苗得雨 Miao Yu
在我们的家庭生活和在处理普通办公与事物的时候,我们的计算机用户接触和使用的大多数系统基本都是Windows 9x 或者是 In our family life and in dealing with general office and things, we computer users access and use most of the systems are basically Windows 9x or
Windows ME 系列的产品,这类产品以其强大的易用性和家庭娱乐办公性方便,深得广大的普通计算机用户和办公人员的喜爱。 Windows ME series products, such products for its ease of use and powerful home entertainment office of convenience, won the majority of ordinary computer users and office workers alike.
Windows 9x系列和其后续产品的易用性是我们必须承认的的,但是我们也必须意识到Windows 9x Windows 9x series and its successor the ease of use that we must admit, but we must also realize that Windows 9x
系列产品比起它的同胞兄弟Windows NT 和Windows Products than its sibling Windows NT and Windows
2000来说,无论是稳定性还是安全性都差了许多,而且从许多的事例上我们也可以看出,Microsoft在设计Windows 2000, for both the stability or security are a lot of difference, and in many instances, we can see, Microsoft designed Windows
9x系列时,为了突出它的娱乐功能和易用性牺牲了Windows 9x series, in order to highlight its entertainment features and ease of use at the expense of Windows
9x系列产品的安全性。 9x series of product safety. 这些对于那些处在安全敏感位置或者是对安全要求严格的家庭终端用户来说无疑是最可怕的一件事情了。 For those who are in these security-sensitive position or a family of safety-critical end-user is undoubtedly a most terrible thing.
更糟糕的是我们很多用户在使用windows 9x Worse, many of our users use windows 9x
系统的时候往往不会注意它的设置和配置等与安全相关的问题,我们有时候会出现在不慎中选择了不安全的密码。 Systems often do not pay attention to it when the setup and configuration and security-related issues, we sometimes inadvertently selected in unsafe code. 或者是在某一个时刻,为一个恶意的攻击者在我们的网络上提供了一个能够让他进出自由的后门,这都大大地使我们在网络中的计算机时刻的处于危险之中。 Or at a certain time, as a malicious attack in our network to provide a freedom to let him out the back door, which are greatly to our computers in the network at risk the moment.
远程共享漏洞Windows9X操作系统作为最大众化的操作系统,以其的方便易用而成为多数电脑用户的首选。 Remote shared vulnerability Windows9X operating system as the most popular operating system, with its ease of use and become the first choice for most computer users. 虽然微软声称Windows9X达到了C2的安全级别,但是Windows9X真的如我们想象的那么的安全吗? Although Microsoft claims Windows9X to the C2 level of security, but Windows9X true, as we thought it safe? 下面就让我们一起拨开它的层层伪装。 Let's poke it with layers of camouflage.
Windows9X共享资源是Windows9X最致命且最容易受到攻击的漏洞。 Shared resources is Windows9X Windows9X the most deadly and most vulnerable loopholes. 众所周知在Windows9X中提供了三个直接访问远程系统的方式:文件和打印共享、拨号服务器和远程修改注册表。 Is well known in the direct Windows9X provides three ways to access the remote system: file and print sharing, remote dial-up server and modify the registry. 作为远程访问注册表需要比较高级的设置,而且在外部网中很难实现,所以黑客们在攻击个人用户的时候就首选了攻击Windows9X文件和打印共享。 Remote access to the registry as a more advanced settings, but difficult to achieve in the external network, so hackers to attack individual user's choice when the attack Windows9X file and print sharing.
在Windows9X系统中,特别是在许多的政府企业部门,共享文件与打印机都是基本的功能,这也就使得那些黑客不费吹灰之力就轻而易举的拿到他们想要的东西。 In Windows9X system, especially in many of the government business sector, share files and printers are the basic functions, which also makes those hackers effortlessly easy to get what they want.
作为狡诈的黑客们,他们通常会利用使用最佳小巧的工具对网段扫描,而在众多的工具中Legion和Shed都是很优秀的作品,不过我更加钟情于Shed,首选他是中国人开发的,而且方便易用,不会像Legion一样还需要安装。 As cunning hackers, they usually use to use the best tools for small segment scan, and in many of the tools in the Legion and the Shed is a very good work, but I am more in love with Shed, he is a Chinese development of the preferred , and easy to use, no need to install the same as the Legion.
下载完Shed我们双击就可以打开,然后在以下的位置填写上IP地址段就可以了。 After downloading the Shed we can double-click to open, then fill in the following location on the IP addresses on it. 让我们看看我们都能扫描到什么。 Let's see if we can scan anything.
东西不少啊,双击找到的目标之后黑客们就可以如同使用本机上我的电脑一样打开那些秘密文件,如此简单,如果他们高兴的话他还会使用你的打印机,会删除篡改你的文件…… A lot of things ah, double-click to find the target after hackers can use this machine as my computer, like the secret files open, so simple, if they pleased, then he will use your printer, you will delete the file tampering ... ...
太可怕了,那么如何制止这一切哪? Terrible, how to stop all this what? 其实方法也是很简单的,首先我们可以把机器上不用的共享文件属性关闭。 Method is actually very simple, first we can not share files on the machine attribute. 当然如果网管有很多这样的计算机,也可以利用系统的策略编辑器poledit.exe对所有计算机的共享进行关闭。 Of course, if there are many such computer network, you can also use the Policy Editor poledit.exe system for all computers to share to close.
当然我们在共享属性文件名后面加一个$也可以制止这种漏洞让你的计算机避免出现在外人的网络邻居中。 Of course, we share attributes in the file name followed by a $ stop this vulnerability can allow your computer to avoid outsiders in the network neighborhood. 因为过复杂的字符往往会让net view命令输出与Legion的扫描失效。 Because the characters are often too complex and make the net view command output Legion of scanning failure.
在Windows系统中,还有一个令人烦恼的漏洞,这就蓝屏炸弹。 On Windows systems, there is a disturbing flaw, which blue bomb. 蓝屏炸弹主要是根据Windows9X操作系统的一个类似于请求溢出的漏洞将目标计算机蓝屏死机,对付这种炸弹最有效的方法是安装Windows系统的补丁,或者使用防火墙。 Blue bomb is mainly based on a similar operating system Windows9X request overflow vulnerability of the target computer blue screen of death, against such a bomb is the most effective way to install Windows system patch, or use a firewall. 笔者将在以后的文章中详细介绍个人防火墙的设置。 I will be described in detail in a later article personal firewall settings.
Tidak ada komentar:
Posting Komentar