不能否认对于Windows来说有了共享使我们在工作时确实方便了许多,但你是否知道,也许你正在享受共享给我们带来方便的同时,自己的文件和资料也许正在你不希望使用这些共享资源的人的注视之下。 For Windows, it can not deny that we have shared so easy to do at work a lot, but you know, maybe you shared with us are enjoying the convenience of their own documents and information may be is you do not want to use these shared resources under the people's attention. 甚至因为共享,自己的机也在不知不觉中被别人完全控制。 Because even shared their own machines are completely controlled by others unknowingly. 如果你不相信,请往下看: If you do not believe, please read on:
首先如果你设置了共享访问的口令而别人又能使用你的机器的话,那么他只要把你注册表HKEY_LOCAL_MACHINE\SOFTWARE \Microsoft\Windows\CurrentVersion\Network\LanMan面的共享目录名键里面的 PARM1ENC,PARM2ENC 与串35 9A 4D A6 53 A9 D4 6A相同长度异或(都先把字串化成16进制再异或),就得到密码。 First, if you set a password that others shared access can use your machine, then he just put your registry HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Network \ LanMan surface inside the shared directory name key PARM1ENC, PARM2ENC with the string 35 9A 4D A6 53 A9 D4 6A same or different length (both first string into hex and then XOR), get a password. 再根据一般人大多数都设置相同的密码的情况,他拿到了一个共享密码就相当于拿到了你的全部密码! According to most people most of them are set the same password, he got the equivalent of a shared password to get all your passwords!
其次如果你使用的是Win9x而且是在局域网上,那么如果没有必要不要把自己的磁盘或者是目录共享出去,特别是不要轻易给共享资源类型设置为“完全”,因为 Win9x在访问口令的验证上存在Bug,所以就算是你设置十位长的密码,用一些现成的黑客工具(如Inside)或者是别人通过修改自己Win9x目录下的vredir.vxd(这个文件是Windows的重要网络组件,它同时也负责共享密码的处理),在5分钟之内就可以进入你的共享目录,这样你的磁盘文件可就在别人的控制之下了。 Second, if you are using Win9x and is on the LAN, so if there is no need not to own the disk or directory is shared out, particularly not easy to share the resource type is set to "full", because Win9x password authentication on the access there is Bug, so even if you set the password length ten, with some ready-made hacking tools (such as Inside) or others by modifying their Win9x directory vredir.vxd (this file is the Windows key network components, it also Sharing passwords is also responsible for processing), in 5 minutes you can access your shared directory, so you may file in the disk under the control of others. 如果你共享的是含有Windows目录的磁盘,那么别人进入后还可以先把木马程序拷贝到你的“Windows\system”下再通过修改你的“Windows\Star If you are sharing a disk containing the Windows directory, then other people can enter after the first Trojan horse copy to your "Windows \ system" under the then modify your "Windows \ Star
Menu\Programs \启动”来安置木马,这样只要你下次重启动机器,木马就能神不知鬼不觉地运行而使攻击者完全控制你的机器。如果实在是需要共享,记得共享类型设成“只读”,并加上口令,这样就算别人能进入你的目录他也不能删除你的资料。不过为了安全起见,在用完后还是要把共享取消。 Menu \ Programs \ start "to accommodate horse, so long as the next time you restart the machine, Trojans can run undetected leaving the attacker full control of your machine if it is necessary to share, remember to share the type set "read only", and add a password, so even if someone else can he enter the directory where you can not delete your data, but for safety reasons, after use, or want to share in the cancellation.
再次有些人按照一些书上或是其它地方的资料以为只要把共享设为形如“sharename$”的形式别人就不能看到共享资源,其实“sharename$”的形式只是微软自欺欺人的做法。 Again some people according to some book or other parts of the data set that form as long as the share "sharename $" others can not see the form of shared resources, in fact, "sharename $" in the form of self-deception is Microsoft's approach. 在网络层操作系统能收到共享名,只是在操作系统上层才把“$”处理成隐含。 Operating system at the network layer to receive the share name, but the top of the operating system only then "$" treated as hidden. 而对于其它操作系统,比如说Linux,用Smb use \\target就可以看到目标机上的全部共享资源(包括隐含资源)。 For other operating systems, such as Linux, with Smb use \ \ target on the target machine can see all the shared resources (including the implied resources). 再配合上面所说的方法,要进入你的共享目录简直易如反掌。 Together with the method described above, to access your shared directory is a snap.
其实对于上面所说的两种情况,如果你必须用共享而又对安全重视的话,建议不要使用“共享级的访问控制”而用“用户级的访问控制”(在本机的“控制面板”-“网络”-“访问控制”下设置)。 In fact, for the above mentioned two cases, but if you must share the importance of safety, I suggest not to use the "share-level access control" instead of "user-level access control" (in the machine's "Control Panel" - "Network" - "Access Control" is set). 这样Win9x就会从网络上的主域控制器来读取用户访问列表。 This will Win9x from primary domain controller on the network to read the user access list. 而在设置资源共享的时候就可以看到你可以具体到为每个用户设置相应的权限。 Resource sharing in the set when you can see you can be specific to each user to set the appropriate permissions. 当然如果你想比较好的控制自己的共享资源的话,可以把Windows自带的“网络监视器”装上,这样对于到底是谁在使用你的共享资源你自己就能心中有数,而且如果发现有未经你允许而使用你本机共享资源的话呢也可以马上把他断开,真正做到“实时监控”。 Of course, if you want better control of their shared resources, can be the Windows built-in "Network Monitor" installed, so for in the end who is using your resources, you will be able to share an idea, and if found you without your permission to use shared resources, then the machine it can be immediately put him off, truly "real-time monitoring."
另对于安装NT的用户来说,如果你现在用自己的“服务器管理器”看一看你现在本机的共享目录,会发现有一个名为“IPC$”备注为“Remote For another installation of NT users, if you own the "Server Manager" to see the machine you are now shared directory, you will find a file named "IPC $" Note for the "Remote
IPC” 的共享,其实对于个人用户来说这个共享并不是必需的,而且如果你上网的话它还可能成为别人破解你用户名和口令的一个缺口。所以它也应该删除。注:如果你的 NT是主域控制器,或者是提供域认证,那么就不要删除这个共享,否则别人就不能登陆你的服务器了。但对于个人拨号上网用户来说,最好删除。 IPC "shared, in fact, for individual users, this sharing is not required, but if you access the Internet, then it could be someone crack your user name and password of a gap, so it should be removed. Note: If your NT is the primary domain controller, or to provide domain authentication, then do not delete this shared, otherwise I can not login to your server. but for individual dial-up Internet users, the best deleted.
如果你想探讨安全问题,欢迎给我来信。 If you want to discuss security issues, please give me a letter. E-mail:ruisnetwork@cmmail.com E-mail: ruisnetwork@cmmail.com
Tidak ada komentar:
Posting Komentar