| = ! °ü¸®¹æ¾î °ø°£ 11-20 |
| = |
| = \TableOfContents0 |
| = |
| = !! level 11 |
| = |
| = + Ç®ÀÌ ¹æ¹ý |
| = # __/etc/shadow__ ÆÄÀÏ ÆíÁý |
| = |
| = - ½ÇÁ¦ Ç®ÀÌ |
| = {{{ |
| = # vi shadow |
| = root:6RBFY9mqyrfq.:6445:::::: |
| = daemon:NP:6445:::::: |
| = bin:NP:6445:::::: |
| = sys:NP:6445:::::: |
| = adm:NP:6445:::::: |
| = listen:*LK*::::::: |
| = nobody:NP:6445:::::: |
| = yspace:NP:11648:1:14:::: // 1Àº Æнº¿öµå º¯°æÈÄ À纯°æ ½Ã°£ 14´Â Æнº¿öµå º¯°æ ±â°£ |
| = "shadow" 12 lines, 249 characters written |
| = # finish |
| = }}} |
| = |
| = > pass = <font color=red>lifecycle</font> |
| = |
| = !! level 12 |
| = |
| = + Ç®ÀÌ ¹æ¹ý |
| = # __rm__ ¸í·É ±âÁ¸ ÆÄÀÏ »èÁ¦ |
| = # .rhost µð·ºÅ丮 »ý¼ºÈÄ µð·ºÅ丮 ¾È¿¡ ÆÛ¹Ì¼Ç 000ÀÎ ÆÄÀÏ »ý¼º |
| = # .rhost µð·ºÅ丮 __chmod__ ¸í·É »ç¿ë ÆÛ¹Ì¼Ç 000 º¯°æ |
| = |
| = - ½ÇÁ¦ Ç®ÀÌ |
| = {{{ |
| = # cd home0/yspace |
| = # ls -la |
| = ÃÑ 4 |
| = drwxrwxrwx 2 yspace 200 512 8¿ù 22ÀÏ 16:12 . |
| = drwxr-xr-x 5 root other 512 8¿ù 22ÀÏ 16:12 .. |
| = -rw-rw-r-- 1 yspace 200 0 8¿ù 22ÀÏ 16:12 .rhosts |
| = # rm .rhosts |
| = rm: .rhosts: µ¤¾î¾²±â ¹æÁö 664 (y/n)? y |
| = # mkdir .rhosts |
| = # cd .rhosts/ |
| = # touch file |
| = # chmod 000 file |
| = # ls -la |
| = ÃÑ 4 |
| = drwxr-xr-x 2 root other 512 8¿ù 22ÀÏ 16:14 . |
| = drwxrwxrwx 3 yspace 200 512 8¿ù 22ÀÏ 16:14 .. |
| = ---------- 1 root other 0 8¿ù 22ÀÏ 16:14 file |
| = # cd .. |
| = # ls -la |
| = ÃÑ 6 |
| = drwxrwxrwx 3 yspace 200 512 8¿ù 22ÀÏ 16:14 . |
| = drwxr-xr-x 5 root other 512 8¿ù 22ÀÏ 16:12 .. |
| = drwxr-xr-x 2 root other 512 8¿ù 22ÀÏ 16:14 .rhosts |
| = # chmod 000 .rhosts/ |
| = # finish |
| = }}} |
| = |
| = > pass = <font color=red>onlyyou</font> |
| = |
| = !! level 13 |
| = |
| = + Ç®ÀÌ ¹æ¹ý |
| = # /etc/inetd.conf ÆÄÀÏ ÆíÁý |
| = # -s ¿É¼ÇÀ» »ç¿ëÇÏ´Â °ÍÀº chroot()±â´ÉÀ» ÀÌ¿ëÇϱâ À§ÇÔ |
| = |
| = - ½ÇÁ¦ Ç®ÀÌ |
| = {{{ |
| = # vi inetd.conf |
| = |
| = #ident "@(#)inetd.conf 1.33 98/06/02 SMI" /* SVr4.0 1.5 */ |
| = # Configuration file for inetd(1M). See inetd.conf(4). |
| = # |
| = # Tftp service is provided primarily for booting. Most sites run this |
| = # only on machines acting as "boot servers." |
| = # |
| = tftp dgram udp wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot // -s ¿É¼ÇÃß°¡ |
| = # |
| = "inetd.conf" 150 lines, 5295 characters written |
| = # |
| = # finish |
| = }}} |
| = |
| = > pass = <font color=red>xsetrehash</font> |
| = |
| = !! level 14 |
| = |
| = + Ç®ÀÌ ¹æ¹ý |
| = # |
| = |
| = - ½ÇÁ¦ Ç®ÀÌ |
| = {{{ |
| = |
| = }}} |
| = |
| = > pass = <font color=red></font> |
| = |
| = !! level 15 |
| = |
| = + Ç®ÀÌ ¹æ¹ý |
| - # |
| + # __/usr/local/apache/conf/httpd.conf__ ÆÄÀÏ ÆíÁý |
| = |
| = - ½ÇÁ¦ Ç®ÀÌ |
| = {{{ |
| + # vi httpd.conf |
| = |
| + <Directory "/home/data"> |
| + options includesNOEXEC |
| + AddType application/x-httpd-php-source .php .php3 |
| + </Directory> |
| + |
| + "httpd.conf" 919 lines, 30888 characters written |
| + # finish |
| = }}} |
| = |
| - > pass = <font color=red></font> |
| + > pass = <font color=red>envokexterm</font> |
| = |
| = !! level 16 |
| = |
| = + Ç®ÀÌ ¹æ¹ý |
| - # |
| + # /etc/named.conf ÆÄÀÏ ÆíÁý |
| + # __allow-transfer__ ¿É¼Ç »ç¿ë |
| = |
| = - ½ÇÁ¦ Ç®ÀÌ |
| = {{{ |
| + # vi named.conf |
| + options { |
| + directory "/var/named"; |
| + allow-transfer { 203.239.110.1; }; |
| + }; |
| + zone "kisa.org" in { |
| + type master; |
| + file "master/kisa.org"; |
| + }; |
| + zone "." in { |
| + type hint; |
| + file "named.cache"; |
| + }; |
| + zone "0.0.127.in-addr.arpa" in { |
| + type master; |
| + notify no; |
| + file "master/127.0.0"; |
| + }; |
| + "named.conf" 21 lines, 333 characters written |
| + # finish |
| = |
| = }}} |
| = |
| - > pass = <font color=red></font> |
| + > pass = <font color=red>tcp53port</font> |
| = |
| = !! level 17 |
| = |
| = + Ç®ÀÌ ¹æ¹ý |
| - # |
| + # /etc/sysconfig/iptable ÆÄÀÏ ÆíÁý |
| = |
| = - ½ÇÁ¦ Ç®ÀÌ |
| = {{{ |
| + # vi iptables |
| + *filter |
| + :INPUT DROP [0:0] |
| + :FORWARD DROP [0:0] |
| + :OUTPUT ACCEPT [0:0] |
| + ################################################################# |
| + -A INPUT -i lo -j ACCEPT |
| + -A INPUT -d 0.0.0.0/0.0.0.0 -p tcp -m tcp ! --tcp-flags SYN,RST,ACK SYN -j ACCEPT |
| + -A INPUT -d 0.0.0.0/0.0.0.0 -p udp -m udp --dport 53 -j ACCEPT |
| + -A INPUT -s 0.0.0.0/0.0.0.0 -p udp -m udp --sport 53 -j ACCEPT |
| + -A OUTPUT -o lo -j ACCEPT |
| + ################################################################# |
| + -A INPUT -s 0.0.0.0/0.0.0.0 -d 0.0.0.0/0.0.0.0 -p tcp -m tcp --dport 22 -j ACCEPT |
| + -A INPUT -s 0.0.0.0/0.0.0.0 -d 0.0.0.0/0.0.0.0 -p tcp -m tcp --dport 80 -j ACCEPT // ÇÑÁÙ Ãß°¡ |
| + ################################################################# |
| + COMMIT |
| + ~ |
| + ~ |
| + "iptables" 16 lines, 697 characters written |
| + # finish |
| + }}} |
| = |
| + > pass = <font color=red>upgradeipchains</font> |
| + |
| + !! level 18 |
| + |
| + + Ç®ÀÌ ¹æ¹ý |
| + # __patchadd__ ¸í·É¾î »ç¿ë |
| + |
| + - ½ÇÁ¦ Ç®ÀÌ |
| + {{{ |
| + # patchadd /var/sadm/spool/patch/109320-04 |
| + |
| + Checking installed patches... |
| + Verifying sufficient filesystem capacity (dry run method)... |
| + Installing patch packages... |
| + |
| + Patch Number 109320-04 has been successfully installed. |
| + See /var/sadm/patch/109320-04/log for details |
| + |
| + Patch packkages installed: |
| + SUNWpcu |
| + SUNWppm |
| + SUNWpsf |
| + SUNWpsu |
| + SUNWscplp |
| + # finish |
| = }}} |
| = |
| - > pass = <font color=red></font> |
| + > pass = <font color=red>postscript</font> |
| = |
| - !! level 18 |
| - |
| - + Ç®ÀÌ ¹æ¹ý |
| - # |
| - |
| - - ½ÇÁ¦ Ç®ÀÌ |
| - {{{ |
| - |
| - }}} |
| - |
| - > pass = <font color=red></font> |
| - |
| = !! level 19 |
| = |
| = + Ç®ÀÌ ¹æ¹ý |
| - # |
| + # ¶ó¿ìÅÍ ¼³Á¤¹ý ½ÇÁ¦ Ç®ÀÌ Âü°í ^^;; |
| = |
| = - ½ÇÁ¦ Ç®ÀÌ |
| = {{{ |
| + Router# conf t // ȯ°æ ¼³Á¤À¸·Î µé¾î°¡±â |
| + Enter configuration commands, one per line. End with CNTL/Z. |
| + Router(config)# interface serial0 // »ç¿ëÁßÀÎ ÀÎÅÍÆäÀ̽º¿¡ ´ëÇÑ È¯°æ ¼³Á¤ |
| + Router(config-if)# ip access-group 101 in // access group 101 ÁöÁ¤ |
| + Router(config-if)# access-list 101 deny tcp any any eq 31337 // Á¢±Ù °¡´ÉÇÑ ½ÇÁ¦ ¼³Á¤ ºÎºÐ |
| + Router(config-if)# end |
| + Router# write // ÀúÀå(º¸ÅëÀÇ ¶ó¿ìÅÍ´Â ¿£ÅÍÄ¡´Â°ÍÀ¸·Î ¼³Á¤ÀÌ ³¡) |
| + %SYS-5-CONFIG_I: Configured from console by console |
| + Building configuration... |
| + [OK] |
| + Router# exit |
| + exit from router |
| + # finish |
| + }}} |
| = |
| + > pass = <font color=red>proteon |
| + </font> |
| + |
| + !! level 20 |
| + |
| + + Ç®ÀÌ ¹æ¹ý |
| + # __netstat -s -P tcp__ ÆĶó¹ÌÅÍ°ª È®ÀÎ |
| + # __ndd__ ¸í·É¾î ÀÌ¿ë Ä¿³Î º¯¼ö(tcp_conn_req_max_q0) º¯°æ |
| + |
| + - ½ÇÁ¦ Ç®ÀÌ |
| + {{{ |
| + Sun Aug 22 17:11:42 2004 sol2 unix: WARNING: HIGH TCP connect timeout rate! |
| + System (port 88) maybe under a SYN flood attack |
| + # |
| + # netstat -s -P tcp |
| + |
| + TCP tcpRtoAlgorithm = 4 tcpRtoMin = 400 |
| + tcpRtoMax = 60000 tcpMaxConn = -1 |
| + tcpActiveOpens = 30941 tcpPassiveOpens = 39974 |
| + tcpAttemptFails = 110 tcpEstabResets = 668 |
| + tcpCurrEstab = 1 tcpOutSegs =6665377 |
| + tcpOutDataSegs =6182316 tcpOutDataBytes =653294094 |
| + tcpRetransSegs = 14953 tcpRetransBytes =3676006 |
| + tcpOutAck =482923 tcpOutAckDelayed =261160 |
| + tcpOutUrg = 1 tcpOutWinUpdate = 0 |
| + tcpOutWinProbe = 664 tcpOutControl =142279 |
| + tcpOutRsts = 224 tcpOutFastRetrans = 937 |
| + tcpInSegs =8744082 |
| + tcpInAckSegs =5489201 tcpInAckBytes =653264926 |
| + tcpInDupAck =126842 tcpInAckUnsent = 0 |
| + tcpInInorderSegs =4920520 tcpInInorderBytes =37972194 |
| + tcpInUnorderSegs = 900 tcpInUnorderBytes = 3630 |
| + tcpInDupSegs = 5918 tcpInDupBytes = 82547 |
| + tcpInPartDupSegs = 0 tcpInPartDupBytes = 0 |
| + tcpInPastWinSegs = 1 tcpInPastWinBytes =47981743 |
| + tcpInWinProbe = 0 tcpInWinUpdate = 652 |
| + tcpInClosed = 60 tcpRttNoUpdate = 10262 |
| + tcpRttUpdate =5411705 tcpTimRetrans = 13440 |
| + tcpTimRetransDrop = 100 tcpTimKeepalive = 7884 |
| + tcpTimKeepaliveProbe= 5406 tcpTimKeepaliveDrop = 388 |
| + tcpListenDrop = 0 tcpListenDropQ0 = 0 |
| + tcpHalfOpenDrop = 0 tcpOutSackRetrans = 1805 |
| + # Sun Aug 22 17:06:07 2004 sol2 unix: WARNING: HIGH TCP connect timeout rate! |
| + System (port 88) maybe under a SYN flood attack |
| + // tcpTimRetransDrop = 100 º¸ÅëÀÇ °æ¿ì ÀÌ ¼¼ °ªÀÌ 0À» ³ªÅ¸³½´Ù.. |
| + // tcpListenDrop = 0 |
| + // tcpHalfOpenDrop = 0 |
| + |
| + # ndd -set /dev/tcp tcp_conn_req_max_q0 512 |
| + /dev/tcp tcp_conn_req_max_q0 512 |
| + # finish |
| = }}} |
| = |
| - > pass = <font color=red></font> |
| - |
| - !! level 20 |
| - |
| - + Ç®ÀÌ ¹æ¹ý |
| - # |
| - |
| - - ½ÇÁ¦ Ç®ÀÌ |
| - {{{ |
| - |
| - }}} |
| - |
| - > pass = <font color=red></font> |
| + > pass = <font color=red>3wayhandshake</font> |
