溯源之如何防止被溯源
Posted 私ははいしゃ敗者です
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了溯源之如何防止被溯源相关的知识,希望对你有一定的参考价值。
溯源(一)之溯源的概念与义
溯源(二)之 windows-还原攻击路径
溯源(三)之Linux-入侵排查
溯源(四)之流量分析-Wireshark使用
溯源(五)之攻击源的获取
溯源(六)之溯源的方法
溯源(七)之利用AntSword RCE进行溯源反制黑客
溯源(八)之利用goby RCE 进行反制黑客
如何防止被溯源
主机加固
1、不要保存任何可以用来分析个人或公司身份的特征的文件
2、打全补丁,开放必要端口
3、安装有效杀毒软件
4、不连接特征明显的热点
5、不要使用可能识别特征的用户名
6、不登录任何社交软件
7、保持浏览器中不会储存任何个人相关信息
8、停用摄像头等设备
特征隐藏
1、隐藏工具特征
2、隐藏交互特征
3、隐藏流量特征
识别陷阱
蜜罐的识别
1、是否存在大量请求其他域资源;
2、是否对于各大社交网站发送请求;
3、是否存在大量请求资源报错,克隆其他站时没有修改完成;
4、是否存在⾮常多漏洞的站点
5、获取到PC机器后,PC机器⽤户⻓时间划⽔摸⻥;
6、从目标获取的文件需要在沙箱或断网虚拟机运行,避免被反制;
C#学习追根溯源之集合方法集
System.Collections命名空间中的枚举器接口(IEnumerator)
***attention field : object Current{get;}
***interface method: bool MoveNext()
***interface method: void Reset();
using System;
using System.Runtime.InteropServices;
namespace System.Collections
{
// Summary:
// Supports a simple iteration over a nongeneric collection.
[ComVisible(true)]
[Guid("496B0ABF-CDEE-11d3-88E8-00902754C43A")]
public interface IEnumerator
{
// Summary:
// Gets the current element in the collection.
//
// Returns:
// The current element in the collection.
//
// Exceptions:
// System.InvalidOperationException:
// The enumerator is positioned before the first element of the collection or
// after the last element.
object Current { get; }
// Summary:
// Advances the enumerator to the next element of the collection.
//
// Returns:
// true if the enumerator was successfully advanced to the next element; false
// if the enumerator has passed the end of the collection.
//
// Exceptions:
// System.InvalidOperationException:
// The collection was modified after the enumerator was created.
bool MoveNext();
//
// Summary:
// Sets the enumerator to its initial position, which is before the first element
// in the collection.
//
// Exceptions:
// System.InvalidOperationException:
// The collection was modified after the enumerator was created.
void Reset();
}
}
2.System.Collections命名空间中的可枚举类型接口(IEnumerable)
***interface method: GetEnumerator()
using System.Runtime.InteropServices;
namespace System.Collections
{
// Summary:
// Exposes the enumerator, which supports a simple iteration over a non-generic
// collection.
[ComVisible(true)]
[Guid("496B0ABE-CDEE-11d3-88E8-00902754C43A")]
public interface IEnumerable
{
// Summary:
// Returns an enumerator that iterates through a collection.
//
// Returns:
// An System.Collections.IEnumerator object that can be used to iterate through
// the collection.
[DispId(-4)]
IEnumerator GetEnumerator();
}
}
3.System.Collections命名空间中的集合接口(ICollection)
***field: int Count{get;}
***field: bool isSynchronized{get;}
***field: object SyncRoot{get;}//同步根
***inteface method: CopyTo(Array array,int index);//attention there is a argument:Array
using System;
using System.Runtime.InteropServices;
namespace System.Collections
{
// Summary:
// Defines size, enumerators, and synchronization methods for all nongeneric
// collections.
[ComVisible(true)]
public interface ICollection : IEnumerable
{
// Summary:
// Gets the number of elements contained in the System.Collections.ICollection.
//
// Returns:
// The number of elements contained in the System.Collections.ICollection.
int Count { get; }
//
// Summary:
// Gets a value indicating whether access to the System.Collections.ICollection
// is synchronized (thread safe).
//
// Returns:
// true if access to the System.Collections.ICollection is synchronized (thread
// safe); otherwise, false.
bool IsSynchronized { get; }
//
// Summary:
// Gets an object that can be used to synchronize access to the System.Collections.ICollection.
//
// Returns:
// An object that can be used to synchronize access to the System.Collections.ICollection.
object SyncRoot { get; }
// Summary:
// Copies the elements of the System.Collections.ICollection to an System.Array,
// starting at a particular System.Array index.
//
// Parameters:
// array:
// The one-dimensional System.Array that is the destination of the elements
// copied from System.Collections.ICollection. The System.Array must have zero-based
// indexing.
//
// index:
// The zero-based index in array at which copying begins.
//
// Exceptions:
// System.ArgumentNullException:
// array is null.
//
// System.ArgumentOutOfRangeException:
// index is less than zero.
//
// System.ArgumentException:
// array is multidimensional.-or- The number of elements in the source System.Collections.ICollection
// is greater than the available space from index to the end of the destination
// array.
//
// System.ArgumentException:
// The type of the source System.Collections.ICollection cannot be cast automatically
// to the type of the destination array.
void CopyTo(Array array, int index);
}
}
4.System.Collections命名空间中的列表接口(IList)
***field: bool IsFixedSize{get;}
***field: bool IsReadOnly{get;}
***indexer: object this[int index]{get;set;}//索引器 (indexer)是这样一个成员:它支持按照索引数组的方法来索引对象。索引器的声明与属性类似,不同的是该成员的名称是this,后跟一个位于定界符[和]之间的参数列表。在索引器的访问器中可以使用这些参数。与属性类似,索引器可以是读写、只读和只写的,并且索引器的访问器可以是虚的。
***interface method: int Add(object value);
***interface method: void Clear();
***interface method: bool Contains(object value);
***interface method: int IndexOf(object value);
***interface method:void Insert(int index,object value);
***interface method:void Remove(object value);
***interface method: void RemoveAt(int index);
using System;
using System.Reflection;
using System.Runtime.InteropServices;
namespace System.Collections
{
// Summary:
// Represents a non-generic collection of objects that can be individually accessed
// by index.
[ComVisible(true)]
public interface IList : ICollection, IEnumerable
{
// Summary:
// Gets a value indicating whether the System.Collections.IList has a fixed
// size.
//
// Returns:
// true if the System.Collections.IList has a fixed size; otherwise, false.
bool IsFixedSize { get; }
//
// Summary:
// Gets a value indicating whether the System.Collections.IList is read-only.
//
// Returns:
// true if the System.Collections.IList is read-only; otherwise, false.
bool IsReadOnly { get; }
// Summary:
// Gets or sets the element at the specified index.
//
// Parameters:
// index:
// The zero-based index of the element to get or set.
//
// Returns:
// The element at the specified index.
//
// Exceptions:
// System.ArgumentOutOfRangeException:
// index is not a valid index in the System.Collections.IList.
//
// System.NotSupportedException:
// The property is set and the System.Collections.IList is read-only.
object this[int index] { get; set; }
// Summary:
// Adds an item to the System.Collections.IList.
//
// Parameters:
// value:
// The object to add to the System.Collections.IList.
//
// Returns:
// The position into which the new element was inserted, or -1 to indicate that
// the item was not inserted into the collection,
//
// Exceptions:
// System.NotSupportedException:
// The System.Collections.IList is read-only.-or- The System.Collections.IList
// has a fixed size.
int Add(object value);
//
// Summary:
// Removes all items from the System.Collections.IList.
//
// Exceptions:
// System.NotSupportedException:
// The System.Collections.IList is read-only.
void Clear();
//
// Summary:
// Determines whether the System.Collections.IList contains a specific value.
//
// Parameters:
// value:
// The object to locate in the System.Collections.IList.
//
// Returns:
// true if the System.Object is found in the System.Collections.IList; otherwise,
// false.
bool Contains(object value);
//
// Summary:
// Determines the index of a specific item in the System.Collections.IList.
//
// Parameters:
// value:
// The object to locate in the System.Collections.IList.
//
// Returns:
// The index of value if found in the list; otherwise, -1.
int IndexOf(object value);
//
// Summary:
// Inserts an item to the System.Collections.IList at the specified index.
//
// Parameters:
// index:
// The zero-based index at which value should be inserted.
//
// value:
// The object to insert into the System.Collections.IList.
//
// Exceptions:
// System.ArgumentOutOfRangeException:
// index is not a valid index in the System.Collections.IList.
//
// System.NotSupportedException:
// The System.Collections.IList is read-only.-or- The System.Collections.IList
// has a fixed size.
//
// System.NullReferenceException:
// value is null reference in the System.Collections.IList.
void Insert(int index, object value);
//
// Summary:
// Removes the first occurrence of a specific object from the System.Collections.IList.
//
// Parameters:
// value:
// The object to remove from the System.Collections.IList.
//
// Exceptions:
// System.NotSupportedException:
// The System.Collections.IList is read-only.-or- The System.Collections.IList
// has a fixed size.
void Remove(object value);
//
// Summary:
// Removes the System.Collections.IList item at the specified index.
//
// Parameters:
// index:
// The zero-based index of the item to remove.
//
// Exceptions:
// System.ArgumentOutOfRangeException:
// index is not a valid index in the System.Collections.IList.
//
// System.NotSupportedException:
// The System.Collections.IList is read-only.-or- The System.Collections.IList
// has a fixed size.
void RemoveAt(int index);
}
}
5.介绍一种实现了以上其中三个接口的抽象类(CollectionBase)
扫盲:如果一个类不与具体的事物相联系,而只是表达一种抽象的概念,仅仅是作为其派生类的一个基类,这样的类就是抽象类,在抽象类中声明方法时,如果加上abstract时就是抽象方法。
抽象类与非抽象类的主要区别:
·抽象类不能直接被实例化
·抽象类中可以包含抽象成员,但非抽象类中不可以
·抽象类不能被密封
抽象方法概述及声明
声明抽象方法时需注意:·抽象方法必须声明在抽象类中 ·声明抽象方法时,不能使用virtual、static、private修饰符。
在抽象类中抽象方法不提供实现。
抽象类和接口的区别:
·它们的派生类只能继承一个基类,即只能继承一个抽象类,但是可以继承多个接口。
·抽象类中可以定义成员的实现,但接口中不可以。
·抽象类中包含字段、构造函数、析构函数、静态成员或常量等,接口中不可以。
·抽象类中的成员可以私有的(只要不是抽象的)、受保护的、内部的或受保护的内部成员,但接口中的成员必须是公共的。
PS:抽象类和接口这两种类型用于完全不同的目的。抽象类主要用作对象系列的基类,共享某些主要特性,例如共同的目的和结构。接口则主要用于类,这些类在基础水平上有所不同,但仍然可以完成某些相同的任务。
***construction method: protected CollectionBase();
***construction method: protected CollectionBase();
***normal field:public int Capacity{get;set;}
***normal field: public int Count{get;}
***normal field: protected ArrayList InnerList{get;}//attention return value type:ArrayList
***normal field:protected IList List{get;}// attention return value type:IList
***normal method:public void Clear();
***normal method:public IEnumerator GetEnumerator();//attention return value type IEnumerator
***normal method: protected virtual void OnClear();
***normal method:protected virtual void OnClearComplete();
***normal method:protected virtual void OnInsert(int index,object value);
***normal method:protected virtual void OnInsertComplete(int index,object value);
***normal method:protected virtual void OnRemove(int index,object value);
***normal method:protected virtual void OnRemoveComplete(int index,object value);
***normal method:protected virtual void OnSet(int index,object oldValue,object newValue);
***normal method:protected virtual void OnSetComplete(int index,object oldValue,object newValue);
***normal method:protected virtual void OnValidate(object value);
***normal method:public void RemoveAt(int index);
using System;
using System.Runtime.InteropServices;
namespace System.Collections
{
// Summary:
// Provides the abstract base class for a strongly typed collection.
[Serializable]
[ComVisible(true)]
public abstract class CollectionBase : IList, ICollection, IEnumerable
{
// Summary:
// Initializes a new instance of the System.Collections.CollectionBase class
// with the default initial capacity.
protected CollectionBase();
//
// Summary:
// Initializes a new instance of the System.Collections.CollectionBase class
// with the specified capacity.
//
// Parameters:
// capacity:
// The number of elements that the new list can initially store.
protected CollectionBase(int capacity);
// Summary:
// Gets or sets the number of elements that the System.Collections.CollectionBase
// can contain.
//
// Returns:
// The number of elements that the System.Collections.CollectionBase can contain.
//
// Exceptions:
// System.ArgumentOutOfRangeException:
// System.Collections.CollectionBase.Capacity is set to a value that is less
// than System.Collections.CollectionBase.Count.
//
// System.OutOfMemoryException:
// There is not enough memory available on the system.
[ComVisible(false)]
public int Capacity { get; set; }
//
// Summary:
// Gets the number of elements contained in the System.Collections.CollectionBase
// instance. This property cannot be overridden.
//
// Returns:
// The number of elements contained in the System.Collections.CollectionBase
// instance.Retrieving the value of this property is an O(1) operation.
public int Count { get; }
//
// Summary:
// Gets an System.Collections.ArrayList containing the list of elements in the
// System.Collections.CollectionBase instance.
//
// Returns:
// An System.Collections.ArrayList representing the System.Collections.CollectionBase
// instance itself.Retrieving the value of this property is an O(1) operation.
protected ArrayList InnerList { get; }
//
// Summary:
// Gets an System.Collections.IList containing the list of elements in the System.Collections.CollectionBase
// instance.
//
// Returns:
// An System.Collections.IList representing the System.Collections.CollectionBase
// instance itself.
protected IList List { get; }
// Summary:
// Removes all objects from the System.Collections.CollectionBase instance.
// This method cannot be overridden.
public void Clear();
//
// Summary:
// Returns an enumerator that iterates through the System.Collections.CollectionBase
// instance.
//
// Returns:
// An System.Collections.IEnumerator for the System.Collections.CollectionBase
// instance.
public IEnumerator GetEnumerator();
//
// Summary:
// Performs additional custom processes when clearing the contents of the System.Collections.CollectionBase
// instance.
protected virtual void OnClear();
//
// Summary:
// Performs additional custom processes after clearing the contents of the System.Collections.CollectionBase
// instance.
protected virtual void OnClearComplete();
//
// Summary:
// Performs additional custom processes before inserting a new element into
// the System.Collections.CollectionBase instance.
//
// Parameters:
// index:
// The zero-based index at which to insert value.
//
// value:
// The new value of the element at index.
protected virtual void OnInsert(int index, object value);
//
// Summary:
// Performs additional custom processes after inserting a new element into the
// System.Collections.CollectionBase instance.
//
// Parameters:
// index:
// The zero-based index at which to insert value.
//
// value:
// The new value of the element at index.
protected virtual void OnInsertComplete(int index, object value);
//
// Summary:
// Performs additional custom processes when removing an element from the System.Collections.CollectionBase
// instance.
//
// Parameters:
// index:
// The zero-based index at which value can be found.
//
// value:
// The value of the element to remove from index.
protected virtual void OnRemove(int index, object value);
//
// Summary:
// Performs additional custom processes after removing an element from the System.Collections.CollectionBase
// instance.
//
// Parameters:
// index:
// The zero-based index at which value can be found.
//
// value:
// The value of the element to remove from index.
protected virtual void OnRemoveComplete(int index, object value);
//
// Summary:
// Performs additional custom processes before setting a value in the System.Collections.CollectionBase
// instance.
//
// Parameters:
// index:
// The zero-based index at which oldValue can be found.
//
// oldValue:
// The value to replace with newValue.
//
// newValue:
// The new value of the element at index.
protected virtual void OnSet(int index, object oldValue, object newValue);
//
// Summary:
// Performs additional custom processes after setting a value in the System.Collections.CollectionBase
// instance.
//
// Parameters:
// index:
// The zero-based index at which oldValue can be found.
//
// oldValue:
// The value to replace with newValue.
//
// newValue:
// The new value of the element at index.
protected virtual void OnSetComplete(int index, object oldValue, object newValue);
//
// Summary:
// Performs additional custom processes when validating a value.
//
// Parameters:
// value:
// The object to validate.
//
// Exceptions:
// System.ArgumentNullException:
// value is null.
protected virtual void OnValidate(object value);
//
// Summary:
// Removes the element at the specified index of the System.Collections.CollectionBase
// instance. This method is not overridable.
//
// Parameters:
// index:
// The zero-based index of the element to remove.
//
// Exceptions:
// System.ArgumentOutOfRangeException:
// index is less than zero.-or-index is equal to or greater than System.Collections.CollectionBase.Count.
public void RemoveAt(int index);
}
}
以上是关于溯源之如何防止被溯源的主要内容,如果未能解决你的问题,请参考以下文章