溯源之如何防止被溯源

Posted 私ははいしゃ敗者です

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了溯源之如何防止被溯源相关的知识,希望对你有一定的参考价值。

溯源(一)之溯源的概念与义
溯源(二)之 windows-还原攻击路径
溯源(三)之Linux-入侵排查
溯源(四)之流量分析-Wireshark使用
溯源(五)之攻击源的获取
溯源(六)之溯源的方法
溯源(七)之利用AntSword RCE进行溯源反制黑客
溯源(八)之利用goby RCE 进行反制黑客

如何防止被溯源

主机加固

1、不要保存任何可以用来分析个人或公司身份的特征的文件
2、打全补丁,开放必要端口
3、安装有效杀毒软件
4、不连接特征明显的热点
5、不要使用可能识别特征的用户名
6、不登录任何社交软件
7、保持浏览器中不会储存任何个人相关信息
8、停用摄像头等设备

特征隐藏

1、隐藏工具特征
2、隐藏交互特征
3、隐藏流量特征

识别陷阱

蜜罐的识别
1、是否存在大量请求其他域资源;
2、是否对于各大社交网站发送请求;
3、是否存在大量请求资源报错,克隆其他站时没有修改完成;
4、是否存在⾮常多漏洞的站点
5、获取到PC机器后,PC机器⽤户⻓时间划⽔摸⻥;
6、从目标获取的文件需要在沙箱或断网虚拟机运行,避免被反制;

C#学习追根溯源之集合方法集

  1. System.Collections命名空间中的枚举器接口(IEnumerator)

    ***attention field :   object Current{get;}

    ***interface method: bool MoveNext()

    ***interface method: void Reset();

    using System;
    using System.Runtime.InteropServices;
    namespace System.Collections
    {
        // Summary:
        //     Supports a simple iteration over a nongeneric collection.
        [ComVisible(true)]
        [Guid("496B0ABF-CDEE-11d3-88E8-00902754C43A")]
        public interface IEnumerator
        {
            // Summary:
            //     Gets the current element in the collection.
            //
            // Returns:
            //     The current element in the collection.
            //
            // Exceptions:
            //   System.InvalidOperationException:
            //     The enumerator is positioned before the first element of the collection or
            //     after the last element.
            object Current { get; }

            // Summary:
            //     Advances the enumerator to the next element of the collection.
            //
            // Returns:
            //     true if the enumerator was successfully advanced to the next element; false
            //     if the enumerator has passed the end of the collection.
            //
            // Exceptions:
            //   System.InvalidOperationException:
            //     The collection was modified after the enumerator was created.
            bool MoveNext();
            //
            // Summary:
            //     Sets the enumerator to its initial position, which is before the first element
            //     in the collection.
            //
            // Exceptions:
            //   System.InvalidOperationException:
            //     The collection was modified after the enumerator was created.
            void Reset();
        }
    }

2.System.Collections命名空间中的可枚举类型接口IEnumerable

***interface method: GetEnumerator()

using System.Runtime.InteropServices;
namespace System.Collections
{
    // Summary:
    //     Exposes the enumerator, which supports a simple iteration over a non-generic
    //     collection.
    [ComVisible(true)]
    [Guid("496B0ABE-CDEE-11d3-88E8-00902754C43A")]
    public interface IEnumerable
    {
        // Summary:
        //     Returns an enumerator that iterates through a collection.
        //
        // Returns:
        //     An System.Collections.IEnumerator object that can be used to iterate through
        //     the collection.
        [DispId(-4)]
        IEnumerator GetEnumerator();
    }
}

3.System.Collections命名空间中的集合接口(ICollection

***field: int Count{get;}

***field: bool isSynchronized{get;}

***field: object SyncRoot{get;}//同步根

***inteface method: CopyTo(Array array,int index);//attention there is a argument:Array


using System;
using System.Runtime.InteropServices;

namespace System.Collections
{
    // Summary:
    //     Defines size, enumerators, and synchronization methods for all nongeneric
    //     collections.
    [ComVisible(true)]
    public interface ICollection : IEnumerable
    {
        // Summary:
        //     Gets the number of elements contained in the System.Collections.ICollection.
        //
        // Returns:
        //     The number of elements contained in the System.Collections.ICollection.
        int Count { get; }
        //
        // Summary:
        //     Gets a value indicating whether access to the System.Collections.ICollection
        //     is synchronized (thread safe).
        //
        // Returns:
        //     true if access to the System.Collections.ICollection is synchronized (thread
        //     safe); otherwise, false.
        bool IsSynchronized { get; }
        //
        // Summary:
        //     Gets an object that can be used to synchronize access to the System.Collections.ICollection.
        //
        // Returns:
        //     An object that can be used to synchronize access to the System.Collections.ICollection.
        object SyncRoot { get; }

        // Summary:
        //     Copies the elements of the System.Collections.ICollection to an System.Array,
        //     starting at a particular System.Array index.
        //
        // Parameters:
        //   array:
        //     The one-dimensional System.Array that is the destination of the elements
        //     copied from System.Collections.ICollection. The System.Array must have zero-based
        //     indexing.
        //
        //   index:
        //     The zero-based index in array at which copying begins.
        //
        // Exceptions:
        //   System.ArgumentNullException:
        //     array is null.
        //
        //   System.ArgumentOutOfRangeException:
        //     index is less than zero.
        //
        //   System.ArgumentException:
        //     array is multidimensional.-or- The number of elements in the source System.Collections.ICollection
        //     is greater than the available space from index to the end of the destination
        //     array.
        //
        //   System.ArgumentException:
        //     The type of the source System.Collections.ICollection cannot be cast automatically
        //     to the type of the destination array.
        void CopyTo(Array array, int index);
    }
}

4.System.Collections命名空间中的列表接口(IList

***field: bool IsFixedSize{get;}

***field: bool IsReadOnly{get;}

***indexer: object this[int index]{get;set;}//索引器 (indexer)是这样一个成员:它支持按照索引数组的方法来索引对象。索引器的声明与属性类似,不同的是该成员的名称是this,后跟一个位于定界符[和]之间的参数列表。在索引器的访问器中可以使用这些参数。与属性类似,索引器可以是读写、只读和只写的,并且索引器的访问器可以是虚的。

***interface method: int Add(object value);

***interface method: void Clear();

***interface method: bool Contains(object value);

***interface method: int IndexOf(object value);

***interface method:void Insert(int index,object value);

***interface method:void Remove(object value);

***interface method: void RemoveAt(int index);

using System;
using System.Reflection;
using System.Runtime.InteropServices;

namespace System.Collections
{
    // Summary:
    //     Represents a non-generic collection of objects that can be individually accessed
    //     by index.
    [ComVisible(true)]
    public interface IList : ICollection, IEnumerable
    {
        // Summary:
        //     Gets a value indicating whether the System.Collections.IList has a fixed
        //     size.
        //
        // Returns:
        //     true if the System.Collections.IList has a fixed size; otherwise, false.
        bool IsFixedSize { get; }
        //
        // Summary:
        //     Gets a value indicating whether the System.Collections.IList is read-only.
        //
        // Returns:
        //     true if the System.Collections.IList is read-only; otherwise, false.
        bool IsReadOnly { get; }

        // Summary:
        //     Gets or sets the element at the specified index.
        //
        // Parameters:
        //   index:
        //     The zero-based index of the element to get or set.
        //
        // Returns:
        //     The element at the specified index.
        //
        // Exceptions:
        //   System.ArgumentOutOfRangeException:
        //     index is not a valid index in the System.Collections.IList.
        //
        //   System.NotSupportedException:
        //     The property is set and the System.Collections.IList is read-only.
        object this[int index] { get; set; }

        // Summary:
        //     Adds an item to the System.Collections.IList.
        //
        // Parameters:
        //   value:
        //     The object to add to the System.Collections.IList.
        //
        // Returns:
        //     The position into which the new element was inserted, or -1 to indicate that
        //     the item was not inserted into the collection,
        //
        // Exceptions:
        //   System.NotSupportedException:
        //     The System.Collections.IList is read-only.-or- The System.Collections.IList
        //     has a fixed size.
        int Add(object value);
        //
        // Summary:
        //     Removes all items from the System.Collections.IList.
        //
        // Exceptions:
        //   System.NotSupportedException:
        //     The System.Collections.IList is read-only.
        void Clear();
        //
        // Summary:
        //     Determines whether the System.Collections.IList contains a specific value.
        //
        // Parameters:
        //   value:
        //     The object to locate in the System.Collections.IList.
        //
        // Returns:
        //     true if the System.Object is found in the System.Collections.IList; otherwise,
        //     false.
        bool Contains(object value);
        //
        // Summary:
        //     Determines the index of a specific item in the System.Collections.IList.
        //
        // Parameters:
        //   value:
        //     The object to locate in the System.Collections.IList.
        //
        // Returns:
        //     The index of value if found in the list; otherwise, -1.
        int IndexOf(object value);
        //
        // Summary:
        //     Inserts an item to the System.Collections.IList at the specified index.
        //
        // Parameters:
        //   index:
        //     The zero-based index at which value should be inserted.
        //
        //   value:
        //     The object to insert into the System.Collections.IList.
        //
        // Exceptions:
        //   System.ArgumentOutOfRangeException:
        //     index is not a valid index in the System.Collections.IList.
        //
        //   System.NotSupportedException:
        //     The System.Collections.IList is read-only.-or- The System.Collections.IList
        //     has a fixed size.
        //
        //   System.NullReferenceException:
        //     value is null reference in the System.Collections.IList.
        void Insert(int index, object value);
        //
        // Summary:
        //     Removes the first occurrence of a specific object from the System.Collections.IList.
        //
        // Parameters:
        //   value:
        //     The object to remove from the System.Collections.IList.
        //
        // Exceptions:
        //   System.NotSupportedException:
        //     The System.Collections.IList is read-only.-or- The System.Collections.IList
        //     has a fixed size.
        void Remove(object value);
        //
        // Summary:
        //     Removes the System.Collections.IList item at the specified index.
        //
        // Parameters:
        //   index:
        //     The zero-based index of the item to remove.
        //
        // Exceptions:
        //   System.ArgumentOutOfRangeException:
        //     index is not a valid index in the System.Collections.IList.
        //
        //   System.NotSupportedException:
        //     The System.Collections.IList is read-only.-or- The System.Collections.IList
        //     has a fixed size.
        void RemoveAt(int index);
    }
}

5.介绍一种实现了以上其中三个接口的抽象类(CollectionBase)

扫盲:如果一个类不与具体的事物相联系,而只是表达一种抽象的概念,仅仅是作为其派生类的一个基类,这样的类就是抽象类,在抽象类中声明方法时,如果加上abstract时就是抽象方法。

抽象类与非抽象类的主要区别:

·抽象类不能直接被实例化

·抽象类中可以包含抽象成员,但非抽象类中不可以

·抽象类不能被密封

抽象方法概述及声明

声明抽象方法时需注意:·抽象方法必须声明在抽象类中  ·声明抽象方法时,不能使用virtual、static、private修饰符。

在抽象类中抽象方法不提供实现。

抽象类和接口的区别

·它们的派生类只能继承一个基类,即只能继承一个抽象类,但是可以继承多个接口。

·抽象类中可以定义成员的实现,但接口中不可以。

·抽象类中包含字段、构造函数、析构函数、静态成员或常量等,接口中不可以。

·抽象类中的成员可以私有的(只要不是抽象的)、受保护的、内部的或受保护的内部成员,但接口中的成员必须是公共的。

PS:抽象类和接口这两种类型用于完全不同的目的。抽象类主要用作对象系列的基类,共享某些主要特性,例如共同的目的和结构。接口则主要用于类,这些类在基础水平上有所不同,但仍然可以完成某些相同的任务。

***construction method: protected CollectionBase();

***construction method: protected CollectionBase();

***normal field:public int Capacity{get;set;}

***normal field: public int Count{get;}

***normal field: protected ArrayList InnerList{get;}//attention return value type:ArrayList

***normal field:protected IList List{get;}// attention return value type:IList

***normal method:public void Clear();

***normal method:public IEnumerator GetEnumerator();//attention return value type IEnumerator

***normal method: protected virtual void OnClear();

***normal method:protected virtual void OnClearComplete();

***normal method:protected virtual void OnInsert(int index,object value);

***normal method:protected virtual void OnInsertComplete(int index,object value);

***normal method:protected virtual void OnRemove(int index,object value);

***normal method:protected virtual void OnRemoveComplete(int index,object value);

***normal method:protected virtual void OnSet(int index,object oldValue,object newValue);

***normal method:protected virtual void OnSetComplete(int index,object oldValue,object newValue);

***normal method:protected virtual void OnValidate(object value);

***normal method:public void RemoveAt(int index);

using System;
using System.Runtime.InteropServices;

namespace System.Collections
{
    // Summary:
    //     Provides the abstract base class for a strongly typed collection.
    [Serializable]
    [ComVisible(true)]
    public abstract class CollectionBase : IList, ICollection, IEnumerable
    {
        // Summary:
        //     Initializes a new instance of the System.Collections.CollectionBase class
        //     with the default initial capacity.
        protected CollectionBase();
        //
        // Summary:
        //     Initializes a new instance of the System.Collections.CollectionBase class
        //     with the specified capacity.
        //
        // Parameters:
        //   capacity:
        //     The number of elements that the new list can initially store.
        protected CollectionBase(int capacity);

        // Summary:
        //     Gets or sets the number of elements that the System.Collections.CollectionBase
        //     can contain.
        //
        // Returns:
        //     The number of elements that the System.Collections.CollectionBase can contain.
        //
        // Exceptions:
        //   System.ArgumentOutOfRangeException:
        //     System.Collections.CollectionBase.Capacity is set to a value that is less
        //     than System.Collections.CollectionBase.Count.
        //
        //   System.OutOfMemoryException:
        //     There is not enough memory available on the system.
        [ComVisible(false)]
        public int Capacity { get; set; }
        //
        // Summary:
        //     Gets the number of elements contained in the System.Collections.CollectionBase
        //     instance. This property cannot be overridden.
        //
        // Returns:
        //     The number of elements contained in the System.Collections.CollectionBase
        //     instance.Retrieving the value of this property is an O(1) operation.
        public int Count { get; }
        //
        // Summary:
        //     Gets an System.Collections.ArrayList containing the list of elements in the
        //     System.Collections.CollectionBase instance.
        //
        // Returns:
        //     An System.Collections.ArrayList representing the System.Collections.CollectionBase
        //     instance itself.Retrieving the value of this property is an O(1) operation.
        protected ArrayList InnerList { get; }
        //
        // Summary:
        //     Gets an System.Collections.IList containing the list of elements in the System.Collections.CollectionBase
        //     instance.
        //
        // Returns:
        //     An System.Collections.IList representing the System.Collections.CollectionBase
        //     instance itself.
        protected IList List { get; }

        // Summary:
        //     Removes all objects from the System.Collections.CollectionBase instance.
        //     This method cannot be overridden.
        public void Clear();
        //
        // Summary:
        //     Returns an enumerator that iterates through the System.Collections.CollectionBase
        //     instance.
        //
        // Returns:
        //     An System.Collections.IEnumerator for the System.Collections.CollectionBase
        //     instance.
        public IEnumerator GetEnumerator();
        //
        // Summary:
        //     Performs additional custom processes when clearing the contents of the System.Collections.CollectionBase
        //     instance.
        protected virtual void OnClear();
        //
        // Summary:
        //     Performs additional custom processes after clearing the contents of the System.Collections.CollectionBase
        //     instance.
        protected virtual void OnClearComplete();
        //
        // Summary:
        //     Performs additional custom processes before inserting a new element into
        //     the System.Collections.CollectionBase instance.
        //
        // Parameters:
        //   index:
        //     The zero-based index at which to insert value.
        //
        //   value:
        //     The new value of the element at index.
        protected virtual void OnInsert(int index, object value);
        //
        // Summary:
        //     Performs additional custom processes after inserting a new element into the
        //     System.Collections.CollectionBase instance.
        //
        // Parameters:
        //   index:
        //     The zero-based index at which to insert value.
        //
        //   value:
        //     The new value of the element at index.
        protected virtual void OnInsertComplete(int index, object value);
        //
        // Summary:
        //     Performs additional custom processes when removing an element from the System.Collections.CollectionBase
        //     instance.
        //
        // Parameters:
        //   index:
        //     The zero-based index at which value can be found.
        //
        //   value:
        //     The value of the element to remove from index.
        protected virtual void OnRemove(int index, object value);
        //
        // Summary:
        //     Performs additional custom processes after removing an element from the System.Collections.CollectionBase
        //     instance.
        //
        // Parameters:
        //   index:
        //     The zero-based index at which value can be found.
        //
        //   value:
        //     The value of the element to remove from index.
        protected virtual void OnRemoveComplete(int index, object value);
        //
        // Summary:
        //     Performs additional custom processes before setting a value in the System.Collections.CollectionBase
        //     instance.
        //
        // Parameters:
        //   index:
        //     The zero-based index at which oldValue can be found.
        //
        //   oldValue:
        //     The value to replace with newValue.
        //
        //   newValue:
        //     The new value of the element at index.
        protected virtual void OnSet(int index, object oldValue, object newValue);
        //
        // Summary:
        //     Performs additional custom processes after setting a value in the System.Collections.CollectionBase
        //     instance.
        //
        // Parameters:
        //   index:
        //     The zero-based index at which oldValue can be found.
        //
        //   oldValue:
        //     The value to replace with newValue.
        //
        //   newValue:
        //     The new value of the element at index.
        protected virtual void OnSetComplete(int index, object oldValue, object newValue);
        //
        // Summary:
        //     Performs additional custom processes when validating a value.
        //
        // Parameters:
        //   value:
        //     The object to validate.
        //
        // Exceptions:
        //   System.ArgumentNullException:
        //     value is null.
        protected virtual void OnValidate(object value);
        //
        // Summary:
        //     Removes the element at the specified index of the System.Collections.CollectionBase
        //     instance. This method is not overridable.
        //
        // Parameters:
        //   index:
        //     The zero-based index of the element to remove.
        //
        // Exceptions:
        //   System.ArgumentOutOfRangeException:
        //     index is less than zero.-or-index is equal to or greater than System.Collections.CollectionBase.Count.
        public void RemoveAt(int index);
    }
}






以上是关于溯源之如何防止被溯源的主要内容,如果未能解决你的问题,请参考以下文章

日志告警模块关于对安全策略当中deny日志源接口地址的溯源解决,(可以给类似工具开发的朋友一个参考)

跨社交网络的隐私图片分享框架阅读总结

农产品区块链溯源平台建设解决方案,健全食品安全体系

农产品区块链溯源平台建设解决方案,健全食品安全体系

农产品区块链溯源平台建设解决方案,健全食品安全体系

利用日志管理,溯源追踪解决安全问题