GRAY-WORLD.NET TEAM
计算机网络安全技术 不同寻常的网络访问控制系统迂回技术

It was all very well to say `Drink me,' but the wise little Alice was not going to do that in a hurry. `No, I'll look first,' she said, `and see whether it's marked "poison" or not'; for she had read several nice little histories about children who had got burnt, and eaten up by wild beasts and other unpleasant things, all because they would not remember the simple rules their friends had taught them: such as, that a red-hot poker will burn you if you hold it too long; and that if you cut your finger very deeply with a knife, it usually bleeds; and she had never forgotten that, if you drink much from a bottle marked `poison,' it is almost certain to disagree with you, sooner or later.

Lewis Carroll "Alice In Wonderland"
 		Alice
English French Russian Spanish Polish Italian
网站首页 | 开发项目 | 技术论文 | 自由论坛 | 关于我们 | 热门联接 | 赞助支持
 开发项目 

CCTDE是“灰色的世界”的 “基于HTTP协议隐藏通道与隧道探测技术:探测原理性设计”论文的第一个可执行版本。

这个程序的主要目的是提供一个可行的方法来“定义”和“查找”那些导致被嵌入在HTTP协议中 的“未授权”隧道与隐藏通道的信息。但是这些概念不仅适用于HTTP协议的隐藏通道的探测,还 适用于其他的高层协议上的双向数据流的探测。

它被置于一个“强制性”HTTP代理服务器与HTTP客户端之间。(或者是在网络访问控制系统之前 ,如果没有代理服务器存在。)CCTDE试图探测是否某些内网用户运用隐藏通道或隧道工具来避开 网络访问控制系统的探测。

它被放置在DMZ区的联合服务器之前,CCTDE试图探测是否某些内网用户运用隐藏通道或隧道工具 例如:WebShellFirepass 来避开 网络访问控制系统的探测。

CCTDE目前被设计为SNORT的分析后台程序。Snort 是一种网络入侵检测系统工具。通过运用基于“统计学”方法来探测可疑或非正常网络数据流是 否存在。

Snort做为一个网络数据流审计员 -- 记录数据流并通过SOCKET与CCTDE模块通信。

CCTDE读取Snort报警信息并把捕获的数据包存入缓存。这就使得通过对被记录的数据加以分析 来实现探测特定的网络行为成为可能。

Simon Castro
Current Cctde version: 0.2; README, CHANGELOG, EXAMPLES
Download | md5sum: a0fd7e48315d3e38b1c6a3fd689fb47a
http://gray-world.net/projects/cctde/cctde-0.2.tar.gz

项目列表



Cooking Channels - is a set of two python scripts allowing to build a communication channel over HTTP cookies. [learn more]


Team member's sites: www.infosecwriters.com/ hhworld/ The Hitchhiker's World e-zine


GNU  GNU General Public License
 GNU Free Documentation License 		IRC://irc.0x557.org:3331/gray-world.net
CHANGELOG, MIRRORS, LEGAL NOTICE
04/12/2008 [01:12:54] GMT+03:00 / Unique IPs today: 3050 / Hits: 59370