댓글로 달아 주세요..
■ 모의해킹 진단 MAP
- http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html
-
Network Footprinting (Reconnaissance) The tester would attempt to gather as much information as possible about the selected network. Reconnaissance can take two forms i.e. active and passive. A passive attack is always the best starting point as this would normally defeat intrusion detection systems and other forms of protection etc. afforded to the network. This would usually involve trying to discover publicly available information by utilising a web browser and visiting newsgroups etc. An active form would be more intrusive and may show up in audit logs and may take the form of an attempted DNS zone transfer or a social engineering type of attack.
Whois is widely used for querying authoritative registries/ databases to discover the owner of a domain name, an IP address, or an autonomous system number of the system you are targeting.
Internet Search
DNS Record Retrieval from publically available servers
Social Engineering
Dumpster Diving
Web Site copy
-
Discovery & Probing. Enumeration can serve two distinct purposes in an assessment: OS Fingerprinting Remote applications being served. OS fingerprinting or TCP/IP stack fingerprinting is the process of determining the operating system being utilised on a remote host. This is carried out by analyzing packets received from the host in question. There are two distinct ways to OS fingerprint, actively (i.e. nmap) or passively (i.e. scanrand). Passive OS fingerprinting determines the remote OS utilising the packets received only and does not require any packets to be sent. Active OS fingerprinting is very noisy and requires packets to be sent to the remote host and waits for a reply, (or lack thereof). Disparate OS's respond differently to certain types of packet, (the response is governed by an RFC and any proprietary responses the vendor (notably Microsoft) has enabled within the system) and so custom packets may be sent. Remote applications being served on a host can be determined by an open port on that host. By port scanning it is then possible to build up a picture of what applications are running and tailor the test accordingly.
-
Enumeration
-
Password cracking
-
Vulnerability Assessment - Utilising vulnerability scanners all discovered hosts can then be tested for vulnerabilities. The result would then be analysed to determine if there any vulnerabilities that could be exploited to gain access to a target host on a network. A number of tests carried out by these scanners are just banner grabbing/ obtaining version information, once these details are known, the version is compared with any common vulnerabilities and exploits (CVE) that have been released and reported to the user. Other tools actually use manual pen testing methods and display the output received i.e. showmount -e ip_address would display the NFS shares available to the scanner whcih would then need to be verified by the tester.
-
AS/400 Auditing
- Penetration Testing Framework 0.59
Penetration Testing Framework 0.59
HTTP Arbitrary Access vulnerability: - A common security flaw (of its time!) was/is the HTTP Arbitrary Access vulnerability.??This flaw allowed an external attacker to execute router commands via the web interface.??Cisco devices have a number of??privileg
www.vulnerabilityassessment.co.uk
라우팅·방화벽을 대신할 오픈소스 5선
빅데이터 집계 도입해보니…해운대 피서객 뻥튀기 맞았네
| 前사이버보안 담당관, 취약점 구매정책 정형화 주장 |
| 입력일자 : 2016. 6. 23 |
| 미국 정부의 전직 사이버보안 담당관 2명이 취약점 정보에 대한 정부의 역할에 대한 논문을 발표하였다. 이 논문에서 전직 담당관들은 아이폰에 침투하기 위해 취약점을 구매했던 FBI에 대해 우려를 표명하였다. 이 논문은 2년전 미국 정부가 사용하기로 한 취약점 자산 프로세스(VEP)에 대해서 조사하였다. VEP는 정형화된 프로세스가 아니라, 작성자가 찾은 문제점 수준이다. 담당관들은 좀 더 정형화된 정책이 필요하고, 정책은 공개적으로 충분히 검토되어야 한다고 주장하였다. 이 문서는 또한 정부기관은 취약점 연구원 및 재판매자와의 비공개 협약에 참여하는 것이 금지되어야 한다고 주장하고 있다. http://www.theregister.co.uk/2016/06/17/fbis_iphone_hack_should_be_barred_says_former_usg_officials/ 논문: http://belfercenter.ksg.harvard.edu/files/vulnerability-disclosure-web-final3.pdf 2016. 6. 17. SANS Korea |
* 수업관련
http://www.cl.cam.ac.uk/~rja14/Papers/SE-01.pdf
http://cacr.uwaterloo.ca/hac/about/chap1.pdf
* 네트워크 분석 툴 관련
http://www.matousec.com/projects/
* security Engineering
http://www.cl.cam.ac.uk/~rja14/book.html
* 리눅스 보안(방화벽관련 모든것)
* 사이버 해킹 실시간 모니터링 해 주는 곳
http://hackmageddon.com/2013/01/26/a-graphical-world-of-botnets-and-cyber-attacks/
* 미래유망기술 정보동향
위험평가 자료
http://csrc.nist.gov/publications/nistpubs/800-30-rev1/sp800_30_r1.pdf
위험관리 예시자료
nist 위험관리자료 http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf
* 공식적인 보안용어 정의
http://committee.tta.or.kr/join/idea_view.jsp?idea_no=D2012-039
ISMS 27001 시리즈
*통계
개인정보침해건수
http://www.index.go.kr/egams/stts/jsp/potal/stts/PO_STTS_IdxMain.jsp?idx_cd=1366
해킹사고건수
http://www.index.go.kr/egams/stts/jsp/potal/stts/PO_STTS_IdxMain.jsp?idx_cd=1363
교수연구실자료
http://homecontents.pr.ysu.ac.kr/s/index.html?id=mjahn
세계시장 통계사이트
https://marketshare.hitslink.com/
노턴 통계자료
암호화
http://www.dqc.or.kr/edu/movs/20120412/s1/s1.swf
시험관련
http://ideadream.com/Question/Questmain.html?bodyDoc=Question&ExamName=CISA
1. 정보보호 관련 싸이트
2. 정보보호 관련 커뮤니티
3. 정보보호관련 뉴스
4. 정보보호 관련 단체 및 학회
5. 정보보호관련 기업
6. 정보보호관련 대학교 연구실(Lab)
7. 그룹웨어 -오픈소스
8. 국내 보안블로그
10. 인터넷 통계정보시스템
11. 국외 정보보호관련 싸이트
- 시큐리티포커스 (http://securityfocus.com)
- 오픈 스터디가이드 (http://www.cccure.org)
- CISSP 정리문서 (http://www.cccure.org/Documents/CISSP_Summary_2002/CISSP_Summary_2002.pdf)
- 시큐리티화이트페이퍼 (http://www.securitydocs.com/)
- 시큐리티 뉴스 포털 (http://www.securitynewsportal.com/index.shtml)
- ISMS 그룹 (http://www.xisec.com/Home.html)
- 소프트웨어 취약성 공개싸이트 (http://vuln.sg/)
- MS 다운로드센터 (http://www.microsoft.com/downloads/Search.aspx?displaylang=ko)
-윈도우 시큐리티 http://www.windowsecurity.com/
-SANS 보안용어 http://www.sans.org/resources/glossary.php#a
-IT보안해설서 http://www.boran.com/security/index.html
-보안관련 외국문서자료 http://www.boran.com/good_reads.html
-보안자료 http://www.cgisecurity.org/
-네트워크 시큐리티 http://www.net-security.org/
- http://freecomputerbooks.com/compscspecialSecurityBooks.html)
-서치시큐리티 - http://searchsecurity.techtarget.com/
-SANS http://www.sans.org/reading_room/last.php
-cso 싸이트 http://www.csoonline.com/
-윈도우 보안 http://blogs.technet.com/msrc/
-sri 멜워어 센터 http://mtc.sri.com/
-san 시큐리티 http://isc.sans.org/
- MS 정보보호 Awareness - http://www.staysafe.org
- 데이터베이스 침해사고 관련 - http://datalossdb.org/
- 시큐리티비지니스매거진 - http://www.scmagazineuk.com/
- 시큐리티 페이퍼 http://secdocs.lonerunners.net/
- 마이크로소프트 윈도우 블로그 : http://blogs.technet.com/b/security/
- 시큐어 리스트 http://www.securelist.com/en/
- ID 식별자관련 시큐리티 http://www.governmentidnews.com/
-기술적 보안 http://radare.org/y/?
- 각종 관리적보안 자료 https://www.unifiedcompliance.com/
-pci dss 보안자료 https://community.rapid7.com/welcome
- SAS 시큐리티 번역 http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201112_kr.pdf
- 보안관련 유용한 팁 포스팅 블로그 http://www.cyberciti.biz/tips/top-linux-monitoring-tools.html
- 허니넷 https://honeynet.org/
- SANS 20개 보안통제 http://www.sans.org/critical-security-controls/
- 외국 보안 스터디 리소스 사이트 http://resources.infosecinstitute.com/
12. 정보보호관련 트위터
포렌식
The Electronic Evidence Information Center
http://www.e-evidence.info/index.html
twitter.com/CdtDelta
twitter.com/Cybersleuth
twitter.com/digistam
twitter.com/Guardiandf
twitter.com/jgarcia62
twitter.com/Schizophreud
twitter.com/si_biles
twitter.com/johnmccash2
twitter.com/davehull
twitter.com/Disklabs
twitter.com/robtlee
twitter.com/jerod
twitter.com/ihackstuff
twitter.com/sharonnelsonesq
twitter.com/jzdziarski
twitter.com/Hirsty
twitter.com/chiefmonkey
twitter.com/keydet89
twitter.com/englishgit
twitter.com/ovie
twitter.com/bpadres
twitter.com/forensikblog
twitter.com/danmiami
twitter.com/markmckinnon
twitter.com/dckovar
twitter.com/gleeda
twitter.com/moyix
twitter.com/EnCase
twitter.com/parabencorp
twitter.com/fresponse
twitter.com/Mandiant
twitter.com/iWallyG
twitter.com/NYcyberCop
twitter.com/Forensication
twitter.com/garnettb
twitter.com/msuiche
twitter.com/ericrobi
twitter.com/mikemurr
twitter.com/kdpryor
twitter.com/gleeda
twitter.com/moyix
포렌식 트위터 벤더
twitter.com/EnCase
twitter.com/parabencorp
twitter.com/fresponse
twitter.com/Mandiant
Forensic Focus
Web: www.forensicfocus.com
Blog: www.forensicfocus.com/blog
Twitter: twitter.com/ForensicFocus
LinkedIn: www.linkedin.com/in/jamiemorris
13. 해외 레포트자료
14. 정보보호 유틸리티
윈도우 진단 스크립트 http://www.vbsedit.com/scripts/iis/iis6/web/default.asp
파일 암호걸기 툴 http://www.axantum.com/
모의해킹 툴,스크립트 http://www.darkoperator.com/tools-and-scripts/
15. 윈도우 2008 문서자료
16. 바이러스,웜
17. 미국 대학 강의
- 스탠포드 MBA ( http://www.gsb.stanford.edu/news/speakers.html )
- MIT world ( http://mitworld.mit.edu/video_index.php )
- 프린스턴 ( http://www.princeton.edu/WebMedia/lectures/ )
- UC 버클리 ( http://webcast.berkeley.edu/courses.php?semesterid=2008-D)
구글해킹
- 구글 해킹 (http://johnny.ihackstuff.com/)
18. DDoS 싸이트
http://staff.washington.edu/dittrich/misc/ddos/
19. 정보보호 홈페이지 및 블로그
http://hacked.tistory.com
http://swbae.egloos.com
http://www.hackernews.org
http://coderant.egloos.com
http://zone-h.kr
http://securitylabs.websense.com/content/blogs.aspx
http://blog.paran.com/franc3sco
http://www.sis.pe.kr
개인블로그
http://forensic-proof.com/
http://2600kr.wordpress.com/
http://vsstar.egloos.com/
정보보호 관련 교수 홈페이지
http://www.hksecurity.net/home/pds
20. 해외 보안 블로그
http://impcompfacts.blogspot.com/
http://jeremiahgrossman.blogspot.com/
http://usefulfor.com/security/
http://ha.ckers.org/blog/
http://www.schneier.com/blog/
http://www.f-secure.com/weblog/
http://blogs.msdn.com/michael_howard/
http://blogs.msdn.com/michael_howard/
http://www.stepto.com/default.aspx
http://securitywatch.eweek.com/
http://windowsteamblog.com/blogs/windowssecurity/default.aspx
http://blogs.msdn.com/e7/default.aspx
http://www.istartedsomething.com/
http://trailofbits.com/
21. 사이버 포렌식 싸이트,
http://www.cyber-forensic-analysis.com/
http://cyberforensic.org/default.aspx
http://www.ncfta.net/about.asp
http://computer-forensics.privacyresources.org/
22. 감사관련
http://www.auditnet.org/http://astrogrep.sourceforge.net/
싸이트
www.rootshell.com  www.2600.com www.root.org www.cultdeadcow.com www.cert.org www.ntsecurity.net packetstorm.security.com |
http://www.wikio.com/blogs/top
http://mss.skinfosec.co.kr/docs/?p=124
e 콘테츠 링크
http://www.library.kr/data/e_contents.aspx
23. 내가 사용하고 있는 사이트
http://www.nso.go.kr
http://dart.fss.or.kr
http://www.google.co.kr/reader
http://www.delicious.com
http://www.evernote.com
http://www.protopage.com
http://www.thinkwise.com
http://www.mandki.com
http://www.wisegiga.net
http://www.allwaysync.com
http://www.yammer.com
24. 인터넷윤리교실 교재보기
- http://www.imucc.or.kr/ebook/ebook_list.jsp
25. 외국보안사이트중 RSS피드 유용한사이트
-http://searchsecurity.techtarget.com/rssLanding/0,295701,sid14,00.html
26. 말웨어분석툴
http://www.mysectools.com/MySecTools/The_Tools/Archive.html
27. 외국 글로벌 벤더 보안사이트
http://www-304.ibm.com/industries/publicsector/us/en/rep/!!/xmlid=192485
28. Killer Blog
http://www.schneier.com/
http://digg.com/news/technology
http://googleonlinesecurity.blogspot.com/
http://krebsonsecurity.com/
http://www.malwarehelp.org/
https://blogs.sans.org/appsecstreetfighter/
http://isc.sans.edu/diary.html
http://www.securityfocus.com/
http://www.social-engineer.org/blog/
http://taosecurity.blogspot.com/
http://technet.microsoft.com/en-us/magazine/cc135960.aspx
http://www.wired.com/threatlevel/
http://www.root777.com/
29. 유럽연합정보보호기관
http://www.enisa.europa.eu/
30. 보안관련 동영상
보안관련 동영상 vod http://broadcast.boho.or.kr/UserView/UserView.jsp?seqno=627&num=1
인터넷윤리자가진단 http://www.nethics.kr/
31. 개인정보보호법 관련 사이트
한국인터넷진흥원 웹개인정보보호 https://guide.kisa.or.kr/guide/work.jsp
개인정보침해신고센터 http://privacy.kisa.or.kr/kor/main.jsp
32 외국인 유용한 리눅스,전반적인 참고 싸이트
http://www.devdaily.com/
33 . 검색사이트
http://ebookpp.com/
34. 논문자료
