原创力文档- 1、原创力文档(book118)网站文档一经付费(服务费),不意味着购买了该文档的版权,仅供个人/单位学习、研究之用,不得用于商业用途,未经授权,严禁复制、发行、汇编、翻译或者网络传播等,侵权必究。。
- 2、本站所有内容均由合作方或网友上传,本站不对文档的完整性、权威性及其观点立场正确性做任何保证或承诺!文档内容仅供研究参考,付费前请自行鉴别。如您付费,意味着您自己接受本站规则且自行承担风险,本站不退款、不进行额外附加服务;查看《如何避免下载的几个坑》。如果您已付费下载过本站文档,您可以点击 这里二次下载。
- 3、如文档侵犯商业秘密、侵犯著作权、侵犯人身权等,请点击“版权申诉”(推荐),也可以打举报电话:400-050-0827(电话支持时间:9:00-18:30)。
- 4、该文档为VIP文档,如果想要下载,成为VIP会员后,下载免费。
- 5、成为VIP后,下载本文档将扣除1次下载权益。下载后,不支持退款、换文档。如有疑问请联系我们。
- 6、成为VIP后,您将拥有八大权益,权益包括:VIP文档下载权益、阅读免打扰、文档格式转换、高级专利检索、专属身份标志、高级客服、多端互通、版权登记。
- 7、VIP文档为合作方或网友上传,每下载1次, 网站将根据用户上传文档的质量评分、类型等,对文档贡献者给予高额补贴、流量扶持。如果你也想贡献VIP文档。上传文档
查看更多
unix安全构架经验(UNIX security architecture experience)
unix安全构架经验(UNIX security architecture experience)
UNIX security architecture experience report this post
--------------------------------------------------------------------------------
Here are some personal experience, I believe that whether the invasion by UNIX or UNIX-clone (FreeBSD, OpenBSD, NetBSD, Linux, etc) are useful:
First we can source path to track intruders through the following commands and configuration file system:
1.who------ (see who landed in the system)
2.w-------- (see who log on to the system, and in what to do)
3.last----- (user display and TTYS system have been landing)
4.lastcomm- (display system used to be run command)
5.netstat-- (you can view the current network state, such as telnet to your machine to the users IP address and other network state. )
6. see the router information.
7./var/log/messages external user login status
8. use finger to see all the user login.
9. see the user directory under the /home/username landing (.History.rchist, etc) historical documents. Note:Who,w,last, andlastcomm on these commands are /var/log/pacct, /var/log/wtmp, /etc/utmp to report the information to you. Many smart system administrators will shield these log information for intruders (/var/log/*, /var/log/wtmp, etc) recommended that you install tcp_wrapper illegal landing all connections to your machine)
The system administrator to close all possible backdoor, must prevent intruders from accessing the internal network from the external potential. (interested in FREEBSD articles, I can look at the security framework in the security literature of the Green Corps in the website of FreeBSD (1)). If the invaders found the system administrator that he has entered the system, he may by RM -rf / * try to conceal their traces.
Third, the configuration file system commands and we want to protect the system to prevent intruders get right to modify the system replacement.
1. /bin/login
2. /usr/etc/in.* files (for example: in.telnetd)
3.inetd super daemon (listen
您可能关注的文档
- qq炫舞3.0版本最新称号大全(QQ Dancer 3 latest version Title Daquan).doc
- qq餐厅知识问答(QQ restaurant quiz).doc
- qq飞车抽奖(QQ Speed draw).doc
- qq餐厅答题答案大全(QQ restaurant answer questions Daquan).doc
- qq飞车赛车改装技巧(QQ racing car refitting skills).doc
- p、r开头的核心词汇(Core vocabulary at the beginning of P and R).doc
- qtp学习历程(QTP learning process).doc
- q世博口译词汇(Q Expo interpretation vocabulary).doc
- raid、裸容量、可用容量的概念(The concept of raid, bare capacity, available capacity).doc
- qc和qa的区别(The difference between QC and QA).doc
- ups不间断电源电池衔接技巧 保养注意(UPS uninterruptible power supply battery connection skills, maintenance attention).doc
- ups基础知识(UPS Basics).doc
- unity性能优化(Unity performance tuning).doc
- uc装甲资料(月钛超高张力钢高达尼姆合金)(UC armor material (monthly titanium ultra high tensile steel up to Nimes alloy)).doc
- ups常用电池的应用常识(UPS common battery application common sense).doc
- ups电池保养(UPS battery maintenance).doc
- ups电源蓄电池配置使用的计算方法(Calculation method of UPS power supply battery configuration use).doc
- ups配电池学习(UPS battery learning).doc
- uml九种图(UML nine graphs).doc
- usb 蓝牙 dongle 在linux上的使用(The use of USB Bluetooth dongle on Linux).doc
文档评论(0)