网络犯罪侦察技术3精编.pptVIP

linying@ynu.edu.cn Cyber-crime investigative techniques LIN YING chapter3 Analysis key technology Principle of Common network attacks 3.1 crack passwords 3.2 Sniffer 3.3 network port scanning 3.4 Buffer Overflow Attacks 3.5 Denial-of-service attacks 3.1 crack passwords 3.1.2 Password attack conditions and technical methodology The attacker to carry out attacks usually require a password following conditions:  High-performance computers;  Large-capacity on-line dictionary or other characters List; Known encryption algorithm;  The password readable document;  Password a higher probability included in the dictionary of the attack. Generally speaking, password attacks include the following two steps: ? First step: access password file; ? Second step: using a variety of encryption algorithms dictionary table or other characters in the text encryption, and the results were compared with the password file. Attacks technology commonly used passwords are: ?? Violence crack; ?? Speculation attack. 3.2 Sniffer Sniffer is to use computer network interface intercepted destined for other computer data on the text of a tool. The principle of sniffer Sniffer is a state able to set up a local card miscellaneous admission state of the software, when the card in such a miscellaneous revenue way, the card has broadcast address, it encountered every frame all produce a hardware interrupt to remind flows through the operating system deal with the physical media reported the text of each packet. (With the majority of the card to buy a hybrid form of capacity) Sniffer Programming 3.3 Network port Scanning 3.3.1 Overview Scanner is not a direct attack loopholes in the procedures network, it can only help attackers discovered the target of some inherent weaknesses. A good scanner can get its analysis of data to help identify the attacker goal mainframe loophole. 3.3.2 Technology analysis 1、Connectivity scanning A: Client-SYN B:Client-SYN Se