Click here to load reader
Upload
dinhhanh
View
266
Download
0
Embed Size (px)
Citation preview
1
1.
2.
3.
4.
5.
6.
7.
VLSMCIDR
VLANWLANSTPSVIRIPV2OSPF
DOSDDOSURLIPQOS
VPN
L2L IPSec VPN
GRE Over IPSec
L2TP Over IPSec
IKEPSK
IKEPKI
SSL VPN
MAC
DHCP
ARP
STP
VLAN
(RIPV2OSPF)
WindowsLinux
Web
SQL InjectionSQL
Command Injection
File Upload
Directory Traversing
XSSCross Site Script
CSRFCross Site Request Forgeries
Cookie StoleCookie
Session Hijacking
WAFWebWeb
Windows/Linux
Web/
8.
30%
9%
200
21%
30%
30%
40%
40%
60
1.2312
114.58:00-1230
08:00-11:20
11:20-11:30
11:30-12:30
12:30
1120
3201725201751
10
220V6(500lux)
7
1
GB 17859-1999
2
GB/T 20271-2006
3
GB/T 20270-2006
4
GB/T 20272-2006
5
GB/T 20273-2006
6
GA/T 671-2006
7
GB/T 20269-2006
WindowsOffice
1
Windows
2
Microsoft Office
3
VMware
4
1
Windows 7\Windows XP
Windows
2
Windows Server 2003\2008
Windows
3
Ubuntu\Debian
4
Linux CentOS
Linux
1
1
CS6200
2
1
DCFW-1800E-N3002
3
1
DCST-6000B
4
WEB
1
DCFW-1800-WAF-LAB
5
1
DCBI-NetLog-LAB
6
1
7
1
WL8200-I2
8
PC
3
CPUCPU >=3.5GHZ,>=>=4GUSB
2-32
30%
9%
2%
-
7%
-
21%
7%
-
7%
-
7%
-
30%
30%
10%
10%
web
10%
40%
40%
10%
12
30%
1. 1-5
2. 5-10
3. 0
1. 30%15%5%
2
10%20%30%
1
2
1.
2.
3.
4.
3
1.
2.
UPSUPS3KVA2230V5%V
3.
4.
5.
6.
7.
8.
9.
4
5
1.
2.
3.
4.
1.
2.
3.
4.
5.
6.
7.
8.
1.
2.
3.
4.
5.
6.
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
1.
2.
3.
4.
5. 30
6.
7.
8.
2
2
2
2017
9:00-15:006
9:00-13:30
60
240
IIS
30
40
CSRF
40
XSS
40
40
40
SQL
40
linux
30
13:30-14:00
14:00-14:15
100
14:15-15:00
300
U
Uxxxx
08U0808
08
(1)
IP
1.
2.IP
IP
IP
DCFW
EthX
x.x.x.x/x
PC-3
IP
x.x.x.x/x
SSL VPN
IP
DCWS
EthX
x.x.x.x/x
DCRS
IP
webWAF
EthX
x.x.x.x/x
DCRS
IP
EthX
DCST
IP
DCRS
Vlan 2
x.x.x.x/x
DCWS
IP
Vlan 10
x.x.x.x/x
WAF
IP
Vlan 20
x.x.x.x/x
PC-1
IP
Vlan 30
x.x.x.x/x
PC-2
IP
Vlan 40
x.x.x.x/x
DCBI
IP
Vlan 100
x.x.x.x/x
IP
Vlan 110
x.x.x.x/x
IP
x.x.x.x/x
DCHP
IP
DCBI
EthX
x.x.x.x/x
DCRS
IP
EthX
DCRS
IP
DCST
EthX
x.x.x.x/x
WAF
IP
PC-1
x.x.x.x/x
DCRS
IP
PC-2
x.x.x.x/x
DCRS
IP
PC-3
x.x.x.x/x
DCFW
IP
-1
-2
-3
-4
-5
1.IPIP
2.
3.IP
4.IPIP2n-2
5.IPIP
6.IPIPIPU
3.
DCFW
http://192.168.1.1
ETH0
admin
admin
DCWS
https://192.168.1.254
ETH0
admin
Admin123
DCBI
https://192.168.5.254
ETH0
admin
123456
webWAF
https://192.168.45.1
ETH5
admin
admin123
DCST
http://192.168.1.100
Eth0Eth9
DCST
IP;
IP 0
(2) 300
X-X-
--.doc--.docx
60
DCRSshow runWORDDCFWDCWSWAFDCBIWORDWORD
1
IPWAFIP
2
IPDCRSIP
3
IPDCFWIP
4
IPDCWSIP
5
IPDCBIIP
6
IPDCRSVLANVLAN
7
8
IP
240
DCRSshow runWORDDCFWDCWSWAFDCBIWORDWORD5WORD
DCBI---DCBI.doc---DCBI.docx
1. DCFWSNMPIPIPIPcommunitypublicDCFW6
2. DCFWWANLANDCFWDDoS6
3. DCFWHTTPDCFWdcfw1234dcfw12346
4. DCFW9:00-17:006
5. DCFWDCFWWEB6
6. DCFWDCSTIPIPPC-3DCST6
7. DCFWDCFWIPPC-1IPIP6
8. DCFW1000ARP6
9. DCFW10005M6
10. DCFWSSL VPNVPNSSL VPNx.x.x.x/xIPIP6
11. DCBIadmindcbi1234dcbi12346
12. DCBI6
13. DCBIDCBIIPIPIP25testtest6
14. DCBIDCBIIPIPIPcommunitypublic6
15. DCBIPC-1URLxunleiHTTP6
16. DCBIPC-26
17. DCBI6
18. DCBIDCBIDCRSPCMACPCMAC6
19. DCRSenableenable6
20. DCRSSSHDCNwebconsolesshtelnet6
21. DCRSVLAN20400pps6
22. DCRSSNMPDCRSpublic , privateIPIPIP6
23. DCRSDCRSEthernet1/15-17ARPPCEthernet1/19MAC00-FF-51-BE-AD-32MACE1-B6-4C-25-6A-136
24. DCRS10IPIPIPradius key1234566
25. DCRSVLAN110DHCPIPDHCP Serverpool-vlan110DNS114.114.114.1148.8.8.82VLAN11020DHCPIP6
26. WAFWAFDCRSVLAN10VLAN10IP8080WEBsyslogsyslogIPIPIPUDP5146
27. [email protected](13812345678)6
28. WAFWEB6
29. WAFIP1030006
30. WAFIP218.240.143.219DCRSVLAN10VLAN10IP6
31. WAFDCRSVLAN10VLAN10IP
32. WAFHTTPWAF6
33. DHCPIP6
34. DCWSVLAN100VLAN, DHCP192.168.100.0/24DNS:8.8.8.82IPDCWS,ACDHCP6
35. 802.11n 2.4G6
36. SSID DCNwpa-personal,chinaskill6
37. SSID GUEST 6
38. 6
39. GUSET10GUEST1M2M6
40. APAP16
(3) 300
1DCSTIP
WindowsIP
DCST
administrator123456
ipconfig /allIP
LinuxIP
DCST
root123456
ifconfigIP
2word
3X-X-
--.doc--.docx
IIS30
IISIIS
(Webwindows2003 server
(/1WebIIS-6.0
(/2FTPIIS-6.0
(win-wiresharkwindows2003 server
(/1wireshark
1. Windows IIS Web3
2. windows IIS WebWeb3
3. IIS Web3
4. IIS Web3
5. IISSSLwin-wiresharkWebcnIIS 3
6. IIS win-wiresharkWeb6
7. win-wiresharkCA6
8. win-wiresharkCAPCWeb3
40
MySQLMySQL
(xserver-mysqlRedhat Linux AS5
(/1WebApache 2.2.23
(/2MySQL5.0.22
(/3PHP5.0.48
(/4Nmap4.11
1. xserver-mysql, MySQLmysqld 4
2. Linux MySQL4
3. xserver-mysqlIP8
4. 3PC-1grants 8
5. xserver-mysql4
6. MySQLroot admin4
7. MySQLmysqld 4
8. mysqld 4
CSRF40
CSRFCross-site request forgery
(xserverRedhat Linux AS5
(/1WebApache 2.2.23
(/2MySQL5.0.22
(/3PHP5.0.48
(/4Nmap4.11
(metas2-lab-1Redhat Linux AS5
(/1WebApache 2.2.23
(/2MySQL5.0.22
(/3PHP5.0.48
(/4Nmap4.11
(/5telnet0.17-39-el5;
(/6telnet0.17-39-el5
(win-wiresharkwindows2003 server
(/1wireshark
1. metas2-lab-1 "/"->"csrf"4
2. win-wiresharkcsrfpwiresharkWEB8
3. 8
4. csrf"csrf"4
5. xservercsrftest.php12erfgbntest.php8
6. PCcsrf4
7. win-wiresharkcsrpcheckmetas2-lab-14
XSS40
XSSWebXSSXSSXSS
(xserverRedhat Linux AS5
(/1WebApache 2.2.23
(/2MySQL5.0.22
(/3PHP5.0.48
(/4Nmap4.11
(metas2-lab-1Redhat Linux AS5
(/1WebApache 2.2.23
(/2MySQL5.0.22
(/3PHP5.0.48
(/4Nmap4.11
(/5telnet0.17-39-el5;
(/6telnet0.17-39-el5
(win-wiresharkwindows2003 server
(/1wireshark
1. PCmetas2-lab-1"/"->"xss""admin""password"xxsjs"444"xss4
2. xserverphpaccept_cookie.phpcookiecookiels lCookie[ls l /xx/xx/yyxxyyCookie]12
3. metas2-lab-1xsscookiexsscookiexserveraccept_cookie.php 8
4. win-wireshark,xssp,metas2-lab-1 IP6metas2-lab-1 xssxserveraccept_cookie cookie8
5. PCcookiehttp://x.x.x.x/dcn/vulnerabilities/xss_s/?mpage=xssx.x.x.xmetas2-lab-1IP8
40
POP3FTPSMTPNNTPIMAPTELNETHTTPIRC
(metas2-labRedhat Linux AS5
(/1WebApache 2.2.23
(/2MySQL5.0.22
(/3PHP5.0.48
(/4Nmap4.11
(/5telnet0.17-39-el5;
(/6telnet0.17-39-el5
(/7Vsftpd2.0.5
(win-wiresharkwindows2003 server
(/1wireshark
1. win-wiresharkwiresharktelnettelnetp11metas2-labtelnet 4
2. win-wireshark telnet telnetp8
3. win-wireshark wireshark ftp4
4. win-wiresharkftpftppwin-wiresharkftp 8
5. win-wireshark80,,4
6. win-wiresharwiresharkWEB4
7. win-wiresharWebhttpp8
40
Remote File IncludeJSPPHPASP
(xserverRedhat Linux AS5
(/1WebApache 2.2.23
(/2MySQL5.0.22
(/3PHP5.0.48
(/4Nmap4.11
(metas2-lab-1Redhat Linux AS5
(/1WebApache 2.2.23
(/2MySQL5.0.22
(/3PHP5.0.48
(/4Nmap4.11
(/5telnet0.17-39-el5;
(/6telnet0.17-39-el5
(win-wiresharkwindows2003 server
(/1wireshark
1. Webmetas2-lab-1"/"->""4
2. winxp-wiresharkfileipmetas2-lab-1 IP6WiresharkWeb8
3. 4
4. metas2-lab-1passwdURL8
5. test1test2test3SSHSSH8
6. 8
SQL40
SQLWWWWebSQLSSQLSQL
(Windows 2003 Server
(/1Web
(/2SQL Server 2005
1. Acunetix Web Vulnerability Scanner SQLURL4
2. and 1=1 and 1=2 4
3. GetsqlmapURL8
4. POSTsqlmapURLPOST8
5. URLSQLSQLMAPdumpadmin 12
6. md5admin 4
Linux 30
LinuxWindowsLinux
(Redhat Linux AS5
1. sshrootrootssh3
2. 883
3. /etc/pam.d/ system-auth10103
4. umask0273
5. SUIDSGID3
6. 3
7. 103
8. syslog.conf3
9. rootUID0UID06
(4) 400
IP
1
2
3KEY
4FLAG
FLAG
1800
20
3syslogsyslog514
4
1. WebSQLSQLKEY
2. WebKEY
3. WebKEY
4. WebCOOKIECOOKIEKEY
5. WebKEY
6. WebKEY
7. WebKEY
8. WebKEY
9. WebBASHBASHKEY
10.
11.
12. SAMBA
13. VSFTPD
14. AS5ROOTKITrootkit
15. SSHDSSH
16. mysqlroot
17. KEY
1