[NCTU] [CCCA] Network Security II

468 views
395 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
468
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
18
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

[NCTU] [CCCA] Network Security II

  1. 1. Network Security NCTU CSCC xatier 2012.12.24
  2. 2. Security?
  3. 3. 先不管這個了,你聽過聖誕夜嗎
  4. 4. Security?
  5. 5. Security?
  6. 6. True Story
  7. 7. http://i.imgur.com/k1qoD.jpg
  8. 8. evil input
  9. 9. SQL injection
  10. 10. pangolin http://nosec.org/en
  11. 11. Havij
  12. 12. XSS
  13. 13. XSS http://thehackernews.com/2012/11/xss- vulnerability-in-apple-website.html#
  14. 14. XSRF
  15. 15. Burp Suite 打嗝套房 http://www.portswigger.net/burp/
  16. 16. social engineering
  17. 17. social engineering 駭客大騙局 欺騙的藝術:人心控制的安全要素 The Art of Deception: Controlling the Human Element of Security
  18. 18. social engineering SET! http://www.social-engineer.org/
  19. 19. social engineering cosmo the God http://wired.tw/2012/10/03/cosmo-the-god-who- fell-to-earth-1/index.html
  20. 20. air crack! 空氣爆破術
  21. 21. air crack! 空氣爆破術
  22. 22. air crack! 空氣爆破術 http://www.aircrack-ng.org/
  23. 23. air crack! 空氣爆破術 http://www.aircrack-ng.org/ feedingbottle 奶瓶 beini Linux http://beini.en.softonic.com/
  24. 24. phishing
  25. 25. phishing
  26. 26. phishing
  27. 27. exploit vulnerability John von Neumann 對於圖靈機實作的天然缺陷 data / program 傻傻分不清楚 圖靈機能夠複製自己! 我的 data 你的 code >/////<
  28. 28. metasploit http://www.metasploit.com/ open source! plugins and scripts (Ruby)
  29. 29. ms08067
  30. 30. ms08067 Allow Remote Code Execution !
  31. 31. Programming Language Vulnerable design in the programming language. http://www.nruns. com/_downloads/advisory2 8122011.pdf
  32. 32. surf the net secretly
  33. 33. ssh tunneling ssh -NfD [localport] you@bsd1 proxy: localhost:[localport] proxychains!
  34. 34. VPN virtual private network
  35. 35. PPTP The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks. PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets.
  36. 36. the Tor project https://www.torproject.org/
  37. 37. News thehackernews.com www.hack-stuff.com coolshell.cn security-sh3ll.blogspot.tw
  38. 38. wargames http://hitcon.org/2012/wargame. html 最簡單的第零題:http://hitcon.org!
  39. 39. happy hacking :-)

×