multilinglp version是什么意思
点击联系发帖人
时间:2014-12-31 01:03
Linux Chinese HOWTO English Version: 面柜胳 X Window System
X Window SystemはUNIXシステムでのグラフィカルユ〖ザ〖インタ〖フェ〖スの
动蜗な茨董です。XFree86はMIT X Window System からの饯赖惹でフリ〖で给倡され
ています。
Chinese X(维してCXWin)はX Window Systemで面柜胳を山绩できるようにするための
XFree86のパッチです。料惟荚は
CXWinは附哼BIG5コ〖ドのみサポ〖トしていてまた面柜胳のポップアップメニュ〖
(ウィンドウタイトルやウィンドウマネ〖ジャ、アプリケ〖ションでの面柜胳山绩)
を悸附しています。
どうやって掐缄するの々
CXWin 3.3は笆布のftpサイトから掐缄できます¨
XFree86 3.2を蝗っているなら、バ〖ジョン3.2のLinux ELFフォ〖マットが掐缄でき
涩妥なものは滦炳するXサ〖バを掐缄することです。毋えばビデオカ〖ド
がXF86_SVGAに滦炳しているなら、XF86_SVGA.gzを掐缄します。
XF86_SVGA.gzはほとんどのビデオカ〖ドで努磊に瓢侯するでしょう。
rpmが蝗えるならrpmのCXWin 3.3.1呵糠惹も掐缄できます¨
XFree86のソ〖スを掐缄していてユ〖ザ〖极咳がバイナリファイルをコンパイルする
眷圭のパッチが票じ眷疥にあります。
インスト〖ル
CXWin 3.3を联んだ眷圭は笆布のsharedライブラリがあることを澄千して布さい
(ldconfig -pを蝗って拇べられます)¨
libm.so.5 => /lib/libm.so.5.0.6
libdl.so.1 => /lib/libdl.so.1.7.14
libc.so.5 => /lib/libc.so.5.3.12
CXWin 3.2を联买したならlibc バ〖ジョン5.2.18笆惯を蝗って布さい。
まずgzipで暗教されたファイルを鸥倡します。
# gzip -d XF86_SVGA.gz
rootでオリジナルのXサ〖バを瘦赂しておきます。
# cd /usr/X11R6/bin
# mv XF86_SVGA XF86_SVGA_BACKUP
鸥倡したCXWinを努碰な眷疥に弥いてシンボリックリンクをはります¨
# mv /tmp/XF86_SVGA /usr/X11R6/bin
# chown root.bin XF86_SVGA
# chmod 4755 XF86_SVGA
# ln -sf XF86_SVGA X
rpmを联べば侯度はとても词帽でコンパクトです。
# rpm -Uvv XFree86-SVGA-3.3.1-1c.i386.rpm
CXWinは瓢侯させるのに4つのBIG5フォント(taipei15, taipei16
, taipeik20,
taipeik24)を涩妥としています。これらの面柜胳フォント
を肌の鞠の数恕にしたがってインスト〖ルして布さい。
これらのフォントはどこで掐缄できるの々
たぶん面柜胳フォント(GBフォント)をすでにインスト〖ルしていると蛔います。
笆布のようにして澄千できます¨
# xlsfonts | grep gb
-cclib-song-medium-r-normal--0-0-72-72-c-0-gb
-cclib-song-medium-r-normal--16-160-72-72-c-160-gb
-isas-fangsong ti-medium-r-normal--0-0-72-72-c-0-gb
-isas-fangsong ti-medium-r-normal--16-160-72-72-c-160-gb
-isas-song ti-medium-r-normal--0-0-72-72-c-0-gb
-isas-song ti-medium-r-normal--16-160-72-72-c-160-gb
-isas-song ti-medium-r-normal--24-240-72-72-c-240-gb
hanzigb13fs
hanzigb13st
hanzigb16fs
hanzigb16st
hanzigb24st
呵稿の5つのフォントは涟に侯った5つのエイリアスです。
インスト〖ルされているBIG5フォントをチェックするために¨
# xlsfonts | grep big5
-kc-kai-medium-r-normal-fantizi-0-0-75-75-c-0-big5.eten.3.10-1
-kc-kai-medium-r-normal-fantizi-20-200-75-75-c-200-big5.eten.3.10-1
-kc-kai-medium-r-normal-fantizi-24-240-75-75-c-240-big5.eten.3.10-1
-kc-ming-medium-r-normal-fantizi-0-0-75-75-c-0-big5.eten.3.10-1
-kc-ming-medium-r-normal-fantizi-15-150-75-75-c-160-big5.eten.3.10-1
-kc-ming-medium-r-normal-fantizi-24-240-75-75-c-240-big5.eten.3.10-1
-uw-ming-medium-r-normal-fantizi-0-0-75-75-c-0-big5.eten.3.10-1
-uw-ming-medium-r-normal-fantizi-16-160-75-75-c-160-big5.eten.3.10-1
-uw-ming-medium-r-normal-fantizi-20-200-75-75-c-200-big5.eten.3.10-1
-uw-songti-medium-r-normal-fantizi-0-0-75-75-c-0-big5.eten.3.10-1
-uw-songti-medium-r-normal-fantizi-20-200-75-75-c-200-big5.eten.3.10-1
-uw-songti-medium-r-normal-fantizi-24-240-75-75-c-240-big5.eten.3.10-1
これらのフォントをまだインスト〖ルしていない、もっとフォントを笼やしたい
のftpサイトで缄に掐ります。gb/bdf/はGBフォントでbig5/bdf
はBIG5フォントです。
Xフォントのインスト〖ル
BIG5フォント, eb5-24k2.bdf.gz, GBフォントをすでに掐れていると簿年
します。はじめにすべきことはこれらのフォントのフォ〖マットを.pcfに
恃构することです。
# gzip -cd eb5-24k2.bdf.gz | bdftopcf -t > eb5-24k2.pcf
# gzip -cd gb24st.bdf.gz | bdftopcf -t > gb24st.pcf
# compress *.pcf
これらを/usr/X11R6/lib/X11/fonts/misc笆布にインスト〖ルします。
# mv *.pcf.Z /usr/X11R6/lib/X11/fonts/misc/
# cd /usr/X11R6/lib/X11/fonts/misc
# mkfontdir .
笆布2乖をfonts.dirファイルに判峡します¨
eb5-24k2.pcf.Z -kc-kai-medium-r-normal-fantizi-24-240-75-75-c-240-big5.eten.3.10-1
gb24st.pcf.Z -isas-song ti-medium-r-normal--24-240-72-72-c-240-gb
面柜胳ソフトウェアを蝗う箕に掐蜗の箕粗を警なくするためにこれらのフォントの
エイリアスを侯ります。fonts.aliasファイルに笆布の2乖を纳裁して
"-isas-song ti-medium-r-normal--24-240-72-72-c-240-gb"
taipeik24 "-kc-kai-medium-r-normal-fantizi-24-240-75-75-c-240-big5.eten.3.10-1"
肌にXサ〖バにこれらのフォントを浩粕み哈みさせます。
# xset fp rehash
笆惧がうまくいったら糠しいフォントが蝗えるようになります¨
# cxterm -GB -fn 12x24 -fh gb24st &
これらのフォントを侍のディレクトリ(毋えば/usr/X11R6/lib/X11/fonts/chinese)に弥くこともできます。
この眷圭は/etc/XF86Configの"Files"に笆布の乖を纳裁して布さい。
"/usr/X11R6/lib/X11/fonts/chinese/"
肌搀Xを弹瓢すると啼玛なくこれらのフォントが蝗えるようになっています。
戮のフォントをXフォントに恃垂する
lwjによって今かれたTTF2BDFプログラムがあります。これはWindowsのTTFフォント
をBDFフォントに恃垂するものです。このプログラムは笆布から掐缄できます¨
これはWin32プログラムです。Windows 95 あるいは NTで悸乖します。
笆布のステップはBDFをPCFに恃构する缄界です。これでフォントをXで蝗えるように
なります(XでBDFを木儡蝗うことができますが、BDFはサイズが络きくPCFを蝗った
数がよいでしょう)。
# bdftopcf -t & ming.bdf > ming.pcf
HBFをBDFやPCFフォントに恃构することもできます。笆布は恃垂ユ〖ティリティがある
ftpサイトです。
# hbftobdf ccfs24.hbf > ccfs24.bdf
# bdftopcf -t & ccfs24.bdf > ccfs24.pcf
戮の庭れたフォント恃垂プログラムは
で掐缄できます。
TaBEとB5LE(Big5 Locale Environment)はXで面柜胳を蝗えるようにしたlocaleに
答づくプロジェクトです。これらの肋年が姜位すれば、面柜胳の掐叫蜗で栏じる
啼玛は链く豺疯されてしまいます。
TaBEの侯荚shawn会は骆涎の烦婶(military service)に梳らえられ、TaBEのホ〖ム
ペ〖ジは猴近されました(恫いですか々)。そのためにこのプロジェクトはそれ笆丸
匿贿しています。
B5LEの侯荚はThinker &
&会です。しかし肩なプラットフォ〖ムは
FreeBSDです。茂かLinuxプラットフォ〖ム惧にB5LEをうまくインスト〖ルした数が
おられたらご息晚布さい。簇息ホ〖ムペ〖ジはCategories:
Posted in .
Posted in , .
遇到以下错误可能是/tmp没有执行权限
sh: jre150_12/bin/java: Permission denied
** Error during execution, error code = 32256.
按照提示一步步安装到
/usr/jrockit-jdk1.6.0_31-R28.2.3-4.1.0
做个软链接
ln -s /usr/jrockit-jdk1.6.0_31-R28.2.3-4.1.0 /usr/jrrt
二.安装apr
yum install apr apr-util apr-devel
tomcat需要tomcat-native,而tomcat-native需要apr和openssl
没有apr启动tomcat可能会有以下错误
13:28:37 org.apache.catalina.core.AprLifecycleListener init
信息: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /usr/jrockit-jdk1.6.0_31-R28.2.3-4.1.0/jre/lib/amd64/jrockit:/usr/jrockit-jdk1.6.0_31-R28.2.3-4.1.0/jre/lib/amd64:/usr/jrockit-jdk1.6.0_31-R28.2.3-4.1.0/jre/../lib/amd64
三.tomcat 安装
tomcat安装在/opt/下
cd /root/src/
wget /apache-mirror/tomcat/tomcat-6/v6.0.35/bin/apache-tomcat-6.0.35.tar.gz
tar zxvf apache-tomcat-6.0.35.tar.gz
mv apache-tomcat-6.0.35 /opt/
#复制配制文件
cp -ar tomcat/conf/*.xml apache-tomcat-6.0.35/conf/
#复制经过修改的关闭脚本,原生的有问题
cp tomcat/bin/shutdown.sh apache-tomcat-6.0.35/bin/
四.安装tomcat-native
cd apache-tomcat-6.0.35/bin
tar zxvf tomcat-native-1.1.22-src.tar.gz
cd tomcat-native-1.1.22-src/jni/native/
&./configure --with-apr=/usr/bin/apr-1-config --with-java-home=/usr/jrockit-jdk1.6.0_31-R28.2.3-4.1.0
make install
五.编辑变量
vi /etc/profile
JAVA_HOME=/usr/jrrt
export JAVA_HOME
PATH=$PATH:$JAVA_HOME/bin
#原始设置省略
APR_HOME=/usr/local/apr
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$APR_HOME/lib
export LD_LIBRARY_PATH
source /etc/profile
六.迁移服务及应用
关闭tomcat
/opt/tomcat/bin/shutdown.sh
mv apache-tomcat-6.0.35/webapps/ apache-tomcat-6.0.35/webappsorg
cp -ar tomcat/webapps apache-tomcat-6.0.35/
mv apache-tomcat-6.0.35/lib/ apache-tomcat-6.0.35/libbak
cp -ar tomcat/lib/ apache-tomcat-6.0.35/
mv apache-tomcat-6.0.35/libbak/* apache-tomcat-6.0.35/lib/
删除软链接
rm /opt/tomcat
ln -s /opt/apache-tomcat-6.0.35 /opt/tomcat
启动tomcat
/opt/tomcat/bin/startup.sh
检查日志及服务
tail -n100 /opt/tomcat/logs/catalina.out
Posted in , .
Posted in .
Posted in .
Note: Directory /usr/local/rkhunter/bin is not in your PATH
Checking system for:
&Rootkit Hunter installer files: found
&A web file download command: wget found
Starting installation:
&Checking installation directory &/usr/local/rkhunter&: it exists and is writable.
&Checking installation directories:
& Directory /usr/local/rkhunter/share/doc/rkhunter-1.3.8: creating: OK
& Directory /usr/local/rkhunter/share/man/man8: creating: OK
& Directory /usr/local/rkhunter/etc: creating: OK
& Directory /usr/local/rkhunter/bin: creating: OK
& Directory /usr/local/rkhunter/lib64: creating: OK
& Directory /usr/local/rkhunter/var/lib: creating: OK
& Directory /usr/local/rkhunter/lib64/rkhunter/scripts: creating: OK
& Directory /usr/local/rkhunter/var/lib/rkhunter/db: creating: OK
& Directory /usr/local/rkhunter/var/lib/rkhunter/tmp: creating: OK
& Directory /usr/local/rkhunter/var/lib/rkhunter/db/i18n: creating: OK
&Installing check_modules.pl: OK
&Installing filehashsha.pl: OK
&Installing stat.pl: OK
&Installing readlink.sh: OK
&Installing backdoorports.dat: OK
&Installing mirrors.dat: OK
&Installing programs_bad.dat: OK
&Installing suspscan.dat: OK
&Installing rkhunter.8: OK
&Installing ACKNOWLEDGMENTS: OK
&Installing CHANGELOG: OK
&Installing FAQ: OK
&Installing LICENSE: OK
&Installing README: OK
&Installing language support files: OK
&Installing rkhunter: OK
&Installing rkhunter.conf: OK
Installation complete
/usr/local/rkhunter/bin/rkhunter –help
Usage: rkhunter {--check | --unlock | --update | --versioncheck |
&& & & & & & & & --propupd [{filename | directory | package name},...] |
&& & & & & & & & --list [{tests | {lang | languages} | rootkits | perl}] |
&& & & & & & & & --config-check | --version | --help} [options]
Current options are:
&& & & & --append-log& & & & & & & & & Append to the logfile, do not overwrite
&& & & & --bindir &directory&...& & & &Use the specified command directories
&& & -c, --check& & & & & & & & & & & &Check the local system
&& & -C, --config-check& & & & & & & & Check the configuration file(s), then exit
& --cs2, --color-set2& & & & & & & & & Use the second color set for output
&& & & & --configfile &file&& & & & & &Use the specified configuration file
&& & & & --cronjob& & & & & & & & & & &Run as a cron job
&& & & & & & & & & & & & & & & & & & & (implies -c, --sk and --nocolors options)
&& & & & --dbdir &directory&& & & & & &Use the specified database directory
&& & & & --debug& & & & & & & & & & & &Debug mode
&& & & & & & & & & & & & & & & & & & & (Do not use unless asked to do so)
&& & & & --disable &test&[,&test&...]& Disable specific tests
&& & & & & & & & & & & & & & & & & & & (Default is to disable no tests)
&& & & & --display-logfile& & & & & & &Display the logfile at the end
&& & & & --enable& &test&[,&test&...]& Enable specific tests
&& & & & & & & & & & & & & & & & & & & (Default is to enable all tests)
&& & & & --hash {MD5 | SHA1 | SHA224 | SHA256 | SHA384 | SHA512 |
&& & & & & & & & NONE | &command&}& & &Use the specified file hash function
&& & & & & & & & & & & & & & & & & & & (Default is SHA1, then MD5)
&& & -h, --help& & & & & & & & & & & & Display this help menu, then exit
&--lang, --language &language&& & & & &Specify the language to use
&& & & & & & & & & & & & & & & & & & & (Default is English)
&& & & & --list [tests | languages |& &List the available test names, languages, checked
&& & & & & & & & rootkits | perl]& & & for rootkits, or perl module status, then exit
&& & -l, --logfile [file]& & & & & & & Write to a logfile
&& & & & & & & & & & & & & & & & & & & (Default is /var/log/rkhunter.log)
&& & & & --noappend-log& & & & & & & & Do not append to the logfile, overwrite it
&& & & & --nocf& & & & & & & & & & & & Do not use the configuration file entries
&& & & & & & & & & & & & & & & & & & & for disabled tests (only valid with --disable)
&& & & & --nocolors& & & & & & & & & & Use black and white output
&& & & & --nolog& & & & & & & & & & & &Do not write to a logfile
--nomow, --no-mail-on-warning& & & & & Do not send a message if warnings occur
&& --ns, --nosummary& & & & & & & & & &Do not show the summary of check results
&--novl, --no-verbose-logging& & & & & No verbose logging
&& & & & --pkgmgr {RPM | DPKG | BSD |& Use the specified package manager to obtain or
&& & & & & & & & & SOLARIS | NONE}& & &verify file property values. (Default is NONE)
&& & & & --propupd [file | directory | Update the entire file properties database,
&& & & & & & & & & &package]...& & & & or just for the specified entries
&& & -q, --quiet& & & & & & & & & & & &Quiet mode (no output at all)
& --rwo, --report-warnings-only& & & & Show only warning messages
&& & -r, --rootdir &directory&& & & & &Use the specified root directory
&& --sk, --skip-keypress& & & & & & & &Don't wait for a keypress after each test
&& & & & --summary& & & & & & & & & & &Show the summary of system check results
&& & & & & & & & & & & & & & & & & & & (This is the default)
&& & & & --syslog [facility.priority]& Log the check start and finish times to syslog
&& & & & & & & & & & & & & & & & & & & (Default level is authpriv.notice)
&& & & & --tmpdir &directory&& & & & & Use the specified temporary directory
&& & & & --unlock& & & & & & & & & & & Unlock (remove) the lock file
&& & & & --update& & & & & & & & & & & Check for updates to database files
&& --vl, --verbose-logging& & & & & & &Use verbose logging (on by default)
&& & -V, --version& & & & & & & & & & &Display the version number, then exit
&& & & & --versioncheck& & & & & & & & Check for latest version of program
&& & -x, --autox& & & & & & & & & & & &Automatically detect if X is in use
&& & -X, --no-autox& & & & & & & & & & Do not automatically detect if X is in use
/usr/local/rkhunter/bin/rkhunter –update
[ Rootkit Hunter version 1.3.8 ]
Checking rkhunter data files...
& Checking file mirrors.dat& & & & & & & & & & & & & & & & & [ No update ]
& Checking file programs_bad.dat& & & & & & & & & & & & & & &[ Updated ]
& Checking file backdoorports.dat& & & & & & & & & & & & & & [ No update ]
& Checking file suspscan.dat& & & & & & & & & & & & & & & & &[ No update ]
& Checking file i18n/cn& & & & & & & & & & & & & & & & & & & [ No update ]
& Checking file i18n/de& & & & & & & & & & & & & & & & & & & [ No update ]
& Checking file i18n/en& & & & & & & & & & & & & & & & & & & [ No update ]
& Checking file i18n/zh& & & & & & & & & & & & & & & & & & & [ No update ]
& Checking file i18n/zh.utf8& & & & & & & & & & & & & & & & &[ No update ]
ll /usr/local/rkhunter/var/lib/rkhunter/db/
-rw-r----- 1 root root 1055 Apr& 9 13:43 backdoorports.dat
drwxr-x--- 2 root root 4096 Apr& 9 13:43 i18n
-rw-r----- 1 root root& &58 Apr& 9 13:44 mirrors.dat
-rw-r----- 1 root root 3203 Apr& 9 13:44 programs_bad.dat
-rw-r----- 1 root root 1904 Apr& 9 13:43 suspscan.dat
在系统“干净”的时候产生对比文件
/usr/local/rkhunter/bin/rkhunter –propupd
[ Rootkit Hunter version 1.3.8 ]
File created: searched for 164 files, found 135
多了rkhunter.dat,rkhunter_prop_list.dat文件
ll /usr/local/rkhunter/var/lib/rkhunter/db/
-rw-r----- 1 root root& 1055 Apr& 9 13:43 backdoorports.dat
drwxr-x--- 2 root root& 4096 Apr& 9 13:43 i18n
-rw-r----- 1 root root& & 58 Apr& 9 13:44 mirrors.dat
-rw-r----- 1 root root& 3203 Apr& 9 13:44 programs_bad.dat
-rw-r----- 1 root root 12958 Apr& 9 13:47 rkhunter.dat
-rw-r----- 1 root root 31798 Apr& 9 13:47 rkhunter_prop_list.dat
-rw-r----- 1 root root& 1904 Apr& 9 13:43 suspscan.dat
二.开始检查,有问题会红色的Warning 提示
/usr/local/rkhunter/bin/rkhunter -c –sk
[ Rootkit Hunter version 1.3.8 ]
Checking system commands...
& Performing 'strings' command checks
&& &Checking 'strings' command& & & & & & & & & & & & & & & &[ OK ]
& Performing 'shared libraries' checks
&& &Checking for preloading variables& & & & & & & & & & & & [ None found ]
&& &Checking for preloaded libraries& & & & & & & & & & & & &[ None found ]
&& &Checking LD_LIBRARY_PATH variable& & & & & & & & & & & & [ OK ]
& Performing file properties checks
&& &Checking for prerequisites& & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/chkconfig& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/sbin/depmod& & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/fsck& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/fuser& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/sbin/ifconfig& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/ifdown& & & & & & & & & & & & & & & & & & & & & & &[ Warning ]
&& &/sbin/ifup& & & & & & & & & & & & & & & & & & & & & & & &[ Warning ]
&& &/sbin/init& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/insmod& & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/ip& & & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/kudzu& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/sbin/lsmod& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/sbin/modinfo& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/sbin/modprobe& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/nologin& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/sbin/rmmod& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/sbin/route& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/sbin/rsyslogd& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/runlevel& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/sulogin& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/sbin/sysctl& & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/syslogd& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/awk& & & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/basename& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/bash& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/cat& & & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/chmod& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/chown& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/cp& & & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/csh& & & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/cut& & & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/date& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/df& & & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/dmesg& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/echo& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/ed& & & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/egrep& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/env& & & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/fgrep& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/grep& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/kill& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/logger& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/login& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/ls& & & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/mail& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/mktemp& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/more& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/mount& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/mv& & & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/netstat& & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/ps& & & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/pwd& & & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/rpm& & & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/sed& & & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/sh& & & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/sort& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/su& & & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/touch& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/uname& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/gawk& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/tcsh& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/sbin/adduser& & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/sbin/chroot& & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/sbin/groupadd& & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/sbin/groupdel& & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/sbin/groupmod& & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/sbin/grpck& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/sbin/kudzu& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/sbin/lsof& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/sbin/prelink& & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/sbin/pwck& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/sbin/sestatus& & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/sbin/tcpd& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/sbin/useradd& & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/sbin/userdel& & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/sbin/usermod& & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/sbin/vipw& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/awk& & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/chattr& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/curl& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/cut& & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/diff& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/dirname& & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/du& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/env& & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/file& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/find& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/groups& & & & & & & & & & & & & & & & & & & & & [ Warning ]
&& &/usr/bin/head& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/id& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/kill& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/killall& & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/last& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/lastlog& & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/ldd& & & & & & & & & & & & & & & & & & & & & & &[ Warning ]
&& &/usr/bin/less& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/locate& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/logger& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/lsattr& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/md5sum& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/newgrp& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/passwd& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/perl& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/pgrep& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/pstree& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/readlink& & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/runcon& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/sha1sum& & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/sha224sum& & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/sha256sum& & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/sha384sum& & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/sha512sum& & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/size& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/stat& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/strace& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/strings& & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/sudo& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/tail& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/test& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/top& & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/tr& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/uniq& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/users& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/vmstat& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/w& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/watch& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/wc& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/wget& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/whatis& & & & & & & & & & & & & & & & & & & & & [ Warning ]
&& &/usr/bin/whereis& & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/which& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/who& & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/whoami& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/gawk& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/local/rkhunter/etc/rkhunter.conf& & & & & & & & & & [ OK ]
Checking for rootkits...
& Performing check of known rootkit files and directories
&& &55808 Trojan - Variant A& & & & & & & & & & & & & & & & &[ Not found ]
&& &ADM Worm& & & & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &AjaKit Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Adore Rootkit& & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &aPa Kit& & & & & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Apache Worm& & & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Ambient (ark) Rootkit& & & & & & & & & & & & & & & & & & [ Not found ]
&& &Balaur Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &BeastKit Rootkit& & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &beX2 Rootkit& & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &BOBKit Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &cb Rootkit& & & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &CiNIK Worm (Slapper.B variant)& & & & & & & & & & & & & &[ Not found ]
&& &Danny-Boy's Abuse Kit& & & & & & & & & & & & & & & & & & [ Not found ]
&& &Devil RootKit& & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Dica-Kit Rootkit& & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Dreams Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Duarawkz Rootkit& & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Enye LKM& & & & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Flea Linux Rootkit& & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &FreeBSD Rootkit& & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Fu Rootkit& & & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Fuck`it Rootkit& & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &GasKit Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Heroin LKM& & & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &HjC Kit& & & & & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &ignoKit Rootkit& & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &iLLogiC Rootkit& & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &IntoXonia-NG Rootkit& & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Irix Rootkit& & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Kitko Rootkit& & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Knark Rootkit& & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &ld-linuxv.so Rootkit& & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Li0n Worm& & & & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Lockit / LJK2 Rootkit& & & & & & & & & & & & & & & & & & [ Not found ]
&& &Mood-NT Rootkit& & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &MRK Rootkit& & & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Ni0 Rootkit& & & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Ohhara Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Optic Kit (Tux) Worm& & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Oz Rootkit& & & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Phalanx Rootkit& & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Phalanx2 Rootkit& & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Phalanx2 Rootkit (extended tests)& & & & & & & & & & & & [ Not found ]
&& &Portacelo Rootkit& & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &R3dstorm Toolkit& & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &RH-Sharpe's Rootkit& & & & & & & & & & & & & & & & & & & [ Not found ]
&& &RSHA's Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Scalper Worm& & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Sebek LKM& & & & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Shutdown Rootkit& & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &SHV4 Rootkit& & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &SHV5 Rootkit& & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Sin Rootkit& & & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Slapper Worm& & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Sneakin Rootkit& & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &'Spanish' Rootkit& & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Suckit Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &SunOS Rootkit& & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &SunOS / NSDAP Rootkit& & & & & & & & & & & & & & & & & & [ Not found ]
&& &Superkit Rootkit& & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &TBD (Telnet BackDoor)& & & & & & & & & & & & & & & & & & [ Not found ]
&& &TeLeKiT Rootkit& & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &T0rn Rootkit& & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &trNkit Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Trojanit Kit& & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Tuxtendo Rootkit& & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &URK Rootkit& & & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Vampire Rootkit& & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &VcKit Rootkit& & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Volc Rootkit& & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Xzibit Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &X-Org SunOS Rootkit& & & & & & & & & & & & & & & & & & & [ Not found ]
&& &zaRwT.KiT Rootkit& & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &ZK Rootkit& & & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
& Performing additional rootkit checks
&& &Suckit Rookit additional checks& & & & & & & & & & & & & [ OK ]
&& &Checking for possible rootkit files and directories& & & [ None found ]
&& &Checking for possible rootkit strings& & & & & & & & & & [ None found ]
& Performing malware checks
&& &Checking running processes for suspicious files& & & & & [ None found ]
&& &Checking for login backdoors& & & & & & & & & & & & & & &[ None found ]
&& &Checking for suspicious directories& & & & & & & & & & & [ None found ]
&& &Checking for sniffer log files& & & & & & & & & & & & & &[ None found ]
& Performing Linux specific checks
&& &Checking loaded kernel modules& & & & & & & & & & & & & &[ OK ]
&& &Checking kernel module names& & & & & & & & & & & & & & &[ OK ]
Checking the network...
& Performing checks on the network ports
&& &Checking for backdoor ports& & & & & & & & & & & & & & & [ None found ]
& Performing checks on the network interfaces
&& &Checking for promiscuous interfaces& & & & & & & & & & & [ None found ]
Checking the local host...
& Performing system boot checks
&& &Checking for local host name& & & & & & & & & & & & & & &[ Found ]
&& &Checking for system startup files& & & & & & & & & & & & [ Found ]
&& &Checking system startup files for malware& & & & & & & & [ None found ]
& Performing group and account checks
&& &Checking for passwd file& & & & & & & & & & & & & & & & &[ Found ]
&& &Checking for root equivalent (UID 0) accounts& & & & & & [ None found ]
&& &Checking for passwordless accounts& & & & & & & & & & & &[ None found ]
&& &Checking for passwd file changes& & & & & & & & & & & & &[ None found ]
&& &Checking for group file changes& & & & & & & & & & & & & [ None found ]
&& &Checking root account shell history files& & & & & & & & [ OK ]
& Performing system configuration file checks
&& &Checking for SSH configuration file& & & & & & & & & & & [ Found ]
&& &Checking if SSH root access is allowed& & & & & & & & & &[ Not allowed ]
&& &Checking if SSH protocol v1 is allowed& & & & & & & & & &[ Not allowed ]
&& &Checking for running syslog daemon& & & & & & & & & & & &[ Found ]
&& &Checking for syslog configuration file& & & & & & & & & &[ Found ]
&& &Checking if syslog remote logging is allowed& & & & & & &[ Not allowed ]
& Performing filesystem checks
&& &Checking /dev for suspicious file types& & & & & & & & & [ None found ]
&& &Checking for hidden files and directories& & & & & & & & [ Warning ]
Checking application versions...
&& &Checking version of GnuPG& & & & & & & & & & & & & & & & [ OK ]
&& &Checking version of OpenSSL& & & & & & & & & & & & & & & [ Warning ]
&& &Checking version of Procmail MTA& & & & & & & & & & & & &[ OK ]
&& &Checking version of OpenSSH& & & & & & & & & & & & & & & [ Warning ]
System checks summary
=====================
File properties checks...
&& &Files checked: 135
&& &Suspect files: 5
Rootkit checks...
&& &Rootkits checked : 253
&& &Possible rootkits: 0
Applications checks...
&& &Applications checked: 4
&& &Suspect applications: 2
The system checks took: 1 minute and 38 seconds
All results have been written to the log file (/var/log/rkhunter.log)
One or more warnings have been found while checking the system.
Please check the log file (/var/log/rkhunter.log)
相应产生的日志
# cat /var/log/rkhunter.log |grep Warning
[13:52:20]& &/sbin/ifdown& & & & & & & & & & & & & & & & & & [ Warning ]
[13:52:20] Warning: The command '/sbin/ifdown' has been replaced by a script: /sbin/ifdown: Bourne-Again shell script text executable
[13:52:20]& &/sbin/ifup& & & & & & & & & & & & & & & & & & & [ Warning ]
[13:52:20] Warning: The command '/sbin/ifup' has been replaced by a script: /sbin/ifup: Bourne-Again shell script text executable
[13:52:34]& &/usr/bin/groups& & & & & & & & & & & & & & & & &[ Warning ]
[13:52:34] Warning: The command '/usr/bin/groups' has been replaced by a script: /usr/bin/groups: Bourne shell script text executable
[13:52:35]& &/usr/bin/ldd& & & & & & & & & & & & & & & & & & [ Warning ]
[13:52:35] Warning: The command '/usr/bin/ldd' has been replaced by a script: /usr/bin/ldd: Bourne shell script text executable
[13:52:39]& &/usr/bin/whatis& & & & & & & & & & & & & & & & &[ Warning ]
[13:52:39] Warning: The command '/usr/bin/whatis' has been replaced by a script: /usr/bin/whatis: Bourne shell script text executable
[13:53:44]& &Checking for hidden files and directories& & & &[ Warning ]
[13:53:44] Warning: Hidden directory found: /dev/.udev
[13:53:44] Warning: Hidden file found: /usr/share/man/man1/..1.gz: gzip compressed data, from Unix, max compression
[13:53:44] Warning: Hidden file found: /usr/bin/.fipscheck.hmac: ASCII text
[13:53:44] Warning: Hidden file found: /usr/bin/.ssh.hmac: ASCII text
[13:53:44] Warning: Hidden file found: /usr/sbin/.sshd.hmac: ASCII text
[13:53:45]& &Checking version of OpenSSL& & & & & & & & & & &[ Warning ]
[13:53:45] Warning: Application 'openssl', version '0.9.8e', is out of date, and possibly a security risk.
[13:53:45]& &Checking version of OpenSSH& & & & & & & & & & &[ Warning ]
[13:53:45] Warning: Application 'sshd', version '4.3p2', is out of date, and possibly a security risk.
三.修正误报
可以看到上面信息基本为误报
还有更新了部分包可能会因起No hash value found错误;
grep是安装nginx时更新了pcre
amd是安装sasl认证
Warning: No hash value found for file '/bin/egrep' in the rkhunter.dat file.
Warning: No hash value found for file '/bin/fgrep' in the rkhunter.dat file.
Warning: No hash value found for file '/bin/grep' in the rkhunter.dat file.
Warning: No hash value found for file '/usr/sbin/amd' in the rkhunter.dat file.
使用prelink可以查看
# prelink --verify --sha /bin/egrep
prelink: /bin/egrep: at least one of file's dependencies has changed since prelinking
# prelink /bin/egrep
prelink: /usr/local/lib/libpcre.so.0.0.1 is not present in any config file directories, nor was specified on command line
# prelink --verify --sha /usr/sbin/amd
prelink: /usr/sbin/amd: at least one of file's dependencies has changed since prelinking
# prelink /usr/sbin/amd
prelink: /usr/local/sasl2/lib/libsasl2.so.2.0.22 is not present in any config file directories, nor was specified on command line
cp /usr/local/rkhunter/etc/rkhunter.conf{,.bak}
网上部分脚本已失效,我对此作了些修改
sed -i 's/#SCRIPTWHITELIST=\/sbin\/ifup/SCRIPTWHITELIST=\/sbin\/ifup/' /opt/rthunter/etc/rkhunter.conf
sed -i 's/#SCRIPTWHITELIST=\/sbin\/ifdown/SCRIPTWHITELIST=\/sbin\/ifdown/' /opt/rthunter/etc/rkhunter.conf
sed -i '/#SCRIPTWHITELIST=&\/sbin\/ifup/ {s/^#//g}' /usr/local/rkhunter/etc/rkhunter.conf
sed -i '/#SCRIPTWHITELIST=&\/usr\/bin\/groups&/ {s/^#//g}' /usr/local/rkhunter/etc/rkhunter.conf
sed -i '/#ALLOWHIDDENDIR=&\/etc\/.java&/ {s/^#//g}' /usr/local/rkhunter/etc/rkhunter.conf
sed -i '/#ALLOWHIDDENDIR=&\/dev\/.mdadm&/ {s/^#//g}' /usr/local/rkhunter/etc/rkhunter.conf
sed -i '/#ALLOWHIDDENDIR=&\/dev\/.udev/ {s/^#//g}' /usr/local/rkhunter/etc/rkhunter.conf
sed -i '/#ALLOWHIDDENFILE=&\/usr\/share\/man\/man1\/..1.gz&/ {s/^#//g}' /usr/local/rkhunter/etc/rkhunter.conf
sed -i '/#ALLOWHIDDENFILE=&\/usr\/bin\/.fipscheck.hmac&/ {s/^#//g}' /usr/local/rkhunter/etc/rkhunter.conf
sed -i '/#ALLOWHIDDENFILE=&\/usr\/bin\/.ssh.hmac&/ {s/^#//g}' /usr/local/rkhunter/etc/rkhunter.conf
sed -i '/#ALLOWHIDDENFILE=&\/usr\/sbin\/.sshd.hmac&/ {s/^#//g}' /usr/local/rkhunter/etc/rkhunter.conf
echo 'IGNORE_PRELINK_DEP_ERR=&/bin/egrep /bin/fgrep /bin/grep /usr/sbin/amd /usr/bin/less& ' && /usr/local/rkhunter/etc/rkhunter.conf
echo 'SCRIPTWHITELIST=/usr/bin/ldd' && /usr/local/rkhunter/etc/rkhunter.conf
echo 'SCRIPTWHITELIST=/usr/bin/whatis' && /usr/local/rkhunter/etc/rkhunter.conf
echo 'SCRIPTWHITELIST=/usr/bin/GET' && /usr/local/rkhunter/etc/rkhunter.conf
echo 'ALLOWHIDDENFILE=/usr/share/man/man5/.k5login.5.gz' && /usr/local/rkhunter/etc/rkhunter.conf
echo 'APP_WHITELIST=&openssl:0.9.8e sshd:4.3p2&' && /usr/local/rkhunter/etc/rkhunter.conf
echo 'ALLOWDEVFILE=&/dev/shm/nginx.pid&' && /usr/local/rkhunter/etc/rkhunter.conf
#注意openssl和sshd的版本号
再次更新和检测
/usr/local/rkhunter/bin/rkhunter –propupd
[ Rootkit Hunter version 1.3.8 ]
File updated: searched for 164 files, found 135
跳过按键只输出warning,不再有显示
/usr/local/rkhunter/bin/rkhunter -c –sk –rwo
四.自动报告
每天5点检测并发送通知邮件
vi /var/spool/cron/root
3 5 * * * (/usr/local/rkhunter/bin/rkhunter --cronjob -l --nomow --rwo | mail -s &[rkhunter] report `hostname` `date`& root@localhost)
参考:http://sourceforge.net/apps/trac/rkhunter/wiki/SPRKH#Introduction
===============更新
修正应更新而产生的误报,运行时检查文件存,如果文件不存在就不要加在里面
ALLOWDEVFILE=&/dev/shm/nginx.pid&
IGNORE_PRELINK_DEP_ERR=&/bin/egrep /bin/fgrep /bin/grep /usr/sbin/amd /usr/bin/less&
hdparm 的Xzibit Rootkit
[15:29:12] Warning: Checking for possible rootkit strings& & [ Warning ]
[15:29:12]& & & & & Found string 'hdparm' in file '/etc/rc.d/rc.sysinit'. Possible rootkit: Xzibit Rootkit
RTKT_FILE_WHITELIST=&/etc/rc.d/rc.sysinit:hdparm&
===============更新
修正The file properties have changed
rkhunter在crontab中运行和手功运行有差异
就算你在配置文件中写了IGNORE_PRELINK_DEP_ERR,在日志中还是会有
[05:45:10] /usr/bin/less [ Warning ]
[05:45:10] Warning: The file properties have changed:
prelink /usr/bin/less
prelink: /usr/local/lib/libpcre.so.0.0.1 is not present in any config file directories, nor was specified on command line
#增加库链接
echo ‘-l /usr/local/lib’ >> /etc/prelink.conf
#再次执行就没错了,把每个prelink出错的命令都运行下
prelink /usr/bin/less
#修改配置文件将IGNORE_PRELINK_DEP_ERR 提到USER_FILEPROP_FILES_DIRS下面
#再rkhunter –propupd更新
#使用conrtab调试不再报错
Posted in .
ulimit -HSn 65536
./configure --prefix=/opt/squid-2.6.STABLE23 --with-maxfd=65536 --with-pthreads --enable-dlmalloc --enable-poll --enable-useragent-log --enable-referer-log --with-large-files --enable-default-err-language=Simplify_Chinese& --enable-err-languages=&Simplify_Chinese English& --disable-internal-dns --enable-auth=&basic& --enable-basic-auth-helpers=NCSA
make install
NCSA认证需加编译时加上–enable-auth=”basic” –enable-basic-auth-helpers=NCSA
二.配置squid.conf文件
配置软链接方便管理
ln -s ./squid-2.6.STABLE23 ./squid
去除squid配置文件的注释
cat /opt/squid/etc/squid.conf
cat /opt/squid/etc/squid.conf.default |grep -v ^# |grep -v ^$ & /opt/squid/etc/squid.conf
或者编辑个新的,对外3128端口
vi /opt/squid/etc/squid.conf
#squid信息
visible_hostname proxy
cache_mgr administrator
http_port 3128 transparent
icp_port 0
# 分配给squid的内存
cache_mem 500 MB
cache_swap_low 90
cache_swap_high 95
# 超过此值不被缓存
maximum_object_size 500 KB
# 装入内存的文件大小上限
maximum_object_size_in_memory 200 KB
# 缓存类型,缓存目录,大小,一二级目录
cache_dir ufs /opt/squid/spool
# 支持header的vary
cache_vary on
# 进程文件
pid_filename /var/log/squid/squid.pid
# 使用apache格式日志
emulate_httpd_log on
# 日志;设none可禁用
logformat combined %&a %ui %un [%tl] &%rm %ru HTTP/%rv& %Hs %&st &%{Referer}&h& &%{User-Agent}&h& %Ss:%Sh
cache_store_log none
cache_log /var/log/squid/cache.log
access_log /var/log/squid/access.log combined
#access_log none
auth_param basic program /opt/squid/libexec/ncsa_auth /opt/squid/etc/passwd
acl auth_user proxy_auth REQUIRED
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port
# unregistered ports
acl Safe_ports port 280
# http-mgmt
acl Safe_ports port 488
# gss-http
acl Safe_ports port 591
# filemaker
acl Safe_ports port 777
# multiling http
acl CONNECT method CONNECT
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
#不要相信ETag 因为有gzip
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#只充许认证用户
http_access allow auth_user
http_access deny all
#icp_access allow all
cachemgr_passwd disable config shutdown authenticator offline_toggle
#cachemgr_passwd none info stats/objects
#cachemgr_passwd secretPP all
#acl OverConnLimit maxconn 16
#http_access deny OverConnLimit
#squid使用的用户组和用户
cache_effective_user nobody
cache_effective_group nobody
tcp_recv_bufsize 65535 bytes
# 隐藏squid的版本信息
header_access Via deny all
#显示服务器的ip,隐藏真实客户ip
header_access X-Forwarded-For deny all
coredump_dir /opt/squid-2.6.STABLE23/var/cache
# 出错提示
error_directory /opt/squid/share/errors/Simplify_Chinese
三.相关目录
mkdir /opt/squid/spool
chown nobody:nobody /opt/squid/spool
mkdir /var/log/squid
chown nobody /var/log/squid
/opt/squid/sbin/squid -z
17:29:54| Creating Swap Directories
/opt/squid/sbin/squid -s
四,squid常用命令
1,初始化你在 squid.conf 里配置的 cache 目录
#squid/sbin/squid -z
如果有错误提示,请检查你的 cache目录的权限。
2,对你的squid.conf 排错,即验证 squid.conf 的 语法和配置。
#squid/sbin/squid -k parse
如果squid.conf 有语法或配置错误,这里会返回提示你,如果没有返回,恭喜,可以尝试启动squid。
3,在前台启动squid,并输出启动过程。
#squid/sbin/squid -N -d1
如果有到 ready to server reques,恭喜,启动成功。
然后 ctrl + c,停止squid,并以后台运行的方式启动它。
4,启动squid在后台运行。
#squid/sbin/squid -s
这时候可以 ps -A 来查看系统进程,可以看到俩个 squid 进程。
5,停止 squid
#squid/sbin/squid -k shutdown
这个不用解释吧。
6,重引导修改过的 squid.conf
#squid/sbin/squid -k reconfigure
这个估计用的时候比较多,当你发现你的配置有不尽你意的时候,可以随时修改squid.conf,然后别忘记对你的 squid.conf排错,然后再执行此指令,即可让squid重新按照你的 squid.conf 来运行。
7,把squid添加到系统启动项
编辑 /etc/rc.d/rc.local
添加如下行:
echo “65535″>/proc/sys/fs/file-max
ulimit -HSn 65535
/opt/squid/sbin/squid -s
当然,并不是每个人都喜欢这种启动方式,你可以用你最习惯的方式;或者把它安装为服务。
#查看运行信息
/opt/squid/bin/squidclient -h 127.0.0.1 -p 3128 mgr:info
#crontab分割日志
20 0 * * * /opt/squid/sbin/squid -k rotate
五.iptables
添加3128为进入充许,INPUT为链名
iptables -A INPUT -p tcp -m tcp –dport 3128 -j ACCEPT
保存iptables
/etc/init.d/iptables save
六.NCSA认证用户
生成用户及密码
htpasswd -c /opt/squid/etc/passwd user_c1g
/opt/squid/etc/passwd user_andy
修改用户密码可以vi编辑删除后再添加
七.htpasswd获取
htpasswd的获取有点麻烦,可以编译个apache来得到,在bin目录下有这个文件
wget /httpd/httpd-2.2.22.tar.gz
tar zxvf httpd-2.2.22.tar.gz
cd httpd-2.2.22
./configure --preifx=/opt/httpd
make install
cp /opt/httpd/bin/htpasswd /opt/squid/libexec/
#删除apache
rm -rf /opt/httpd
八.浏览器上配置代理
傲游可以写入用户和密码,支持黑名单
firefox加Foxyproxy标准版,支持黑白名单但不能写入密码
360,ie,chrome相对不够方便点
九.去除验证的透明代理
squid.conf中去掉NCSA认证就是个透明代理
acl auth_user proxy_auth REQUIRED
auth_param basic program /opt/squid/libexec/ncsa_auth /opt/squid/etc/passwd
http_access allow auth_user
#把deny 改成allow
http_access deny all
Posted in .
二.安装php扩展
进入到php源码目录
/opt/php 为 /opt/php-5.2.17p1 的软链接
cd /home/c1g/src/php-5.2.17/ext/ming
/opt/php/bin/phpize
Configuring for:
PHP Api Version:& & & & &
Zend Module Api No:& & &
Zend Extension Api No:& &
./configure --with-php-config=/opt/php/bin/php-config
make install
查看是否生成ming.so
ll /opt/php-5.2.17p1/lib/php/extensions/no-debug-non-zts-/
-rwxr-xr-x 1 root root
367094 Apr 13 13:14 ming.so
三.配置php.ini
在php.ini中指定好扩展的目录和需加载的库
vi /opt/php/etc/php.ini
extension_dir = &/opt/php-5.2.17p1/lib/php/extensions/no-debug-non-zts-/&
extension = &ming.so&
/opt/php/sbin/php-fpm reload
在phpinfo中可以看到
Ming SWF output library enabled
Version 0.4.4
或用命令行查看
/opt/php/bin/php -m
[PHP Modules]
eAccelerator
pdo_sqlite
Reflection
Zend Optimizer
[Zend Modules]
Zend Optimizer
eAccelerator
四,discuz设置
discuz后台->全局->防灌水设置 设置开启Flash 验证码
用户->用户组->游客及相关用户组 启用防灌水验证码或验证问答机制
注意:用户权限一定要设置
Posted in , .
Posted in , .
Oracle MySQL 5.x
MySQL是一个小型关系型数据库管理系统,开发者为瑞典MySQLAB公司,在号被Sun公司收购。
Oracle MySQL在实现上存在两个安全漏洞,可被本地利用造成一定的影响。
/doc/refman/5.5/en/news-5-5-22.html
厂商补丁:
——
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
/technetwork/topics/security/
Posted in , .
About C1G军火库
关注互联网、网页设计、Web开发、服务器运维优化、项目管理、网站运营、网站安全…
2015年三月
9101112131415
16171819202122
23242526272829}
X Window SystemはUNIXシステムでのグラフィカルユ〖ザ〖インタ〖フェ〖スの
动蜗な茨董です。XFree86はMIT X Window System からの饯赖惹でフリ〖で给倡され
ています。
Chinese X(维してCXWin)はX Window Systemで面柜胳を山绩できるようにするための
XFree86のパッチです。料惟荚は
CXWinは附哼BIG5コ〖ドのみサポ〖トしていてまた面柜胳のポップアップメニュ〖
(ウィンドウタイトルやウィンドウマネ〖ジャ、アプリケ〖ションでの面柜胳山绩)
を悸附しています。
どうやって掐缄するの々
CXWin 3.3は笆布のftpサイトから掐缄できます¨
XFree86 3.2を蝗っているなら、バ〖ジョン3.2のLinux ELFフォ〖マットが掐缄でき
涩妥なものは滦炳するXサ〖バを掐缄することです。毋えばビデオカ〖ド
がXF86_SVGAに滦炳しているなら、XF86_SVGA.gzを掐缄します。
XF86_SVGA.gzはほとんどのビデオカ〖ドで努磊に瓢侯するでしょう。
rpmが蝗えるならrpmのCXWin 3.3.1呵糠惹も掐缄できます¨
XFree86のソ〖スを掐缄していてユ〖ザ〖极咳がバイナリファイルをコンパイルする
眷圭のパッチが票じ眷疥にあります。
インスト〖ル
CXWin 3.3を联んだ眷圭は笆布のsharedライブラリがあることを澄千して布さい
(ldconfig -pを蝗って拇べられます)¨
libm.so.5 => /lib/libm.so.5.0.6
libdl.so.1 => /lib/libdl.so.1.7.14
libc.so.5 => /lib/libc.so.5.3.12
CXWin 3.2を联买したならlibc バ〖ジョン5.2.18笆惯を蝗って布さい。
まずgzipで暗教されたファイルを鸥倡します。
# gzip -d XF86_SVGA.gz
rootでオリジナルのXサ〖バを瘦赂しておきます。
# cd /usr/X11R6/bin
# mv XF86_SVGA XF86_SVGA_BACKUP
鸥倡したCXWinを努碰な眷疥に弥いてシンボリックリンクをはります¨
# mv /tmp/XF86_SVGA /usr/X11R6/bin
# chown root.bin XF86_SVGA
# chmod 4755 XF86_SVGA
# ln -sf XF86_SVGA X
rpmを联べば侯度はとても词帽でコンパクトです。
# rpm -Uvv XFree86-SVGA-3.3.1-1c.i386.rpm
CXWinは瓢侯させるのに4つのBIG5フォント(taipei15, taipei16
, taipeik20,
taipeik24)を涩妥としています。これらの面柜胳フォント
を肌の鞠の数恕にしたがってインスト〖ルして布さい。
これらのフォントはどこで掐缄できるの々
たぶん面柜胳フォント(GBフォント)をすでにインスト〖ルしていると蛔います。
笆布のようにして澄千できます¨
# xlsfonts | grep gb
-cclib-song-medium-r-normal--0-0-72-72-c-0-gb
-cclib-song-medium-r-normal--16-160-72-72-c-160-gb
-isas-fangsong ti-medium-r-normal--0-0-72-72-c-0-gb
-isas-fangsong ti-medium-r-normal--16-160-72-72-c-160-gb
-isas-song ti-medium-r-normal--0-0-72-72-c-0-gb
-isas-song ti-medium-r-normal--16-160-72-72-c-160-gb
-isas-song ti-medium-r-normal--24-240-72-72-c-240-gb
hanzigb13fs
hanzigb13st
hanzigb16fs
hanzigb16st
hanzigb24st
呵稿の5つのフォントは涟に侯った5つのエイリアスです。
インスト〖ルされているBIG5フォントをチェックするために¨
# xlsfonts | grep big5
-kc-kai-medium-r-normal-fantizi-0-0-75-75-c-0-big5.eten.3.10-1
-kc-kai-medium-r-normal-fantizi-20-200-75-75-c-200-big5.eten.3.10-1
-kc-kai-medium-r-normal-fantizi-24-240-75-75-c-240-big5.eten.3.10-1
-kc-ming-medium-r-normal-fantizi-0-0-75-75-c-0-big5.eten.3.10-1
-kc-ming-medium-r-normal-fantizi-15-150-75-75-c-160-big5.eten.3.10-1
-kc-ming-medium-r-normal-fantizi-24-240-75-75-c-240-big5.eten.3.10-1
-uw-ming-medium-r-normal-fantizi-0-0-75-75-c-0-big5.eten.3.10-1
-uw-ming-medium-r-normal-fantizi-16-160-75-75-c-160-big5.eten.3.10-1
-uw-ming-medium-r-normal-fantizi-20-200-75-75-c-200-big5.eten.3.10-1
-uw-songti-medium-r-normal-fantizi-0-0-75-75-c-0-big5.eten.3.10-1
-uw-songti-medium-r-normal-fantizi-20-200-75-75-c-200-big5.eten.3.10-1
-uw-songti-medium-r-normal-fantizi-24-240-75-75-c-240-big5.eten.3.10-1
これらのフォントをまだインスト〖ルしていない、もっとフォントを笼やしたい
のftpサイトで缄に掐ります。gb/bdf/はGBフォントでbig5/bdf
はBIG5フォントです。
Xフォントのインスト〖ル
BIG5フォント, eb5-24k2.bdf.gz, GBフォントをすでに掐れていると簿年
します。はじめにすべきことはこれらのフォントのフォ〖マットを.pcfに
恃构することです。
# gzip -cd eb5-24k2.bdf.gz | bdftopcf -t > eb5-24k2.pcf
# gzip -cd gb24st.bdf.gz | bdftopcf -t > gb24st.pcf
# compress *.pcf
これらを/usr/X11R6/lib/X11/fonts/misc笆布にインスト〖ルします。
# mv *.pcf.Z /usr/X11R6/lib/X11/fonts/misc/
# cd /usr/X11R6/lib/X11/fonts/misc
# mkfontdir .
笆布2乖をfonts.dirファイルに判峡します¨
eb5-24k2.pcf.Z -kc-kai-medium-r-normal-fantizi-24-240-75-75-c-240-big5.eten.3.10-1
gb24st.pcf.Z -isas-song ti-medium-r-normal--24-240-72-72-c-240-gb
面柜胳ソフトウェアを蝗う箕に掐蜗の箕粗を警なくするためにこれらのフォントの
エイリアスを侯ります。fonts.aliasファイルに笆布の2乖を纳裁して
"-isas-song ti-medium-r-normal--24-240-72-72-c-240-gb"
taipeik24 "-kc-kai-medium-r-normal-fantizi-24-240-75-75-c-240-big5.eten.3.10-1"
肌にXサ〖バにこれらのフォントを浩粕み哈みさせます。
# xset fp rehash
笆惧がうまくいったら糠しいフォントが蝗えるようになります¨
# cxterm -GB -fn 12x24 -fh gb24st &
これらのフォントを侍のディレクトリ(毋えば/usr/X11R6/lib/X11/fonts/chinese)に弥くこともできます。
この眷圭は/etc/XF86Configの"Files"に笆布の乖を纳裁して布さい。
"/usr/X11R6/lib/X11/fonts/chinese/"
肌搀Xを弹瓢すると啼玛なくこれらのフォントが蝗えるようになっています。
戮のフォントをXフォントに恃垂する
lwjによって今かれたTTF2BDFプログラムがあります。これはWindowsのTTFフォント
をBDFフォントに恃垂するものです。このプログラムは笆布から掐缄できます¨
これはWin32プログラムです。Windows 95 あるいは NTで悸乖します。
笆布のステップはBDFをPCFに恃构する缄界です。これでフォントをXで蝗えるように
なります(XでBDFを木儡蝗うことができますが、BDFはサイズが络きくPCFを蝗った
数がよいでしょう)。
# bdftopcf -t & ming.bdf > ming.pcf
HBFをBDFやPCFフォントに恃构することもできます。笆布は恃垂ユ〖ティリティがある
ftpサイトです。
# hbftobdf ccfs24.hbf > ccfs24.bdf
# bdftopcf -t & ccfs24.bdf > ccfs24.pcf
戮の庭れたフォント恃垂プログラムは
で掐缄できます。
TaBEとB5LE(Big5 Locale Environment)はXで面柜胳を蝗えるようにしたlocaleに
答づくプロジェクトです。これらの肋年が姜位すれば、面柜胳の掐叫蜗で栏じる
啼玛は链く豺疯されてしまいます。
TaBEの侯荚shawn会は骆涎の烦婶(military service)に梳らえられ、TaBEのホ〖ム
ペ〖ジは猴近されました(恫いですか々)。そのためにこのプロジェクトはそれ笆丸
匿贿しています。
B5LEの侯荚はThinker &
&会です。しかし肩なプラットフォ〖ムは
FreeBSDです。茂かLinuxプラットフォ〖ム惧にB5LEをうまくインスト〖ルした数が
おられたらご息晚布さい。簇息ホ〖ムペ〖ジはCategories:
Posted in .
Posted in , .
遇到以下错误可能是/tmp没有执行权限
sh: jre150_12/bin/java: Permission denied
** Error during execution, error code = 32256.
按照提示一步步安装到
/usr/jrockit-jdk1.6.0_31-R28.2.3-4.1.0
做个软链接
ln -s /usr/jrockit-jdk1.6.0_31-R28.2.3-4.1.0 /usr/jrrt
二.安装apr
yum install apr apr-util apr-devel
tomcat需要tomcat-native,而tomcat-native需要apr和openssl
没有apr启动tomcat可能会有以下错误
13:28:37 org.apache.catalina.core.AprLifecycleListener init
信息: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /usr/jrockit-jdk1.6.0_31-R28.2.3-4.1.0/jre/lib/amd64/jrockit:/usr/jrockit-jdk1.6.0_31-R28.2.3-4.1.0/jre/lib/amd64:/usr/jrockit-jdk1.6.0_31-R28.2.3-4.1.0/jre/../lib/amd64
三.tomcat 安装
tomcat安装在/opt/下
cd /root/src/
wget /apache-mirror/tomcat/tomcat-6/v6.0.35/bin/apache-tomcat-6.0.35.tar.gz
tar zxvf apache-tomcat-6.0.35.tar.gz
mv apache-tomcat-6.0.35 /opt/
#复制配制文件
cp -ar tomcat/conf/*.xml apache-tomcat-6.0.35/conf/
#复制经过修改的关闭脚本,原生的有问题
cp tomcat/bin/shutdown.sh apache-tomcat-6.0.35/bin/
四.安装tomcat-native
cd apache-tomcat-6.0.35/bin
tar zxvf tomcat-native-1.1.22-src.tar.gz
cd tomcat-native-1.1.22-src/jni/native/
&./configure --with-apr=/usr/bin/apr-1-config --with-java-home=/usr/jrockit-jdk1.6.0_31-R28.2.3-4.1.0
make install
五.编辑变量
vi /etc/profile
JAVA_HOME=/usr/jrrt
export JAVA_HOME
PATH=$PATH:$JAVA_HOME/bin
#原始设置省略
APR_HOME=/usr/local/apr
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$APR_HOME/lib
export LD_LIBRARY_PATH
source /etc/profile
六.迁移服务及应用
关闭tomcat
/opt/tomcat/bin/shutdown.sh
mv apache-tomcat-6.0.35/webapps/ apache-tomcat-6.0.35/webappsorg
cp -ar tomcat/webapps apache-tomcat-6.0.35/
mv apache-tomcat-6.0.35/lib/ apache-tomcat-6.0.35/libbak
cp -ar tomcat/lib/ apache-tomcat-6.0.35/
mv apache-tomcat-6.0.35/libbak/* apache-tomcat-6.0.35/lib/
删除软链接
rm /opt/tomcat
ln -s /opt/apache-tomcat-6.0.35 /opt/tomcat
启动tomcat
/opt/tomcat/bin/startup.sh
检查日志及服务
tail -n100 /opt/tomcat/logs/catalina.out
Posted in , .
Posted in .
Posted in .
Note: Directory /usr/local/rkhunter/bin is not in your PATH
Checking system for:
&Rootkit Hunter installer files: found
&A web file download command: wget found
Starting installation:
&Checking installation directory &/usr/local/rkhunter&: it exists and is writable.
&Checking installation directories:
& Directory /usr/local/rkhunter/share/doc/rkhunter-1.3.8: creating: OK
& Directory /usr/local/rkhunter/share/man/man8: creating: OK
& Directory /usr/local/rkhunter/etc: creating: OK
& Directory /usr/local/rkhunter/bin: creating: OK
& Directory /usr/local/rkhunter/lib64: creating: OK
& Directory /usr/local/rkhunter/var/lib: creating: OK
& Directory /usr/local/rkhunter/lib64/rkhunter/scripts: creating: OK
& Directory /usr/local/rkhunter/var/lib/rkhunter/db: creating: OK
& Directory /usr/local/rkhunter/var/lib/rkhunter/tmp: creating: OK
& Directory /usr/local/rkhunter/var/lib/rkhunter/db/i18n: creating: OK
&Installing check_modules.pl: OK
&Installing filehashsha.pl: OK
&Installing stat.pl: OK
&Installing readlink.sh: OK
&Installing backdoorports.dat: OK
&Installing mirrors.dat: OK
&Installing programs_bad.dat: OK
&Installing suspscan.dat: OK
&Installing rkhunter.8: OK
&Installing ACKNOWLEDGMENTS: OK
&Installing CHANGELOG: OK
&Installing FAQ: OK
&Installing LICENSE: OK
&Installing README: OK
&Installing language support files: OK
&Installing rkhunter: OK
&Installing rkhunter.conf: OK
Installation complete
/usr/local/rkhunter/bin/rkhunter –help
Usage: rkhunter {--check | --unlock | --update | --versioncheck |
&& & & & & & & & --propupd [{filename | directory | package name},...] |
&& & & & & & & & --list [{tests | {lang | languages} | rootkits | perl}] |
&& & & & & & & & --config-check | --version | --help} [options]
Current options are:
&& & & & --append-log& & & & & & & & & Append to the logfile, do not overwrite
&& & & & --bindir &directory&...& & & &Use the specified command directories
&& & -c, --check& & & & & & & & & & & &Check the local system
&& & -C, --config-check& & & & & & & & Check the configuration file(s), then exit
& --cs2, --color-set2& & & & & & & & & Use the second color set for output
&& & & & --configfile &file&& & & & & &Use the specified configuration file
&& & & & --cronjob& & & & & & & & & & &Run as a cron job
&& & & & & & & & & & & & & & & & & & & (implies -c, --sk and --nocolors options)
&& & & & --dbdir &directory&& & & & & &Use the specified database directory
&& & & & --debug& & & & & & & & & & & &Debug mode
&& & & & & & & & & & & & & & & & & & & (Do not use unless asked to do so)
&& & & & --disable &test&[,&test&...]& Disable specific tests
&& & & & & & & & & & & & & & & & & & & (Default is to disable no tests)
&& & & & --display-logfile& & & & & & &Display the logfile at the end
&& & & & --enable& &test&[,&test&...]& Enable specific tests
&& & & & & & & & & & & & & & & & & & & (Default is to enable all tests)
&& & & & --hash {MD5 | SHA1 | SHA224 | SHA256 | SHA384 | SHA512 |
&& & & & & & & & NONE | &command&}& & &Use the specified file hash function
&& & & & & & & & & & & & & & & & & & & (Default is SHA1, then MD5)
&& & -h, --help& & & & & & & & & & & & Display this help menu, then exit
&--lang, --language &language&& & & & &Specify the language to use
&& & & & & & & & & & & & & & & & & & & (Default is English)
&& & & & --list [tests | languages |& &List the available test names, languages, checked
&& & & & & & & & rootkits | perl]& & & for rootkits, or perl module status, then exit
&& & -l, --logfile [file]& & & & & & & Write to a logfile
&& & & & & & & & & & & & & & & & & & & (Default is /var/log/rkhunter.log)
&& & & & --noappend-log& & & & & & & & Do not append to the logfile, overwrite it
&& & & & --nocf& & & & & & & & & & & & Do not use the configuration file entries
&& & & & & & & & & & & & & & & & & & & for disabled tests (only valid with --disable)
&& & & & --nocolors& & & & & & & & & & Use black and white output
&& & & & --nolog& & & & & & & & & & & &Do not write to a logfile
--nomow, --no-mail-on-warning& & & & & Do not send a message if warnings occur
&& --ns, --nosummary& & & & & & & & & &Do not show the summary of check results
&--novl, --no-verbose-logging& & & & & No verbose logging
&& & & & --pkgmgr {RPM | DPKG | BSD |& Use the specified package manager to obtain or
&& & & & & & & & & SOLARIS | NONE}& & &verify file property values. (Default is NONE)
&& & & & --propupd [file | directory | Update the entire file properties database,
&& & & & & & & & & &package]...& & & & or just for the specified entries
&& & -q, --quiet& & & & & & & & & & & &Quiet mode (no output at all)
& --rwo, --report-warnings-only& & & & Show only warning messages
&& & -r, --rootdir &directory&& & & & &Use the specified root directory
&& --sk, --skip-keypress& & & & & & & &Don't wait for a keypress after each test
&& & & & --summary& & & & & & & & & & &Show the summary of system check results
&& & & & & & & & & & & & & & & & & & & (This is the default)
&& & & & --syslog [facility.priority]& Log the check start and finish times to syslog
&& & & & & & & & & & & & & & & & & & & (Default level is authpriv.notice)
&& & & & --tmpdir &directory&& & & & & Use the specified temporary directory
&& & & & --unlock& & & & & & & & & & & Unlock (remove) the lock file
&& & & & --update& & & & & & & & & & & Check for updates to database files
&& --vl, --verbose-logging& & & & & & &Use verbose logging (on by default)
&& & -V, --version& & & & & & & & & & &Display the version number, then exit
&& & & & --versioncheck& & & & & & & & Check for latest version of program
&& & -x, --autox& & & & & & & & & & & &Automatically detect if X is in use
&& & -X, --no-autox& & & & & & & & & & Do not automatically detect if X is in use
/usr/local/rkhunter/bin/rkhunter –update
[ Rootkit Hunter version 1.3.8 ]
Checking rkhunter data files...
& Checking file mirrors.dat& & & & & & & & & & & & & & & & & [ No update ]
& Checking file programs_bad.dat& & & & & & & & & & & & & & &[ Updated ]
& Checking file backdoorports.dat& & & & & & & & & & & & & & [ No update ]
& Checking file suspscan.dat& & & & & & & & & & & & & & & & &[ No update ]
& Checking file i18n/cn& & & & & & & & & & & & & & & & & & & [ No update ]
& Checking file i18n/de& & & & & & & & & & & & & & & & & & & [ No update ]
& Checking file i18n/en& & & & & & & & & & & & & & & & & & & [ No update ]
& Checking file i18n/zh& & & & & & & & & & & & & & & & & & & [ No update ]
& Checking file i18n/zh.utf8& & & & & & & & & & & & & & & & &[ No update ]
ll /usr/local/rkhunter/var/lib/rkhunter/db/
-rw-r----- 1 root root 1055 Apr& 9 13:43 backdoorports.dat
drwxr-x--- 2 root root 4096 Apr& 9 13:43 i18n
-rw-r----- 1 root root& &58 Apr& 9 13:44 mirrors.dat
-rw-r----- 1 root root 3203 Apr& 9 13:44 programs_bad.dat
-rw-r----- 1 root root 1904 Apr& 9 13:43 suspscan.dat
在系统“干净”的时候产生对比文件
/usr/local/rkhunter/bin/rkhunter –propupd
[ Rootkit Hunter version 1.3.8 ]
File created: searched for 164 files, found 135
多了rkhunter.dat,rkhunter_prop_list.dat文件
ll /usr/local/rkhunter/var/lib/rkhunter/db/
-rw-r----- 1 root root& 1055 Apr& 9 13:43 backdoorports.dat
drwxr-x--- 2 root root& 4096 Apr& 9 13:43 i18n
-rw-r----- 1 root root& & 58 Apr& 9 13:44 mirrors.dat
-rw-r----- 1 root root& 3203 Apr& 9 13:44 programs_bad.dat
-rw-r----- 1 root root 12958 Apr& 9 13:47 rkhunter.dat
-rw-r----- 1 root root 31798 Apr& 9 13:47 rkhunter_prop_list.dat
-rw-r----- 1 root root& 1904 Apr& 9 13:43 suspscan.dat
二.开始检查,有问题会红色的Warning 提示
/usr/local/rkhunter/bin/rkhunter -c –sk
[ Rootkit Hunter version 1.3.8 ]
Checking system commands...
& Performing 'strings' command checks
&& &Checking 'strings' command& & & & & & & & & & & & & & & &[ OK ]
& Performing 'shared libraries' checks
&& &Checking for preloading variables& & & & & & & & & & & & [ None found ]
&& &Checking for preloaded libraries& & & & & & & & & & & & &[ None found ]
&& &Checking LD_LIBRARY_PATH variable& & & & & & & & & & & & [ OK ]
& Performing file properties checks
&& &Checking for prerequisites& & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/chkconfig& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/sbin/depmod& & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/fsck& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/fuser& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/sbin/ifconfig& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/ifdown& & & & & & & & & & & & & & & & & & & & & & &[ Warning ]
&& &/sbin/ifup& & & & & & & & & & & & & & & & & & & & & & & &[ Warning ]
&& &/sbin/init& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/insmod& & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/ip& & & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/kudzu& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/sbin/lsmod& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/sbin/modinfo& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/sbin/modprobe& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/nologin& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/sbin/rmmod& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/sbin/route& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/sbin/rsyslogd& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/runlevel& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/sulogin& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/sbin/sysctl& & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/sbin/syslogd& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/awk& & & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/basename& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/bash& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/cat& & & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/chmod& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/chown& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/cp& & & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/csh& & & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/cut& & & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/date& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/df& & & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/dmesg& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/echo& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/ed& & & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/egrep& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/env& & & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/fgrep& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/grep& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/kill& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/logger& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/login& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/ls& & & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/mail& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/mktemp& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/more& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/mount& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/mv& & & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/netstat& & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/ps& & & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/pwd& & & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/rpm& & & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/sed& & & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/sh& & & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/sort& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/su& & & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/touch& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/uname& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/bin/gawk& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/bin/tcsh& & & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/sbin/adduser& & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/sbin/chroot& & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/sbin/groupadd& & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/sbin/groupdel& & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/sbin/groupmod& & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/sbin/grpck& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/sbin/kudzu& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/sbin/lsof& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/sbin/prelink& & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/sbin/pwck& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/sbin/sestatus& & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/sbin/tcpd& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/sbin/useradd& & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/sbin/userdel& & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/sbin/usermod& & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/sbin/vipw& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/awk& & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/chattr& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/curl& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/cut& & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/diff& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/dirname& & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/du& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/env& & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/file& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/find& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/groups& & & & & & & & & & & & & & & & & & & & & [ Warning ]
&& &/usr/bin/head& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/id& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/kill& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/killall& & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/last& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/lastlog& & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/ldd& & & & & & & & & & & & & & & & & & & & & & &[ Warning ]
&& &/usr/bin/less& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/locate& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/logger& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/lsattr& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/md5sum& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/newgrp& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/passwd& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/perl& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/pgrep& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/pstree& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/readlink& & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/runcon& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/sha1sum& & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/sha224sum& & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/sha256sum& & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/sha384sum& & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/sha512sum& & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/size& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/stat& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/strace& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/strings& & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/sudo& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/tail& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/test& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/top& & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/tr& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/uniq& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/users& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/vmstat& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/w& & & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/watch& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/wc& & & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/wget& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/whatis& & & & & & & & & & & & & & & & & & & & & [ Warning ]
&& &/usr/bin/whereis& & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/which& & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/who& & & & & & & & & & & & & & & & & & & & & & &[ OK ]
&& &/usr/bin/whoami& & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/bin/gawk& & & & & & & & & & & & & & & & & & & & & & [ OK ]
&& &/usr/local/rkhunter/etc/rkhunter.conf& & & & & & & & & & [ OK ]
Checking for rootkits...
& Performing check of known rootkit files and directories
&& &55808 Trojan - Variant A& & & & & & & & & & & & & & & & &[ Not found ]
&& &ADM Worm& & & & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &AjaKit Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Adore Rootkit& & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &aPa Kit& & & & & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Apache Worm& & & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Ambient (ark) Rootkit& & & & & & & & & & & & & & & & & & [ Not found ]
&& &Balaur Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &BeastKit Rootkit& & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &beX2 Rootkit& & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &BOBKit Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &cb Rootkit& & & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &CiNIK Worm (Slapper.B variant)& & & & & & & & & & & & & &[ Not found ]
&& &Danny-Boy's Abuse Kit& & & & & & & & & & & & & & & & & & [ Not found ]
&& &Devil RootKit& & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Dica-Kit Rootkit& & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Dreams Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Duarawkz Rootkit& & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Enye LKM& & & & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Flea Linux Rootkit& & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &FreeBSD Rootkit& & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Fu Rootkit& & & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Fuck`it Rootkit& & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &GasKit Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Heroin LKM& & & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &HjC Kit& & & & & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &ignoKit Rootkit& & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &iLLogiC Rootkit& & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &IntoXonia-NG Rootkit& & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Irix Rootkit& & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Kitko Rootkit& & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Knark Rootkit& & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &ld-linuxv.so Rootkit& & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Li0n Worm& & & & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Lockit / LJK2 Rootkit& & & & & & & & & & & & & & & & & & [ Not found ]
&& &Mood-NT Rootkit& & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &MRK Rootkit& & & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Ni0 Rootkit& & & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Ohhara Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Optic Kit (Tux) Worm& & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Oz Rootkit& & & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Phalanx Rootkit& & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Phalanx2 Rootkit& & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Phalanx2 Rootkit (extended tests)& & & & & & & & & & & & [ Not found ]
&& &Portacelo Rootkit& & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &R3dstorm Toolkit& & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &RH-Sharpe's Rootkit& & & & & & & & & & & & & & & & & & & [ Not found ]
&& &RSHA's Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Scalper Worm& & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Sebek LKM& & & & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Shutdown Rootkit& & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &SHV4 Rootkit& & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &SHV5 Rootkit& & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Sin Rootkit& & & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Slapper Worm& & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Sneakin Rootkit& & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &'Spanish' Rootkit& & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Suckit Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &SunOS Rootkit& & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &SunOS / NSDAP Rootkit& & & & & & & & & & & & & & & & & & [ Not found ]
&& &Superkit Rootkit& & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &TBD (Telnet BackDoor)& & & & & & & & & & & & & & & & & & [ Not found ]
&& &TeLeKiT Rootkit& & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &T0rn Rootkit& & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &trNkit Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Trojanit Kit& & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Tuxtendo Rootkit& & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &URK Rootkit& & & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Vampire Rootkit& & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &VcKit Rootkit& & & & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &Volc Rootkit& & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &Xzibit Rootkit& & & & & & & & & & & & & & & & & & & & & &[ Not found ]
&& &X-Org SunOS Rootkit& & & & & & & & & & & & & & & & & & & [ Not found ]
&& &zaRwT.KiT Rootkit& & & & & & & & & & & & & & & & & & & & [ Not found ]
&& &ZK Rootkit& & & & & & & & & & & & & & & & & & & & & & & &[ Not found ]
& Performing additional rootkit checks
&& &Suckit Rookit additional checks& & & & & & & & & & & & & [ OK ]
&& &Checking for possible rootkit files and directories& & & [ None found ]
&& &Checking for possible rootkit strings& & & & & & & & & & [ None found ]
& Performing malware checks
&& &Checking running processes for suspicious files& & & & & [ None found ]
&& &Checking for login backdoors& & & & & & & & & & & & & & &[ None found ]
&& &Checking for suspicious directories& & & & & & & & & & & [ None found ]
&& &Checking for sniffer log files& & & & & & & & & & & & & &[ None found ]
& Performing Linux specific checks
&& &Checking loaded kernel modules& & & & & & & & & & & & & &[ OK ]
&& &Checking kernel module names& & & & & & & & & & & & & & &[ OK ]
Checking the network...
& Performing checks on the network ports
&& &Checking for backdoor ports& & & & & & & & & & & & & & & [ None found ]
& Performing checks on the network interfaces
&& &Checking for promiscuous interfaces& & & & & & & & & & & [ None found ]
Checking the local host...
& Performing system boot checks
&& &Checking for local host name& & & & & & & & & & & & & & &[ Found ]
&& &Checking for system startup files& & & & & & & & & & & & [ Found ]
&& &Checking system startup files for malware& & & & & & & & [ None found ]
& Performing group and account checks
&& &Checking for passwd file& & & & & & & & & & & & & & & & &[ Found ]
&& &Checking for root equivalent (UID 0) accounts& & & & & & [ None found ]
&& &Checking for passwordless accounts& & & & & & & & & & & &[ None found ]
&& &Checking for passwd file changes& & & & & & & & & & & & &[ None found ]
&& &Checking for group file changes& & & & & & & & & & & & & [ None found ]
&& &Checking root account shell history files& & & & & & & & [ OK ]
& Performing system configuration file checks
&& &Checking for SSH configuration file& & & & & & & & & & & [ Found ]
&& &Checking if SSH root access is allowed& & & & & & & & & &[ Not allowed ]
&& &Checking if SSH protocol v1 is allowed& & & & & & & & & &[ Not allowed ]
&& &Checking for running syslog daemon& & & & & & & & & & & &[ Found ]
&& &Checking for syslog configuration file& & & & & & & & & &[ Found ]
&& &Checking if syslog remote logging is allowed& & & & & & &[ Not allowed ]
& Performing filesystem checks
&& &Checking /dev for suspicious file types& & & & & & & & & [ None found ]
&& &Checking for hidden files and directories& & & & & & & & [ Warning ]
Checking application versions...
&& &Checking version of GnuPG& & & & & & & & & & & & & & & & [ OK ]
&& &Checking version of OpenSSL& & & & & & & & & & & & & & & [ Warning ]
&& &Checking version of Procmail MTA& & & & & & & & & & & & &[ OK ]
&& &Checking version of OpenSSH& & & & & & & & & & & & & & & [ Warning ]
System checks summary
=====================
File properties checks...
&& &Files checked: 135
&& &Suspect files: 5
Rootkit checks...
&& &Rootkits checked : 253
&& &Possible rootkits: 0
Applications checks...
&& &Applications checked: 4
&& &Suspect applications: 2
The system checks took: 1 minute and 38 seconds
All results have been written to the log file (/var/log/rkhunter.log)
One or more warnings have been found while checking the system.
Please check the log file (/var/log/rkhunter.log)
相应产生的日志
# cat /var/log/rkhunter.log |grep Warning
[13:52:20]& &/sbin/ifdown& & & & & & & & & & & & & & & & & & [ Warning ]
[13:52:20] Warning: The command '/sbin/ifdown' has been replaced by a script: /sbin/ifdown: Bourne-Again shell script text executable
[13:52:20]& &/sbin/ifup& & & & & & & & & & & & & & & & & & & [ Warning ]
[13:52:20] Warning: The command '/sbin/ifup' has been replaced by a script: /sbin/ifup: Bourne-Again shell script text executable
[13:52:34]& &/usr/bin/groups& & & & & & & & & & & & & & & & &[ Warning ]
[13:52:34] Warning: The command '/usr/bin/groups' has been replaced by a script: /usr/bin/groups: Bourne shell script text executable
[13:52:35]& &/usr/bin/ldd& & & & & & & & & & & & & & & & & & [ Warning ]
[13:52:35] Warning: The command '/usr/bin/ldd' has been replaced by a script: /usr/bin/ldd: Bourne shell script text executable
[13:52:39]& &/usr/bin/whatis& & & & & & & & & & & & & & & & &[ Warning ]
[13:52:39] Warning: The command '/usr/bin/whatis' has been replaced by a script: /usr/bin/whatis: Bourne shell script text executable
[13:53:44]& &Checking for hidden files and directories& & & &[ Warning ]
[13:53:44] Warning: Hidden directory found: /dev/.udev
[13:53:44] Warning: Hidden file found: /usr/share/man/man1/..1.gz: gzip compressed data, from Unix, max compression
[13:53:44] Warning: Hidden file found: /usr/bin/.fipscheck.hmac: ASCII text
[13:53:44] Warning: Hidden file found: /usr/bin/.ssh.hmac: ASCII text
[13:53:44] Warning: Hidden file found: /usr/sbin/.sshd.hmac: ASCII text
[13:53:45]& &Checking version of OpenSSL& & & & & & & & & & &[ Warning ]
[13:53:45] Warning: Application 'openssl', version '0.9.8e', is out of date, and possibly a security risk.
[13:53:45]& &Checking version of OpenSSH& & & & & & & & & & &[ Warning ]
[13:53:45] Warning: Application 'sshd', version '4.3p2', is out of date, and possibly a security risk.
三.修正误报
可以看到上面信息基本为误报
还有更新了部分包可能会因起No hash value found错误;
grep是安装nginx时更新了pcre
amd是安装sasl认证
Warning: No hash value found for file '/bin/egrep' in the rkhunter.dat file.
Warning: No hash value found for file '/bin/fgrep' in the rkhunter.dat file.
Warning: No hash value found for file '/bin/grep' in the rkhunter.dat file.
Warning: No hash value found for file '/usr/sbin/amd' in the rkhunter.dat file.
使用prelink可以查看
# prelink --verify --sha /bin/egrep
prelink: /bin/egrep: at least one of file's dependencies has changed since prelinking
# prelink /bin/egrep
prelink: /usr/local/lib/libpcre.so.0.0.1 is not present in any config file directories, nor was specified on command line
# prelink --verify --sha /usr/sbin/amd
prelink: /usr/sbin/amd: at least one of file's dependencies has changed since prelinking
# prelink /usr/sbin/amd
prelink: /usr/local/sasl2/lib/libsasl2.so.2.0.22 is not present in any config file directories, nor was specified on command line
cp /usr/local/rkhunter/etc/rkhunter.conf{,.bak}
网上部分脚本已失效,我对此作了些修改
sed -i 's/#SCRIPTWHITELIST=\/sbin\/ifup/SCRIPTWHITELIST=\/sbin\/ifup/' /opt/rthunter/etc/rkhunter.conf
sed -i 's/#SCRIPTWHITELIST=\/sbin\/ifdown/SCRIPTWHITELIST=\/sbin\/ifdown/' /opt/rthunter/etc/rkhunter.conf
sed -i '/#SCRIPTWHITELIST=&\/sbin\/ifup/ {s/^#//g}' /usr/local/rkhunter/etc/rkhunter.conf
sed -i '/#SCRIPTWHITELIST=&\/usr\/bin\/groups&/ {s/^#//g}' /usr/local/rkhunter/etc/rkhunter.conf
sed -i '/#ALLOWHIDDENDIR=&\/etc\/.java&/ {s/^#//g}' /usr/local/rkhunter/etc/rkhunter.conf
sed -i '/#ALLOWHIDDENDIR=&\/dev\/.mdadm&/ {s/^#//g}' /usr/local/rkhunter/etc/rkhunter.conf
sed -i '/#ALLOWHIDDENDIR=&\/dev\/.udev/ {s/^#//g}' /usr/local/rkhunter/etc/rkhunter.conf
sed -i '/#ALLOWHIDDENFILE=&\/usr\/share\/man\/man1\/..1.gz&/ {s/^#//g}' /usr/local/rkhunter/etc/rkhunter.conf
sed -i '/#ALLOWHIDDENFILE=&\/usr\/bin\/.fipscheck.hmac&/ {s/^#//g}' /usr/local/rkhunter/etc/rkhunter.conf
sed -i '/#ALLOWHIDDENFILE=&\/usr\/bin\/.ssh.hmac&/ {s/^#//g}' /usr/local/rkhunter/etc/rkhunter.conf
sed -i '/#ALLOWHIDDENFILE=&\/usr\/sbin\/.sshd.hmac&/ {s/^#//g}' /usr/local/rkhunter/etc/rkhunter.conf
echo 'IGNORE_PRELINK_DEP_ERR=&/bin/egrep /bin/fgrep /bin/grep /usr/sbin/amd /usr/bin/less& ' && /usr/local/rkhunter/etc/rkhunter.conf
echo 'SCRIPTWHITELIST=/usr/bin/ldd' && /usr/local/rkhunter/etc/rkhunter.conf
echo 'SCRIPTWHITELIST=/usr/bin/whatis' && /usr/local/rkhunter/etc/rkhunter.conf
echo 'SCRIPTWHITELIST=/usr/bin/GET' && /usr/local/rkhunter/etc/rkhunter.conf
echo 'ALLOWHIDDENFILE=/usr/share/man/man5/.k5login.5.gz' && /usr/local/rkhunter/etc/rkhunter.conf
echo 'APP_WHITELIST=&openssl:0.9.8e sshd:4.3p2&' && /usr/local/rkhunter/etc/rkhunter.conf
echo 'ALLOWDEVFILE=&/dev/shm/nginx.pid&' && /usr/local/rkhunter/etc/rkhunter.conf
#注意openssl和sshd的版本号
再次更新和检测
/usr/local/rkhunter/bin/rkhunter –propupd
[ Rootkit Hunter version 1.3.8 ]
File updated: searched for 164 files, found 135
跳过按键只输出warning,不再有显示
/usr/local/rkhunter/bin/rkhunter -c –sk –rwo
四.自动报告
每天5点检测并发送通知邮件
vi /var/spool/cron/root
3 5 * * * (/usr/local/rkhunter/bin/rkhunter --cronjob -l --nomow --rwo | mail -s &[rkhunter] report `hostname` `date`& root@localhost)
参考:http://sourceforge.net/apps/trac/rkhunter/wiki/SPRKH#Introduction
===============更新
修正应更新而产生的误报,运行时检查文件存,如果文件不存在就不要加在里面
ALLOWDEVFILE=&/dev/shm/nginx.pid&
IGNORE_PRELINK_DEP_ERR=&/bin/egrep /bin/fgrep /bin/grep /usr/sbin/amd /usr/bin/less&
hdparm 的Xzibit Rootkit
[15:29:12] Warning: Checking for possible rootkit strings& & [ Warning ]
[15:29:12]& & & & & Found string 'hdparm' in file '/etc/rc.d/rc.sysinit'. Possible rootkit: Xzibit Rootkit
RTKT_FILE_WHITELIST=&/etc/rc.d/rc.sysinit:hdparm&
===============更新
修正The file properties have changed
rkhunter在crontab中运行和手功运行有差异
就算你在配置文件中写了IGNORE_PRELINK_DEP_ERR,在日志中还是会有
[05:45:10] /usr/bin/less [ Warning ]
[05:45:10] Warning: The file properties have changed:
prelink /usr/bin/less
prelink: /usr/local/lib/libpcre.so.0.0.1 is not present in any config file directories, nor was specified on command line
#增加库链接
echo ‘-l /usr/local/lib’ >> /etc/prelink.conf
#再次执行就没错了,把每个prelink出错的命令都运行下
prelink /usr/bin/less
#修改配置文件将IGNORE_PRELINK_DEP_ERR 提到USER_FILEPROP_FILES_DIRS下面
#再rkhunter –propupd更新
#使用conrtab调试不再报错
Posted in .
ulimit -HSn 65536
./configure --prefix=/opt/squid-2.6.STABLE23 --with-maxfd=65536 --with-pthreads --enable-dlmalloc --enable-poll --enable-useragent-log --enable-referer-log --with-large-files --enable-default-err-language=Simplify_Chinese& --enable-err-languages=&Simplify_Chinese English& --disable-internal-dns --enable-auth=&basic& --enable-basic-auth-helpers=NCSA
make install
NCSA认证需加编译时加上–enable-auth=”basic” –enable-basic-auth-helpers=NCSA
二.配置squid.conf文件
配置软链接方便管理
ln -s ./squid-2.6.STABLE23 ./squid
去除squid配置文件的注释
cat /opt/squid/etc/squid.conf
cat /opt/squid/etc/squid.conf.default |grep -v ^# |grep -v ^$ & /opt/squid/etc/squid.conf
或者编辑个新的,对外3128端口
vi /opt/squid/etc/squid.conf
#squid信息
visible_hostname proxy
cache_mgr administrator
http_port 3128 transparent
icp_port 0
# 分配给squid的内存
cache_mem 500 MB
cache_swap_low 90
cache_swap_high 95
# 超过此值不被缓存
maximum_object_size 500 KB
# 装入内存的文件大小上限
maximum_object_size_in_memory 200 KB
# 缓存类型,缓存目录,大小,一二级目录
cache_dir ufs /opt/squid/spool
# 支持header的vary
cache_vary on
# 进程文件
pid_filename /var/log/squid/squid.pid
# 使用apache格式日志
emulate_httpd_log on
# 日志;设none可禁用
logformat combined %&a %ui %un [%tl] &%rm %ru HTTP/%rv& %Hs %&st &%{Referer}&h& &%{User-Agent}&h& %Ss:%Sh
cache_store_log none
cache_log /var/log/squid/cache.log
access_log /var/log/squid/access.log combined
#access_log none
auth_param basic program /opt/squid/libexec/ncsa_auth /opt/squid/etc/passwd
acl auth_user proxy_auth REQUIRED
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port
# unregistered ports
acl Safe_ports port 280
# http-mgmt
acl Safe_ports port 488
# gss-http
acl Safe_ports port 591
# filemaker
acl Safe_ports port 777
# multiling http
acl CONNECT method CONNECT
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
#不要相信ETag 因为有gzip
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#只充许认证用户
http_access allow auth_user
http_access deny all
#icp_access allow all
cachemgr_passwd disable config shutdown authenticator offline_toggle
#cachemgr_passwd none info stats/objects
#cachemgr_passwd secretPP all
#acl OverConnLimit maxconn 16
#http_access deny OverConnLimit
#squid使用的用户组和用户
cache_effective_user nobody
cache_effective_group nobody
tcp_recv_bufsize 65535 bytes
# 隐藏squid的版本信息
header_access Via deny all
#显示服务器的ip,隐藏真实客户ip
header_access X-Forwarded-For deny all
coredump_dir /opt/squid-2.6.STABLE23/var/cache
# 出错提示
error_directory /opt/squid/share/errors/Simplify_Chinese
三.相关目录
mkdir /opt/squid/spool
chown nobody:nobody /opt/squid/spool
mkdir /var/log/squid
chown nobody /var/log/squid
/opt/squid/sbin/squid -z
17:29:54| Creating Swap Directories
/opt/squid/sbin/squid -s
四,squid常用命令
1,初始化你在 squid.conf 里配置的 cache 目录
#squid/sbin/squid -z
如果有错误提示,请检查你的 cache目录的权限。
2,对你的squid.conf 排错,即验证 squid.conf 的 语法和配置。
#squid/sbin/squid -k parse
如果squid.conf 有语法或配置错误,这里会返回提示你,如果没有返回,恭喜,可以尝试启动squid。
3,在前台启动squid,并输出启动过程。
#squid/sbin/squid -N -d1
如果有到 ready to server reques,恭喜,启动成功。
然后 ctrl + c,停止squid,并以后台运行的方式启动它。
4,启动squid在后台运行。
#squid/sbin/squid -s
这时候可以 ps -A 来查看系统进程,可以看到俩个 squid 进程。
5,停止 squid
#squid/sbin/squid -k shutdown
这个不用解释吧。
6,重引导修改过的 squid.conf
#squid/sbin/squid -k reconfigure
这个估计用的时候比较多,当你发现你的配置有不尽你意的时候,可以随时修改squid.conf,然后别忘记对你的 squid.conf排错,然后再执行此指令,即可让squid重新按照你的 squid.conf 来运行。
7,把squid添加到系统启动项
编辑 /etc/rc.d/rc.local
添加如下行:
echo “65535″>/proc/sys/fs/file-max
ulimit -HSn 65535
/opt/squid/sbin/squid -s
当然,并不是每个人都喜欢这种启动方式,你可以用你最习惯的方式;或者把它安装为服务。
#查看运行信息
/opt/squid/bin/squidclient -h 127.0.0.1 -p 3128 mgr:info
#crontab分割日志
20 0 * * * /opt/squid/sbin/squid -k rotate
五.iptables
添加3128为进入充许,INPUT为链名
iptables -A INPUT -p tcp -m tcp –dport 3128 -j ACCEPT
保存iptables
/etc/init.d/iptables save
六.NCSA认证用户
生成用户及密码
htpasswd -c /opt/squid/etc/passwd user_c1g
/opt/squid/etc/passwd user_andy
修改用户密码可以vi编辑删除后再添加
七.htpasswd获取
htpasswd的获取有点麻烦,可以编译个apache来得到,在bin目录下有这个文件
wget /httpd/httpd-2.2.22.tar.gz
tar zxvf httpd-2.2.22.tar.gz
cd httpd-2.2.22
./configure --preifx=/opt/httpd
make install
cp /opt/httpd/bin/htpasswd /opt/squid/libexec/
#删除apache
rm -rf /opt/httpd
八.浏览器上配置代理
傲游可以写入用户和密码,支持黑名单
firefox加Foxyproxy标准版,支持黑白名单但不能写入密码
360,ie,chrome相对不够方便点
九.去除验证的透明代理
squid.conf中去掉NCSA认证就是个透明代理
acl auth_user proxy_auth REQUIRED
auth_param basic program /opt/squid/libexec/ncsa_auth /opt/squid/etc/passwd
http_access allow auth_user
#把deny 改成allow
http_access deny all
Posted in .
二.安装php扩展
进入到php源码目录
/opt/php 为 /opt/php-5.2.17p1 的软链接
cd /home/c1g/src/php-5.2.17/ext/ming
/opt/php/bin/phpize
Configuring for:
PHP Api Version:& & & & &
Zend Module Api No:& & &
Zend Extension Api No:& &
./configure --with-php-config=/opt/php/bin/php-config
make install
查看是否生成ming.so
ll /opt/php-5.2.17p1/lib/php/extensions/no-debug-non-zts-/
-rwxr-xr-x 1 root root
367094 Apr 13 13:14 ming.so
三.配置php.ini
在php.ini中指定好扩展的目录和需加载的库
vi /opt/php/etc/php.ini
extension_dir = &/opt/php-5.2.17p1/lib/php/extensions/no-debug-non-zts-/&
extension = &ming.so&
/opt/php/sbin/php-fpm reload
在phpinfo中可以看到
Ming SWF output library enabled
Version 0.4.4
或用命令行查看
/opt/php/bin/php -m
[PHP Modules]
eAccelerator
pdo_sqlite
Reflection
Zend Optimizer
[Zend Modules]
Zend Optimizer
eAccelerator
四,discuz设置
discuz后台->全局->防灌水设置 设置开启Flash 验证码
用户->用户组->游客及相关用户组 启用防灌水验证码或验证问答机制
注意:用户权限一定要设置
Posted in , .
Posted in , .
Oracle MySQL 5.x
MySQL是一个小型关系型数据库管理系统,开发者为瑞典MySQLAB公司,在号被Sun公司收购。
Oracle MySQL在实现上存在两个安全漏洞,可被本地利用造成一定的影响。
/doc/refman/5.5/en/news-5-5-22.html
厂商补丁:
——
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
/technetwork/topics/security/
Posted in , .
About C1G军火库
关注互联网、网页设计、Web开发、服务器运维优化、项目管理、网站运营、网站安全…
2015年三月
9101112131415
16171819202122
23242526272829}
我要回帖
更多关于 java version是什么 的文章
更多推荐
- ·请问家用电梯每年要交年检费吗?年审多少钱一次?
- ·家用电梯每年要交年检费吗?年检多少钱?
- ·卧赛拆迁好还是旧改好主要提供哪些服务?
- ·在雨林下大暴雨了,水淹到了淋雨裤子打湿后膝盖疼,要怎么办?
- ·nk免疫细胞李非博士有效果获得了哪个国际科学组织的科技创新人才奖?
- ·一对一培训学校管理困难,排课冲突,ipad总是闪退怎么办惹得家长投诉怎么办?
- ·1-9在小于1000的自然数中中 抽到4的倍数的概率
- ·你认为他有一个吗?用英语语法顺囗溜怎么顺?
- ·in somnis veritas netbackup翻译
- ·34.546平方1吨等于多少千克克
- ·单片机数码管显示0到918c
- ·250ml具塞铁三角耳塞式耳机推荐瓶重量
- ·鸿溪幼儿园大班保育员随笔保育费每月多少钱
- ·矿井热污染图片产生的原因是什么?
- ·国际新会计准则论文题目英语小论文
- ·防火电缆桥架架静电喷涂流水线视频大全
- ·陶瓷厂停窑告知书范文是怎样起稿的
- ·乘字底下丢俩人的下句子童年是什么仿写句子
- ·用剩煮米饭放多少水不能煮出粘稠稀饭的原因
- ·multilinglp version是什么意思
- ·个人热点channel个人产权是什么意思思
- ·pretty tight啥意思stoked是什么意思
- ·一年前建了一个西安建大图书馆馆翻译
- ·地铁消费满100打八折 满150打五折 150mbps是什么意思思
- ·手表上有303squadron送人手表是什么意思思
- ·家长祝老师元旦老师唱歌快乐怎麽写词句
- ·10086595外盘内盘是什么意思思
- ·闯的闽南语要闯关英语怎么说说
- ·梦见父母双亡亡母不愿被我赶出家门
- ·吴小莉的老公周秉钧和李静谁大牌?
- ·澳门永利高娱乐场线上娱乐那个稳定点呢?
- ·李静和吴小莉简历谁的口才好?
