Friday, March 7, 2008
web ip spofing
IP spoofing-based DoS attacks are relatively straightforward. An attacker sends a packet to the target host with a forged IP address (SYN)—often an IP address in the RFC 1918 address space, though it does not have to be. The targeted host sends an acknowledgement (ACK) and waits for a response. The response never comes, and these unanswered queries remain in the buffer of the targeted device. If enough spoofed queries are sent, the buffer will overflow and the network device will become unstable and crash.
Man in the middle attacks are much more onerous. Here, the attacker intercepts traffic heading between two devices on the network. The attacker can either monitor information or alter the data as it passes through the network. This is illustrated in Figure 3.5.
Figure 3.5 The user sends a request to 10.10.100.1. The attacker pretends to be 10.10.100.1 and sends a response to that effect. The user then forwards all packets destined for 10.10.100.1 to the attacker.
Typically a man in the middle attack works like this: An attacker sits on the network and watches traffic. When another user on the network sends an ARP request to a network device, the attacker sends a response saying the compromised machine is the requested device. Even if the actual device responds, the second response will override the first. The user now sends all data destined for the original device to the compromised machine.
It is possible for an attacker to use this method to intercept enough data to effectively monitor and log all network traffic and gain important information such as usernames and passwords. Users may never know that the traffic is being intercepted, because each packet will eventually be forwarded onto its intended destination.
Tuesday, February 26, 2008
linux file system structure
Linux File System Structure The Linux system contains thousand of files located within many directories. All directories are organized in a tree-structure like manner.
The 'trunk' of the tree is the root directory. The root directory is simply identified as a "/". All other directories 'branch' off from the trunk. The following lists the most common directories and their intended contents.
/ - root directory
/home - where directories are contained for each user, example: /usr - pronounced 'user' and contains Linux commands and utilities
/bin - binary executable programs
/lib - program libraries, similar to Windows 'dll' files
/sbin - more executable programs and Linux utilities for administrative purposes
/doc - documentation
/src - source code to programs
/tmp - temporary work files /etc - configuration files
/rc.d - scripts used during boot and shutdown process
/sysconfig - default configuration files
/sysconfig/network-scripts - network scripts
/sysconfig
/daemons - special programs that run in background, such as print spooling
/bin - binary executable programs that all users need
/dev - device files that control drives, terminals and any equipment attached to the server
/var - user specific files
/log - log files containing system usage and errors
/spool - where spooled files are stored during print spooling process
/mail - where Email files are stored until retrieved by client Email program
/proc - system files
/root - root's home directory
/opt - other options
/sbin - more executable programs and utilities