{"id":393,"date":"2010-03-11T19:35:00","date_gmt":"2010-03-11T11:35:00","guid":{"rendered":"http:\/\/note.systw.net\/note\/?p=393"},"modified":"2024-02-17T20:33:32","modified_gmt":"2024-02-17T12:33:32","slug":"scanning","status":"publish","type":"post","link":"https:\/\/systw.net\/note\/archives\/393","title":{"rendered":"scanning"},"content":{"rendered":"\n


scan\u9650\u5236<\/strong>
scanner cannot perform vulnerability linkage
scanner are not designed to do testing through a firewall
scanner are only as smart as their database and cannot find unpublished vulnerabilities<\/p>\n\n\n\n

types of scanning:<\/strong>
port scanning:open ports and services
network scanning:ip address
vulnerability scanning:presence of known weaknesses<\/p>\n\n\n\n

scanning objectives<\/strong>
to detect the live system running on the network
to discover whch ports are active\/running
\u5224\u5b9aOS\u7a2e\u985e
\u5224\u65b7port\u8207service\u7684\u5c0d\u61c9
to discover the ip address of the target system<\/p>\n\n\n\n

……………………………………………………………………………………………
……………………………………………………………………………………………<\/p>\n\n\n\n

scanning methodology<\/strong>
1 check for live systems
2 check for open ports
3 service identification
4 banner grabbing\/os fingerprinting
5 vulnerability scanning
6 draw network diagrams of vulnerable hosts
7 prepare proxies
8 attack<\/p>\n\n\n\n

ps:
scan\u7121\u53cd\u61c9\u7684\u53ef\u80fd\u539f\u56e0\u6709
the destination host or network might be down
icmp is filtered by a gateway
the packet ttl value is too low and cant reach the target<\/p>\n\n\n\n

……………………………………………………………………………………………<\/p>\n\n\n\n

checking live systems<\/strong>
\u5e38\u898b\u65b9\u6cd5:\u4f7f\u7528icmp
tool:
angry ip scanner:\u9810\u8a2dping\u6383\u6574\u500b\u7db2\u6bb5,\u7528\u984f\u8272\u8868\u793a\u662f\u5426live
ping sweep:\u5229\u7528icmp echo request\u505a\u6383\u63cf
firewalk:\u5229\u7528\u56de\u61c9\u8a0a\u606f\u4f86\u5224\u65b7gateway acl\u8a2d\u5b9a<\/p>\n\n\n\n

……………………………………………………………………………………………<\/p>\n\n\n\n

checking open ports<\/strong>
port scan:\u5c0d1\u500b\u76ee\u6a19\u505a\u6383\u63cf
distribution port scan:multiple computer\u5c0d1\u500b\u76ee\u6a19\u505a\u5c0f\u7bc4\u570dscan,\u7136\u5f8ccorrelating the results,\u53ef\u907f\u514d\u88abids\u767c\u73fe
tool:
nmap:\u5341\u5206\u5168\u9762\u7684\u5de5\u5177
hping2<\/p>\n\n\n\n

…..<\/p>\n\n\n\n

scanning techniques:
syn stealth\/half open scan<\/strong>
advantage:fewer sites log this scan
\u5c0d\u65b9 port open
1 syn—>
2 <—syn+ack(open)
3 rst—>
\u5c0d\u65b9port close
1 syn—>
2 <—rst(close)<\/p>\n\n\n\n

syn\/ack scan<\/strong>:syn,ack are set
\u5c0d\u65b9port open
1 syn+ack—>
2 no reply(open)
\u5c0d\u65b9port close
1 syn—>
2 <—rst(close)<\/p>\n\n\n\n

tcp connect\/full open scan :<\/strong>
advantage:the most reliable
disadvantage:the most detectable
\u547c\u53eb system call connect() \u5b8c\u6210\u6b64\u5de5\u4f5c
\u5c0d\u65b9port open
1 syn—>
2 <—syn+ack(open)
3 ack—>
4 rst,ack—>
\u5c0d\u65b9port close
1 syn—>
2 <—rst(close)<\/p>\n\n\n\n

syn\/fin scanning using ip fragments<\/strong>
splitting up the tcp header over several packets to make it harder for packet filters to detect what is happening
\u5229\u7528\u5207\u65b7\u7684\u65b9\u5f0f,\u8b93\u81ea\u5df1\u7684\u8a0a\u606f\u505a\u4e00\u4e9b\u96b1\u85cf<\/p>\n\n\n\n

…<\/p>\n\n\n\n

xmas scan<\/strong>:FIN,URG,PSH are set
advantage:it avoids the ids and tcp three-way handshake
disadvantage:it works for the unix platform only
fin scan<\/strong>:fin are set
ack scan<\/strong>:ack are set
null scan<\/strong>:A scan in which all flags are turned off
advantage:it avoids the ids and tcp three-way handshake
disadvantage:it works for the unix platform only<\/p>\n\n\n\n

scan type:xmas,fin,ack,null
scan at port open:\u76ee\u6a19no response
scan at port close:\u76ee\u6a19\u56de\u61c9rst+ack
ps:
\u82e5\u8981\u907f\u514d\u88abtcp scan,\u53ef\u8a2d\u5b9a\u6210nerver send RST packet<\/p>\n\n\n\n

…<\/p>\n\n\n\n

idle scan<\/strong>:zombie scanning,\u5229\u7528\u8df3\u677f\u4f86scan,\u6703\u6539\u8b8asource ip
\u4f7f\u7528\u6280\u5de7:\u6b63\u5e38\u60c5\u6cc1\u4e0bos\u5728\u4e3b\u52d5\u767c\u9001packet\u6642\u6703\u5c0dIPID\u905e\u589e
\u5c0d\u65b9open port
1 attacker syn—> target
2 zombie <—syn+ack(open)target
3 zombie rst,ipid=31338–> target
4 attacker syn+ack–> zombie
5 attacker <–rst,ipid=31339 zombie
\u5c0d\u65b9close port
1 attacker syn—> target
2 zombie <—rst(close)target
3 attacker syn+ack–> zombie
4 attacker <–rst,ipid=31338 zombie
ps:
\u82e5zombie\u4e0d\u662f\u5728idle\u72c0\u614b,\u5247 ipid\u6703\u4e0d\u65b7\u589e\u52a0\u800c\u7121\u6cd5\u5224\u65b7
ps:
idle scan\u53ef\u4f7f\u7528tool\u6709nmap,hping2
port\u82e5\u662fclose\u6216firewall,\u5247ipid+1
port\u82e5\u662fopen,\u5247ipid+2<\/p>\n\n\n\n

…<\/p>\n\n\n\n

icmp echo scanning:<\/strong>
this is not really port scanning
an investigation method that maps a sub-netted network’s broadcast address
list scan:<\/strong>
prints a list of ips\/names without actually pinging or port scanning
a dns name resolution will aslo be crried out<\/p>\n\n\n\n

udp scanning:<\/strong>
Closed UDP ports can return an ICMP type 3 code 3 message.
No response can mean the port is open or the packet was silently dropped.<\/p>\n\n\n\n

reverse ident scanning<\/strong>
\u5224\u65b7\u9019\u500bport\u7684service\u662f\u8ab0\u5728\u7528<\/p>\n\n\n\n

window scan<\/strong>
\u985e\u4f3cack scan,\u4e5f\u53ef\u5224\u65b7os<\/p>\n\n\n\n

blaster scan<\/strong>
\u91dd\u5c0dunix\u7cfb\u7d71scan<\/p>\n\n\n\n

verbose scanning<\/p>\n\n\n\n

………………………………………..<\/p>\n\n\n\n

scanning tools:
cheops
protscan plus \u91dd\u5c0dwin
strobe \u91dd\u5c0dunix
ipsecscan
netscan tools pro:\u53ef\u5224\u65b7\u8a72ip\u76ee\u524d\u670d\u52d9\u7684\u57f7\u884c\u8005\u662f\u8ab0
wups:udp scanner
superscan:port scan,\u6b0a\u9650\u63d0\u5347
ipscanner
global network inventory scanner
net tools suite pack
floppyscan:\u51fa\u73fe nt\u7576\u6a5f\u85cd\u756b\u9762
atelier web ports traffic analyzer
atelier web security port scanner
ipeye:\u4e0d\u540c\u7684\u6383\u63cf\u5de5\u5177
ike-scan
infiltrator network security scanner
yaps
advanced port scanner
network activ scanner
netgadgets
p-ping tools:\u9664\u4e86ping\u5916,\u9084\u53efport scan\u5c0f\u5de5\u5177
megaping
lanspy
hoverip
lanview
netbrutescanner
solarwins engineer’s toolset
autapf
osrosoft internet tools
advanced ip scanner
colasoft mac scanner:\u5c08\u9580\u6383mac
active network monitor
advanced serial data logger
advanced serial port monitor
wotweb
antiy ports
port detective<\/p>\n\n\n\n

cheops \/ cheops-ng
\u63d0\u4f9b\u8a31\u591a\u7c21\u55ae\u7684\u7db2\u7d61\u5de5\u5177\uff0c\u4f8b\u5982\u672c\u5730\u6216\u9060\u7a0b\u7db2\u7d61\u6620\u5c04\u548c\u8b58\u5225\u8a08\u7b97\u6a5f\u64cd\u4f5c\u7cfb\u7d71
Cheops\u63d0\u4f9b\u8a31\u591a\u597d\u7528\u7684\u5716\u5f62\u5316\u7528\u6236\u754c\u9762\u7db2\u7d61\u5de5\u5177\u3002\u5b83\u542b\u6709\u4e3b\u6a5f\/\u7db2\u7d61\u767c\u73fe\u529f\u80fd\uff0c\u4e5f\u5c31\u662f\u4e3b\u6a5f\u64cd\u4f5c\u7cfb\u7d71\u6aa2\u6e2c\u3002
Cheops-ng\u7528\u4f86\u63a2\u67e5\u4e3b\u6a5f\u4e0a\u904b\u884c\u7684\u670d\u52d9\u3002 \u91dd\u5c0d\u67d0\u4e9b\u670d\u52d9\uff0ccheops-ng\u53ef\u4ee5\u63a2\u67e5\u5230\u904b\u884c\u670d\u52d9\u7684\u61c9\u7528\u7a0b\u5e8f\u662f\u4ec0\u9ebc\uff0c\u4ee5\u53ca\u7a0b\u5e8f\u7684\u7248\u672c\u865f\u3002Cheops\u5df2\u7d93\u505c\u6b62\u958b\u767c\u548c\u7dad\u8b77\uff0c\u6240\u4ee5\u8acb\u6700\u597d\u4f7f\u7528 cheops-ng\u3002<\/p>\n\n\n\n

…………………………………………..<\/p>\n\n\n\n

war dialing
\u8aaa\u660e:\u91dd\u5c0d\u50b3\u7d71\u96fb\u8a71\u865f\u78bc\u4f86\u505a\u7684,\u5229\u7528 pstn\u4f86\u505a\u8cc7\u6599\u4ea4\u63db
\u76db\u884c\u57281990 \u5e74\u4ee3\u672b\u671f\uff0c\u5b83\u662f\u6307\u96fb\u8166\u99ed\u5ba2\u4ee5\u4efb\u610f\u6253\u96fb\u8a71 (dialing)\uff0c\u5229\u7528\u6578\u64da\u6a5f\u56de\u61c9\u7684\u65b9\u5f0f\u9032\u884c\u653b\u64ca
\u4f46\u96a8\u8457\u7121\u7dda\u6642\u4ee3\u7684\u4f86\u81e8\uff0cwar dialing\u5df2\u9010\u6f38\u88abwar driving \u6240\u53d6\u4ee3<\/p>\n\n\n\n

\u5f88\u591a\u516c\u53f8\u975e\u5e38\u91cd\u8996\u9632\u706b\u7246\u7684\u5b89\u5168\u3002\u7136\u800c\uff0c\u9019\u500b\u5805\u56fa\u7684\u9632\u7dda\u53ea\u5c01\u4f4f\u4e86\u7db2\u7d61\u7684\u524d\u9580\uff0c\u4f46\u5167\u90e8\u7db2\u4e2d\u4e0d\u8a3b\u518a\u7684\u8abf\u88fd\u8abf\u89e3\u5668\u537b\u5411\u5165\u4fb5\u8005\u655e\u958b\u4e86\u300c\u5f8c\u9580\u300d\u3002
War Dialers\u80fd\u8fc5\u901f\u5730\u627e\u51fa\u9019\u4e9b\u8abf\u88fd\u8abf\u89e3\u5668\uff0c\u96a8\u5373\u653b\u5165\u7db2\u7d61\u3002\u56e0\u6b64\uff0c\u5b83\u6210\u70ba\u4e00\u500b\u975e\u5e38\u53d7\u5165\u4fb5\u8005\u6b61\u8fce\u7684\u5de5\u5177\u3002
War Dialer\u56e0\u96fb\u5f71\u300cWar Games\u300d\u800c\u4e00\u8209\u6210\u540d\u3002\u5b83\u7684\u653b\u64ca\u539f\u7406\u975e\u5e38\u7c21\u55ae\uff1a\u4e0d\u65b7\u4ee5\u9806\u5e8f\u6216\u4e82\u5e8f\u64a5\u6253\u96fb\u8a71\u865f\u78bc\uff0c\u5c0b\u627e\u8abf\u88fd\u8abf\u89e3\u5668\u63a5\u901a\u5f8c\u719f\u6089\u7684\u56de\u61c9\u97f3\u3002
\u4e00\u65e6War Dialers\u627e\u5230\u4e00\u5927\u5806\u80fd\u63a5\u901a\u7684\u8abf\u88fd\u8abf\u89e3\u5668\u5f8c\uff0c\u9ed1\u5ba2\u5011\u4fbf\u64a5\u865f\u5165\u7db2\u7e7c\u7e8c\u5c0b\u627e\u7cfb\u7d71\u5167\u672a\u52a0\u4fdd\u8b77\u7684\u767b\u9304\u6216\u5bb9\u6613\u731c\u6e2c\u7684\u5bc6\u78bc\u3002
War Dialers\u9996\u9078\u653b\u64ca\u5c0d\u8c61\u662f\u300c\u6c92\u6709\u5bc6\u78bc\u300d\u7684PC\u9060\u7aef\u7ba1\u7406\u8edf\u9ad4\u3002\u9019\u4e9b\u8edf\u9ad4\u901a\u5e38\u662f\u7531\u6700\u7d42\u7528\u6236\u5b89\u88dd\u7528\u4f86\u9060\u7aef\u8a2a\u554f\u516c\u53f8\u5167\u90e8\u7cfb\u7d71\u7684\u3002
\u9019\u4e9bPC\u9060\u7aef\u63a7\u5236\u7a0b\u5f0f\u7576\u7528\u5230\u4e0d\u5b89\u5168\u7684\u8abf\u88fd\u8abf\u89e3\u5668\u6642\u662f\u7570\u5e38\u8106\u5f31\u7684\u3002<\/p>\n\n\n\n

war dialing tool:
phonesweep:try\u96fb\u8a71\u865f\u78bc\u5224\u65b7\u662f\u96fb\u8a71,\u50b3\u771f,\u4e8b\u52d9,..\u7b49
thc scan
toneloc
modemscan<\/p>\n\n\n\n

THC-Scan(The Hacker’s Choice – Scanner)
\u9019\u500bWar Dialers\u5de5\u5177\u662f\u7531\u300cvan Hauser\u300d\u64b0\u5beb\u7684\u3002\u5b83\u7684\u529f\u80fd\u975e\u5e38\u9f4a\u5168\u3002THC-Scan 2.0\u7248\u65bc1998\u5e74\u8056\u8a95\u7bc0\u63a8\u51fa\uff0cTHC-Scan\u8207Toneloc (\u7531\u300cMinor Threat\u300d\u53ca\u300cMucho Maas\u300d\u64b0\u5beb) \u7528\u9014\u8fd1\u4f3c\u3002THC-Scan\u8207\u5176\u4ed6\u666e\u901aWar Dialers\u5de5\u5177\u4e0d\u540c\uff0c\u5b83\u80fd\u81ea\u52d5\u6aa2\u67e5\u8abf\u88fd\u8abf\u89e3\u5668\u7684\u901f\u5ea6\u3001\u6578\u64da\u4f4d\u3001\u6821\u9a57\u4f4d\u53ca\u505c\u6b62\u4f4d\u3002 \u6b64\u5de5\u5177\u4e5f\u5617\u8a66\u53bb\u5224\u65b7\u88ab\u767c\u73fe\u7684\u96fb\u8166\u6240\u4f7f\u7528\u7684\u64cd\u4f5c\u7cfb\u7d71\u3002\u800c\u4e14\uff0cTHC-Scan\u6709\u80fd\u529b\u78ba\u8a8d\u4ec0\u9ebc\u6642\u5019\u80fd\u518d\u6709\u64a5\u865f\u97f3\uff0c\u9019\u6a23\uff0c\u9ed1\u5ba2\u5011\u4fbf\u53ef\u4ee5\u4e0d\u7d93\u904e\u4f60\u7684PBX\u5c31\u53ef\u4ee5\u64a5\u6253\u514d\u8cbb\u96fb\u8a71\u3002<\/p>\n\n\n\n

war dialing countermeasures
\u4f7f\u7528sandtrap tool<\/p>\n\n\n\n

\u6700\u6709\u6548\u9632\u7bc4\u63aa\u65bd\u5c31\u662f\u4f7f\u7528\u5b89\u5168\u7684\u8abf\u88fd\u8abf\u89e3\u5668\u3002\u53d6\u6d88\u90a3\u4e9b\u6c92\u6709\u7528\u9014\u7684\u8abf\u88fd\u8abf\u89e3\u5668\u3002\u4e14\u7528\u6236\u5fc5\u9808\u5411IT\u90e8\u9580\u8a3b\u518a\u5f8c\u624d\u80fd\u4f7f\u7528\u8abf\u88fd\u8abf\u89e3\u5668\u3002
\u5c0d\u90a3\u4e9b\u5df2\u8a3b\u518a\u4e26\u4e14\u53ea \u7528\u4f5c\u5916\u767c\u7684\u8abf\u88fd\u8abf\u89e3\u5668\uff0c\u5c31\u5c07\u516c\u53f8\u7684PBX\u7684\u6b0a\u9650\u8abf\u81f3\u53ea\u65b9\u4fbf\u5916\u64a5\u3002\u6bcf\u500b\u516c\u53f8\u61c9\u6709\u56b4\u683c\u7684\u653f\u7b56\u63cf\u8ff0\u8a3b\u518a\u7684\u8abf\u88fd\u8abf\u89e3\u5668\u4e26\u63a7\u5236PBX\u3002
\u7531\u65bc\u5e02\u5834\u96f6\u552e\u5e97\u5167\u6709\u4f7f\u7528\u65b9\u4fbf\u3001 \u50f9\u683c\u4fbf\u5b9c\u7684\u6578\u5b57\u8abf\u88fd\u8abf\u89e3\u5668\u51fa\u552e, \u7528\u6236\u4e5f\u80fd\u628a\u8abf\u88fd\u8abf\u89e3\u5668\u5b89\u88dd\u5728\u53ea\u6709\u6578\u5b57\u7dda\u7684PBX\u4e0a\u4f7f\u7528\u3002<\/p>\n\n\n\n

run a war-dailing tool with range of phone numbers and look for connect response
\u5b9a\u671f\u4f5c\u6ef2\u900f\u6e2c\u8a66\uff0c\u627e\u51fa\u96fb\u8a71\u4ea4\u63db\u5668\u5167\u4e0d\u5408\u6cd5\u7684\u8abf\u88fd\u8abf\u89e3\u5668\u3002
\u9078\u7528\u4e00\u500b\u597d\u7684\u5de5\u5177\u53bb\u5c0b\u627e\u8207\u7db2\u7d61\u9023\u63a5\u7684\u8abf\u88fd\u8abf\u89e3\u5668\u3002\u5c0d\u65bc\u88ab\u767c\u73fe\u3001\u4f46\u672a\u767b\u8a18\u7684\u8abf\u88fd\u8abf\u89e3\u5668\uff0c\u8981\u9ebc\u62ff\u6389\u5b83\u5011\uff0c\u8981\u9ebc\u91cd\u65b0\u767b\u8a18\u3002<\/p>\n\n\n\n

……………………………………………………………………………………………<\/p>\n\n\n\n

banner grabbing
Connect to the active services and review the banner information<\/p>\n\n\n\n

os fingerprinting:<\/strong>
active stack fingerprinting:\u7576\u5c01\u5305\u9032os,\u4e0d\u540cos\u56de\u61c9\u65b9\u5f0f\u4e0d\u4e00\u6a23,\u4f46\u4e5f\u53ef\u4ee5\u7528\u8a2d\u5099\u507d\u9020
passive fingerprinting:\u9700\u642d\u914dsniff,\u6514\u622a\u8a72\u7db2\u6bb5\u51fa\u4f86\u7684\u5c01\u5305,\u4e14\u8981\u82b1\u8f03\u591a\u6642\u9593,\u4e3b\u8981\u5206\u6790\u7684\u6709ttl,windows size,df,tos<\/p>\n\n\n\n

…<\/p>\n\n\n\n

tool
telnet:active stack fingerprinting
pof:passive fingerprinting
httprint:web server fingerprinting tool,\u53ef\u770bserver\u7248\u672c
miart http header
active stack fingerprinting
xprobe2
ring v2
html tool:
netcraft:anti-phishing tool bar,\u770bweb\u4f7f\u7528\u7684\u7db2\u9801\u4f3a\u670d\u5668\u8207\u4e3b\u6a5f\u985e\u578b,\u5c6cpassive scanning
nmap
queso<\/p>\n\n\n\n

\u7528telnet\u505agrab
telnet 80
HEAD \/HTTP \/1.0<\/p>\n\n\n\n

…<\/p>\n\n\n\n

\u6539\u8b8abanner tool<\/strong>
mod_headers:for apache
iis lockdown tool
servermask<\/p>\n\n\n\n

hiding file extensions:<\/strong>
mod_negotiation:for apache
pagexchanger:for iis<\/p>\n\n\n\n

……………………………………………………………………………………………<\/p>\n\n\n\n

vulnerability scanning tool:
bidiblah automated scanner
qualys web based scanner:online tool
saint
iis security scanner:\u5546\u7528\u5de5\u5177
nessus
gfi languard:\u4e00\u6b3eWindows\u5e73\u53f0\u4e0a\u7684\u5546\u696d\u7db2\u7d61\u5b89\u5168\u6383\u7784\u5668
satan(security administrator’s tool for analyzing networks)
retina:\u5831\u8868\u6574\u7406\u5f88\u597d
nagios
packettrap’s pt360
nikto:\u6bd4\u8f03\u65e9\u7684tool,open source
safesuite internet scanner
identtcpscan<\/p>\n\n\n\n

ps:
Vulnerability assessment tools perform a good analysis of system vulnerabilities; however, they are noisy and will quickly trip IDS systems.<\/p>\n\n\n\n

……………………………………………………………………………………………<\/p>\n\n\n\n

drawing network diagrams<\/p>\n\n\n\n

tool:
friendly pinger:\u8a66\u5716\u770b\u51fa\u7db2\u8def\u7d50\u69cb,\u56de\u61c9\u65b9\u5f0f,\u4f86\u756b\u51fa\u89d2\u8272
lansurveyor
ipsonar
lanstate
insightix visibility
ipcheck server monitor
prtg traffic grapher:\u5206\u6790\u6d41\u91cf<\/p>\n\n\n\n

……………………………………………………………………………………………<\/p>\n\n\n\n

preparing proxies<\/p>\n\n\n\n

the main function of the proxy servers are:<\/strong>
firewalling and filtering:\u53ef\u7e5e\u904e\u6aa2\u67e5\u6a5f\u5236
connection sharing
caching:proxy\u4e3b\u8981\u7528\u9014<\/p>\n\n\n\n

the purpose for running the proxy servers are:<\/strong>
to help the system administrator
to help the user to stay anonymous on the internet<\/p>\n\n\n\n

tool
sockschain:
proxy workbench:\u5275\u9020\u9023\u7d50\u8d70\u5411,\u5229\u7528free proxy\u4f86\u8f49
proxymanager
super proxy helper
happy browser tool
multiproxy
tor(The Onion Router):\u7528\u4f86\u533f\u540d\u9023\u63a5,\u5e38\u914d\u5408privoxy\u548cpolipo\u9023\u5408\u4f7f\u7528
proxy finder
proxybag
proxy scanner server
charon<\/p>\n\n\n\n

…<\/p>\n\n\n\n

anonymizers
help to make web surfing anonymous
\u76ee\u5730:\u5b9a\u671f\u6e05\u9664\u700f\u89bd\u8a18\u9304<\/p>\n\n\n\n

tool
primedius anonymizer
stealthsurfer tool
browzar:anonymous surfing,\u6bcf\u6b21\u95dc\u6389\u6642\u6703\u81ea\u52d5\u6e05\u9664cookie,history,…\u7b49
torpark
ip privacy
a4proxy(anoymity 4 proxy)
psiphon:\u4e3b\u8981\u76ee\u5730\u662f\u7e5e\u904e\u653f\u5e9c\u7ba1\u5236<\/p>\n\n\n\n

tool
mowser
phonifier
analogx proxy
netproxy
proxy+
proxyswitcher lite
jap
proxomitron
g-zapper:\u5c08\u9580\u6e05\u9664google cookie
ssl proxy tool:\u7528ssl\u9023\u7d50proxy<\/p>\n\n\n\n

…<\/p>\n\n\n\n

http tunneling
\u900f\u904etunneling techniques\u53ef\u4ee5\u907f\u958b\u8cc7\u6599\u904e\u6ffe
tool:
httptunnel for windows
httport<\/p>\n\n\n\n

…<\/p>\n\n\n\n

spoofing ip address
using source routing<\/p>\n\n\n\n

detecting ip spoofing tool:
despoof tool<\/p>\n\n\n\n

……………………………………………………………………………………………<\/p>\n\n\n\n

countermeasures
firewall \u5c0dscan\u6709\u4e00\u5b9a\u7a0b\u5ea6\u7684\u963b\u64cb
\u5728\u9632\u8b77\u6a5f\u5236\u4e0a\u589e\u52a0\u8fa8\u8b58os\u96e3\u5ea6
\u9810\u8a2dport\u9700\u505a\u8abf\u6574
\u5728\u516c\u7528\u7db2\u8def\u4e0a\u7684\u8cc7\u6599\u8981\u5118\u91cf\u6e1b\u5c11<\/p>\n\n\n\n

tool:
sentrypc<\/p>\n","protected":false},"excerpt":{"rendered":"

scan\u9650\u5236scanner cannot perform v …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[39],"tags":[],"class_list":["post-393","post","type-post","status-publish","format-standard","hentry","category-concept"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts\/393","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/comments?post=393"}],"version-history":[{"count":0,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts\/393\/revisions"}],"wp:attachment":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/media?parent=393"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/categories?post=393"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/tags?post=393"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}