Similar documents
Running Nginx as Reverse Proxy server

How To Use Ngnix (Php) With A Php-Fpm (Php-Fmm) On A Web Server (Php5) On Your Web Browser) On An Ubuntu Web Server On A Raspberry Web 2.5 (Net

Pexip Infinity Reverse Proxy Deployment Guide

OS Installation: CentOS 5.8

TODAY web servers become more and more

STEP 4 : GETTING LIGHTTPD TO WORK ON YOUR SEAGATE GOFLEX SATELLITE

Nginx Tricks for PHP Developers. Ilia

Nginx "how to" - Fast and Secure Web Server

Avast for linux technical documentation

How to Create, Setup, and Configure an Ubuntu Router with a Transparent Proxy.

avast! for linux technical documentation

Relayd: a load-balancer for OpenBSD

Apache 2.2 on QNX Neutrino 6.4.x OS Step-by-step installation manual

Apache and Virtual Hosts Exercises

Linux Deployment Guide. How to deploy Network Shutdown Module for Linux

Linux System Administration on Red Hat

Ciphermail Gateway Separate Front-end and Back-end Configuration Guide

APACHE WEB SERVER. Andri Mirzal, PhD N

Installing Dspace 1.8 on Ubuntu 12.04

Repris de : Version Debian (de base)

Red Hat Linux Networking

Monitoring a Linux Mail Server

THE HONG KONG POLYTECHNIC UNIVERSITY Department of Electronic and Information Engineering

SETTING UP RASPBERRY PI FOR TOPPY FTP ACCESS. (Draft 5)

How to install PowerChute Network Shutdown on VMware ESXi 3.5, 4.0 and 4.1

+ iptables. packet filtering && firewall

Configuring Ubuntu Server as a Firewall and Reverse Proxy for OWA 2007 Configuration Guide

Install Cacti Network Monitoring Tool on CentOS 6.4 / RHEL 6.4 / Scientific Linux 6.4

CumuLogic Load Balancer Overview Guide. March CumuLogic Load Balancer Overview Guide 1

Apache Usage. Apache is used to serve static and dynamic content

Enterprise SSL Support

Load Balancing MODX. Garry Nutting, Senior Developer at MODX, LLC

Secure Shell Demon setup under Windows XP / Windows Server 2003

DoD Public Key Enablement (PKE) Quick Reference Guide. Securing Apache HTTP with mod_ssl for Linux

INSTALLING KAAZING WEBSOCKET GATEWAY - HTML5 EDITION ON AN AMAZON EC2 CLOUD SERVER

HP-UX Essentials and Shell Programming Course Summary

Redhat 6.2 Installation Howto -Basic Proxy and Transparent

itixi Ubuntu Server Deployment How-To/Information

Lab Objectives & Turn In

Nginx 1 Web Server Implementation Cookbook

owncloud 8 and DigitalOcean Matthew Davidson Bluegrass Linux User Group 03/09/2015

Partek Flow Installation Guide

Monitoring Clearswift Gateways with SCOM

Linux Networking: IP Packet Filter Firewalling

Installing Virtual Coordinator (VC) in Linux Systems that use RPM (Red Hat, Fedora, CentOS) Document # 15807A1-103 Date: Aug 06, 2012

Nagios XI - NRPE Troubleshooting and Common Solutions

BF2CC Daemon Linux Installation Guide

1. Configuring Apache2 Load Balancer with failover mechanism

NRPE Documentation CONTENTS. 1. Introduction... a) Purpose... b) Design Overview Example Uses... a) Direct Checks... b) Indirect Checks...

EMC Data Protection Search

EZcast Installation guide

Best Practices in Hardening Apache Services under Linux

Installing and Configuring Apache

Instalar debian 6 atualizado. Executar a sequencia abaixo

INASP: Effective Network Management Workshops

Protecting Host from Net

See the installation page

Installation & Configuration Guide for Solaris 8

Security Workshop. Apache + SSL exercises in Ubuntu. 1 Install apache2 and enable SSL 2. 2 Generate a Local Certificate 2

How To Set Up A Network Map In Linux On A Ubuntu 2.5 (Amd64) On A Raspberry Mobi) On An Ubuntu (Amd66) On Ubuntu 4.5 On A Windows Box

Contents Set up Cassandra Cluster using Datastax Community Edition on Amazon EC2 Installing OpsCenter on Amazon AMI References Contact

Linux Security Ideas and Tips

Configuring Remote HANA System Connection for SAP Cloud for Analytics via Apache HTTP Server as Reverse Proxy

An A-Z Index of the Apple OS X command line (TERMINAL) The tcsh command shell of Darwin (the open source core of OSX)

Linux firewall. Need of firewall Single connection between network Allows restricted traffic between networks Denies un authorized users

How to install software on VMware ESXi 4.0/4.1

deploying meteor with meteor up

Linux: 20 Iptables Examples For New SysAdmins

Phase Documentation. Release 0.1. ChangeToMyName

UPSMON PRO Linux --- User Manual

Setting Up CAS with Ofbiz 5

Load Balancing Trend Micro InterScan Web Gateway

CentOS. Apache. 1 de 8. Pricing Features Customers Help & Community. Sign Up Login Help & Community. Articles & Tutorials. Questions. Chat.

GlobalSign Solutions

How to install RADIUSdesk on CentOS 6.4 using Nginx

Bitrix Site Manager. Bitrix Web Cluster

Load Balancing Clearswift Secure Web Gateway

Nixu SNS Security White Paper May 2007 Version 1.2

Creating a NAS with Ubuntu Server

NATIONAL POPULATION REGISTER (NPR)

INF-110. GPFS Installation

Hardening web application (DOS and Application firewalls. Margus Ernits

Author: Sumedt Jitpukdebodin. Organization: ACIS i-secure. ID: My Blog:

Birmingham Environment for Academic Research. Introduction to Linux Quick Reference Guide. Research Computing Team V1.0

High Availability Cluster Solutions for Ubuntu14.04 on Power

Installing and Configuring Apache

How To Analyze Logs On Aloha On A Pcode On A Linux Server On A Microsoft Powerbook (For Acedo) On A Macbook Or Ipad (For An Ubuntu) On An Ubode (For Macrocess

Securing Linux. Presented by: Darren Mobley

community experience distilled P U B L I S H I N G Nginx HTTP Server Clément Nedelcu Chapter No.3 "Basic Nginx Configuration"

F-Secure Internet Gatekeeper

Web Load Balancing on a Budget

Configuring an OpenNMS Stand-by Server

Installation. Installation centreon + nagios mai LISTE DES PRE-REQUIS. Nagios/centreon Paquets divers. 1.1.

1. What is this? Why would I want it?

App Central: Developer's Guide. For APKG 2.0

EventTracker Windows syslog User Guide

HSearch Installation

Transcription:

-Pós-instalação - -

- -

- -

- - - lação - - - - - - -

L M B E N C H 3. 0 S U M M A R Y ------------------------------------ (Alpha software, do not distribute) Basic integer operations - times in nanoseconds - smaller is better ------------------------------------------------------------------- Host OS intgr intgr intgr intgr intgr bit add mul div mod --------- ------------- ------ ------ ------ ------ ------ RapiJu Linux 3.2.27-1.4800 1.5400 7.4200 111.8 49.7 ----------------------------------------------------------------- add mul div bogo --------- ------------- ------ ------ ------ ------ RapiJu Linux 3.2.27-45.6 39.7 179.8 406.1 CPU (lmbench): Int - 675,67 Mips CPU - bogomips: 697,95 Benchmark completo em - http://www.cbpf.br/~juliana/docs/raspi-imbench.txt * GPIO

so - - - - - -

- - - - - - - - /home /tmp /usr /var /etc/fstab- /home defaults,nodev /tmp defaults,nodev,nosuid, noexec /usr defaults,nodev /var defaults,nodev - - chmod -x rc.nomedoscript / etc/hosts.allow - /etc/hosts.deny

/etc/ passwd - - /etc/sudoers - -!/bin/sh Slackware Firewall PATH= /sbin INET= eth1 LOCAL= 172.16.1.0/24 LOOP= 127.0.0.0/8 HOST= 172.16.1.2/32 echo Iniciando Firewall... echo 1 > /proc/sys/net/ipv4/ /usr/sbin/iptables -F /usr/sbin/iptables -X /usr/sbin/iptables -Z /usr/sbin/iptables -P FORWARD DROP

/usr/sbin/iptables -P INPUT DROP /usr/sbin/iptables -A INPUT -p icmp -j DROP /usr/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT /usr/sbin/iptables -A INPUT -s $LOOP -d $LOOP -i lo -j ACCEPT /usr/sbin/iptables -A INPUT -s $HOST -p tcp --dport 55 -j ACCEPT /usr/sbin/iptables -A INPUT -s $LOCAL -p icmp --icmp-type 8 -m state --state NEW -j DROP /usr/sbin/iptables -A INPUT -s $LOCAL -p icmp --icmp-type 0 -m state --state NEW -j DROP echo Firewall Started!!! iptables -t nat -F iptables -F sleep 2 case $1 in start ) ;; stop ) ;; restart ) ;; *) esac vi rc.local cd /etc/rc.d/

- - - - -

- - - - - - - - - -

- - alexos@wotan:~ cd /etc/nginx alexos@wotan:~ sudo mv nginx. conf nginx.conf.orig alexos@wotan:~ sudo vim nginx. conf user nobody; worker_processes 4; error_log /var/log/nginx/error. log warn; pid /var/run/nginx.pid; - max clients = worker_processes * worker_connections worker_connections 1024; include mime.types; /etc/nginx/ default_type application/ octet-stream; log_format main $remote_ addr - $remote_user [$time_local] $request $status $body_bytes_sent $http_referer $http_ user_agent $http_x_forwarded_ for ;

access_log /var/log/nginx/ access.log main; tcp_nodelay on; gzip on; gzip_disable MSIE [1-6]\. (?!.*SV1) ; client_max_body_size 2M; 1k; client_body_timeout 10; client_header_timeout 10; keepalive_timeout 5 5; send_timeout 10; - limit_conn_zone $binary_remote_ addr zone=addr:10m; limit_conn addr 10; proxy_set_header $host; proxy_set_header $remote_addr; Host X-Real-IP proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; le_size 0; 90; 90; 90; proxy_connect_timeout proxy_send_timeout proxy_read_timeout 4k; 32k; 64k; 64k; proxy_cache_methods GET HEAD POST; listen 80; server_name acme.local; access_log /var/log/nginx/ acme.access.log main; error_log /var/log/nginx/ acme.error.log; proxy_pass http://192.168.0.2/; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; Host proxy_set_header $host; proxy_set_header

X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_ forwarded_for; hash_ip; server 192.168.0.2; server 192.168.0.3; server 192.168.0.4; alexos@wotan:~ sudo nginx -t etc/nginx/nginx.conf syntax is ok inx/nginx.conf test is successful alexos@wotan:~ sudo chmod +x / etc/rc.d/rc.nginx alexos@wotan:~ sudo /etc/rc.d/ rc.nginx start - - - - hash_ip; server 192.168.0.2 weight=3; server 192.168.0.3 weight=2; server 192.168.0.4; hash_ip; server 192.168.0.2 max_fails=3 fail_timeout=30s; down; server 192.168.0.3; server 192.168.0.4; server 192.168.0.5

listen 80; server_name acme; hash_ip; server 192.168.0.2 max_fails=3 fail_timeout=30s; down; server 192.168.0.3; server 192.168.0.4; server 192.168.0.5 access_log /var/log/nginx/acme.access.log main; error_log /var/log/nginx/ acme.error.log; proxy_pass http://acme/; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; Host proxy_set_header $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_ forwarded_for; - - listen 80; server_name acme; root /var/www/; index index.php; access_log /var/log/nginx/acme.access.log main; error_log /var/log/nginx/ acme.error.log; Habilitando o suporte ao PHP fastcgi_pass 127.0.0.1:9000; fastcgi_param SCRIPT_FILENAME $document_ root$fastcgi_script_name; fastc- include gi_params; dex.php$is_args$args;

== Restrições de acesso == htaccess deny all; Ambiente administrativo root /var/www/acme/; index index.php; allow 200.222.222.222; deny all; Arquivos deny all; deny all; deny all; <html> <body> <h1>wotan!</h1> <?php print <h2>hello World!</h2>?> </body></html> - - - - alexos@wotan:~ sudo nginx -t alexos@wotan:~ sudo chmod +x /etc/rc.d/rc.php-fpm alexos@wotan:~ sudo /etc/ rc.d/rc.nginx restart && sudo /etc/rc.d/rc.php-fpm restart

- - $ wget ftp://ftp.gnutls. org/pub/gnutls/libtasn1/ libtasn1-1.4.tar.gz install $ make $ make install $ make cert Exemplo /etc/csync2.cfg group mygroup host web2xt-master@10.199.199.1 web2xtslave@10.199.199.2; key /etc/csync2.key_ hackstore; include /etc/passwd; include /etc/group; include /etc/shadow; auto younger;

$ csync2 -k /etc/csync2.key_ hackstore Copiar a chave de segurança e ssl para os demais hosts: $ scp /etc/csync2* root@outroshosts:/etc $ openssl genrsa -out /etc/ csync2_ssl_key.pem 1024 $ openssl req -new -key / etc/csync2_ssl_key.pem -out /etc/csync2_ssl_cert.csr $ openssl x509 -req -days 600 -in /etc/csync2_ssl_ cert.csr -signkey /etc/ csync2_ssl_key.pem -out / etc/csync2_ssl_cert.pem $ chmod 640 /etc/csync2.cfg vi /etc/rc.d/rc.csync2!/bin/sh $Id: csync2.sh.in 6649 Startup/shutdown script for Csync2 - slackzine Maiores infos: www. hackstore.com.br - www. slackzine.com.br description: Startup/ shutdown script for Csync2 NetBSD 1.5+ rcorder script lines. The format of the following two lines is very strict -- please don t add additional spaces! PROVIDE: csync2 REQUIRE: DAEMON OS-Dependent Information tion case `uname` in true Linux*) IS_ON=/bin/ if test -f / etc/init.d/functions; then etc/init.d/functions ECHO=echo. /

ECHO_ERROR= echo_failure ECHO=echo else ECHO_ERROR=: *) ON=/bin/true ;; IS_ ECHO=echo esac ECHO_ERROR=: ;; - if test done if test x$zone!= x; then TZ= $ZONE if test x$time- ZONE!= x; then TZ= $TIMEZONE if test x$tz!= x; then export TZ Don t use TMPDIR environment variable from init script, as that can cause csync2d to set Temp- Dir to a user s temporary directory instead of the default... unset TMPDIR Make sure we have the standard program directories in the path since some operating systems (this means YOU HP-UX!) don t provide a standard path on boot-up...

if test x$path = x; then PATH= /bin:/usr/ bin:/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin else PATH= /usr/local/ sbin:/usr/local/bin:/bin:/ usr/bin:/sbin:/usr/sbin:$- PATH test $pid!= ; then kill -HUP $pid /usr/local/sbin/csync2 else export PATH See if the CSYNC2 server (csync2d) is running... case `uname` in Linux* *BSD* Darwin*) pid=`ps ax csync2d$ ) $5 == csync2d ) print $1 ` esac *) ;; pid= ;; Start or stop the CSYNC2 argument to the script. case $1 in reload) csync2; then start restart if $IS_ON if if test $?!= 0; then $ECHO_FAIL $ECHO csync2: unable to $1 scheduler. exit 1 stop) ;; if test $pid!= ; then uler. killall -TERM /usr/local/sbin/ csync2 $ECHO csync2: stopped scheduler.

status) ;; if test $pid!= ; then echo csync2: scheduler is running. else echo csync2: scheduler is not running. *) ;; echo Us- start start status stop esac exit 1 ;; Exit with no errors. exit 0 End of $Id: csync2.sh.in 6649 2013 21:46:42Z mike $. chmod 755 /etc/rc.d/ rc.csync2 echo /etc/rc.d/rc.csync2 start >> /etc/rc.d/rc.local /etc/rc.d/rc.csync2 start $ csync2 -x Crontab */30 * * * * root /usr/ local/sbin/csync2 -x - - - - - - - - -

- - - - - - - - nmap A st p165535 172.28.10.0/24 oa relatorio_ nmap statsevery10s - -

nmap T5 sp 172.28.10.0/24 sed s/(//g sed s/)//g sed /^$/d tee hosts_ativos.txt - while read line do echo =-=-=-=-=-=-=-=-=-=-=-=- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=- =-=-= echo Procurando portas com serviço HTTP/HTTPS no IP: $line nmap -st -sv -p1-65535 $line grep -ie nmap scan report http httpd tee -a hosts_com_http.txt done < hosts_ativos.txt - - - - grep -ie nmap scan report http httpd hosts_com_http.txt - hosts_com_http. txt -

PORTAS_HTTP=`cat hosts_com_ cut -d / -f 1 grep -iv nmap sort uniq sed :s;n;s/\n/,/;bs ` - - - - - - http://blog.spiderlabs. com/2012/06/usingnmaptoscreenshotwebservices. html cd /tmp wget http://wkhtmltopdf.googlecode. rc1-statici386.tar.bz2 tar -jxvf wkhtmltoimage-0.11.0_ rc1-statici-386.tar.bz2 cp wkhtmltoimage-i386 /usr/ local/bin/ git clone git://github.com/ SpiderLabs/NmapTools.git cd NmapTools/NSE/ cp http-screenshot.nse /usr/ local/share/nmap/scripts/ nmap --script-updatedb - https://code.google.com/p/ wkhtmltopdf/downloads/detail?name=wkhtmltoimage-0.11.0_rc-1static-amd64. tar.bz2 http://www.pentestgeek. com/2012/07/11/usingnmap-to-screenshotweb-services-troubleshooting/ while read line do echo =-=-=-=-=-=-=-=-=-=-=-=- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=- =-=-= echo Varrendo portas do IP: $line nmap -A -p$ PORTAS_HTTP --script=version,vuln,httpscreenshot $line -oa relatorio_portas_http --stats-every 10s done < hosts_ativos.txt - -

(--script= version,vuln,httpscreenshot). - - - printf <HTML><BODY><BR> > preview.html print $1 : $2 \n<br><img SRC=\ $1 %3A $2 \ width=400><br><br> >> preview.html printf </BODY></HTML> >> preview.html!/bin/bash nmap -T5 -sp 172.28.10.0/24 sed s/(//g sed s/)//g sed /^$/d tee hosts_ativos.txt while read line do echo =-=-=-=-=-=-=-=-=-=-=- =-=-=-=-=-=-=-=-=-=-=-=-=-=- =-=-=-= echo Procurando portas com serviço HTTP/HTTPS no IP: $line nmap -st -sv p165535 $line grep -ie nmap scan report http httpd tee -a hosts_com_http.txt done < hosts_ativos.txt PORTAS_HTTP=`cat hosts_com_

cut -d / -f 1 grep -iv nmap sort uniq sed :s;n;s/\ n/,/;bs ` while read line do echo =-=-=-=-=-=-=-=-=-=-=- =-=-=-=-=-=-=-=-=-=-=-=-=-=- =-=-=-=-= echo Varrendo portas do IP: $line nmap -A -p$portas_http --script=version,vuln,httpscreenshot $line -oa relatorio_portas_http --stats-every 10s done < hosts_ativos.txt printf <HTML><BODY><BR> > preview.html print $1 : $2 \n<br><img SRC=\ $1 %3A $2 \ width=400><br><br> >> preview.html printf </BODY></HTML> >> preview.html - - -

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information