Hoje vamos conhecer uma ferramenta chamada foremost .
Link do site : http://foremost.sourceforge.net/
O Foremost é usado básicamente para recuperação de arquivos .
Vamos colocar a mão na massa?!
Para conhecer as opções você pode executar um "man foremost"
Vamos fazer um teste usando a recuperação de dados de um pen drive .
Abaixo o conteúdo existente neste disco :
jy@victory:~$ cd /media/my_stickj/
jy@victory:/media/my_stickj$ ls -lhtr
total 16K
drwx------ 2 jy jy 4.0K 2011-03-14 19:14 ieq
drwx------ 2 jy jy 4.0K 2011-03-14 19:14 compar
drwx------ 3 jy jy 4.0K 2011-03-14 19:14 nfe
drwx------ 2 jy jy 4.0K 2011-03-24 13:49 fotos
jy@victory:/media/my_stickj$ cd fotos/
jy@victory:/media/my_stickj/fotos$ ls -lhtr
total 124K
-rw-r--r-- 1 jy jy 11K 2011-03-02 23:30 ruby.jpg
-rw-r--r-- 1 jy jy 4.3K 2011-03-02 23:31 ti.jpg
-rw-r--r-- 1 jy jy 6.6K 2011-03-02 23:32 oca.jpg
-rw-r--r-- 1 jy jy 5.0K 2011-03-02 23:32 oce.jpg
-rw-r--r-- 1 jy jy 2.3K 2011-03-02 23:33 oracle_database.jpg
-rw-r--r-- 1 jy jy 4.2K 2011-03-02 23:34 oracle11g.jpg
-rw-r--r-- 1 jy jy 3.6K 2011-03-02 23:35 linux.jpg
-rw-r--r-- 1 jy jy 7.3K 2011-03-02 23:36 ubuntu.jpg
-rw-r--r-- 1 jy jy 8.0K 2011-03-02 23:36 postgresql.jpg
-rw-r--r-- 1 jy jy 6.6K 2011-03-02 23:36 oracle_mysql.jpg
-rw-r--r-- 1 jy jy 4.4K 2011-03-02 23:37 fedena.png
-rw-r--r-- 1 jy jy 6.4K 2011-03-02 23:38 redhat.jpg
-rw-r--r-- 1 jy jy 7.7K 2011-03-02 23:39 fedora.jpg
-rw-r--r-- 1 jy jy 8.2K 2011-03-02 23:39 fedora2.png
-rw-r--r-- 1 jy jy 7.4K 2011-03-02 23:43 exadata.jpg
-rw-r--r-- 1 jy jy 47 2011-03-02 23:47 Picasa.ini
jy@victory:/media/my_stickj/fotos$
Suponhamos que o cidadão dono do pen drive faça isso :
jy@victory:/media/my_stickj$ rm -r *
jy@victory:/media/my_stickj$ ls
jy@victory:/media/my_stickj$
ou mesmo que for usando interface grafica .
Se fomos analisar o disco estará vazio.
Agora vamos usar o foremost .
1º Copiar o disco para um arquivo em um diretorio qualquer para análise :
- Usando um fdisk -l conseguimos pegar o nome do disco no sistema operacional
Disk /dev/sdb: 1035 MB, 1035993088 bytes
32 heads, 62 sectors/track, 1019 cylinders
Units = cylinders of 1984 * 512 = 1015808 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00094a3d
Device Boot Start End Blocks Id System
/dev/sdb1 * 1 1019 1010817 c W95 FAT32 (LBA)
- Usando o comando "dd" vamos extrair o conteído do disco para o arquivo :
jy@victory:/media/my_stickj$ sudo dd if=/dev/sdb of=/home/jy/temp/pendrivex.raw
2023424+0 records in
2023424+0 records out
1035993088 bytes (1.0 GB) copied, 397.122 s, 2.6 MB/s
jy@victory:/media/my_stickj$
-visualizando o arquivo
jy@victory:~/temp$ pwd
/home/jy/temp
jy@victory:~/temp$ ls -lhtr
total 989M
-rw-r--r-- 1 root root 988M 2011-03-24 15:15 pendrivex.raw
jy@victory:~/temp$
- Agora vamos usar realmente o foremost para extrair possíveis conteúdos do disco
Vamos usar o básico que faz uso das opções default do programa,sem especificar tipo de arquivo,tamanho de bloco entre outras :
jy@victory:~/temp$ foremost -t all -i /home/jy/temp/pendrivex.raw -o /home/jy/temp/pendrivexfiles/ -v
Foremost version 1.5.7 by Jesse Kornblum, Kris Kendall, and Nick Mikus
Audit File
Foremost started at Thu Mar 24 16:13:37 2011
Invocation: foremost -t all -i /home/jy/temp/pendrivex.raw -o /home/jy/temp/pendrivexfiles/ -v
Output directory: /home/jy/temp/pendrivexfiles
Configuration file: /etc/foremost.conf
Processing: /home/jy/temp/pendrivex.raw
|------------------------------------------------------------------
File: /home/jy/temp/pendrivex.raw
Start: Thu Mar 24 16:13:37 2011
Length: 988 MB (1035993088 bytes)
Num Name (bs=512) Size File Offset Comment
*0: 00260926.jpg 99 KB 133594112
1: 00303110.jpg 11 KB 155192320
2: 00303134.jpg 8 KB 155204608
3: 00303158.jpg 26 KB 155216896
4: 00303214.jpg 21 KB 155245568
5: 00303262.jpg 8 KB 155270144
6: 00303286.jpg 26 KB 155282432
7: 00303342.jpg 14 KB 155311104
8: 00303374.jpg 9 KB 155327488
9: 00326102.jpg 105 KB 166964224
10: 00326318.jpg 113 KB 167074816
....
64: 00303102.png 499 B 155188224 (15 x 14)
*********|
Finish: Thu Mar 24 16:14:10 2011
65 FILES EXTRACTED
jpg:= 26
gif:= 8
htm:= 1
zip:= 2
png:= 28
------------------------------------------------------------------
Foremost finished at Thu Mar 24 16:14:10 2011
jy@victory:~/temp$
Acima coloquei parte da execução do comando para extração de conteúdo e abaixo temos o relatório do foremost :
Foremost version 1.5.7 by Jesse Kornblum, Kris Kendall, and Nick Mikus
Audit File
Foremost started at Thu Mar 24 16:13:37 2011
Invocation: foremost -t all -i /home/jy/temp/pendrivex.raw -o /home/jy/temp/pendrivexfiles/ -v
Output directory: /home/jy/temp/pendrivexfiles
Configuration file: /etc/foremost.conf
------------------------------------------------------------------
File: /home/jy/temp/pendrivex.raw
Start: Thu Mar 24 16:13:37 2011
Length: 988 MB (1035993088 bytes)
Num Name (bs=512) Size File Offset Comment
0: 00260926.jpg 99 KB 133594112
1: 00303110.jpg 11 KB 155192320
2: 00303134.jpg 8 KB 155204608
3: 00303158.jpg 26 KB 155216896
4: 00303214.jpg 21 KB 155245568
5: 00303262.jpg 8 KB 155270144
6: 00303286.jpg 26 KB 155282432
7: 00303342.jpg 14 KB 155311104
8: 00303374.jpg 9 KB 155327488
9: 00326102.jpg 105 KB 166964224
10: 00326318.jpg 113 KB 167074816
11: 00326558.jpg 7 KB 167197696
12: 00326574.jpg 4 KB 167205888
13: 00326590.jpg 7 KB 167214080
14: 00326606.jpg 8 KB 167222272
15: 00326630.jpg 3 KB 167234560
16: 00326638.jpg 6 KB 167238656
17: 00326654.jpg 4 KB 167246848
18: 00326670.jpg 4 KB 167255040
19: 00326686.jpg 2 KB 167263232
20: 00326694.jpg 6 KB 167267328
21: 00326718.jpg 7 KB 167279616
22: 00326734.jpg 6 KB 167287808
23: 00326750.jpg 10 KB 167296000
24: 00326774.jpg 4 KB 167308288
25: 00326790.jpg 7 KB 167316480
26: 00294666.gif 158 B 150869425 (31 x 32)
27: 00294667.gif 141 B 150869688 (31 x 32)
28: 00294667_1.gif 162 B 150869934 (31 x 32)
29: 00294668.gif 153 B 150870203 (32 x 32)
30: 00294668_1.gif 153 B 150870463 (32 x 32)
31: 00294669.gif 153 B 150870723 (32 x 32)
32: 00294669_1.gif 153 B 150870974 (32 x 32)
33: 00303094.gif 99 B 155184128 (19 x 18)
34: 00303494.htm 27 KB 155389123
35: 00297978.zip 2 MB 152564906
36: 00303566.zip 11 MB 155425792
37: 00294670.png 4 KB 150871299 (48 x 48)
38: 00294679.png 3 KB 150876111 (47 x 48)
39: 00294687.png 3 KB 150879952 (48 x 48)
40: 00294694.png 3 KB 150883833 (48 x 48)
41: 00297615.png 8 KB 152378989 (783 x 63)
42: 00297829.png 783 B 152488815 (16 x 16)
43: 00297831.png 783 B 152489744 (16 x 16)
44: 00297833.png 783 B 152490675 (16 x 16)
45: 00297844.png 3 KB 152496470 (48 x 48)
46: 00297851.png 3 KB 152499818 (48 x 48)
47: 00297857.png 3 KB 152503168 (48 x 48)
48: 00297893.png 2 KB 152521218 (48 x 48)
49: 00297897.png 2 KB 152523457 (48 x 48)
50: 00297901.png 2 KB 152525698 (48 x 48)
51: 00297910.png 473 B 152529932 (16 x 16)
52: 00297911.png 473 B 152530563 (16 x 16)
53: 00297912.png 473 B 152531196 (16 x 16)
54: 00297934.png 2 KB 152542618 (48 x 48)
55: 00297939.png 2 KB 152544861 (48 x 48)
56: 00297943.png 2 KB 152547106 (48 x 48)
57: 00297948.png 519 B 152549603 (16 x 16)
58: 00297949.png 519 B 152550240 (16 x 16)
59: 00297950.png 519 B 152550879 (16 x 16)
60: 00297952.png 525 B 152551642 (16 x 16)
61: 00297953.png 525 B 152552317 (16 x 16)
62: 00297955.png 525 B 152552994 (16 x 16)
63: 00302756.png 4 KB 155011231 (32 x 32)
64: 00303102.png 499 B 155188224 (15 x 14)
Finish: Thu Mar 24 16:14:10 2011
65 FILES EXTRACTED
jpg:= 26
gif:= 8
htm:= 1
zip:= 2
png:= 28
------------------------------------------------------------------
Foremost finished at Thu Mar 24 16:14:10 2011
Logo veremos mais algumas ferramentas.
Abs,
JC
Simple Write-Up
Showing posts with label users and security. Show all posts
Showing posts with label users and security. Show all posts
Thursday, April 28, 2011
Thursday, March 24, 2011
Examinando arquivo Thumbs.db com o vinetto
Para a analisar arquivos Thumbs.db gerados pelo s.o Windows (desde a versão 2000) existe também uma tool chamada vinetto .
Vou testar ela usando o Ubuntu 10.10 .Vamos lá!
- Você pode ver mais informações usando o man vinetto
jy@victory:~/Downloads$ vinetto
/usr/bin/vinetto:35: DeprecationWarning: the md5 module is deprecated; use hashlib instead
import md5
Usage: vinetto [OPTIONS] [-o DIR] file
vinetto: error: incorrect number of arguments
jy@victory:~/Downloads$
Tenho um arquivo Thumbs.db e vamos analistar o conteúdo dele :
- Listando o conteúdo
jy@victory:~/Downloads$ vinetto Thumbs.db
/usr/bin/vinetto:35: DeprecationWarning: the md5 module is deprecated; use hashlib instead
import md5
Root Entry modify timestamp : Sat Feb 21 18:22:36 2009
------------------------------------------------------
0001 Sun Feb 1 00:23:42 2009 Sydney Opera House, Australia.jpg
0002 Sun Feb 1 00:26:02 2009 Aerial of Heron Island, Great Barrier Reef Marine Park, Queensland, Australia.jpg
0003 Sun Feb 1 00:25:30 2009 Brisbane, Queensland, Australia.jpg
0004 Sun Feb 1 00:26:50 2009 Dove Lake at Cradle Mountain, Tasmania, Australia.jpg
- Para extrair o conteudo dele usando o vinetto e colocando um diretorio chamado thumbx :
jy@victory:~/Downloads$ vinetto Thumbs.db -o thumbsx/
/usr/bin/vinetto:35: DeprecationWarning: the md5 module is deprecated; use hashlib instead
import md5
Root Entry modify timestamp : Sat Feb 21 18:22:36 2009
------------------------------------------------------
0001 Sun Feb 1 00:23:42 2009 Sydney Opera House, Australia.jpg
0002 Sun Feb 1 00:26:02 2009 Aerial of Heron Island, Great Barrier Reef Marine Park, Queensland, Australia.jpg
0003 Sun Feb 1 00:25:30 2009 Brisbane, Queensland, Australia.jpg
0004 Sun Feb 1 00:26:50 2009 Dove Lake at Cradle Mountain, Tasmania, Australia.jpg
0005 Sun Feb 1 00:26:22 2009 Eroded Granite, Cheynes Beach, Australia.jpg
0006 Sun Feb 1 00:26:34 2009 Hopetoun Falls, Aire River, Otway National Park, Victoria, Australia.jpg
0007 Sun Feb 1 00:23:58 2009 Kangaroo Conversation, Australia.jpg
0008 Sun Feb 1 00:26:06 2009 Kata Tjuta (The Olgas) at Sunset, Uluru-Kata Tjuta National Park, Australia.jpg
0009 Sun Feb 1 00:23:00 2009 Loch Ard Gorge, Port Campbell National Park, Australia.jpg
0010 Sun Feb 1 00:26:16 2009 Lord Howe Island, Australia.jpg
0011 Sun Feb 1 00:26:28 2009 McArthur River, Northern Territory, Australia.jpg
0012 Sun Feb 1 00:23:36 2009 Morse's Creek, Bright, Victoria, Australia.jpg
0013 Sun Feb 1 00:26:56 2009 Murphy's Haystacks, Eyre Peninsula, South Australia.jpg
0014 Sun Feb 1 00:26:50 2009 Old Spinifex Rings, Little Sandy Desert, Australia.jpg
0015 Sun Feb 1 00:25:52 2009 Penny Royal Gunpowder Mill, Tasmania, Australia.jpg
0016 Sun Feb 1 00:26:22 2009 Pinnacles Desert, Nambung National Park, Australia.jpg
0017 Sun Feb 1 00:24:20 2009 Port Davey, Stephens Bay, Hannant Inlet and Mount Rugby, Tasmania, Australia.jpg
0018 Sun Feb 1 00:26:58 2009 Rainbow Valley, Northern Territory, Australia.jpg
0019 Sun Feb 1 00:25:20 2009 Red Kangaroo, Australia.jpg
0020 Sun Feb 1 00:25:10 2009 Remarkable Rocks, Flinders Chase National Park, Kangaroo Island, Australia.jpg
0021 Sun Feb 1 00:27:06 2009 Sandstone Tower, Chambers Pillar Historical Reserve, Northern Territory, Australia.jpg
0022 Sun Feb 1 00:26:08 2009 Scarlet Night, Sydney Opera House, Sydney, Australia.jpg
0023 Sun Feb 1 00:26:08 2009 Sun-Kissed Sydney, Australia.jpg
0024 Sun Feb 1 00:24:24 2009 Sunrise on Mount Feathertop, Alpine National Park, Victoria, Australia.jpg
0025 Sun Feb 1 00:24:24 2009 Sydney Harbor at Dusk, Australia.jpg
0026 Sat Feb 21 18:22:36 2009 {A42CD7B6-E9B9-4D02-B7A6-288B71AD28BA}------------------------------------------------------
26 Type 2 thumbnails extracted to thumbsx//
jy@victory:~/Downloads$ vinetto Thumbs.db -o thumbsx/ /usr/bin/vinetto:35: DeprecationWarning: the md5 module is deprecated; use hashlib instead import md5
Root Entry modify timestamp : Sat Feb 21 18:22:36 2009
------------------------------------------------------
0001 Sun Feb 1 00:23:42 2009 Sydney Opera House, Australia.jpg 0002 Sun Feb 1 00:26:02 2009 Aerial of Heron Island, Great Barrier Reef Marine Park, Queensland, Australia.jpg 0003 Sun Feb 1 00:25:30 2009 Brisbane, Queensland, Australia.jpg 0004 Sun Feb 1 00:26:50 2009 Dove Lake at Cradle Mountain, Tasmania, Australia.jpg 0005 Sun Feb 1 00:26:22 2009 Eroded Granite, Cheynes Beach, Australia.jpg 0006 Sun Feb 1 00:26:34 2009 Hopetoun Falls, Aire River, Otway National Park, Victoria, Australia.jpg 0007 Sun Feb 1 00:23:58 2009 Kangaroo Conversation, Australia.jpg 0008 Sun Feb 1 00:26:06 2009 Kata Tjuta (The Olgas) at Sunset, Uluru-Kata Tjuta National Park, Australia.jpg 0009 Sun Feb 1 00:23:00 2009 Loch Ard Gorge, Port Campbell National Park, Australia.jpg 0010 Sun Feb 1 00:26:16 2009 Lord Howe Island, Australia.jpg 0011 Sun Feb 1 00:26:28 2009 McArthur River, Northern Territory, Australia.jpg 0012 Sun Feb 1 00:23:36 2009 Morse's Creek, Bright, Victoria, Australia.jpg 0013 Sun Feb 1 00:26:56 2009 Murphy's Haystacks, Eyre Peninsula, South Australia.jpg 0014 Sun Feb 1 00:26:50 2009 Old Spinifex Rings, Little Sandy Desert, Australia.jpg 0015 Sun Feb 1 00:25:52 2009 Penny Royal Gunpowder Mill, Tasmania, Australia.jpg 0016 Sun Feb 1 00:26:22 2009 Pinnacles Desert, Nambung National Park, Australia.jpg 0017 Sun Feb 1 00:24:20 2009 Port Davey, Stephens Bay, Hannant Inlet and Mount Rugby, Tasmania, Australia.jpg 0018 Sun Feb 1 00:26:58 2009 Rainbow Valley, Northern Territory, Australia.jpg 0019 Sun Feb 1 00:25:20 2009 Red Kangaroo, Australia.jpg 0020 Sun Feb 1 00:25:10 2009 Remarkable Rocks, Flinders Chase National Park, Kangaroo Island, Australia.jpg 0021 Sun Feb 1 00:27:06 2009 Sandstone Tower, Chambers Pillar Historical Reserve, Northern Territory, Australia.jpg 0022 Sun Feb 1 00:26:08 2009 Scarlet Night, Sydney Opera House, Sydney, Australia.jpg 0023 Sun Feb 1 00:26:08 2009 Sun-Kissed Sydney, Australia.jpg 0024 Sun Feb 1 00:24:24 2009 Sunrise on Mount Feathertop, Alpine National Park, Victoria, Australia.jpg 0025 Sun Feb 1 00:24:24 2009 Sydney Harbor at Dusk, Australia.jpg 0026 Sat Feb 21 18:22:36 2009 {A42CD7B6-E9B9-4D02-B7A6-288B71AD28BA}------------------------------------------------------
26 Type 2 thumbnails extracted to thumbsx//
Agora vamos ver o que veio com ele :
E é isso por hoje!
Att,
JC
jy@victory:~/Downloads$ vinetto /usr/bin/vinetto:35: DeprecationWarning: the md5 module is deprecated; use hashlib instead import md5Usage: vinetto [OPTIONS] [-o DIR] filevinetto: error: incorrect number of argumentsjy@victory:~/Downloads$Tenho um arquivo Thumbs.db e vamos analistar o conteúdo dele : - Listando o conteúdo jy@victory:~/Downloads$ vinetto Thumbs.db/usr/bin/vinetto:35: DeprecationWarning: the md5 module is deprecated; use hashlib instead import md5 Root Entry modify timestamp : Sat Feb 21 18:22:36 2009 ------------------------------------------------------ 0001 Sun Feb 1 00:23:42 2009 Sydney Opera House, Australia.jpg 0002 Sun Feb 1 00:26:02 2009 Aerial of Heron Island, Great Barrier Reef Marine Park, Queensland, Australia.jpg 0003 Sun Feb 1 00:25:30 2009 Brisbane, Queensland, Australia.jpg 0004 Sun Feb 1 00:26:50 2009 Dove Lake at Cradle Mountain, Tasmania, Australia.jpg - Para extrair o conteudo dele usando o vinetto e colocando um diretorio chamado thumbx :
jy@victory:~/Downloads$ vinetto Thumbs.db -o thumbsx/
/usr/bin/vinetto:35: DeprecationWarning: the md5 module is deprecated; use hashlib insteadimport md5Root Entry modify timestamp : Sat Feb 21 18:22:36 2009------------------------------------------------------0001 Sun Feb 1 00:23:42 2009 Sydney Opera House, Australia.jpg0002 Sun Feb 1 00:26:02 2009 Aerial of Heron Island, Great Barrier Reef Marine Park, Queensland, Australia.jpg0003 Sun Feb 1 00:25:30 2009 Brisbane, Queensland, Australia.jpg0004 Sun Feb 1 00:26:50 2009 Dove Lake at Cradle Mountain, Tasmania, Australia.jpg0005 Sun Feb 1 00:26:22 2009 Eroded Granite, Cheynes Beach, Australia.jpg0006 Sun Feb 1 00:26:34 2009 Hopetoun Falls, Aire River, Otway National Park, Victoria, Australia.jpg0007 Sun Feb 1 00:23:58 2009 Kangaroo Conversation, Australia.jpg0008 Sun Feb 1 00:26:06 2009 Kata Tjuta (The Olgas) at Sunset, Uluru-Kata Tjuta National Park, Australia.jpg0009 Sun Feb 1 00:23:00 2009 Loch Ard Gorge, Port Campbell National Park, Australia.jpg0010 Sun Feb 1 00:26:16 2009 Lord Howe Island, Australia.jpg0011 Sun Feb 1 00:26:28 2009 McArthur River, Northern Territory, Australia.jpg0012 Sun Feb 1 00:23:36 2009 Morse's Creek, Bright, Victoria, Australia.jpg0013 Sun Feb 1 00:26:56 2009 Murphy's Haystacks, Eyre Peninsula, South Australia.jpg0014 Sun Feb 1 00:26:50 2009 Old Spinifex Rings, Little Sandy Desert, Australia.jpg0015 Sun Feb 1 00:25:52 2009 Penny Royal Gunpowder Mill, Tasmania, Australia.jpg0016 Sun Feb 1 00:26:22 2009 Pinnacles Desert, Nambung National Park, Australia.jpg0017 Sun Feb 1 00:24:20 2009 Port Davey, Stephens Bay, Hannant Inlet and Mount Rugby, Tasmania, Australia.jpg0018 Sun Feb 1 00:26:58 2009 Rainbow Valley, Northern Territory, Australia.jpg0019 Sun Feb 1 00:25:20 2009 Red Kangaroo, Australia.jpg0020 Sun Feb 1 00:25:10 2009 Remarkable Rocks, Flinders Chase National Park, Kangaroo Island, Australia.jpg0021 Sun Feb 1 00:27:06 2009 Sandstone Tower, Chambers Pillar Historical Reserve, Northern Territory, Australia.jpg0022 Sun Feb 1 00:26:08 2009 Scarlet Night, Sydney Opera House, Sydney, Australia.jpg0023 Sun Feb 1 00:26:08 2009 Sun-Kissed Sydney, Australia.jpg0024 Sun Feb 1 00:24:24 2009 Sunrise on Mount Feathertop, Alpine National Park, Victoria, Australia.jpg0025 Sun Feb 1 00:24:24 2009 Sydney Harbor at Dusk, Australia.jpg0026 Sat Feb 21 18:22:36 2009 {A42CD7B6-E9B9-4D02-B7A6-288B71AD28BA}------------------------------------------------------26 Type 2 thumbnails extracted to thumbsx//jy@victory:~/Downloads$ vinetto Thumbs.db -o thumbsx/ /usr/bin/vinetto:35: DeprecationWarning: the md5 module is deprecated; use hashlib instead import md5 Root Entry modify timestamp : Sat Feb 21 18:22:36 2009 ------------------------------------------------------ 0001 Sun Feb 1 00:23:42 2009 Sydney Opera House, Australia.jpg 0002 Sun Feb 1 00:26:02 2009 Aerial of Heron Island, Great Barrier Reef Marine Park, Queensland, Australia.jpg 0003 Sun Feb 1 00:25:30 2009 Brisbane, Queensland, Australia.jpg 0004 Sun Feb 1 00:26:50 2009 Dove Lake at Cradle Mountain, Tasmania, Australia.jpg 0005 Sun Feb 1 00:26:22 2009 Eroded Granite, Cheynes Beach, Australia.jpg 0006 Sun Feb 1 00:26:34 2009 Hopetoun Falls, Aire River, Otway National Park, Victoria, Australia.jpg 0007 Sun Feb 1 00:23:58 2009 Kangaroo Conversation, Australia.jpg 0008 Sun Feb 1 00:26:06 2009 Kata Tjuta (The Olgas) at Sunset, Uluru-Kata Tjuta National Park, Australia.jpg 0009 Sun Feb 1 00:23:00 2009 Loch Ard Gorge, Port Campbell National Park, Australia.jpg 0010 Sun Feb 1 00:26:16 2009 Lord Howe Island, Australia.jpg 0011 Sun Feb 1 00:26:28 2009 McArthur River, Northern Territory, Australia.jpg 0012 Sun Feb 1 00:23:36 2009 Morse's Creek, Bright, Victoria, Australia.jpg 0013 Sun Feb 1 00:26:56 2009 Murphy's Haystacks, Eyre Peninsula, South Australia.jpg 0014 Sun Feb 1 00:26:50 2009 Old Spinifex Rings, Little Sandy Desert, Australia.jpg 0015 Sun Feb 1 00:25:52 2009 Penny Royal Gunpowder Mill, Tasmania, Australia.jpg 0016 Sun Feb 1 00:26:22 2009 Pinnacles Desert, Nambung National Park, Australia.jpg 0017 Sun Feb 1 00:24:20 2009 Port Davey, Stephens Bay, Hannant Inlet and Mount Rugby, Tasmania, Australia.jpg 0018 Sun Feb 1 00:26:58 2009 Rainbow Valley, Northern Territory, Australia.jpg 0019 Sun Feb 1 00:25:20 2009 Red Kangaroo, Australia.jpg 0020 Sun Feb 1 00:25:10 2009 Remarkable Rocks, Flinders Chase National Park, Kangaroo Island, Australia.jpg 0021 Sun Feb 1 00:27:06 2009 Sandstone Tower, Chambers Pillar Historical Reserve, Northern Territory, Australia.jpg 0022 Sun Feb 1 00:26:08 2009 Scarlet Night, Sydney Opera House, Sydney, Australia.jpg 0023 Sun Feb 1 00:26:08 2009 Sun-Kissed Sydney, Australia.jpg 0024 Sun Feb 1 00:24:24 2009 Sunrise on Mount Feathertop, Alpine National Park, Victoria, Australia.jpg 0025 Sun Feb 1 00:24:24 2009 Sydney Harbor at Dusk, Australia.jpg 0026 Sat Feb 21 18:22:36 2009 {A42CD7B6-E9B9-4D02-B7A6-288B71AD28BA} ------------------------------------------------------26 Type 2 thumbnails extracted to thumbsx//Agora vamos ver o que veio com ele :
E é isso por hoje!
Att,
JCSaturday, February 28, 2009
Profiles : PASSWORD_LOCK_TIME and FAILED_LOGIN_ATTEMPTS
Olá,
Olá como vai tudo bem?Olá como vai tudo bem?...
Pergunto: O que é um PROFILE(perfil) ?
Reposta simplificada:
" Um mecanismo que o Oracle fornece para controlarmos recursos e também limites por usuários.Um PROFILE é um conjunto de limites de recursos."
View : DBA_PROFILES .
Vamos testar dois parâmetros muito interessantes quando usamos PROFILES:
PASSWORD_LOCK_TIME e FAILED_LOGIN_ATTEMPTS .
Vou mostrar na prática,é mais legal!
Os testes serão no Ubuntu 8.10 com Oracle 10g XE (ainda não saiu o 11g rs) em VmWare Workst.
Vamos ao sqlplus:
Criando um profile:
SQL> create profile plcktime_failogatt limit
2 password_lock_time 5/1440
3 failed_login_attempts 2 ;
Profile created.
Criando um usuário para teste:
SQL> create user naum_loga identified by naum_loga
2 profile plcktime_failogatt ;
User created.
Concedendo privilégios:
SQL> grant connect,create session to naum_loga;
Grant succeeded.
SQL>
Verificando na view DBA_USERS:
SQL> select username,account_status,profile
2 from dba_users
3 where username ='NAUM_LOGA';
USERNAME ACCOUNT_STATUS PROFILE
------------------------------ -------------------------------- ------------------------------
NAUM_LOGA OPEN PLCKTIME_FAILOGATT
Com as cobaias criadas agora , então vamos testar?
SQL> disco
Disconnected from Oracle Database 10g Express Edition Release 10.2.0.1.0 - Production
SQL> conn naum_loga/senha_errada
ERROR:
ORA-01017: invalid username/password; logon denied
SQL> conn naum_loga/senha_errada
ERROR:
ORA-01017: invalid username/password; logon denied
SQL> conn naum_loga/senha_errada
ERROR:
ORA-28000: the account is locked
Humm. O FAILED_LOGIN_ATTEMPTS funcionou. Mas ,e o parametro PASSWORD_LOCK_TIME ?
SQL> conn sys / as sysdba
Enter password:
Connected.
SQL> select username,account_status from dba_users
2 where username='NAUM_LOGA';
USERNAME ACCOUNT_STATUS
------------------------------ --------------------------------
NAUM_LOGA LOCKED(TIMED)
SQL>
Viram a palavra "TIMED" na coluna account_status?
Ok.
Vamos calcular o tempo?
SQL> alter session set nls_date_format='dd/mm/rrrr,hh24:mi:ss';
Session altered.
SQL> select sysdate from dual;
SYSDATE
-------------------
28/02/2009,22:56:49
Agora só nos resta esperar!
Você leitor vai se safar desta hein rs.
(Locutor)
- Cinco minutos depois...
(DBA)
- Fui tomar uma água na cozinha.
Let me see:
SQL> select sysdate from dual;
SYSDATE
-------------------
28/02/2009,23:04:02
SQL>
Dá e sobra rs.
SQL> disco
Disconnected from Oracle Database 10g Express Edition Release 10.2.0.1.0 - Production
SQL> conn naum_loga/naum_loga
Connected.
SQL> select 'eu estou logado' naum_loga from dual;
NAUM_LOGA
---------------------------------------------
eu estou logado
SQL>
Vamos exterminar nossas cobaias?
SQL> disco
Disconnected from Oracle Database 10g Express Edition Release 10.2.0.1.0 - Production
SQL> conn sys / as sysdba
Enter password:
Connected.
SQL> drop profile PLCKTIME_FAILOGATT;
drop profile PLCKTIME_FAILOGATT
*
ERROR at line 1:
ORA-02382: profile PLCKTIME_FAILOGATT has users assigned, cannot drop without CASCADE
Why?
Ok.I got it.
SQL> drop user naum_loga;
User dropped.
SQL> drop profile PLCKTIME_FAILOGATT;
Profile dropped.
SQL> disco
Disconnected from Oracle Database 10g Express Edition Release 10.2.0.1.0 - Production
SQL>
Boa noite a todos,
Júlio César Corrêa
Olá como vai tudo bem?Olá como vai tudo bem?...
Pergunto: O que é um PROFILE(perfil) ?
Reposta simplificada:
" Um mecanismo que o Oracle fornece para controlarmos recursos e também limites por usuários.Um PROFILE é um conjunto de limites de recursos."
View : DBA_PROFILES .
Vamos testar dois parâmetros muito interessantes quando usamos PROFILES:
PASSWORD_LOCK_TIME e FAILED_LOGIN_ATTEMPTS .
Vou mostrar na prática,é mais legal!
Os testes serão no Ubuntu 8.10 com Oracle 10g XE (ainda não saiu o 11g rs) em VmWare Workst.
Vamos ao sqlplus:
Criando um profile:
SQL> create profile plcktime_failogatt limit
2 password_lock_time 5/1440
3 failed_login_attempts 2 ;
Profile created.
Criando um usuário para teste:
SQL> create user naum_loga identified by naum_loga
2 profile plcktime_failogatt ;
User created.
Concedendo privilégios:
SQL> grant connect,create session to naum_loga;
Grant succeeded.
SQL>
Verificando na view DBA_USERS:
SQL> select username,account_status,profile
2 from dba_users
3 where username ='NAUM_LOGA';
USERNAME ACCOUNT_STATUS PROFILE
------------------------------ -------------------------------- ------------------------------
NAUM_LOGA OPEN PLCKTIME_FAILOGATT
Com as cobaias criadas agora , então vamos testar?
SQL> disco
Disconnected from Oracle Database 10g Express Edition Release 10.2.0.1.0 - Production
SQL> conn naum_loga/senha_errada
ERROR:
ORA-01017: invalid username/password; logon denied
SQL> conn naum_loga/senha_errada
ERROR:
ORA-01017: invalid username/password; logon denied
SQL> conn naum_loga/senha_errada
ERROR:
ORA-28000: the account is locked
Humm. O FAILED_LOGIN_ATTEMPTS funcionou. Mas ,e o parametro PASSWORD_LOCK_TIME ?
SQL> conn sys / as sysdba
Enter password:
Connected.
SQL> select username,account_status from dba_users
2 where username='NAUM_LOGA';
USERNAME ACCOUNT_STATUS
------------------------------ --------------------------------
NAUM_LOGA LOCKED(TIMED)
SQL>
Viram a palavra "TIMED" na coluna account_status?
Ok.
Vamos calcular o tempo?
SQL> alter session set nls_date_format='dd/mm/rrrr,hh24:mi:ss';
Session altered.
SQL> select sysdate from dual;
SYSDATE
-------------------
28/02/2009,22:56:49
Agora só nos resta esperar!
Você leitor vai se safar desta hein rs.
(Locutor)
- Cinco minutos depois...
(DBA)
- Fui tomar uma água na cozinha.
Let me see:
SQL> select sysdate from dual;
SYSDATE
-------------------
28/02/2009,23:04:02
SQL>
Dá e sobra rs.
SQL> disco
Disconnected from Oracle Database 10g Express Edition Release 10.2.0.1.0 - Production
SQL> conn naum_loga/naum_loga
Connected.
SQL> select 'eu estou logado' naum_loga from dual;
NAUM_LOGA
---------------------------------------------
eu estou logado
SQL>
Vamos exterminar nossas cobaias?
SQL> disco
Disconnected from Oracle Database 10g Express Edition Release 10.2.0.1.0 - Production
SQL> conn sys / as sysdba
Enter password:
Connected.
SQL> drop profile PLCKTIME_FAILOGATT;
drop profile PLCKTIME_FAILOGATT
*
ERROR at line 1:
ORA-02382: profile PLCKTIME_FAILOGATT has users assigned, cannot drop without CASCADE
Why?
Ok.I got it.
SQL> drop user naum_loga;
User dropped.
SQL> drop profile PLCKTIME_FAILOGATT;
Profile dropped.
SQL> disco
Disconnected from Oracle Database 10g Express Edition Release 10.2.0.1.0 - Production
SQL>
Boa noite a todos,
Júlio César Corrêa
Subscribe to:
Posts (Atom)
