Linux掃描木馬:chkrootkit、rkhunter
Linux有兩個掃木馬的軟體:chkrootkit、rkhunter,安裝使用皆很簡單,用YUM即可。
◎chkrootkit
1.安裝
yum install chkrootkit
2.執行掃瞄
chkrootkit
◎rkhunter
1.安裝
yum install rkhunter
2.更新
rkhunter --update
3.執行掃瞄
全系統掃瞄,換掃描項目時會詢問
rkhunter -c
全系統掃描,不尋問
rkhunter -c -sk
2008年8月25日 星期一
YUM的好幫手:rpmforge
rpmforge是從原本的dag站台獨立出來的
官網說明:
http://dag.wieers.com/rpm/FAQ.php#B
安裝方法:
1.視系統選擇安裝的版本指令
# Red Hat Enterprise Linux 5 / i386:
rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
# Red Hat Enterprise Linux 5 / x86_64:
rpm -Uhv http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS//rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
# Red Hat Enterprise Linux 4 / i386:
rpm -Uhv http://apt.sw.be/redhat/el4/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el4.rf.i386.rpm
# Red Hat Enterprise Linux 4 / x86_64:
rpm -Uhv http://apt.sw.be/redhat/el4/en/x86_64/rpmforge/RPMS/rpmforge-release-0.3.6-1.el4.rf.x86_64.rpm
# Red Hat Enterprise Linux 3 / i386:
rpm -Uhv http://apt.sw.be/redhat/el3/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el3.rf.i386.rpm
# Red Hat Enterprise Linux 3 / x86_64:
rpm -Uhv http://apt.sw.be/redhat/el3/en/x86_64/rpmforge/RPMS/rpmforge-release-0.3.6-1.el3.rf.x86_64.rpm
# Red Hat Enterprise Linux 2 / i386:
rpm -Uhv http://apt.sw.be/redhat/el2.1/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el2.rf.i386.rpm
# Red Hat Linux 9 / i386:
rpm -Uhv http://apt.sw.be/redhat/9/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.rh9.rf.i386.rpm
# Red Hat Linux 7.3 / i386:
rpm -Uhv http://apt.sw.be/redhat/8.0/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.rh7.rf.i386.rpm
2.安裝完以後,在YUM的目錄下會出現rpmforge.repo,這裡面的站台在yum update時會自動維護。
3.以後使用yum時會自動連接rpmforge的站台更新。
官網說明:
http://dag.wieers.com/rpm/FAQ.php#B
安裝方法:
1.視系統選擇安裝的版本指令
# Red Hat Enterprise Linux 5 / i386:
rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
# Red Hat Enterprise Linux 5 / x86_64:
rpm -Uhv http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS//rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
# Red Hat Enterprise Linux 4 / i386:
rpm -Uhv http://apt.sw.be/redhat/el4/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el4.rf.i386.rpm
# Red Hat Enterprise Linux 4 / x86_64:
rpm -Uhv http://apt.sw.be/redhat/el4/en/x86_64/rpmforge/RPMS/rpmforge-release-0.3.6-1.el4.rf.x86_64.rpm
# Red Hat Enterprise Linux 3 / i386:
rpm -Uhv http://apt.sw.be/redhat/el3/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el3.rf.i386.rpm
# Red Hat Enterprise Linux 3 / x86_64:
rpm -Uhv http://apt.sw.be/redhat/el3/en/x86_64/rpmforge/RPMS/rpmforge-release-0.3.6-1.el3.rf.x86_64.rpm
# Red Hat Enterprise Linux 2 / i386:
rpm -Uhv http://apt.sw.be/redhat/el2.1/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el2.rf.i386.rpm
# Red Hat Linux 9 / i386:
rpm -Uhv http://apt.sw.be/redhat/9/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.rh9.rf.i386.rpm
# Red Hat Linux 7.3 / i386:
rpm -Uhv http://apt.sw.be/redhat/8.0/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.rh7.rf.i386.rpm
2.安裝完以後,在YUM的目錄下會出現rpmforge.repo,這裡面的站台在yum update時會自動維護。
3.以後使用yum時會自動連接rpmforge的站台更新。
2008年8月10日 星期日
如何避免用戶端電腦遭受ARP攻擊
為避免用戶端自網路上取得錯誤的Gateway MAC,可新增一批次檔手動建立用戶端ARP Cache紀錄
輸入arp –s xxx.xxx.xxx.xxx 00-0c-76-75-0b-11 //xxx.xxx.xxx.xxx是gateway的IP
輸入arp –s xxx.xxx.xxx.xxx 00-0c-76-75-0b-11 //xxx.xxx.xxx.xxx是gateway的IP
訂閱:
文章 (Atom)
