ÉîÈë̽Ë÷£ºIdentifying Linux Systems in the Modern IT Landscape
ÔÚµ±½ñ¸´ÔÓ¶à±äµÄIT»·¾³ÖУ¬×¼È·Ê¶±ðºÍ¹ÜÀíLinuxϵͳ¶ÔÓÚά»¤ÍøÂ簲ȫÐÔ¡¢ÓÅ»¯×ÊÔ´·ÖÅäÒÔ¼°È·±£ÒµÎñÁ¬ÐøÐÔÖÁ¹ØÖØÒª
Linux£¬×÷Ϊ¿ªÔ´²Ù×÷ϵͳµÄµä·¶£¬Æ¾½èÆäÁé»îÐÔ¡¢Îȶ¨ÐԺ͹㷺µÄÓ²¼þÖ§³Ö����£¬ÔÚ·þÎñÆ÷����¡¢Ç¶ÈëʽÉ豸��¡¢ÔƼÆËãƽ̨µÈ¶à¸öÁìÓòÕ¼¾ÝÖ÷µ¼µØλ
È»¶ø�����£¬Ëæ×ÅLinux·¢ÐаæµÄ¶àÑù»¯ºÍ°æ±¾µÄ¿ìËÙµü´ú£¬ÈçºÎÓÐЧ¡°ident¡±£¨Ê¶±ð£©Linuxϵͳ³ÉΪÁËÒ»¸ö²»¿ÉºöÊӵļ¼ÊõÌôÕ½
±¾ÎĽ«´Ó¶à¸öά¶ÈÉîÈë̽ÌÖÈçºÎÔÚÏÖ´úIT»·¾³Öо«×¼Ê¶±ðLinuxϵͳ���£¬º¸Ç¼¼ÊõÊֶΡ¢×î¼Ñʵ¼ù¼°Î´À´Ç÷ÊÆ
Ò»�¡¢Linuxϵͳʶ±ðµÄ»ù±¾¿ò¼Ü
1.1 ²Ù×÷ϵͳָÎƼ¼Êõ
²Ù×÷ϵͳָÎÆ£¨OS Fingerprinting£©ÊÇͨ¹ý·ÖÎöÍøÂçÐÒéÕ»µÄÐÐΪ�����¡¢Ìض¨µÄ·þÎñÏìÓ¦»òϵͳԪÊý¾ÝÀ´ÍƶÏÔ¶³ÌÖ÷»úÔËÐеIJÙ×÷ϵͳµÄ¹ý³Ì
¶ÔÓÚLinuxϵͳ£¬³£¼ûµÄÖ¸ÎÆ·½·¨°üÀ¨£º
- TCP/IP¶ÑÕ»²îÒ죺²»Í¬Linux·¢ÐаæºÍ°æ±¾ÔÚTCP/IPÐÒéջʵÏÖÉÏ´æÔÚ²îÒ죬Èç³õʼÐòÁкÅÉú³ÉËã·¨¡¢TCP´°¿Ú´óСµ÷Õû²ßÂÔµÈ���£¬ÕâЩϸ΢²î±ð¿ÉÒÔ±»ÓÃÀ´Çø·ÖLinuxÓëÆäËû²Ù×÷ϵͳ
- BannerÐÅÏ¢£ºÐí¶à·þÎñ£¨ÈçSSH¡¢HTTP¡¢FTP£©ÔÚÆô¶¯Ê±»áÏÔʾ°æ±¾ÐÅÏ¢»ò¡°banner¡±���£¬Í¨¹ý·ÖÎöÕâЩÐÅÏ¢¿ÉÒÔ´óÖÂÅжÏLinux·¢Ðа漰Æä°æ±¾
- ICMP EchoÇëÇó£ºÍ¨¹ý·ÖÎöICMP£¨Internet Control Message Protocol£©ÏûÏ¢µÄÏìӦʱ¼äºÍÄÚÈÝ£¬ÓÐʱҲÄÜÌṩ¹ØÓÚ²Ù×÷ϵͳµÄÏßË÷
1.2 ±»¶¯ÓëÖ÷¶¯É¨Ãè
- ±»¶¯É¨Ã裺¼àÌýÍøÂçÁ÷Á¿��£¬·ÖÎöÊý¾Ý°üÌØÕ÷¶ø²»Ö÷¶¯·¢ËÍÇëÇó����£¬ÕâÖÖ·½·¨½ÏΪÒþ±Î��£¬µ«ÐÅÏ¢»ñÈ¡ÓÐÏÞ
- Ö÷¶¯É¨Ã裺ͨ¹ý·¢ËÍÌض¨ÀàÐ͵ÄÍøÂçÇëÇó£¨ÈçSYNɨÃè�����¡¢ACKɨÃ裩²¢¹Û²ìÏìÓ¦£¬ÒÔÊÕ¼¯¸üÏêϸµÄÐÅÏ¢
Ö÷¶¯É¨Ãè¿ÉÄÜ´¥·¢°²È«¾¯±¨�£¬Ðè½÷É÷ʹÓÃ
¶þ���¡¢¾ßÌåʶ±ð¹¤¾ßÓë¼¼Êõ
2.1 Nmap
Nmap£¨Network Mapper£©ÊÇÒ»¿î¿ªÔ´µÄÍøÂçɨÃ蹤¾ß��£¬Ö§³Ö¶àÖÖɨÃè¼¼ÊõºÍÐÒ飬ÊÇʶ±ðLinuxϵͳµÄÊ×Ñ¡¹¤¾ßÖ®Ò»
ͨ¹ýÖ¸¶¨`-O`Ñ¡Ïî½øÐвÙ×÷ϵͳ¼ì²â����£¬Nmap»á³¢ÊÔÆ¥ÅäÊÕ¼¯µ½µÄÖ¸ÎÆÐÅÏ¢µ½ÆäÊý¾Ý¿âÖеÄÒÑ֪ģʽ���£¬´Ó¶øÍƶϳö²Ù×÷ϵͳÀàÐÍ
2.2 Xprobe2
Xprobe2ÊÇÁíÒ»¸öÇ¿´óµÄ±»¶¯²Ù×÷ϵͳʶ±ð¹¤¾ß��£¬Í¨¹ý·ÖÎö²¶»ñµÄÍøÂçÊý¾Ý°üÀ´ÍƶϲÙ×÷ϵͳ
ËüÌرðÊÊÓÃÓÚ·ÖÎö³¤Ê±¼äµÄÍøÂçÁ÷Á¿£¬Äܹ»Ê¶±ð°üÀ¨LinuxÔÚÄڵĶàÖÖ²Ù×÷ϵͳ
2.3 Nessus
NessusÊÇÒ»¿î×ÛºÏÐԵĩ¶´É¨ÃèÆ÷£¬³ýÁ˼ì²â°²È«Â©¶´Í⣬Ëü»¹ÄܽøÐвÙ×÷ϵͳ
