Clever Geek Handbook

1.向用户教授信息安全的基础知识。反网络钓鱼

如今,网络管理员或信息安全工程师花费大量时间和精力来保护企业网络外围免受各种威胁的影响,掌握了用于预防和监视事件的所有新系统,但是即使这样也不能保证他得到完全的保护。社会工程学被攻击者广泛使用,并可能造成严重后果。

: “ ”? , . , , .

80% ( Check Point Intelligence Reports).

报告最近30天有关传播恶意文件的攻击媒介(俄罗斯)-Check Point
30 () - heck Point

, . (EXE, RTF, DOC), , , , (, ).

收到的恶意邮件中的文件格式年度报告-Check Point
- heck Point

? : 

  • Antivirus - .

  • Emulation - , .

  • Content Awareness - . ( , PDF).

  • AntiSpam - / .

, , , - . -:

(. phishing, fishing — , ) — -. . , , .

-, DNS- , . 

, , :

  1. . , .

  2. . . , .   

, . ?

- ( ).

部署网络钓鱼攻击的典型方案图

-, . :

  1. .

    21 , . , : , , , .. . , , ( , , ).

  2. .

    “”, -. : , , , ..

, , . :

  1. GoPhish - , IT- . . - , .

  2. KnowBe4 - .

  3. Phishman - . , 10 1000 . , . .

  4. - . , .. - , .

. , .  GoPhish, , .

GoPhish

, . GoPhish : user-friendly , :

  1. .

  2. REST API.

  3. .

  4. .

GoPhish. , ZIP- , , .

!

, ( 0.10.1). !

msg="Please login with the username admin and the password <>"

GoPhish

(config.json). :

( )

admin_server.listen_url

127.0.0.1:3333

IP- GoPhish

admin_server.use_tls

false

TLS GoPhish

admin_server.cert_path

example.crt

SSL- GoPhish

admin_server.key_path

example.key

SSL-

phish_server.listen_url

0.0.0.0:80

IP- ( GoPhish 80 )

--> . : https://127.0.0.1:3333

--> .

C

“Sending Profiles” , :

:

Name

From

Host

IP- , .

Username

.

Password

.

, . “Save profile”.

“ ”.   “User & Groups” → “New Group”. : CSV .

:

  • First Name

  • Last Name

  • Email

  • Position

:

First Name,Last Name,Position,Email
Richard,Bourne,CEO,rbourne@morningcatch.ph
Boyd,Jenius,Systems Administrator,bjenius@morningcatch.ph
Haiti,Moreo,Sales &amp; Marketing,hmoreo@morningcatch.ph

, . “Email Templates” → “New Templates”.

, , - . :

Name

Subject

Text / HTML

HTML-

Gophish , . : . “”.

. Template Reference.

:

{{.FirstName}},

The password for {{.Email}} has expired. Please reset your password here.

Thanks,
IT Team

, ( “New Group”) .

. “here” "Link" .

URL {{.URL}}, . .

"Add Tracking Image". - 1x1 , .

, , Gophish: 

  1. ;

  2. , ;

  3. .

, . .

C

 “Landing Pages”.

. . web- . , HTML- ( ). :

  • Capture Submitted Data. , .

  • Capture Passwords - . GoPhish , .

“Redirect to”, . , , . , .

"New Campaign".

GoPhish

. "New Campaign" .

:

Name

Email Template

Landing Page

URL

IP GoPhish (   )

Launch Date

Send Emails By

( )

Sending Profile

Groups

, : , , , .

, 1 ,   :

, . , Landing Pages, ?

, .

: , . GoPhish, .

IT-. Gophish, . . , (sales@tssolution.ru).

, , Enterprise- . !



More articles:


All Articles