bcoolbob 发表于 2006-5-24 02:56:05

急!!各位高手大侠朋友们请帮忙给翻译一下这篇文章!!有急用!!谢谢了!!

通过模拟渗透来提高你的站点安全性
Introduction
Every day, all over the world, computer networks and hosts are being
broken into. The level of sophistication of these attacks varies
widely; while it is generally believed that most break-ins succeed due
to weak passwords, there are still a large number of intrusions that use
more advanced techniques to break in. Less is known about the latter
types of break-ins, because by their very nature they are much harder to
detect.
CERT. SRI. The Nic. NCSC. RSA. NASA. MIT. Uunet. Berkeley.
Purdue. Sun. You name it, we've seen it broken into. Anything that is
on the Internet (and many that isn't) seems to be fairly easy game. Are
these targets unusual? What happened?
Fade to...
A young boy, with greasy blonde hair, sitting in a dark room. The room
is illuminated only by the luminescense of the C64's 40 character
screen. Taking another long drag from his Benson and Hedges cigarette,
the weary system cracker telnets to the next faceless ".mil" site on his
hit list. "guest -- guest", "root -- root", and "system -- manager" all
fail. No matter. He has all night... he pencils the host off of his
list, and tiredly types in the next potential victim...

This seems to be the popular image of a system cracker. Young,
inexperienced, and possessing vast quantities of time to waste, to get
into just one more system. However, there is a far more dangerous type
of system cracker out there. One who knows the ins and outs of the
latest security auditing and cracking tools, who can modify them for
specific attacks, and who can write his/her own programs. One who not
only reads about the latest security holes, but also personally
discovers bugs and vulnerabilities. A deadly creature that can both
strike poisonously and hide its tracks without a whisper or hint of a
trail. The uebercracker is here.

Why "uebercracker"? The idea is stolen, obviously, from Nietzsche's
uebermensch, or, literally translated into English, "over man."
Nietzsche used the term not to refer to a comic book superman, but
instead a man who had gone beyond the incompetence, pettiness, and
weakness of the everyday man. The uebercracker is therefore the system
cracker who has gone beyond simple cookbook methods of breaking into
systems. An uebercracker is not usually motivated to perform random
acts of violence. Targets are not arbitrary -- there is a purpose,
whether it be personal monetary gain, a hit and run raid for
information, or a challenge to strike a major or prestigious site or
net.personality. An uebercracker is hard to detect, harder to stop, and
hardest to keep out of your site for good.

Overview
In this paper we will take an unusual approach to system security.
Instead of merely saying that something is a problem, we will look
through the eyes of a potential intruder, and show _why_ it is one. We
will illustrate that even seemingly harmless network services can become
valuable tools in the search for weak points of a system, even when
these services are operating exactly as they are intended to.

In an effort to shed some light on how more advanced intrusions occur,
this paper outlines various mechanisms that crackers have actually used
to obtain access to systems and, in addition, some techniques we either
suspect intruders of using, or that we have used ourselves in tests or
in friendly/authorized environments.

Our motivation for writing this paper is that system administrators are
often unaware of the dangers presented by anything beyond the most
trivial attacks. While it is widely known that the proper level of
protection depends on what has to be protected, many sites appear to
lack the resources to assess what level of host and network security is
adequate. By showing what intruders can do to gain access to a remote
site, we are trying to help system administrators to make _informed_
decisions on how to secure their site -- or not. We will limit the
discussion to techniques that can give a remote intruder access to a
(possibly non-interactive) shell process on a UNIX host. Once this is
achieved, the details of obtaining root privilege are beyond the scope
of this work -- we consider them too site-dependent and, in many cases,
too trivial to merit much discussion.

We want to stress that we will not merely run down a list of bugs or
security holes -- there will always be new ones for a potential attacker
to exploit. The purpose of this paper is to try to get the reader to
look at her or his system in a new way -- one that will hopefully afford
him or her the opportunity to _understand_ how their system can be
compromised, and how.

We would also like to reiterate to the reader that the purpose of this
paper is to show you how to test the security of your own site, not how
to break into other people's systems. The intrusion techniques we
illustrate here will often leave traces in your system auditing logs --
it might be constructive to examine them after trying some of these
attacks out, to see what a real attack might look like. Certainly other
sites and system administrators will take a very dim view of your
activities if you decide to use their hosts for security testing without
advance authorization; indeed, it is quite possible that legal action
may be pursued against you if they perceive it as an attack.

There are four main parts to the paper. The first part is the
introduction and overview. The second part attempts to give the reader
a feel for what it is like to be an intruder and how to go from knowing
nothing about a system to compromising its security. This section goes
over actual techniques to gain information and entrance and covers basic
strategies such as exploiting trust and abusing improperly configured
basic network services (ftp, mail, tftp, etc.) It also discusses
slightly more advanced topics, such as NIS and NFS, as well as various
common bugs and configuration problems that are somewhat more OS or
system specific. Defensive strategies against each of the various
attacks are also covered here.

The third section deals with trust: how the security of one system
depends on the integrity of other systems. Trust is the most complex
subject in this paper, and for the sake of brevity we will limit the
discussion to clients in disguise.

The fourth section covers the basic steps that a system administrator
may take to protect her or his system. Most of the methods presented
here are merely common sense, but they are often ignored in practice --
one of our goals is to show just how dangerous it can be to ignore basic
security practices.

Case studies, pointers to security-related information, and software are
described in the appendices at the end of the paper.

While exploring the methods and strategies discussed in this paper we we
wrote SATAN (Security Analysis Tool for Auditing Networks.) Written in
shell, perl, expect and C, it examines a remote host or set of hosts and
gathers as much information as possible by remotely probing NIS, finger,
NFS, ftp and tftp, rexd, and other services. This information includes
the presence of various network information services as well as
potential security flaws -- usually in the form of incorrectly setup or
configured network services, well-known bugs in system or network
utilities, or poor or ignorant policy decisions. It then can either
report on this data or use an expert system to further investigate any
potential security problems. While SATAN doesn't use all of the methods
that we discuss in the paper, it has succeeded with ominous regularity
in finding serious holes in the security of Internet sites. It will be
posted and made available via anonymous ftp when completed; Appendix A
covers its salient features.

Note that it isn't possible to cover all possible methods of breaking
into systems in a single paper. Indeed, we won't cover two of the most
effective methods of breaking into hosts: social engineering and
password cracking. The latter method is so effective, however, that
several of the strategies presented here are geared towards acquiring
password files. In addition, while windowing systems (X, OpenWindows,
etc.) can provide a fertile ground for exploitation, we simply don't
know many methods that are used to break into remote systems. Many
system crackers use non-bitmapped terminals which can prevent them from
using some of the more interesting methods to exploit windowing systems
effectively (although being able to monitor the victim's keyboard is
often sufficient to capture passwords). Finally, while worms, viruses,
trojan horses, and other malware are very interesting, they are not
common (on UNIX systems) and probably will use similar techniques to the
ones we describe in this paper as individual parts to their attack
strategy.

bcoolbob 发表于 2006-5-24 03:00:42

内容比较多!各位高手大侠们多费心了!大家有空了有兴趣了能帮忙翻译几段或者几句我都很高兴!先在这谢谢大家了!

bcoolbob 发表于 2006-5-24 03:09:12

斑竹大哥俺实在是急用!没办法就发到这了!就是希望能借大家的力量帮帮我!!!!每人给小弟翻译一点!人多力量大!谢谢各位了!!!!

happybean 发表于 2006-5-24 10:28:52

这么多啊

happybean 发表于 2006-5-24 10:59:08

每天,全世界有很多电脑网络及站点被入侵。这种入侵的级别范围很广。一般情况下,有一部分是由于密码的设得太简单造成的。还有其它很大一部分是因为使用了高级入侵技术。关于后者,我们知道的还不多,因为本身就很难去检测出来。
(第二段不知道怎么翻呢)
一个年轻的男孩,有着一头脏兮兮的金黄色头发,正坐在一间黑乎乎的房间里。房间里面的唯一光源就是那台显示器。他点燃了又一支雪茄,而疲惫的系统也已经远程登陆到了他的攻击列表上的一个".mil"站点。尝试了"guest -- guest", "root -- root"以及"system -- manager",都没有成功。无所谓,反正他有很多时间。他用铅笔在列表上划掉了这个站点,接着轮到了下一个受害者。。。


只翻译了这些,英语水平有限,让大家见笑了
希望高手加入进来~~

happybean 发表于 2006-5-24 11:13:10

又翻译了一段,请高手指教!

这似乎就是流行的电脑黑客的写照:年轻,没有经验,又有一大把时间去攻击一个又一个系统。然而,还有更危险的电脑黑客。他们知道最新的安全审核及破解工具,可以为专门的攻击去修改,并且也可以开发他们自己想要的程序。他们不仅经常看最新的安全漏洞,而且能发现bug以及脆弱之处。最厉害的是,进行攻击,而隐藏了攻击手段,不留一点痕迹。这就是超厉害的电脑黑客。

bcoolbob 发表于 2006-5-24 13:40:31

非常感谢happybean!!!:)    希望大家都发扬优良传统帮忙给翻译一下!!!兄弟我急需啊!!!

bcoolbob 发表于 2006-5-25 11:24:14

快来人啊!!!!兄弟烧到眉毛了!!

bcoolbob 发表于 2006-5-26 11:02:39

??????????!!!!!!!!!!!!!!!!!!!!!!!

happybean 发表于 2006-5-29 09:19:23

楼主自己不试着翻译一下吗?
页: [1]
查看完整版本: 急!!各位高手大侠朋友们请帮忙给翻译一下这篇文章!!有急用!!谢谢了!!