Белая книга для Cisco Cisco NSS030 Smart Storage External Power Adapter
6
Security Considerations White Paper for Cisco Smart Storage
White Paper
-
Xprobe2, Amap
—OS and application fingerprinting scanners. Hacker
uses these tools to determine the version of the OS and the application
version. Based on this information, the hacker can tailor the attack
specific to the OS version or the application version.
-
Winfo
—Uses null sessions (guest account) to remotely retrieve
information about user accounts, workstation/interdomain/server trust
accounts, etc.
-
Hping2
—A network probing utility. It is like ping on steroids. This tool is
particularly useful when trying to do a traceroute, ping, or probe of a
host behind a firewall. This often allows you to map out firewall rule sets.
•
Tools to hack passwords:
-
John the Ripper
—A powerful, flexible, and fast multi-platform tool for
cracking password hash. It’s primary purpose is to detect weak UNIX
passwords. It supports several crypt(3) password hash types which are
most commonly found on various UNIX flavors, as well as Kerberos AFS
and Windows NT/2000/XP hashes.
-
THC Hydra
—A fast network authentication cracker. It can perform brute
force attacks or rapid dictionary attacks against more than 30 protocols,
including telnet, FTP, HTTP, HTTPS, SMB, etc.
shows a log of
an attacker’s usage of known logins and passwords.
Figure 4 Log of Hacker Utilizes Hydra to Determine the Password