分类目录归档:系统管理

Windows\Linux\*nix系统管理

How to setup an SFTP server on CentOS

This tutorial explains how to setup and use an SFTP server on CentOS. Before I start, let me explain what actually SFTP represents and what it is used for. Currently, most people know that we can use normal FTP for transferring, downloading or uploading data from a server to client or client to server. But this protocol is getting hacked easily (if TLS is not used) by anonymous intruders as it the ports are widely open to anyone. Therefore, SFTP has been introduced to as another alternative to meet the main purpose to strengthen the security level.

SFTP stands for SSH File Transfer Protocol or Secure File Transfer Protocol. It uses a separate protocol packaged with SSH to provide a secure connection. 继续阅读

Linux: TMOUT To Automatically Log Users Out

How do I auto Logout my shell user in Linux after certain minutes of inactivity?

Linux bash shell allows you to define the TMOUT environment variable. Set TMOUT to automatically log users out after a period of inactivity. The value is defined in seconds. For example,

export TMOUT=120

export TMOUT=120

The above command will implement a 2 minute idle time-out for the default /bin/bash shell. You can edit your ~/.bash_profile or /etc/profile file as follows to define a 5 minute idle time out:

# set a 5 min timeout policy for bash shell
TMOUT=300
readonly TMOUT
export TMOUT

# set a 5 min timeout policy for bash shell TMOUT=300 readonly TMOUT export TMOUT

Save and close the file. The readonly command is used to make variables and functions readonly i.e. you user cannot change the value of variable called TMOUT.

How Do I Disable TMOUT?

To disable auto-logout, just set the TMOUT to zero or unset it as follows:
$ export TMOUT=0
or
$ unset TMOUT
Please note that readonly variable can only be disabled by root in /etc/profile or ~/.bash_profile.

A Note About TCSH SHELL and OpenSSH Server/Client

SSH allows administrators to set an idle timeout interval in /etc/ssh/sshd_config file. TCSH user should use autologout variable. Please see our previous FAQ “Linux / UNIX Automatically Log BASH / TCSH / SSH Users Out After a Period of Inactivity” for more information.

apache禁止访问文件或目录执行权限、禁止运行脚本PHP文件的设置方法

我们来看俩段通常对上传目录设置无权限的列子,配置如下:

代码如下:

<Directory “/var/www/upload”>
<FilesMatch “.php”>
Order Allow,Deny
Deny from all
</FilesMatch>
</Directory>

这些配置表面上看起来是没什么问题的,确实在windows下可以这么说。
但是linux就不同了,大家都是知道的linux操作系统是区分大小写的,这里如果换成大写后缀名*.phP一类就pass了 继续阅读

File System Redirector

The %windir%\System32 directory is reserved for 64-bit applications. Most DLL file names were not changed when 64-bit versions of the DLLs were created, so 32-bit versions of the DLLs are stored in a different directory. WOW64 hides this difference by using a file system redirector.

In most cases, whenever a 32-bit application attempts to access %windir%\System32, the access is redirected to %windir%\SysWOW64. Access to %windir%\lastgood\system32 is redirected to %windir%\lastgood\SysWOW64. Access to %windir%\regedit.exe is redirected to %windir%\SysWOW64\regedit.exe.

If the access causes the system to display the UAC prompt, redirection does not occur. Instead, the 64-bit version of the requested file is launched. To prevent this problem, either specify the SysWOW64 directory to avoid redirection and ensure access to the 32-bit version of the file, or run the 32-bit application with administrator privileges so the UAC prompt is not displayed. 继续阅读

ubuntu修改mysql 5.7数据存储目录datadir

环境:Ubuntu 16.04、mysql5.7

在16.04版本的MySQL数据库,默认是5.7版本的;
想要修改MySQL数据库存储的目录,需要了解mysql配置文件,以及apparmor的配置文件。
这里提一下apparnor 是控制访问权限的,而mysql依赖它,所以不单单是改完mysql配置文件的内容,同样的需要修改apparmor的相应的配置文件。
1.创建MySQL另外存储的目录
mkdir /database/mysql
chmod 700 /database/mysql
chowd mysql:mysq /database/mysql
2.将以前的数据库复制到新的存储目录 (这样避免了再次初始化,并且数据还在)
cp -av /var/lib/mysql/* /database/mysql
3.删除日志 (不删除会报错)
rm -rf /database/mysql/ib_logfile0
rm -rf /database/mysql/ib_logfile1

继续阅读

Auditd – Linux 服务器安全审计工具

安全防护是首先要考虑的问题。为了避免别人盗取我们的数据,我们需要时刻关注它。安全防护包括很多东西,审计是其中之一。

我们知道Linux系统上有一个叫 auditd 的审计工具。这个工具在大多数Linux操作系统中是默认安装的。那么auditd 是什么?该如何使用呢?下面我们开始介绍。

继续阅读

tcpdump使用技巧

一般情况下,非HTTP协议的网络分析,在服务器端用tcpdump比较多,在客户端用wireshark比较多,两个抓包软件的语法是一样的。

一、基本语法

1.1、过滤主机

  • 抓取所有经过eth1,目的或源地址是192.168.1.1的网络数据
tcpdump -i eth1 host 192.168.1.1
  • 指定源地址
tcpdump -i eth1 src host 192.168.1.1
  • 指定目的地址
tcpdump -i eth1 dst host 192.168.1.1

1.2、过滤端口

继续阅读

proxy代理类型:透明代理、匿名代理、混淆代理和高匿代理

使用代理可以做很多事, 例如匿名爬虫不被封IP, 获取特殊权限(例如大学代理获取文献), 爬墙等. 代理分几种种类, 常见就是透明,匿名和高匿. 例如西刺代理就提供透明和高匿代理(其实是不是高匿也不知道 ╮(╯▽╰)╭)

这4种代理,主要是在代理服务器端的配置不同,导致其向目标地址发送请求时,REMOTE_ADDRHTTP_VIAHTTP_X_FORWARDED_FOR三个变量不同。从安全程度来说, 高匿>混淆>匿名>透明. 继续阅读

refused smux peer: oid >SNMPv2-SMI::enterprises.674.10892.1

In my ESX server after installing Dell Open Manager we are getting this message on the syslog:
“refused smux peer: oid >SNMPv2-SMI::enterprises.674.10892.1”

The solution:

The openmanage install should have appeneded this line to
# vi /etc/snmp/snmd.conf

#(comment) Allow Systems Management Data Engine SNMP to connect to snmpd using SMUX
(ADD THE LINE)
smuxpeer .1.3.6.1.4.1.674.10892.1

Then be sure to restart the snmpd service.
# /etc/init.d/snmpd stop
# /etc/init.d/snmpd start

nagios 结合Dell-OMSA监控设备硬件

 

Nagiso 客户端要求必须在dell服务器上安装 OMSA(Openmanage Server Administrator)

 
Nagios客户端安装OMSA (可参考http://linux.dell.com/repo/hardware/OMSA_7.4.0/)

1、增加dell的yum库 ( 可以访问 http://linux.dell.com/repo/hardware 查看最新版本 )
 wget -q -O - http://linux.dell.com/repo/hardware/OMSA_7.4.0/bootstrap.cgi | bash

2、安装srvadmin
 yum install srvadmin-all -y

3、启动srvadmin
/opt/dell/srvadmin/sbin/srvadmin-services.sh start

Nagios 服务端配置
 
1、dell官方OMSA监控脚本下载(下载至Nagios 服务器 /usr/local/nagios/libexec下,并赋nagios执行权限)
 wget  http://folk.uio.no/trondham/software/check_openmanage-3.7.11/check_openmanage
 
 另,由于check_openmanage为perl脚本,故需perl解释器 需安装 perl-Net-SNMP
yum install perl-Net-SNMP  
 
2、以下是手动执行脚本获取硬件状态
 
#电压
./check_openmanage -H 192.168.1.100  --only voltage
VOLTAGE OK - 20 voltage probes checked

 
#cpu
./check_openmanage -H 192.168.1.100  --only cpu
PROCESSORS OK - 1 processors checked

 
#风扇转速
./check_openmanage -H 192.168.1.100  --only fans
FANS OK - 12 fan probes checked

#存储
./check_openmanage -H 192.168.1.100  --only storage
STORAGE OK - 3 physical drives, 1 logical drives

 
#内存
./check_openmanage -H 192.168.1.100  --only memory
MEMORY OK - 2 memory modules, 32768 MB total memory

 
#电池
./check_openmanage -H 192.168.1.100  --only batteries
BATTERIES OK - 1 batteries checked

 
check_openmanage 脚本更多详细用法请参考:
http://folk.uio.no/trondham/software/check_openmanage.html
如果以上无报错时,便可配置到Nagios 中了,配置方法网上较多,在这里就不多说了


#卸载openManage Server Administrator
yum erase $(rpm -qa | grep srvadmin)

继续阅读