β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Introduction to common Linux network security tools by UnderCode
pinterest.com/UnderCodeOfficial
π¦LETS START:
1) Although various versions of Linux distribution comes with a lot of free open-source software, but there are still a large number of useful tools are not default.
γγ
2) Included in their installation CDs are, in particular, some toolkits that can enhance Linux network security, and most of them are also open source free software.
π¦ Here is a brief introduction to several tools to enhance Linux network security.
1) sudo
γγ sudo is a program used by system administrators to allow some users to run some / all system commands as root. An obvious use is to enhance the security of the site. If you need to do some daily work as root every day and often execute some fixed commands that can only be executed by root, then sudo is very suitable for you.
sudo's homepage is at: http://www.courtesan.com/courtesan/products/sudo/
γγ
2) Take Redhat as an example, the following describes the installation and setup process:
γγ
3) First, you can download the rpm package for Redhat Linux from the sudo homepage.
It's at ftp://ftp.freshmeat.net/pub/rpms/sudo/ currently the latest stable version 1.5.9p4.
4) γExecute #rpm -ivh sudo * to install, then edit / etc / sudoers file with / usr / sbin / visudo.
5) If you are prompted that you cannot find / usr / bin / vi but you actually have the vi program in the directory / bin, you need
ln -sf / bin / vi / usr / bin / vi creates a symbolic link for vi under / usr / bin. (Note: I encountered this on Redhat 6.1, and this problem does not exist on Redhat 5.x)
γγ
6) In addition, if some other error occurs, you may also need #chmod 700 / var / run / sudo
π¦ Below is my / etc / sudoers Example file:
[root @ sh-proxy / etc] # more sudoers
Host_Alias ββSERVER = sh-proxy
# User alias specification
User_Alias ββADMIN = jephe, tome
# Cmnd alias specification
Cmnd_Alias ββSHUTDOWN = / etc / halt, / etc / shutdown, / etc / reboot
ADMIN SERVER = SHUTDOWN
jephe SERVER = / usr / bin / tail -f / var / log / maillog
jephe SERVER = / usr / bin / tail -f / var / log / messages
# User privilege specification
root ALL = (ALL) ALL
-----------
1) Since I often need to log in to the server remotely to observe the changes in the email log file / var / log / maillog, I added this line to / etc / sudoers so that I do nβt need to log in as root to complete my daily work and improve safety.
2) Sniffit Sniffit
γγis a well-known network port probe. You can configure it to run in the background to detect which TCP / IP ports the user's input / output information is on.
γ
3) The most commonly used function is that an attacker can use it to detect the data transfer on your 23 (telnet) and 110 (pop3) ports to easily get your login password and mail account password. Sniffit is basically used by the vandal. Tools, but if you want to know how to enhance the security of your site, you should first know the various tools used by intruders.
4) sniffit's homepage is at http://reptile.rug.ac.be/~coder/sniffit/sniffit.html You can download the latest version from there. Installation is very easy, just run #tar xvfz sniff * solution in the root directory Open all files to the corresponding directory.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Introduction to common Linux network security tools by UnderCode
pinterest.com/UnderCodeOfficial
π¦LETS START:
1) Although various versions of Linux distribution comes with a lot of free open-source software, but there are still a large number of useful tools are not default.
γγ
2) Included in their installation CDs are, in particular, some toolkits that can enhance Linux network security, and most of them are also open source free software.
π¦ Here is a brief introduction to several tools to enhance Linux network security.
1) sudo
γγ sudo is a program used by system administrators to allow some users to run some / all system commands as root. An obvious use is to enhance the security of the site. If you need to do some daily work as root every day and often execute some fixed commands that can only be executed by root, then sudo is very suitable for you.
sudo's homepage is at: http://www.courtesan.com/courtesan/products/sudo/
γγ
2) Take Redhat as an example, the following describes the installation and setup process:
γγ
3) First, you can download the rpm package for Redhat Linux from the sudo homepage.
It's at ftp://ftp.freshmeat.net/pub/rpms/sudo/ currently the latest stable version 1.5.9p4.
4) γExecute #rpm -ivh sudo * to install, then edit / etc / sudoers file with / usr / sbin / visudo.
5) If you are prompted that you cannot find / usr / bin / vi but you actually have the vi program in the directory / bin, you need
ln -sf / bin / vi / usr / bin / vi creates a symbolic link for vi under / usr / bin. (Note: I encountered this on Redhat 6.1, and this problem does not exist on Redhat 5.x)
γγ
6) In addition, if some other error occurs, you may also need #chmod 700 / var / run / sudo
π¦ Below is my / etc / sudoers Example file:
[root @ sh-proxy / etc] # more sudoers
Host_Alias ββSERVER = sh-proxy
# User alias specification
User_Alias ββADMIN = jephe, tome
# Cmnd alias specification
Cmnd_Alias ββSHUTDOWN = / etc / halt, / etc / shutdown, / etc / reboot
ADMIN SERVER = SHUTDOWN
jephe SERVER = / usr / bin / tail -f / var / log / maillog
jephe SERVER = / usr / bin / tail -f / var / log / messages
# User privilege specification
root ALL = (ALL) ALL
-----------
1) Since I often need to log in to the server remotely to observe the changes in the email log file / var / log / maillog, I added this line to / etc / sudoers so that I do nβt need to log in as root to complete my daily work and improve safety.
2) Sniffit Sniffit
γγis a well-known network port probe. You can configure it to run in the background to detect which TCP / IP ports the user's input / output information is on.
γ
3) The most commonly used function is that an attacker can use it to detect the data transfer on your 23 (telnet) and 110 (pop3) ports to easily get your login password and mail account password. Sniffit is basically used by the vandal. Tools, but if you want to know how to enhance the security of your site, you should first know the various tools used by intruders.
4) sniffit's homepage is at http://reptile.rug.ac.be/~coder/sniffit/sniffit.html You can download the latest version from there. Installation is very easy, just run #tar xvfz sniff * solution in the root directory Open all files to the corresponding directory.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Pinterest
UndercOde (UNDERCODEOFFICIAL) on Pinterest
UndercOde | πππππ£βπ ππ πππ€π₯πππ βπ ππ‘πππͺ:
Programming, Web & Applications makers, Host, bugs fix, Satellite Reicivers Programming..
Started Since 2011
Programming, Web & Applications makers, Host, bugs fix, Satellite Reicivers Programming..
Started Since 2011
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦γsecurity tips :
instagram.com/undercodeTesting
1) Execute #rpm -ivh sudo * to install, then edit / etc / sudoers file with / usr / sbin / visudo.
2) If the system prompts that you cannot find / usr / bin / vi but you actually have the vi program in the directory / bin, you need
ln -sf / bin / vi / usr / bin / vi creates symbolic links under / usr / bin for vi. (Note: I met on Redhat 6.1, there is no problem on Redhat 5.x)
γγ
3) Also, if some other error occurs, you may also need #chmod 700 / var / run / sudo
Here is my / etc / sudoers File example:
[root @ sh-proxy / etc] # more sudoers
Host_Alias ββSERVER = sh-proxy
# User alias specification
User_Alias ββADMIN = jephe, tome
# Cmnd alias specification
Cmnd_Alias ββSHUTDOWN = / etc / halt, / etc / shutdown, / etc / reboot
π¦ADMIN SERVER = SHUTDOWN
jephe SERVER = / usr / bin / tail -f / var / log / maillog
jephe SERVER = / usr / bin / tail -f / var / log / messages
# User privilege specification
root ALL = (ALL) ALL
-----------
π¦ γSince I often need to log in to the server remotely to observe the changes in the email log file / var / log / maillog, so I added this line to / etc / sudoers, so that I do nβt need to log in frequently as root to complete my daily work, improved safety.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦γsecurity tips :
instagram.com/undercodeTesting
1) Execute #rpm -ivh sudo * to install, then edit / etc / sudoers file with / usr / sbin / visudo.
2) If the system prompts that you cannot find / usr / bin / vi but you actually have the vi program in the directory / bin, you need
ln -sf / bin / vi / usr / bin / vi creates symbolic links under / usr / bin for vi. (Note: I met on Redhat 6.1, there is no problem on Redhat 5.x)
γγ
3) Also, if some other error occurs, you may also need #chmod 700 / var / run / sudo
Here is my / etc / sudoers File example:
[root @ sh-proxy / etc] # more sudoers
Host_Alias ββSERVER = sh-proxy
# User alias specification
User_Alias ββADMIN = jephe, tome
# Cmnd alias specification
Cmnd_Alias ββSHUTDOWN = / etc / halt, / etc / shutdown, / etc / reboot
π¦ADMIN SERVER = SHUTDOWN
jephe SERVER = / usr / bin / tail -f / var / log / maillog
jephe SERVER = / usr / bin / tail -f / var / log / messages
# User privilege specification
root ALL = (ALL) ALL
-----------
π¦ γSince I often need to log in to the server remotely to observe the changes in the email log file / var / log / maillog, so I added this line to / etc / sudoers, so that I do nβt need to log in frequently as root to complete my daily work, improved safety.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
# <br>
# Order deny, allow <br>
# Deny from all <br>
# <br>
# <br>
γγHere you can see another usage of Directory, that is, you can use a simple pattern matching method to target different distributions. Sub-directories under the directory define access control permissions. This setting requires the Apache server to perform additional processing on each path, which will reduce the performance of the server, so this access restriction is not turned on by default. <br>
You can see another statement Limit here. The Limit statement is used to set access control for specific request methods. Among them, you can use the request methods supported by various servers such as GET and POST to set Limit parameters to set Limit access to different request methods. Generally, you can open the three request methods for GET, POST, and HEAD, and block other request methods to increase security. In the Limit statement, you can use Order, Allow, Deny, Allow and Deny can use the matching method to limit the domain name and IP, but the domain name is matched from front to back, and the IP address is matched from front to back. <br>
γγDirectoryIndex index.html <br>
γγIn many cases, the URL does not specify the name of the document, but only gives a directory name. Then the Apache server will automatically return the files defined by DirectoryIndex in this directory. Of course, you can specify multiple file names, and the system will search sequentially in this directory. When all the files specified by DirectoryIndex do not exist, the Apache server can generate a list of all files in this directory according to the system settings to provide users with options. At this time, the Indexes option (Options Indexes) in the access control options of the directory must be turned on to enable the server to generate a directory list, otherwise Apache will deny access. <br>
γγAccessFileName .htaccess <br>
γγ
> AccessFileName defines the file name of the access control file in each directory. The default is .htaccess. You can change the access control restrictions of different directories by changing this file. <br>
Order allow, deny <br>
Deny from all <br>
γ
> γIn addition to access control for directories, you can also set access control based on files, which
is the task of File statements. Using the File statement, no matter which directory the file is in, as long as the name matches, you must accept the corresponding access control. This statement is more important for system security. For example, the above example will block all users from accessing the .htaccess file, so as to prevent the key security information in .htaccess from being obtained by customers. <br>
γγ#chmod acheNegotiatedDocs <br> By
γγdefault, if the proxy server and the Apache server negotiate whether to cache their web pages, Apache gives a
negative answer to <br> and does not want their web pages to be cached by the proxy server. However, this can not effectively use the advantages of the proxy server, so you can set the CacheNegotiatieDocs option, so that the proxy server can cache web pages. However, even if this option is not set, some proxy servers (or by adjusting the settings) can also cache web pages. <br>
γγUseCanonicalName On <br>
γγTurning on UseCanonicalName is a standard practice for Web servers, because most of the requests sent by customers are references to this server, so that the server can use the settings of ServerName and Port options to build a complete URL and respond to the customer so that the browser can Canonical URL. If this parameter is set to Off, Apache will use the server name and port value obtained from the client request (the client supporting HTTP 1.1 will have this information) and rebuild the URL. <br>
γγTypesConfig /usr/local/apache/etc/mime.types <br>
γγTypeConfig is used to set the file name that holds different MIME type data, the default setting under Linux is / usr / local / apache / etc / mime.types. <br>
γγDefaultType text / plain <br>
# Order deny, allow <br>
# Deny from all <br>
# <br>
# <br>
γγHere you can see another usage of Directory, that is, you can use a simple pattern matching method to target different distributions. Sub-directories under the directory define access control permissions. This setting requires the Apache server to perform additional processing on each path, which will reduce the performance of the server, so this access restriction is not turned on by default. <br>
You can see another statement Limit here. The Limit statement is used to set access control for specific request methods. Among them, you can use the request methods supported by various servers such as GET and POST to set Limit parameters to set Limit access to different request methods. Generally, you can open the three request methods for GET, POST, and HEAD, and block other request methods to increase security. In the Limit statement, you can use Order, Allow, Deny, Allow and Deny can use the matching method to limit the domain name and IP, but the domain name is matched from front to back, and the IP address is matched from front to back. <br>
γγDirectoryIndex index.html <br>
γγIn many cases, the URL does not specify the name of the document, but only gives a directory name. Then the Apache server will automatically return the files defined by DirectoryIndex in this directory. Of course, you can specify multiple file names, and the system will search sequentially in this directory. When all the files specified by DirectoryIndex do not exist, the Apache server can generate a list of all files in this directory according to the system settings to provide users with options. At this time, the Indexes option (Options Indexes) in the access control options of the directory must be turned on to enable the server to generate a directory list, otherwise Apache will deny access. <br>
γγAccessFileName .htaccess <br>
γγ
> AccessFileName defines the file name of the access control file in each directory. The default is .htaccess. You can change the access control restrictions of different directories by changing this file. <br>
Order allow, deny <br>
Deny from all <br>
γ
> γIn addition to access control for directories, you can also set access control based on files, which
is the task of File statements. Using the File statement, no matter which directory the file is in, as long as the name matches, you must accept the corresponding access control. This statement is more important for system security. For example, the above example will block all users from accessing the .htaccess file, so as to prevent the key security information in .htaccess from being obtained by customers. <br>
γγ#chmod acheNegotiatedDocs <br> By
γγdefault, if the proxy server and the Apache server negotiate whether to cache their web pages, Apache gives a
negative answer to <br> and does not want their web pages to be cached by the proxy server. However, this can not effectively use the advantages of the proxy server, so you can set the CacheNegotiatieDocs option, so that the proxy server can cache web pages. However, even if this option is not set, some proxy servers (or by adjusting the settings) can also cache web pages. <br>
γγUseCanonicalName On <br>
γγTurning on UseCanonicalName is a standard practice for Web servers, because most of the requests sent by customers are references to this server, so that the server can use the settings of ServerName and Port options to build a complete URL and respond to the customer so that the browser can Canonical URL. If this parameter is set to Off, Apache will use the server name and port value obtained from the client request (the client supporting HTTP 1.1 will have this information) and rebuild the URL. <br>
γγTypesConfig /usr/local/apache/etc/mime.types <br>
γγTypeConfig is used to set the file name that holds different MIME type data, the default setting under Linux is / usr / local / apache / etc / mime.types. <br>
γγDefaultType text / plain <br>
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦LINUX SECURITY
> Here is a brief introduction to several tools to enhance Linux network security.
1) Sudo
γγ sudo is a program used by system administrators to allow certain users to run some / all system commands as root. An obvious purpose is to enhance the security of the site. If you need to do some daily work as root every day, often execute some fixed commands that can only be executed as root, then sudo is very suitable for you.
The homepage of sudo
> Taking Redhat as an example, the following describes the installation and setup process:
γ
γ
> First, you can download the rpm package for Redhat Linux from the sudo homepage.
It is currently available at ftp://ftp.freshmeat.net/pub/rpms/sudo/ the latest stable
γγ
>Execute #rpm -ivh sudo * to install, then edit / etc / sudoers file with / usr / sbin / visudo.
If you are prompted that you cannot find / usr / bin / vi but you actually have the vi program in the directory / bin, you need
ln -sf / bin / vi / usr / bin / vi creates a symbolic link under / usr / bin for vi. (Note: I met on Redhat 6.1, there is no problem on Redhat 5.x)
γγ
> Also, if some other error occurs, you may also need #chmod 700 / var / run / sudo
2) Here is my / etc / sudoers File example:
[root @ sh-proxy / etc] # more sudoers
Host_Alias ββSERVER = sh-proxy
# User alias specification
User_Alias ββADMIN = jephe, tome
# Cmnd alias specification
Cmnd_Alias ββSHUTDOWN = / etc / halt, / etc / shutdown, / etc / reboot
ADMIN SERVER = SHUTDOWN
jephe SERVER = / usr / bin / tail -f / var / log / maillog
jephe SERVER = / usr / bin / tail -f / var / log / messages
# User privilege specification
root ALL = (ALL) ALL
3) observe the changes in the email log file / var / log / maillog, so I added this line to / etc / sudoers
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦LINUX SECURITY
> Here is a brief introduction to several tools to enhance Linux network security.
1) Sudo
γγ sudo is a program used by system administrators to allow certain users to run some / all system commands as root. An obvious purpose is to enhance the security of the site. If you need to do some daily work as root every day, often execute some fixed commands that can only be executed as root, then sudo is very suitable for you.
The homepage of sudo
> Taking Redhat as an example, the following describes the installation and setup process:
γ
γ
> First, you can download the rpm package for Redhat Linux from the sudo homepage.
It is currently available at ftp://ftp.freshmeat.net/pub/rpms/sudo/ the latest stable
γγ
>Execute #rpm -ivh sudo * to install, then edit / etc / sudoers file with / usr / sbin / visudo.
If you are prompted that you cannot find / usr / bin / vi but you actually have the vi program in the directory / bin, you need
ln -sf / bin / vi / usr / bin / vi creates a symbolic link under / usr / bin for vi. (Note: I met on Redhat 6.1, there is no problem on Redhat 5.x)
γγ
> Also, if some other error occurs, you may also need #chmod 700 / var / run / sudo
2) Here is my / etc / sudoers File example:
[root @ sh-proxy / etc] # more sudoers
Host_Alias ββSERVER = sh-proxy
# User alias specification
User_Alias ββADMIN = jephe, tome
# Cmnd alias specification
Cmnd_Alias ββSHUTDOWN = / etc / halt, / etc / shutdown, / etc / reboot
ADMIN SERVER = SHUTDOWN
jephe SERVER = / usr / bin / tail -f / var / log / maillog
jephe SERVER = / usr / bin / tail -f / var / log / messages
# User privilege specification
root ALL = (ALL) ALL
3) observe the changes in the email log file / var / log / maillog, so I added this line to / etc / sudoers
β β β ο½ππ»βΊπ«Δπ¬πβ β β β