Super-brain hacker
HOME / Romantic / Super-brain hacker / Chapter List

Chapter 468 Let's have something interesting

When everyone disperses, Lin Hong continues to configure the router.

Through the terminal interface, he checked the IOS version of this router and found that it is the C2500 series. The version is very new, but not the latest.

He thought about it in his mind and found that there were really many loopholes that could be used. Of course, not many of them were made public. They were all the loopholes he found when he studied the system.

Because Cisco's business is very extensive around the world, every product of this company has loopholes, which will cause extremely serious consequences. It is not only that ordinary users are using their products, but also some telecommunications-level companies are also using their high-end products.

Therefore, every loophole in IOS is very valuable. Either hackers use these loopholes to sell money to Cisco, or keep them and use them secretly until the loophole is blocked by Cisco itself.

Previously, in order to let the super worm spread smoothly, Lin Hong dug up several heavyweight vulnerabilities and used them secretly. Until now, Cisco has not made up for these vulnerabilities. The system upgrade of this device is not as simple and convenient as other operating systems.

The system upgrade of the router, known as the brush system, is to update the firmware. It has a certain technical content in operation. If you are not careful, it will be brushed into bricks.

What is a brick? It can only be used as a brick, and it has no other effect.

Lin Hong first changed the login password and used a relatively robust password, including letters, case-sensitive, and numbers. It was also mixed with two special characters, which basically eliminated the possibility of guessing the password and violently cracking the password for a period of time.

Lin Hong optimized the configuration file, removed some unnecessary services and processes, and then started the TFTP service inside and established a connection with his laptop.

TFTP is a simple text transmission protocol. Such a service is built into Cisco's IOS, which can be used to transfer files to it and perform some work such as modifying configuration files, backup and upgrading.

What Lin Hong is going to do now. I want to install a small software in it to monitor the entry and exit of all traffic.

Although there is such a function in the Cisco system, the recording is too simple and only for general statistics. Lin Hong needs to improve its security, closely monitor all the detailed traffic data in and out of the router, and also set rules. Once an abnormal situation is found, the alarm information will be prompted to attract everyone's attention.

Usually, intrusion detection is the second door smash after the firewall, but Lin Hong does not want to wait for the other party to break through the firewall and other defense equipment before finally discovering the other party's invasion. At that time, it seems a little late. The other party has completely entered it, and is likely to have even won.

He hopes to take more proactive measures when the other party tries to start invading. It has been screened out, focused on monitoring, and then responded in a targeted manner.

The monitoring program is ready-made. Lin Hong has written it before. He used it to make a slight change, and it can run directly in Cisco IOS as a resident process.

The router does not display the device and must be connected to the computer or terminal device to see the information it gives.

Lin Hong's notebook is naturally not good to serve as this device all the time. The best device is the server. Install a software directly in it, and display the monitored information in the router on the display screen of the server at any time.

At this moment, Lao Wang's system is almost installed. He is configuring the security policy of FREEBDS to turn off some unnecessary services and ports without leaving any opportunities for the other party.

Lin Hong walked to his side and looked at him for a while. I found that he did things just like his personality. He was calm, solid and meticulous, and his skills were also very solid.

He said that he was studying the virus, and he definitely couldn't do this job if he didn't have enough patience.

Lin Hong said, "Lao Wang, I want to install an intrusion detection and monitoring software on it to directly receive the traffic information sent by the router..."

Lin Hong told him his idea. Lao Wang nodded repeatedly and immediately asked Lin Hong to share the software directly, and he installed it in it.

Because it is in the same local area network, Lin Hong directly created a new folder in the notebook, shared the software, and then Lao Wang could access it directly in the server.

The software is very small and pure green. It does not need to be installed and can be run directly.

This software is not graphical. Only one terminal interface displays information. After setting several parameters, it begins to receive the data sent from the router.

"Very good software!" Lao Wang stared at the terminal for a while and praised, "With this test, we can know their invasion in advance at any time!"

Although the above data is quickly and dense, for technicians such as Lin Hong and Lao Wang, it seems to be playing video files, telling what is happening in the whole network.

From the data on the terminal, it can be seen that they have begun to detect and scan this side. Several IPs frequently appear on it, constantly sending a variety of different data, looking forward to receiving specific responses in order to know the information.

This way, in professional terms, is to check and scan.

The purpose of this step is to determine which computers are alive on the network, what IPs of these computers are, what ports are opened, and what type of operating system is installed.

This information needs to be sent by itself, and then the computer will give an answer, and the detector can get the information he wants from these responses.

The Internet has actually developed on the basis of radio broadcasting, and many of its design ideas have also been inherited.

For example, in radio, there is the concept of broadcasting, and there is also the Internet. However, in the Internet, the broadcast signal is transmitted through the network cable.

In the radio, the establishment of a connection requires one party to broadcast first, and then the connecting party needs to receive the other party's broadcast signal, and then respond according to the information. After the two sides "negotiate" the strategy, the connection can be carried out.

The process of radio is carried out manually, and everyone uses call sign or special terms to "negotiate strategies".

For example, Ham A said to Ham B: "CQ, CQ, I'm Xiao A. I'm calling Xiao B and want to establish a connection with you. My synchronization frequency is XX..."

Ham B responded: "I'm Xiao B, I'm Xiao B, I'm online, and I agree to connect. My signal frequency is synchronous YY..."

Ham Xiao A reconfirmed: "Great, you're here! Then let's connect with frequency ZZ!"

The hams need to discuss the Tonglian countermeasures in this way. In the Internet, this process has been simplified and automatically completed by carefully designed communication protocols.

This process of negotiation is vividly called "three handshakes".

The first handshake means that the client applies for a connection to the server and sends its own synchronization package by the way; the second handshake is the link that the server agrees to it and will also provide its own synchronization package; the third handshake is that the client really confirms the connection, completes the third handshake, and finally enters the

Three handshakes are the most common agreement, and of course there are other agreements.

Basically, every time a packet is sent to the other party, if the other party is the service provider, it will inevitably be answered, and these response packets will contain some real information of the system.

This is also the principle of scanning and stepping points.

Lin Hong asked, "Lao Wang, what service do you offer?"

"In order to confuse the other party, I opened both ports 21 and 80, but they are set to the minimum permission. Basically, it is the same as opening and not." A smile appeared on Lao Wang's face.

Lin Hong was also a little happy to hear it. This old king looks honest, but he didn't expect it to be quite cunning.

He sat in front of the keyboard and quickly configured a security policy for the intrusion detection program, which recorded more than a certain number of IPs in a period of time, and then automatically pulled it into the blacklist, directly without giving the corresponding data to the other party, delaying the other party's detection behavior. The reason for configuring the policy is to prevent the normal access from being killed by mistake.

Then, Lin Hong reconfigured the policy for the router to limit ICMP and UDP grouping to specific systems and minimize the possibility of exposure to information.

Finally, he thought about it and shared a software on his computer again.

Then, he returned to the server and laughed, "GIVE THEM something interesting."

Lao Wang saw him execute a software called "ROTOROUTER" and then quickly set some parameters in it.

"What is the function of this software?" Lao Wang has never seen this software.

"Ha ha, a camouflage gadget." While setting it up, Lin Hong explained, "This software can take over some of the response services of the system, and then use the false information I have set to answer, so that they can make wrong judgments."

The IP list recorded by intrusion detection is just used on this small tool. Once it is found to be the IP on the IP list for inquiry, the software uses false responses instead of real responses, confusing their eyes.

"That's good, that's really good! You really have a lot of good things in your hands!" Lao Wang sighed, "Lin Hong, I'm really a little curious about your career."

Lao Wang also has a good understanding of domestic information security, but he has never heard of the existence of such a No. 1 character as Lin Hong. From these details, it can be seen that Lin Hong's level in this regard is definitely a master, several grades higher than him. . In front of him, he is just like a baby who knows nothing.

Such a person, like the sun, can shine everywhere. It is impossible to be nameless and have never heard of it.

Chapter List

Full Novel Website en.quanben5.com