Một proxy server là 1 máy trung gian giữa máy tính của bạn và các tài nguyên Internet bạn đang truy cập.. Anonymous - HTTP proxy server doesn't send any variables with your real IP to ho
Trang 1Một số SIDcó thể có dạng như sau :
S-1-5-21-1507001333-1204550764-1011284298-500
Một SID bao giờ cũng bắt đầu với chữ S và các thành phần của nó được ngăn cách nhau bởi dấu trừ ( Hyphens ) Số đầu tiên là số duyệt ( Revision number ) - ỏ ví dụ trên nó là 1
Số thứ hai là là nói về HDH - ví dụ số 5 luôn luôn là của Windows2000 Tiếp theo
là 4 nhóm chữ sô và cuối cùng là RID ( relative Identìier ) Chà ta quan tâm đến RID một tý nào
Nếu một SID mà có RID là 500c => Đó là Amin của máy cục bộ
RID là 501 => guest
Nếu ở trong Domain thì RID luôn bắt đầu từ 1000 khi tạo ra User đầu tiên => khi
ta nhìn thấy RID =1015 => hệ thống có 14 User đựoc tao ra trong hệ thống
OK => đến đây ta lại quay lại bài NetBIOS hacking và cách phòng chống
Hầu hết các User đều cho rằng khi Disable netBIOS over TCP/IP ( Bấm vào My Network Places chọn Local Area Connetion, chọn TCP/ IP sau đó bấm vào
propperties chọn Advandce, chọn WINS và bấm vào Disable NetBIOS over
TCP/IP) là đã chặn đựơc cách thâm nhập vào máy qua NetBIOS
Thực ra việc thiết lập này chỉ chặn trên cổng 139 Khác với NT4, Windows2000 còn chạy một SMB lắng nghe trên cổng 445 Cổng này vẫn còn Active cho dù NetBIOS over TCP / IP đã đựoc Disable
Phần Windows SMB cho Cllient từ sau version NT4 SP 6a sẽ tự động chuyển lên cổng 445 nếu như cố gắng kết nối trên cổng 139 =>
Ta có thể thiết lập một kết nối gọi là " null sesion" tới máy của victim
net use \\192,168.203.33\IPC$ "" /u:"" <= thiết lập một kết nối với anonymous user (/u) và pass rỗng ("") Nếu thành công ta cũng có thể sử dụng Net view để
xem các tài nguyên được chia sẻ trên máy victim
=> Để chống lại ta có thể can thiệp vào Registry :
HKLM\system\CurrentControlSet\Control\LSA\RestrictAnonymous
Bấm đúp vào key RestrictAnonymous ở panel bên phải và nhập vào trong khung
Trang 2Value 2
RestrictAnonymous có 3 giá trị:
0 Đây là gía trị mặc định của nó khi cài Winddows
1 Không cho phép tìm hiểu các thông tin của SAM
2 Không cho phép truy nhập
Ở đây bạn phải lưu ý rằng nêu bạn để RestrictAnonymous với giá trị là 1 thì vẫn có thể dung một số Tool như user2sid/sid2user hay UserInfor hoặc UserDump để lấy được thông tin về user và truy nhập vào máy bạn được
Tác giả: PhuongDong
Proxy Server là gì?
Một proxy server là 1 máy trung gian giữa máy tính của bạn và các tài nguyên Internet bạn đang truy cập Dữ liệu bạn yêu cầu đến Proxy trước, sau đó mới
truyền đến máy tính của bạn
What is an anonymous proxy server?
Anonymous proxy servers hide your IP address and thereby prevent your from unauthorized access to your computer through the Internet They do not provide anyone with your IP address and effectively hide any information about you and your reading interests Besides that, they don't even let anyone know that you are surfing through a proxy server Anonymous proxy servers can be used for all kinds
of Web-services, such as Web-Mail (MSN Hot Mail, Yahoo mail), web-chat
rooms, FTP archives, etc
What types of public proxy servers exist?
1 Transparent - HTTP proxy server reveals all Usable only for transfer speed improvement
2 Anonymous - HTTP proxy server doesn't send any variables with your real IP to host, but it sends variables indicating that you are using proxy
3 High Anonymity - HTTP proxy server doesn't send ANY variables indicating that you are using proxy server to host
Trang 3
Why should I use proxy servers?
1 Transfer speed improvement Proxy servers accumulate and save files that are most often requested by thousands of Internet users in a special database, called 'cache' Therefore, proxy servers are able to increase the speed of your connection
to the Internet The cache of a proxy server may already contain information you need by the time of your request, making it possible for the proxy to deliver it immediately
2 Security and privacy Anonymous proxy servers that hide your IP address
thereby saving you from vulnerabilities concerned with it
3 Sometimes you may encounter problems while accessing to web server when server administrator restricted access from your IP or even from wide IP range (for example restricting access from certain countries or geographical regions) So you try to access those pages using an anonymous proxy server
What is a public proxy server?
It is a proxy server which is free and open for everybody on the Internet
Unfortunately most of them are not anonymous
What is a pay proxy server?
Anonymizer - a pay proxy server with plenty of features Effective for personal use, when your Internet activities are not involved in very active surfing, web site development, mass form submitting, etc In short, Anonymizer is the best solution for most of Internet users Ultimate protection of privacy - nobody can find out where you are engaged in surfing Blocks all methods of tracking URL Encryption protects you from your own ISP Web Based - does not require any program
installation or a configuration on your computer
What is a pay proxy checker?
ProxyLists.Net - a pay database of free public proxies Solution for pros A place where a huge list of proxy servers has been compiled It uses the latest algorithms for collection and sorting of proxy servers, checking them for anonymity, SSL-based access and other properties
What is SOCKS?
Trang 4SOCKS is a networking proxy protocol that enables hosts on one side of a SOCKS server to gain full access to hosts on the other side of the SOCKS server without requiring direct IP-reachability SOCKS is often used as a network firewall,
redirecting connection requests from hosts on opposite sides of a SOCKS server The SOCKS server authenticates and authorizes requests, establishes a proxy
connection, and relays data between hosts
There are two major versions of SOCKS:
SOCKSv4 and SOCKSv5
Is it legal to surf through open proxies?
As far as we can tell, the answer is yes The primary argument against open proxies
is that their owners may not have intended for them to be used by the public
However, by running a service on a machine accessible to the public, without
restricting access to that service, the machine's administrator is implicitly
consenting for that service to be used by the public A proxy server is just like a web server, an FTP server, or any other net service: if it's running and accepting connections, it's fair game The internet is a public network
With regard to US law in particular, 18 USC 1030 (which covers computer-related fraud and theft) applies only when the user has knowingly accessed a computer without authorization or has knowingly exceeded his authorized access on that computer Because an open HTTP proxy, by default, allows connections and use of the service by anyone in the world, the proxy's administrator has essentially
"authorized" everyone to use the service There's no intentional bypassing of
security taking place Just as you don't need Google's express written permission to connect to google.com, you don't need a proxy admin's express written permission
to use his open proxy server
Are there dangerous proxies?
Yes
First, there are servers of goverment organisations (FBI, CIA, NASA etc.) and organizations working close with federal/state and corporate law enforcement Second, there are hackers
And don't believe those proxy checkers (even pay ones) telling you "we filter all dangerous proxies" It's impossible Nobody can tell you if that proxy you are using is monitored or not
Trang 5
Question:
What should I do if the access to some web-sites is restricted for me (by my
provider, administrators etc)?
Answer:
Use a proxy server ! Its principle of operation allows you to surf on many sites you have been forbidden Certainly, the provider can find out, that you are using proxy and also restrict access to this proxy server However there are many free proxies servers on the Internet, and you can easily take another proxy, and continue to travel on the sites closed for you
But there is already the corporate proxy server in my company !
In this case you can use: 1)anonymizers (CGI proxy) 2)a chain of proxy servers
Question:
I want to scan for some IRC proxy - How?
Answer:
Download IRC proxy checker: (check under proxy tools) Import last proxy list, define IRC server and time and scan for working proxies And remember that you must try to find proxies on other ports than : 23 , 1080 (socks) ,80 - 81 ,3128 , 8080 ,8081 Because almost all IRC server scan now for proxy with ports above
Question:
The program is not able to work with proxy What should I do ?
Answer:
Making a program to use a proxy server depends on the type of proxy For SOCKS proxy you?ll need SocksCap (check under proxy tools) It will socksificate any program i.e redirect all requests to the socks proxy For HTTP it?s necessary for the proxy server to support HTTPS protocol Install a local SOCKS proxy server and using Socks2HTTP redirect all requests to it on HTTP proxy
Question:
What is proxy chaining?
Answer:
A Proxy chaining is merely connecting to more than one proxy and then to your intended destination You can use as many proxy servers as you can or want The more you have, the more anonymous you will be