The author currently exist for the more serious vulnerabilities, security monitoring abnormal attacks eight high-risk events, the corresponding solutions to ensure that the intrusion detection system (IDS) to better play.
1. Microsoft Windows Messenger Service Remote Heap Overflow Vulnerability
Microsoft Windows XP, Windows NT, Windows ME, Windows 9X, Windows 2000, Windows 2003, etc. Almost all Windows operating systems are affected by this vulnerability. Windows Messenger service for server and client send each other a number of short messages. Microsoft Windows Messenger Service heap overflow issue exists, a remote attacker could exploit this vulnerability to system privileges on the target machine to execute arbitrary commands. Problems exist in the Messenger service program search-by-name function, the attacker to submit a specific sequence of strings to this function may cause heap overflow, well-constructed data may be submitted to the system privileges on the target machine to execute arbitrary commands. Submitted through the NetBIOS or RPC message to the messaging service, so you can close NETBIOS ports (137-139) and the use of UDP broadcast packet filtering firewall to block such messages.
Proposal
Temporary Solution: If you can not immediately install patches or upgrades, recommends the following measures to reduce the threat:
鈼?firewall or personal firewall at the border can not be trusted host access on the Prohibition of NETBIOS, and RPC ports 135,137,139 (TCP / UDP);
鈼?Disable the Messenger service. Open the "Start" (or open the "Settings") Click "Control Panel", then double-click "Administrative Tools", double-click "Services", locate and double-click "Messenger", in the "Startup Type" drop-down box choose "has been Disable ", then click" Stop ", then click" OK. "
Permanent solution: play system security bulletin MS03-043 patch.
2. Windows Exchange Server Remote Buffer Overflow Vulnerability
Windows 2000, Windows XP, Windows NT will be affected by this vulnerability. Microsoft Exchange Server is a Microsoft developed the mail service program. Exchange Server 2.5 and 2000 requests for malicious verb lack of adequate processing, remote attacker could exploit this vulnerability to Exchange Server process privileges to execute arbitrary commands on the system. Exchange Server 5.5涓湪Internet閭欢鏈嶅姟涓瓨鍦ㄤ竴涓畨鍏ㄩ棶棰橈紝鍏佽鏈獙璇佺敤鎴疯繛鎺xchange Server鐨凷MTP绔彛锛屽彂閫佺壒娈婃瀯寤虹殑鎵╁睍verb璇锋眰锛屽鑷村垎閰嶄竴涓秴澶у唴瀛橈紝杩欏彲鑳戒娇Internet閭欢鏈嶅姟鍏抽棴鎴栬?浣挎湇鍔″仠姝㈠搷搴斻?鍦‥xchange 2000 Server涓悓鏍峰瓨鍦ㄨ繖涓棶棰橈紝杩欑璇锋眰鍙紩璧风被浼糆xchange Server 5.5鐨勬嫆缁濇湇鍔°?鍙﹀濡傛灉鏀诲嚮鑰呯簿蹇冩瀯寤烘彁浜ゆ暟鎹紝鍙兘浠xchange Server杩涚▼鏉冮檺鍦ㄧ郴缁熶笂鎵ц浠绘剰鎸囦护銆?br />
Proposal
涓存椂瑙e喅鏂规硶锛?br />
鈼?鐢⊿MTP鍗忚妫?祴杩囨护SMTP鍗忚鎵╁睍锛?br />
鈼?浣跨敤闃茬伀澧欓檺鍒禨MTP鐨勪娇鐢紱
鈼?鍙帴鏀堕獙璇佽繃鐨凷MTP浼氳瘽锛岄?杩囦娇鐢⊿MTP AUTH鍛戒护闄愬埗鍙帴鏀堕獙璇佽繃鐨勪細璇濄?
姘镐箙瑙e喅鍔炴硶锛氭墦绯荤粺琛ヤ竵銆?br />
3. Microsoft MSN Messenger杩滅▼淇℃伅娉勯湶婕忔礊
Microsoft MSN Messenger Service浼氬彈姝ゆ紡娲炲奖鍝嶃? MSN Messenger鍦ㄥ鐞嗘枃浠惰姹傛椂瀛樺湪瀹夊叏闂锛岃繙绋嬫敾鍑昏?鍙互鍒╃敤杩欎釜婕忔礊鑾峰緱绯荤粺涓枃浠跺唴瀹广?鏀诲嚮鑰呭彲浠ュ彂閫佺壒娈婃瀯寤虹殑鏂囦欢璇锋眰杩炴帴杩愯MSN Messenger鐨勭敤鎴锋潵瑙﹀彂姝ゆ紡娲烇紝鎴愬姛鍒╃敤姝ゆ紡娲烇紝鏀诲嚮鑰呭彲浠ュ湪娌℃湁鐢ㄦ埛鐭ユ檽涓嬫煡鐪嬬‖鐩樹笂鏂囦欢鍐呭銆備笉杩囨敾鍑昏?蹇呴』鐭ラ亾鏂囦欢鍦ㄧ郴缁熶笂鐨勪綅缃?
Proposal
涓存椂瑙e喅鏂规硶锛氬缓璁噰鍙栦娇鐢ㄩ槻鐏杩囨护7007鍜?008绔彛浠ラ檷浣庡▉鑳併?
姘镐箙瑙e喅鍔炴硶锛氭墦绯荤粺瀹夊叏鍏憡MS04-010鐩稿簲鐨勮ˉ涓併?
4. Windows Help鍜孲upport Center杩滅▼缂撳啿鍖烘孩鍑烘紡娲?br />
Windows XP銆乄indows 2000銆乄indows 2003銆乄indows NT浼氬彈姝ゆ紡娲炲奖鍝嶃?
Proposal
涓存椂瑙e喅鏂规硶锛氬彇娑圚CP鍗忚鐨勬敞鍐岋紝鍒犻櫎HKEY_CLASSES_ROOTHCP娉ㄥ唽琛ㄩ敭鍊煎彲鍙栨秷HCP鍗忚鐨勬敞鍐屻?
姘镐箙瑙e喅鍔炴硶锛氭墦寰蒋MS03-044鍏憡鐩稿簲鐨勮ˉ涓併?
5. Netscreen杩滅▼鎷掔粷鏈嶅姟鏀诲嚮婕忔礊
NetScreen ScreenOS浼氬彈姝ゆ紡娲炲奖鍝嶃?Netscreen鏄竴娆惧鐞嗛槻鐏瀹夊叏瑙e喅鏂规锛屽疄鐜扮嚎閫熸暟鎹寘澶勭悊鑳藉姏銆侼etscreen瀛樺湪SSH1 CRC32鐩稿叧闂锛岃繙绋嬫敾鍑昏?鍙互鍒╃敤杩欎釜婕忔礊杩涜鎷掔粷鏈嶅姟鏀诲嚮銆傞粯璁etscreen涓嶅惎鐢⊿SH锛孨etscreen涔熶笉榧撳姳瀹㈡埛浣跨敤SSH鏈嶅姟锛屼絾鏄湪GUI涓彲浠ヨ缃娇鐢⊿SH鏈嶅姟锛屼笉杩囪繖涓湇鍔″彧寮?惎鍦ㄥ彲淇℃帴鍙d腑锛岄櫎闈炲鍔犺鍒欒浆鍙戜俊鎭埌鍏朵粬鎺ュ彛/绔彛涓?濡傛灉Netscreen寮?惎浜嗚繖涓猄SH鏈嶅姟锛屽氨瀛樺湪鎷掔粷鏈嶅姟鏀诲嚮鏉′欢銆傝緝鏂扮増鏈殑ssh1瀹堟姢绋嬪簭涓墍甯︾殑涓?浠g爜涓瓨鍦ㄤ竴涓暣鏁版孩鍑洪棶棰樸?闂鍑哄湪deattack.c锛岀敱浜庡湪detect_attack()鍑芥暟涓敊璇湴灏嗕竴涓?6浣嶇殑鏃犵鍙峰彉閲忓綋鎴愪簡32浣嶅彉閲忔潵浣跨敤锛屽鑷磋〃绱㈠紩婧㈠嚭闂銆傝繖灏嗗厑璁镐竴涓敾鍑昏?瑕嗙洊鍐呭瓨涓殑浠绘剰浣嶇疆鐨勫唴瀹癸紝鏀诲嚮鑰呭彲鑳借繙绋嬭幏鍙杛oot鏉冮檺銆傚埄鐢ㄤ换浣曠浉鍏矯RC32婕忔礊鐨勬敾鍑讳唬鐮侊紝閮藉彲浠ュ鑷磋澶囧穿婧冿紝闇?閲嶆柊鍚姩鎵嶈兘鎭㈠姝e父鍔熻兘銆備絾鏄疦etscreen鍝嶅簲璁や负杩欎釜鎷掔粷鏈嶅姟涓嶆槸鐢变簬CRC32婕忔礊闂寮曡捣鐨勶紝涓嶈繃CRC32婕忔礊鐨勬敾鍑讳唬鐮佸彲浠ュ鑷存嫆缁濇湇鍔°?
Proposal
涓存椂瑙e喅鏂规硶锛氬缓璁殏鏃朵笉浣跨敤SSH鏈嶅姟浠ラ檷浣庡▉鑳併?
姘镐箙瑙e喅鍔炴硶锛氶殢鏃跺叧娉ㄨ蒋浠跺晢涓婚〉浠ヨ幏鍙栨渶鏂扮増鏈?
6. Microsoft Windows NtSystemDebugControl()鍐呮牳API鍑芥暟鏉冮檺鎻愬崌婕忔礊
Microsoft Windows XP SP1鍜學indows 2003浼氬彈姝ゆ紡娲炲奖鍝嶃?Microsoft Windows鎿嶄綔绯荤粺鍐呮牳API鍑芥暟瀛樺湪瀹夊叏闂锛屾湰鍦版敾鍑昏?鍙互鍒╃敤杩欎釜婕忔礊鎻愬崌鏉冮檺銆俍wSystemDebugControl()浠巒tdll.dll瀵煎嚭锛岃皟鐢╓indows鎿嶄綔绯荤粺鍑芥暟NtSystemDebugControl()锛岃繖涓嚱鏁板湪ring 0妯″紡涓嬫墽琛岋紝鎷ユ湁SeDebugPrivilege鏉冮檺鐨勮皟璇曡?鍙互鍒╃敤杩欎釜鍑芥暟鑾峰緱鏉冮檺鎻愬崌銆?br />
Proposal
涓存椂瑙e喅鏂规硶锛氬缓璁湪鎵?湁鐢ㄦ埛/缁勪腑鍘绘帀璋冭瘯鏉冮檺浠ラ檷浣庡▉鑳併?
姘镐箙瑙e喅鍔炴硶锛氶殢鏃跺叧娉ㄥ巶鍟嗙殑涓婚〉浠ヨ幏鍙栨渶鏂扮増鏈?
7. Microsoft IIS HTTP澶撮儴澶勭悊缂撳啿鍖烘孩鍑烘紡娲?br />
Windows 2000銆乄indows XP銆乄indows NT4.0銆両IS4.0/5.0浼氬彈姝ゆ紡娲炲奖鍝嶃?IIS锛圛nternet Information Server锛夋槸Microsoft Windows绯荤粺榛樿鑷甫鐨刉eb鏈嶅姟鍣ㄨ蒋浠躲? IIS 4.0/5.0/5.1鍦ㄥ鐞咹TTP澶撮儴淇℃伅鐨勪唬鐮佷腑瀛樺湪杩滅▼缂撳啿鍖烘孩鍑烘紡娲烇紝杩滅▼鏀诲嚮鑰呭彲浠ュ埄鐢ㄦ婕忔礊杩滅▼鎵ц鍛戒护鎴栭?鎴愭嫆缁濇湇鍔°?IIS鍦ㄦ敹鍒颁竴涓狧TTP璇锋眰鏃讹紝浼氬厛瀵瑰叾杩涜鍒嗘瀽锛屽畠鏍规嵁鍒嗛殧绗︽潵鍖哄垎涓嶅悓鐨勫尯鍩燂紝骞跺皢涓嶅悓鍩熺殑鍐呭淇濆瓨鍒伴?褰撳ぇ灏忕殑缂撳啿鍖轰腑銆備负纭繚搴旀湁鐨勫垎闅斿煙瀛樺湪涓斿浜庡悎鐞嗙殑浣嶇疆锛孖IS浼氬湪瑙f瀽HTTP鎶ュご鐨勫煙涔嬮棿杩涜涓?釜瀹夊叏妫?煡銆備絾鏄埄鐢ㄨ繖涓?紡娲烇紝鏀诲嚮鑰呮湁鍙兘娆洪獥杩欎竴妫?煡锛屼娇IIS璇互涓哄垎闅斿煙纭疄瀛樺湪锛孖IS鍙兘浼氬皢涓?釜瓒呰繃IIS棰勬湡闀垮害鐨凥TTP澶撮儴鍩熸暟鎹繚瀛樺埌涓?釜缂撳啿鍖轰腑锛屼粠鑰岄?鎴愮紦鍐插尯婧㈠嚭銆傝鍒╃敤杩欎釜婕忔礊锛岀洰鏍嘔IS鏈嶅姟鍣ㄥ繀椤诲厑璁镐娇鐢ˋSP ISAPI銆傚鏋滄敾鍑昏?浣跨敤闅忔満鏁版嵁锛屽彲鑳戒娇IIS鏈嶅姟宕╂簝锛圛IS 5.0/5.1浼氳嚜鍔ㄩ噸鍚級銆傚鏋滅簿蹇冩瀯閫犲彂閫佺殑鏁版嵁锛屼篃鍙兘鍏佽鏀诲嚮鑰呮墽琛屼换鎰忎唬鐮併?鎴愬姛鍦板埄鐢ㄨ繖涓紡娲烇紝瀵逛簬IIS 4.0锛岃繙绋嬫敾鍑昏?鍙互鑾峰彇SYSTEM鏉冮檺锛屽浜嶪IS 5.0/5.1鏀诲嚮鑰呭彲浠ヨ幏鍙朓WAM_computername鐢ㄦ埛鐨勬潈闄愩?
Proposal
涓存椂瑙e喅鏂规硶锛?br />
鈼?濡傛灉涓嶉渶瑕佷娇鐢ˋSP鑴氭湰锛屽簲璇ョ珛鍒诲垹闄も?.asp鈥濈殑鑴氭湰鏄犲皠锛氭墦寮?nternet 鏈嶅姟绠$悊鍣紝鍙冲嚮鏈嶅姟鍣紝鍦ㄨ彍鍗曚腑閫夋嫨鈥滃睘鎬р?鏍忥紝閫夋嫨鈥滀富灞炴?鈥濓紝閫夋嫨 WWW 鏈嶅姟鈫掔紪杈戔啋涓荤洰褰曗啋閰嶇疆锛屽湪鎵╁睍鍚嶅垪琛ㄤ腑鍒犻櫎鈥?asp鈥濋」锛屼繚瀛樿缃?鐒跺悗閲嶅惎IIS鏈嶅姟銆?br />
鈼?鍙互浣跨敤寰蒋鎻愪緵鐨勪竴涓畨鍏ㄥ伐鍏稶RLScan鏉ラ檺鍒舵敾鍑昏?鍒╃敤杩欎釜婕忔礊杩滅▼鎵ц鍛戒护銆俇RLScan缂虹渷涓嶅厑璁窾RL涓寘鍚潪ASCII瀛楃锛屽洜姝ゅ彲浠ユ湁鏁堝湴澧炲ぇ鏀诲嚮鑰呮敾鍑荤殑闅惧害銆備絾杩欎笉鑳介槻姝㈡敾鍑昏?杩涜鎷掔粷鏈嶅姟鏀诲嚮銆?br />
姘镐箙瑙e喅鍔炴硶锛氬畨瑁呭井杞畨鍏ㄥ叕鍛奙S02-018鐩稿簲鐨勮ˉ涓併?
8. Windows濯掍綋鎾斁鍣ㄥ澹充笅杞戒唬鐮佹墽琛屾紡娲?br />
Microsoft Windows Media Player 7.1銆乄indows Media Player XP銆乄indows XP銆乄indows NT銆乄indows 98銆乄indows ME绛夌郴缁熼兘浼氬彈姝ゆ紡娲炲奖鍝嶃?
Windows濯掍綋鎾斁鍣ㄥ湪澶勭悊涓嬭浇澶栧3鏂囦欢鏃跺瓨鍦ㄩ棶棰橈紝杩滅▼鏀诲嚮鑰呭彲浠ュ埄鐢ㄨ繖涓紡娲炲埄鐢ㄦ伓鎰忛〉闈笂浼犱换鎰忔枃浠跺埌鐩爣绯荤粺涓换鎰忎綅缃?褰揑nternet Explorer閬囧埌MIME绫诲瀷涓衡?application/x-ms-wmz鈥濈殑鏂囨。鏃讹紝灏变細浠モ?/layout鈥濆懡浠よ閫夐」鍚姩wmplayer.exe鏉ユ寚绀哄獟浣撴挱鏀惧櫒浠庢寚瀹氱殑URL涓嬭浇澶栧3鏂囦欢鍒癕edia Player鐨勫澹虫枃浠剁洰褰曚腑銆備负闃叉閮ㄥ垎鍩轰簬Internet鐨勬敾鍑伙紝绋嬪簭鍦ㄤ笅杞借矾寰勪腑浣跨敤闅忔満鍏冪礌锛岃繖鏍峰彲浣夸笅杞界殑澶栧3鏂囦欢鍚嶄笉浼氳鏀诲嚮鑰呯寽娴嬪嚭鏉ャ?Media Player瀛樺湪涓?釜缂洪櫡锛屼笂闈㈡弿杩扮殑鍔熻兘鍙湪URL涓娇鐢℉EX缂栫爜鐨勫弽鏂滅嚎绗﹀彿鏉ョ粫杩囷紝濡傛灉鍙寚瀹氭伓鎰廢RL骞惰浣跨敤鎴疯闂紝涓嬭浇鐨勬枃浠跺す灏卞彲浠ヨ閫夋嫨銆傚鏋滄枃浠跺悕涓嶆槸浠モ?.WMZ鈥濈粨灏撅紝Media Player涓?埇浼氬湪鏂囦欢鍚庡鍔犺繖涓墿灞曞悕锛屼絾鏄鏋滀互鐗规畩鏂规硶浣跨敤Content-disposition HTTP澶村瓧娈碉紝杩欎釜闄愬埗灏卞彲浠ョ粫杩囧苟涓斿彲浠ラ殢鎰忛?鎷╂墿灞曞悕锛屽洜姝ゆ敾鍑昏?缁撳熬杩欎袱涓棶棰樺氨鍙互鎶婁换鎰忔枃浠跺瓨鏀惧湪鐩爣鐢ㄦ埛浠绘剰鍦版柟銆傛敾鍑昏?鍙互鍒╃敤鎭舵剰椤甸潰鎴栨伓鎰廐TML褰㈠紡EMAIL鏉ヨ浣跨敤鎴疯闂紝涓嬭浇澶栧3鏂囦欢锛岃Е鍙戞紡娲炪?
Proposal
涓存椂瑙e喅鏂规硶锛歄utlook Express 6.0鍜孫utlook 2002榛樿璁剧疆鏄湪闄愬埗鍖哄煙涓墦寮?TML閭欢锛屼娇鐢∣utlook 98鍜?000鐨勭敤鎴烽渶瑕侀?杩嘜utlook E-mail瀹夊叏鍗囩骇鏉ヤ慨姝f婕忔礊銆?br />
姘镐箙瑙e喅鍔炴硶锛氬畨瑁呭井杞畨鍏ㄥ叕鍛奙S03-017鐩稿簲鐨勮ˉ涓併?
相关链接:
MASH
Silver DVD Editor
Evaluate Education
LasVegas DVD To SWF
Simple Network And Internet
Inventory And BARCODING Storage
psp 6000
how to CONVERT flv to 3gp
mkv to avi CONVERTER free download
CoreSoft DVD to iPod Video Converter
Bluesea M4V Deconde
Nwz-e443
Recommend Hobby
CABLE TV On PC
Professional WMV to DVD FLV
Youtube Video to AVI Top Rated
No comments:
Post a Comment