
|
|
Windows. |
|
|
. |
|
|
|
|
|
||
9. |
|
|
|
Windows ( |
|
|
||
|
|
|
|
|
||||
, |
, |
). |
|
|
|
. |
|
|
10. |
|
|
|
RegEdit |
|
|
, |
|
, |
|
|
|
|
|
|
|
|
. |
|
|
|
|
|
|
: |
|
|
|
|
|
|
|
|
|
|
1.1. |
|
|
temp |
|
|
. |
|
|
1.2. |
|
|
|
|
|
|
||
, |
|
, |
|
, |
« |
» |
|
|
, |
|
, |
|
|
|
|
. |
|
1.3. |
|
|
: « |
». |
|
|
|
, |
|
|
|
|
|
|
|
||
1.4. |
« |
|
(startup)», |
|
msconfig |
|
||
1.5. |
|
|
, |
/SOS |
. |
|
|
|
|
, |
|
|
|
|
|
||
|
|
|
|
|
|
|
|
.
2.1. , .
104
2.2. |
|
temp |
|
|
|
|
, |
, |
« |
|
» |
|
, |
, |
|
, |
. |
2.3. |
« |
(Services)», |
msconfig |
|
|
DHCP- |
, |
|
, |
|
. |
2.4 |
|
/DEBUG, |
|
|
. |
2.5. |
|
|
|
|
|
/NODEBUG. |
( |
) |
, |
|
|
|
Ctrl+Alt+Del |
|
|
||
3.1. |
|
|
. |
||
3.2. |
|
temp |
|
|
|
|
, |
, |
« |
|
» |
|
, |
, |
, |
|
|
3.3. |
|
. |
|
, |
|
|
. |
|
|
||
3.4. |
|
|
|
|
|
(WIA), |
|
: « |
». |
||
|
|
||||
3.5. |
« |
(BOOT.INI)», |
|
msconfig |
|
4.1. |
|
. |
|
. |
|
|
temp |
|
|
||
4.2. |
|
|
|
|
|
|
, |
, |
« |
|
» |
.
4.3. 14,8.
4.4. COM - IMAPI, : « ».
4.5. « (startup)», msconfig ,Winamp, RealPlayer.
5.1. , .
5.2. temp , , «
» |
. |
5.3. /PCILOCK, IO/IRQPCI.
5.4. « (Services)», msconfig
|
, |
- |
, Telnet. |
|
5.5. |
|
|
, |
|
' |
, |
|
, |
|
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System |
- |
|||
|
|
|
DontDisplayLastUserName:DWORD = 1 |
|
6.1. |
|
|
, |
|
.
105