Linux安全攻防 - 随笔分类(第2页) - 郑瀚Andrew

CVE-2015-0240 Unexpected Code Execution In SMBD

摘要：CVE-2015-0240 Unexpected Code Execution In SMBD 阅读全文

posted @ 2015-04-10 16:34 郑瀚Andrew 阅读(245) 评论(0) 推荐(0) 编辑

Linux Overflow Vulnerability General Hardened Defense Technology、Grsecurity/PaX

摘要：Linux Overflow Vulnerability General Hardened Defense Technology、Grsecurity/PaX 阅读全文

posted @ 2015-04-10 14:29 郑瀚Andrew 阅读(2224) 评论(0) 推荐(0) 编辑

glibc function heap-based buffer overflow in glibc's __nss_hostname_digits_dots() called by gethostbyname()、gethostbyname2() CVE-2015-0235

摘要：glibc function heap-based buffer overflow in glibc's __nss_hostname_digits_dots() called by gethostbyname()、gethostbyname2() CVE-2015-0235 阅读全文

posted @ 2015-04-08 14:14 郑瀚Andrew 阅读(131) 评论(0) 推荐(0) 编辑

Network Time Protocol Daemon (ntpd) Multiple Vulnerabilities(CVE-2014-9293、CVE-2014-9294、CVE-2014-9295、CVE-2014-9295、CVE-2014-9295、CVE-2014-9296)

摘要：Network Time Protocol Daemon (ntpd) Multiple Vulnerabilities(CVE-2014-9293、CVE-2014-9294、CVE-2014-9295、CVE-2014-9295、CVE-2014-9295、CVE-2014-9296) 阅读全文

posted @ 2015-04-08 14:14 郑瀚Andrew 阅读(248) 评论(0) 推荐(0) 编辑

Linux fork()、exec() Hook Risk、Design-Principle In Multi-Threadeed Program

摘要：Linux exec() Hook Risk、Design-Principle In Multi-Threadeed Program 阅读全文

posted @ 2015-03-12 17:07 郑瀚Andrew 阅读(1744) 评论(0) 推荐(1) 编辑

Linux进程自保护攻防对抗技术研究（Process Kill Technology && Process Protection Against In Linux）

摘要：Linux进程自保护攻防对抗技术研究（Process Kill Technology && Process Protection Against In Linux）阅读全文

posted @ 2015-01-12 22:17 郑瀚Andrew 阅读(3806) 评论(1) 推荐(1) 编辑

CVE-2014-4877 && wget: FTP Symlink Arbitrary Filesystem Access

摘要：CVE-2014-4877 && wget: FTP Symlink Arbitrary Filesystem Access 阅读全文

posted @ 2014-11-16 20:55 郑瀚Andrew 阅读(2176) 评论(0) 推荐(0) 编辑

CVE-2014-0160 Heartbleed Vul Analysis && OpenSSL Cryptographic Software Library Bug

摘要：CVE-2014-0160 Heartbleed Vul Analysis && OpenSSL Cryptographic Software Library Bug 阅读全文

posted @ 2014-11-05 20:43 郑瀚Andrew 阅读(998) 评论(0) 推荐(0) 编辑

CVE: 2014-6271、CVE: 2014-7169 PATCH方案分析

摘要：CVE: 2014-6271、CVE: 2014-7169 PATCH方案分析阅读全文

posted @ 2014-09-26 19:30 郑瀚Andrew 阅读(1276) 评论(0) 推荐(0) 编辑

CVE: 2014-6271、CVE: 2014-7169 Bash Specially-crafted Environment Variables Code Injection Vulnerability Analysis

摘要：CVE: 2014-6271、CVE: 2014-7169 Bash Specially-crafted Environment Variables Code Injection Vulnerability Analysis 阅读全文

posted @ 2014-09-25 14:42 郑瀚Andrew 阅读(7003) 评论(0) 推荐(3) 编辑

Linux/Unix System Level Attack、Privilege Escalation(undone)

摘要：Linux/Unix System Level Attack、Privilege Escalation 阅读全文

posted @ 2014-08-13 08:15 郑瀚Andrew 阅读(1401) 评论(0) 推荐(0) 编辑

Linux System Reinforcement、Intrusion Detection Based On syslog

摘要：Linux System Reinforcement、Intrusion Detection Based On syslog 阅读全文

posted @ 2014-08-05 16:29 郑瀚Andrew 阅读(2006) 评论(0) 推荐(1) 编辑

Linux Rootkit Sample && Rootkit Defenser Analysis

摘要：This paper attempts to analyze the characteristics from the attacker's point of view about the currentopen source rootkit key technology, hope can find common features of rootkit damage andhidden, and developed a general strategy for rootkit defense and counter method 阅读全文

posted @ 2014-08-02 17:21 郑瀚Andrew 阅读(5514) 评论(9) 推荐(1) 编辑

Linux文件权限；ACL；Setuid、Setgid、Stick bit特殊权限；sudo提权

摘要：文件与(或)目录是文件系统的具体表现形式，在Linux系统管理部分，文件与目录管理映射了Linux文件系统管理策略的重要方面阅读全文

posted @ 2014-07-23 15:38 郑瀚Andrew 阅读(3062) 评论(0) 推荐(3) 编辑

Linux数据包路由原理、Iptables/netfilter入门学习

摘要：相关学习资料https://www.frozentux.net/iptables-tutorial/cn/iptables-tutorial-cn-1.1.19.htmlhttp://zh.wikipedia.org/wiki/Netfilterhttp://www.netfilter.org/pr... 阅读全文

posted @ 2014-05-05 13:53 郑瀚Andrew 阅读(15215) 评论(7) 推荐(3) 编辑

Linux登录验证机制、SSH Bruteforce Login学习

摘要：Linux登录验证机制、SSH Bruteforce Login学习阅读全文

posted @ 2014-04-13 20:57 郑瀚Andrew 阅读(7453) 评论(1) 推荐(3) 编辑

Han Zheng, Practitioners and Theoretical Researcher, Now working in Alibaba Cloud Corp, China

Welcome to contact me. Wechat：LittleHann，My email, 306211321@qq.com，Job mail：zhenghan.zh@alibaba-inc.com

随笔分类 - Linux安全攻防

公告