Ruby on Rails 筆記 (RoR)
實用網站
Ruby on Rails 實戰聖經
http://ihower.tw/rails3/index.html
# gem install
# gem install rubygems-update
Successfully installed rubygems-update-1.8.24
1 gem installed
Installing ri documentation for rubygems-update-1.8.24...
Installing RDoc documentation for rubygems-update-1.8.24...
#gem update --system
Updating RubyGems
Updating rubygems-update
Successfully installed rubygems-update-1.8.24
Updating RubyGems to 1.8.24
Installing RubyGems 1.8.24
RubyGems 1.8.24 installed
== 1.8.24 / 2012-04-27
* 1 bug fix:
* Install the .pem files properly. Fixes #320
* Remove OpenSSL dependency from the http code path
------------------------------------------------------------------------------
RubyGems installed the following executables:
/usr/bin/gem
# rails server <啟用 RoR 專案>
# cat Gemfile <可以看到 source :rubygems>
# public<dir> <網頁所在>
# config<dir> <configuration>
# RAILS_ENV=production script/rails server <以 Production 環境啟用 RoR>
# rails s -e production (同上)
# rails server <未指定開發環境>
# RAILS_ENV=production rails s
# RAILS_ENV=production script/rails server -P 81 <TCP port 81 如未指定則 Default TCP port 3000>
# gem install gem_name --no-ri --no-rdoc <不安裝ri或rdoc文件>
或 vi ~/.gemrc 加入 gem: --no-ri --no-rdoc 一勞永逸 (http://docs.rubygems.org/read/book/2)
為何有這個小筆記呢
是因為 graylog2 是 RoR
http://xrcd2.blogspot.tw/2012/07/graylog2-centos-63-ruby-193.html
及 redmone 也是 RoR
http://xrcd2.blogspot.tw/2012/07/redmine-203.html
2012年7月24日 星期二
2012年7月22日 星期日
安裝 Graylog2 筆記 ( centos 6.3 + Ruby 1.9.3 )
關於 Graylog2 (log server)請自行參閱
http://graylog2.org/
前置作業安裝好 Ruby 與 Java 的使用環境
#yum erase ruby ruby-libs ruby-mode ruby-rdoc ruby-irb ruby-ri ruby-docs .............
#yum install gcc gcc-c++ openssl-devel zlib-devel autoconf readline-devel curl-devel expat-devel gettext-devel
如安裝使用 Ruby 1.9.x 請先安裝 yaml-0.1.4.tar.gz
http://pyyaml.org/wiki/LibYAML
yuml
./configure
make
make install
Ruby 1.9.x
./configure --enable-shared --enable-pthread --prefix=/xxxx
make
make install
=================================
另一種安裝方式
#curl -L https://get.rvm.io | bash -s stable
#exit and relogin
or
#source /etc/profile
rvm pkg install openssl
rvm install 1.9.3 --with-openssl-dir=/usr/local/rvm/usr
=================================
# ruby -v
ruby 1.9.3p194 (2012-04-20 revision 35410) [i686-linux]
# gem -v
1.8.23
java-1.6.0-openjdk.i686 : OpenJDK Runtime Environment
java-1.7.0-openjdk.i686 : OpenJDK Runtime Environment
#yum install java-xxxxxxx
gem 的使用技法
#gem install
#gem list
#gem install xxxx -v x.x.x
#gem update
graylog2
http://graylog2.org/
http://graylog2.org/download
elasticsearch
http://www.elasticsearch.org/
https://github.com/elasticsearch/elasticsearch/downloads
elasticsearch-servicewrapper
https://github.com/elasticsearch/elasticsearch-servicewrapper/downloads
DB install (mongoDB)
#vi /etc/yum.repos.d/10gen.repo
[root@graylog2 service]# cat /etc/yum.repos.d/10gen.repo
[10gen]
name=10gen Repository
baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/i686
gpgcheck=0
enabled=1
[root@graylog2 service]#
#yum update
#yum install mongo-10gen mongo-10gen-server
設定 port 與 DB 使用的驗證方式
# vi /etc/mongod.conf
Create graylog2 ID & PWD
# mongo
MongoDB shell version: 2.0.6
connecting to: test
> use graylog2
switched to db graylog2
>db.addUser("userid","userpwd")
>db.system.users.find()
>exit
or
>db.addUser("userid","userpwd")
>db.auth("userid","passwd")
>db.system.users.find()
>exit
相關 DB & ID & PWD 將套用於
# cat /etc/graylog2.conf
# On which port (UDP) should we listen for Syslog messages? (Standard: 514)
syslog_listen_port = 514
syslog_protocol = udp
# ElasticSearch URL (default: http://localhost:9200/)
elasticsearch_url = http://localhost:9200/
elasticsearch_index_name = graylog2
# Always try a reverse DNS lookup instead of parsing hostname from syslog message?
force_syslog_rdns = false
# Set time to NOW if parsing date/time from syslog message failed instead of rejecting it?
allow_override_syslog_date = true
# MongoDB Configuration
mongodb_useauth = true
mongodb_user = userid
mongodb_password = userpwd
mongodb_host = localhost
#mongodb_replica_set = localhost:27017,localhost:27018,localhost:27019
mongodb_database = graylog2
mongodb_port = 27017
....
....
===============================
# cat /opt/graylog2-web-interface/config/mongoid.yml
production:
host: localhost
port: 27017
username: userid
password: userpwd
database: graylog2
[root@graylog2 src]#
===============================
驗證 ID & PWD + DB 的方式
#mongo localhost/graylog2 -u userid -p userpwd
or
#mongo
MongoDB shell version: 2.0.6
connecting to: test
> show dbs
admin (empty)
graylog2 0.0625GB
graylog2_development (empty)
local (empty)
test (empty)
> use graylog2
switched to db graylog2
> show collections
blacklists
filtered_terms
hosts
jobs
message_counts
server_values
settings
streamcategories
streams
system.indexes
system.users
users
> db.hosts.find()
{ "_id" : ObjectId("500b4007f226e0d4bf5c5e93"), "host" : "192.168.100.252", "message_count" : 147 }
{ "_id" : ObjectId("500b4089f226e0d4bf5c5e94"), "host" : "192.168.100.251", "message_count" : 184 }
> db.system.users.find()
{ "_id" : ObjectId("500b2504433e438db352e192"), "user" : "userid", "readOnly" : false, "pwd" : "68cdc0f21c4624d1293d2fc54f966b38" }
> exit
程式安裝的目錄結構如下:
# pwd
/opt
[root@graylog2 opt]# ll
total 12
drwxr-xr-x. 7 root root 4096 Jul 22 06:03 elasticsearch <-- elasticsearch
drwxr-xr-x. 3 root root 4096 Jul 22 05:36 graylog2
drwxr-xr-x. 10 root root 4096 Jul 22 06:06 graylog2-web-interface
[root@graylog2 opt]#
# pwd
/opt/graylog2
# ll
total 9492
drwxr-xr-x. 2 root root 4096 Jul 22 06:04 bin
-rw-r--r--. 1 root root 30 Jul 22 05:36 build_date
-rw-r--r--. 1 root root 35147 Jul 22 05:36 COPYING
-rw-r--r--. 1 root root 3361 Jul 22 05:36 graylog2.conf.example
-rw-r--r--. 1 root root 9663961 Jul 22 05:36 graylog2-server.jar
-rw-r--r--. 1 root root 106 Jul 22 05:36 README
設定 graylog2 server 的運作方式 (cp graylog2.conf.example 來的)
cp elasticsearch.yml.example /etc/graylog2-elasticsearch.yml
cp graylog2.conf.example /etc/graylog2.conf
#vi /etc/etc/graylog2.conf
# pwd
/opt/elasticsearch/bin
# ll
total 20
-rwxr-xr-x. 1 root root 5517 Jul 22 05:36 elasticsearch
-rwxr-xr-x. 1 root root 2058 Jul 22 05:36 elasticsearch.in.sh
-rwxr-xr-x. 1 root root 729 Jul 22 05:36 plugin
drwxr-xr-x. 4 root root 4096 Jul 22 06:03 service <-- elasticsearch-servicewrapper
#pwd
/opt/graylog2-web-interface/config
# ll
total 60
-rw-r--r--. 1 root root 2188 Jul 22 05:36 application.rb
-rw-r--r--. 1 root root 1938 Jul 22 05:36 authorization_rules.rb
-rw-r--r--. 1 root root 152 Jul 22 05:36 boot.rb
-rw-r--r--. 1 root root 299 Jul 22 05:36 email.yml
-rw-r--r--. 1 root root 189 Jul 22 05:36 environment.rb
drwxr-xr-x. 2 root root 4096 Jul 22 05:36 environments
-rw-r--r--. 1 root root 998 Jul 22 05:36 general.yml
-rw-r--r--. 1 root root 65 Jul 22 05:36 indexer.yml
drwxr-xr-x. 2 root root 4096 Jul 22 05:36 initializers
drwxr-xr-x. 2 root root 4096 Jul 22 05:36 locales
-rw-r--r--. 1 root root 104 Jul 22 06:05 mongoid.yml
-rw-r--r--. 1 root root 9042 Jul 22 05:36 newrelic.yml
-rw-r--r--. 1 root root 2451 Jul 22 05:36 routes.rb
#vi /opt/graylog2-web-interface/config/mongoid.yml
========================
production:
host: localhost
port: 27017
username: userid
password: userpwd
database: graylog2
======================
# passenger-install-apache2-module
#vi /etc/httpd/conf/httpd.conf
Listen 8080
LoadModule passenger_module /usr/lib/ruby/gems/1.9.1/gems/passenger-3.0.14/ext/apache2/mod_passenger.so
PassengerRoot /usr/lib/ruby/gems/1.9.1/gems/passenger-3.0.14
PassengerRuby /usr/bin/ruby
<VirtualHost *:8080>
ServerName 192.168.100.180
# !!! Be sure to point DocumentRoot to 'public'!
DocumentRoot /opt/graylog2-web-interface/public
<Directory /graylog2>
# This relaxes Apache security settings.
AllowOverride all
# MultiViews must be turned off.
Options -MultiViews
</Directory>
</VirtualHost>
# service httpd restart
安裝 elasticsearch service
# /opt/elasticsearch/bin/service/elasticsearch install
設定 elasticsearch service
#vi /usr/local/elasticsearch/config/elasticsearch.yml
cluster.name: graylog2
啟動 elasticsearch-servicewrapper
# /opt/elasticsearch/bin/service/elasticsearch start
啟動 graylog2 Server
# /opt/elasticsearch/bin/graylog2ctl start
#gem install bundle
#cd /opt/graylog2-web-interface/
#bundle install
安裝所需的 Ruby Modules or Package 請先務必先執行過 gem install bundle
亦可透過 #gem install 先行安裝所需 modules or package
(RubyGems is a package management framework for Ruby)
# gem list
*** LOCAL GEMS ***
actionmailer (3.2.6, 3.1.3)
actionpack (3.2.6, 3.1.3)
activemodel (3.2.6, 3.1.3)
activerecord (3.2.6, 3.1.3)
activeresource (3.2.6, 3.1.3)
activesupport (3.2.6, 3.1.3, 2.3.4)
arel (3.0.2, 2.2.1)
bigdecimal (1.1.0)
bson (1.6.4, 1.3.1)
bson_ext (1.6.4, 1.3.1)
builder (3.0.0)
bundler (1.1.5, 1.1.3)
chronic (0.6.7)
ci_reporter (1.7.0, 1.6.5)
daemon_controller (1.0.0, 0.2.6)
daemons (1.1.8)
database_cleaner (0.8.0, 0.6.7)
erubis (2.7.0)
eventmachine (0.12.10)
faker (1.0.1, 0.9.5)
fastthread (1.0.7)
git (1.2.5)
graylog2-declarative_authorization (0.5.2)
hashr (0.0.21)
hike (1.2.1)
home_run (1.0.6, 1.0.4)
hoptoad_notifier (2.4.11)
i18n (0.6.0)
io-console (0.3)
journey (1.0.4)
json (1.7.3, 1.5.4)
kaminari (0.13.0, 0.12.4)
machinist (2.0, 1.0.6)
machinist_mongo (1.2.0)
mail (2.4.4, 2.3.0)
metaclass (0.0.1)
mime-types (1.19, 1.17.2)
minitest (3.2.0, 2.5.1)
mocha (0.12.1, 0.9.12)
mongo (1.3.1)
mongoid (3.0.1, 2.4.5)
moped (1.1.3)
multi_json (1.3.6, 1.0.3)
newrelic_rpm (3.4.0.1, 3.3.0)
origin (1.0.4)
passenger (3.0.14, 3.0.13, 3.0.10, 2.2.1)
polyglot (0.3.3)
pony (1.4, 1.3)
rack (1.4.1, 1.3.5)
rack-cache (1.2, 1.1)
rack-mount (0.8.3)
rack-ssl (1.3.2)
rack-test (0.6.1)
rails (3.2.6, 3.1.3)
rails_autolink (1.0.9, 1.0.4)
railties (3.2.6, 3.1.3)
rake (0.9.2.2)
rdoc (3.12, 3.11, 3.9.4)
rdoc-data (3.12)
rest-client (1.6.7)
rpm_contrib (2.1.11, 2.1.6)
shoulda (3.1.1, 2.11.3)
shoulda-activemodel (0.0.2)
shoulda-context (1.0.0)
shoulda-matchers (1.2.0)
sprockets (2.4.5, 2.1.3, 2.0.3)
thin (1.4.1)
thor (0.15.4, 0.14.6)
tilt (1.3.3)
timecop (0.3.5)
tire (0.4.2, 0.3.12)
treetop (1.4.10)
tzinfo (0.3.33, 0.3.31)
初始化 graylog2 的 web-admin ID & PWD 方式 (啟動 graylog2 web )
[root@graylog2 graylog2-web-interface]#pwd
/opt/graylog2-web-interface
[root@graylog2 graylog2-web-interface]#RAILS_ENV=production script/rails server
透過上面這個方式建立 web ID & PWD 後,用建好的 ID & PWD 試看看是否可以正常登入!
[root@graylog2 graylog2-web-interface]# RAILS_ENV=production script/rails server
=> Booting WEBrick
=> Rails 3.2.12 application starting in production on http://0.0.0.0:3000
=> Call with -d to detach
=> Ctrl-C to shutdown server
正式使用方式如下:
安裝 passenger
[root@graylog2 graylog2-web-interface]# gem install passenger
Successfully installed passenger-3.0.14
1 gem installed
Installing ri documentation for passenger-3.0.14...
Installing RDoc documentation for passenger-3.0.14...
graylog2 web 的 啟用方式有二種
(1) 透過 Passenger Standalone (Nginx Server)
#/opt/graylog2-web-interface/passenger start
[root@graylog2 graylog2-web-interface]# passenger start
*** Phusion Passenger: no passenger_native_support.so found for the current Ruby interpreter. Compiling one...
# mkdir -p /usr/lib/ruby/gems/1.9.1/gems/passenger-3.0.14/ext/ruby/ruby-1.9.3-x86-linux
# cd /usr/lib/ruby/gems/1.9.1/gems/passenger-3.0.14/ext/ruby/ruby-1.9.3-x86-linux
# /usr/bin/ruby '/usr/lib/ruby/gems/1.9.1/gems/passenger-3.0.14/ext/ruby/extconf.rb'
checking for alloca.h... yes
checking for ruby/io.h... yes
creating Makefile
# make
compiling /usr/lib/ruby/gems/1.9.1/gems/passenger-3.0.14/ext/ruby/passenger_native_support.c
linking shared-object passenger_native_support.so
=============== Phusion Passenger Standalone web server started ===============
PID file: /opt/graylog2-web-interface/tmp/pids/passenger.3000.pid
Log file: /opt/graylog2-web-interface/log/passenger.3000.log
Environment: development
Accessible via: http://0.0.0.0:3000/
You can stop Phusion Passenger Standalone by pressing Ctrl-C.
===============================================================================
Rails Error: Unable to access log file. Please ensure that /opt/graylog2-web-interface/log/development.log exists and is chmod 0666. The log level has been raised to WARN and the output directed to STDERR until the problem is fixed.
** [NewRelic][07/22/12 07:26:33 +0800 graylog2 (10379)] INFO : Dispatcher: passenger
** [NewRelic][07/22/12 07:26:33 +0800 graylog2 (10379)] INFO : Application: Graylog2
(2) 透過 passenger-install-apache2-module (Apache Server)
這是我是透過 apache2-module方式啟動
2012年7月14日 星期六
滲透測試 & 弱點掃描 w3af + WAF for Apache (Part 2)
ModSecurity Configuration
使用平台為 CentOS 6.3
弱點掃描
dragonsoft ( http://www.dragonsoft.com.tw/ )
相關文章為
http://xrcd2.blogspot.tw/2012/07/w3af-waf-for-apache.html
[root@centos conf.d]# cat modsecurity.conf
LoadFile /usr/lib/libxml2.so
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule security2_module modules/mod_security2.so
Include conf/rule/*.conf #modsec-2.5-free-latest.tar.gz
Include conf/rule2/activated_rules/*.conf #modsecurity-crs_2.2.5.tar.gz
Include conf/rule2/base_rules/*.conf #modsecurity-crs_2.2.5.tar.gz
<IfModule mod_security>
SecFilterEngine On
Debug logging options
#Debug log
SecDebugLog /tmp/logs/modsec_debug.log
SecDebugLogLevel 0
Audit logging options
#Serial Audit log
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus ^5
SecAuditLogParts ABIFHZ
SecAuditLogType Serial
SecAuditLog /tmp/logs/modsec_audit.log
</IfModule>
<IfModule mod_security2.c>
SecServerSignature "Microsoft-IIS/6.0"
SecRuleEngine On
SecRequestBodyAccess On
SecResponseBodyAccess On
#Handling of uploaded files
SecUploadDir /tmp/
SecUploadKeepFiles Off
SecRule REQUEST_HEADERS:Content-Type "text/xml" \
"phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML"
SecRequestBodyLimit 13107200
SecRequestBodyNoFilesLimit 131072
SecRequestBodyInMemoryLimit 131072
SecRequestBodyLimitAction Reject
SecRule REQBODY_ERROR "!@eq 0" \
"phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2"
SecRule MULTIPART_STRICT_ERROR "!@eq 0" \
"phase:2,t:none,log,deny,status:44,msg:'Multipart request body \
failed strict validation: \
PE %{REQBODY_PROCESSOR_ERROR}, \
BQ %{MULTIPART_BOUNDARY_QUOTED}, \
BW %{MULTIPART_BOUNDARY_WHITESPACE}, \
DB %{MULTIPART_DATA_BEFORE}, \
DA %{MULTIPART_DATA_AFTER}, \
HF %{MULTIPART_HEADER_FOLDING}, \
LF %{MULTIPART_LF_LINE}, \
SM %{MULTIPART_SEMICOLON_MISSING}, \
IQ %{MULTIPART_INVALID_QUOTING}, \
IH %{MULTIPART_INVALID_HEADER_FOLDING}, \
IH %{MULTIPART_FILE_LIMIT_EXCEEDED}'"
SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" \
"phase:2,t:none,log,deny,status:44,msg:'Multipart parser detected a possible unmatched boundary.'"
SecPcreMatchLimit 1000
SecPcreMatchLimitRecursion 1000
SecRule TX:/^MSC_/ "!@streq 0" \
"phase:2,t:none,deny,msg:'ModSecurity internal error flagged: %{MATCHED_VAR_NAME}'"
SecResponseBodyAccess On
SecResponseBodyMimeType text/plain text/html text/xml
SecResponseBodyLimit 524288
SecResponseBodyLimitAction ProcessPartial
SecTmpDir /tmp/
SecDataDir /tmp/
#
#SecUploadDir /opt/modsecurity/var/upload/
#SecUploadKeepFiles RelevantOnly
#SecUploadFileMode 0600
#SecDebugLog /opt/modsecurity/var/log/debug.log
#SecDebugLogLevel 3
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus "^(?:5|4(?!04))"
SecAuditLogParts ABIJDEFHZ
SecAuditLogType Serial
SecAuditLog /var/log/modsec_audit.log
# Specify the path for concurrent audit logging.
#SecAuditLogStorageDir /opt/modsecurity/var/audit/
SecArgumentSeparator &
SecCookieFormat 0
</IfModule>
[root@centos conf.d]#
使用平台為 CentOS 6.3
弱點掃描
dragonsoft ( http://www.dragonsoft.com.tw/ )
相關文章為
http://xrcd2.blogspot.tw/2012/07/w3af-waf-for-apache.html
[root@centos conf.d]# cat modsecurity.conf
LoadFile /usr/lib/libxml2.so
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule security2_module modules/mod_security2.so
Include conf/rule/*.conf #modsec-2.5-free-latest.tar.gz
Include conf/rule2/activated_rules/*.conf #modsecurity-crs_2.2.5.tar.gz
Include conf/rule2/base_rules/*.conf #modsecurity-crs_2.2.5.tar.gz
<IfModule mod_security>
SecFilterEngine On
Debug logging options
#Debug log
SecDebugLog /tmp/logs/modsec_debug.log
SecDebugLogLevel 0
Audit logging options
#Serial Audit log
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus ^5
SecAuditLogParts ABIFHZ
SecAuditLogType Serial
SecAuditLog /tmp/logs/modsec_audit.log
</IfModule>
<IfModule mod_security2.c>
SecServerSignature "Microsoft-IIS/6.0"
SecRuleEngine On
SecRequestBodyAccess On
SecResponseBodyAccess On
#Handling of uploaded files
SecUploadDir /tmp/
SecUploadKeepFiles Off
SecRule REQUEST_HEADERS:Content-Type "text/xml" \
"phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML"
SecRequestBodyLimit 13107200
SecRequestBodyNoFilesLimit 131072
SecRequestBodyInMemoryLimit 131072
SecRequestBodyLimitAction Reject
SecRule REQBODY_ERROR "!@eq 0" \
"phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2"
SecRule MULTIPART_STRICT_ERROR "!@eq 0" \
"phase:2,t:none,log,deny,status:44,msg:'Multipart request body \
failed strict validation: \
PE %{REQBODY_PROCESSOR_ERROR}, \
BQ %{MULTIPART_BOUNDARY_QUOTED}, \
BW %{MULTIPART_BOUNDARY_WHITESPACE}, \
DB %{MULTIPART_DATA_BEFORE}, \
DA %{MULTIPART_DATA_AFTER}, \
HF %{MULTIPART_HEADER_FOLDING}, \
LF %{MULTIPART_LF_LINE}, \
SM %{MULTIPART_SEMICOLON_MISSING}, \
IQ %{MULTIPART_INVALID_QUOTING}, \
IH %{MULTIPART_INVALID_HEADER_FOLDING}, \
IH %{MULTIPART_FILE_LIMIT_EXCEEDED}'"
SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" \
"phase:2,t:none,log,deny,status:44,msg:'Multipart parser detected a possible unmatched boundary.'"
SecPcreMatchLimit 1000
SecPcreMatchLimitRecursion 1000
SecRule TX:/^MSC_/ "!@streq 0" \
"phase:2,t:none,deny,msg:'ModSecurity internal error flagged: %{MATCHED_VAR_NAME}'"
SecResponseBodyAccess On
SecResponseBodyMimeType text/plain text/html text/xml
SecResponseBodyLimit 524288
SecResponseBodyLimitAction ProcessPartial
SecTmpDir /tmp/
SecDataDir /tmp/
#
#SecUploadDir /opt/modsecurity/var/upload/
#SecUploadKeepFiles RelevantOnly
#SecUploadFileMode 0600
#SecDebugLog /opt/modsecurity/var/log/debug.log
#SecDebugLogLevel 3
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus "^(?:5|4(?!04))"
SecAuditLogParts ABIJDEFHZ
SecAuditLogType Serial
SecAuditLog /var/log/modsec_audit.log
# Specify the path for concurrent audit logging.
#SecAuditLogStorageDir /opt/modsecurity/var/audit/
SecArgumentSeparator &
SecCookieFormat 0
</IfModule>
[root@centos conf.d]#
Redmine 2.0.3 安裝筆記 ( Redmine 專案管理系統)
Redmine 專案管理系統
使用平台為 CentOS 6.3 [ LAMP ]
前置作業
yum install php php-mysql php-mbstring php-mcrypt php-gd ImageMagick-devel freetype-devel ghostscript
yum install ruby*
gem update --system
gem install rubygems-update
gem install bundler
gem install rake
gem install i18n
gem install multi_json
gem install builder
gem install activemodel
gem install erubis
gem install journey
gem install rack
gem install rack-cache
gem install rack-test
gem install hike
gem install tilt
gem install sprockets
gem install actionpack
gem install mime-types
gem install polyglot
gem install treetop
gem install mail
gem install actionmailer
gem install arel
gem install tzinfo
gem install activerecord
gem install activeresource
gem install bundler
gem install coderay
gem install fastercsv
gem install json
gem install metaclass
gem install mocha
gem install mysql
gem install net-ldap
gem install pg
gem install rack-ssl
gem install rdoc
gem install thor
gem install railties
gem install rails
gem install prototype-rails
gem install ruby-openid
gem install rack-openid
gem install activesupport
gem install rmagick
下載與安裝 Redmine
cd /usr/local/src/
wget http://rubyforge.org/frs/download.php/76259/redmine-2.0.3.tar.gz
tar -zvxf redmine-2.0.3.tar.gz
mv redmine-2.0.3 redmine
mv redmine /var/www/html/
cd /var/www/html/
chown -R apache.apache redmine
chmod -R 755 redmine
cd /var/www/html/redmine
# gem list
*** LOCAL GEMS ***
actionmailer (3.2.6)
actionpack (3.2.6)
activemodel (3.2.6)
activerecord (3.2.6)
activeresource (3.2.6)
activesupport (3.2.6)
arel (3.0.2)
builder (3.0.0)
bundler (1.1.4)
coderay (1.0.7)
daemon_controller (1.0.0)
erubis (2.7.0)
fastercsv (1.5.5)
fastthread (1.0.7)
flexmock (0.8.6)
hike (1.2.1)
i18n (0.6.0)
journey (1.0.4)
json (1.7.3)
mail (2.4.4)
metaclass (0.0.1)
mime-types (1.19)
mocha (0.12.0)
multi_json (1.3.6)
mysql (2.8.1)
net-ldap (0.3.1)
passenger (3.0.13)
pg (0.14.0)
polyglot (0.3.3)
prototype-rails (3.2.1)
rack (1.4.1)
rack-cache (1.2)
rack-openid (1.3.1)
rack-ssl (1.3.2)
rack-test (0.6.1)
rails (3.2.6)
railties (3.2.6)
rake (0.9.2.2, 0.8.7)
rdoc (3.12)
rmagick (2.13.1)
ruby-openid (2.2.0, 2.1.8)
rubygems-update (1.8.24)
shoulda (2.11.3)
sprockets (2.4.5, 2.1.3)
sqlite3 (1.3.6)
thor (0.15.4)
tilt (1.3.3)
treetop (1.4.10)
tzinfo (0.3.33)
yard (0.8.2.1)
[root@CentOS63 src]#
# bundle install
Fetching gem metadata from http://rubygems.org/.......
Using rake (0.9.2.2)
Using i18n (0.6.0)
Using multi_json (1.3.6)
Using activesupport (3.2.6)
Using builder (3.0.0)
Using activemodel (3.2.6)
Using erubis (2.7.0)
Using journey (1.0.4)
Using rack (1.4.1)
Using rack-cache (1.2)
Using rack-test (0.6.1)
Using hike (1.2.1)
Using tilt (1.3.3)
Using sprockets (2.1.3)
Using actionpack (3.2.6)
Using mime-types (1.19)
Using polyglot (0.3.3)
Using treetop (1.4.10)
Using mail (2.4.4)
Using actionmailer (3.2.6)
Using arel (3.0.2)
Using tzinfo (0.3.33)
Using activerecord (3.2.6)
Using activeresource (3.2.6)
Using bundler (1.1.4)
Using coderay (1.0.7)
Using fastercsv (1.5.5)
Using json (1.7.3)
Using metaclass (0.0.1)
Using mocha (0.12.0)
Using mysql (2.8.1)
Using net-ldap (0.3.1)
Using pg (0.14.0)
Using rack-ssl (1.3.2)
Using rdoc (3.12)
Using thor (0.15.4)
Using railties (3.2.6)
Using rails (3.2.6)
Using prototype-rails (3.2.1)
Installing ruby-openid (2.1.8)
Using rack-openid (1.3.1)
Using rmagick (2.13.1)
Installing shoulda (2.11.3)
Installing sqlite3 (1.3.6) with native extensions
Installing yard (0.8.2.1)
Your bundle is complete! Use `bundle show [gemname]` to see where a bundled gem is installed.
#
#gem install passenger
#passenger-install-apache2-module
[root@CentOS63 conf]# gem install passenger
Fetching: fastthread-1.0.7.gem (100%)
Building native extensions. This could take a while...
Fetching: daemon_controller-1.0.0.gem (100%)
Fetching: passenger-3.0.13.gem (100%)
Successfully installed fastthread-1.0.7
Successfully installed daemon_controller-1.0.0
Successfully installed passenger-3.0.13
3 gems installed
Installing ri documentation for fastthread-1.0.7...
Building YARD (yri) index for fastthread-1.0.7...
Installing ri documentation for daemon_controller-1.0.0...
Building YARD (yri) index for daemon_controller-1.0.0...
Installing ri documentation for passenger-3.0.13...
Building YARD (yri) index for passenger-3.0.13...
Installing RDoc documentation for fastthread-1.0.7...
Installing RDoc documentation for daemon_controller-1.0.0...
Installing RDoc documentation for passenger-3.0.13...
# passenger-install-apache2-module
================================================
Welcome to the Phusion Passenger Apache 2 module installer, v3.0.13.
This installer will guide you through the entire installation process. It
shouldn't take more than 3 minutes in total.
Here's what you can expect from the installation process:
1. The Apache 2 module will be installed for you.
2. You'll learn how to configure Apache.
3. You'll learn how to deploy a Ruby on Rails application.
Don't worry if anything goes wrong. This installer will advise you on how to
solve any problems.
Press Enter to continue, or Ctrl-C to abort.
--------------------------------------------
Checking for required software...
* GNU C++ compiler... found at /usr/bin/g++
* Curl development headers with SSL support... found
* OpenSSL development headers... found
* Zlib development headers... found
* Ruby development headers... found
* OpenSSL support for Ruby... found
* RubyGems... found
* Rake... found at /usr/bin/rake
* rack... found
* Apache 2... found at /usr/sbin/httpd
* Apache 2 development headers... found at /usr/sbin/apxs
* Apache Portable Runtime (APR) development headers... found at /usr/bin/apr-1-config
* Apache Portable Runtime Utility (APU) development headers... found at /usr/bin/apu-1-config
--------------------------------------------
Compiling and installing Apache 2 module...
...........
...........
............
--------------------------------------------
The Apache 2 module was successfully installed.
Please edit your Apache configuration file, and add these lines:
LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-3.0.13/ext/apache2/mod_passenger.so
PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-3.0.13
PassengerRuby /usr/bin/ruby
After you restart Apache, you are ready to deploy any number of Ruby on Rails
applications on Apache, without any further Ruby on Rails-specific
configuration!
Press ENTER to continue.
--------------------------------------------
Deploying a Ruby on Rails application: an example
Suppose you have a Rails application in /somewhere. Add a virtual host to your
Apache configuration file and set its DocumentRoot to /somewhere/public:
<VirtualHost *:80>
ServerName http://www.yourhost.com/
# !!! Be sure to point DocumentRoot to 'public'!
DocumentRoot /somewhere/public
<Directory /somewhere/public>
# This relaxes Apache security settings.
AllowOverride all
# MultiViews must be turned off.
Options -MultiViews
</Directory>
</VirtualHost>
And that's it! You may also want to check the Users Guide for security and
optimization tips, troubleshooting and other useful information:
/usr/lib/ruby/gems/1.8/gems/passenger-3.0.13/doc/Users guide Apache.html
Enjoy Phusion Passenger, a product of Phusion (http://www.phusion.nl/) :-)
http://www.modrails.com/
Phusion Passenger is a trademark of Hongli Lai & Ninh Bui.
=============================================================
cd /var/www/html/redmine/public/
cp dispatch.fcgi.example dispatch.fcgi
cp htaccess.fcgi.example htaccess.fcgi
cd /var/www/html/
chown apache.apache dispatch.fcgi
chown apache.apache htaccess.fcgi
chmod 755 dispatch.fcgi
cd /var/www/html/redmine/config/
cp database.yml.example database.yml
設定 redmine DB 相關資訊
vi database.yml
Mysql> create database redmine character set utf8;
mysql> GRANT ALL ON redmine.* TO redmine@localhost IDENTIFIED BY 'redmine';
mysql> flush privileges;
Create Redmine Session Store
# RAILS_ENV=production bundle exec rake generate_session_store
Migrate the Database models
# RAILS_ENV=production bundle exec rake db:migrate
load Redmine defafut data ....
# RAILS_ENV=production bundle exec rake redmine:load_default_data
設定 Apache
vi /etc/httpd/conf/httpd.conf
Listen 8080
LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-3.0.13/ext/apache2/mod_passenger.so
PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-3.0.13
PassengerRuby /usr/bin/ruby
<VirtualHost *:8080>
DocumentRoot /var/www/html/redmine/public
ErrorLog logs/redmine_error_log
<directory /var/www/html/redmine/publie >
AllowOverride all
Options -MultiViews
</directory>
</VirtualHost>
使用平台為 CentOS 6.3 [ LAMP ]
前置作業
yum install php php-mysql php-mbstring php-mcrypt php-gd ImageMagick-devel freetype-devel ghostscript
yum install ruby*
gem update --system
gem install rubygems-update
gem install bundler
gem install rake
gem install i18n
gem install multi_json
gem install builder
gem install activemodel
gem install erubis
gem install journey
gem install rack
gem install rack-cache
gem install rack-test
gem install hike
gem install tilt
gem install sprockets
gem install actionpack
gem install mime-types
gem install polyglot
gem install treetop
gem install mail
gem install actionmailer
gem install arel
gem install tzinfo
gem install activerecord
gem install activeresource
gem install bundler
gem install coderay
gem install fastercsv
gem install json
gem install metaclass
gem install mocha
gem install mysql
gem install net-ldap
gem install pg
gem install rack-ssl
gem install rdoc
gem install thor
gem install railties
gem install rails
gem install prototype-rails
gem install ruby-openid
gem install rack-openid
gem install activesupport
gem install rmagick
下載與安裝 Redmine
cd /usr/local/src/
wget http://rubyforge.org/frs/download.php/76259/redmine-2.0.3.tar.gz
tar -zvxf redmine-2.0.3.tar.gz
mv redmine-2.0.3 redmine
mv redmine /var/www/html/
cd /var/www/html/
chown -R apache.apache redmine
chmod -R 755 redmine
cd /var/www/html/redmine
# gem list
*** LOCAL GEMS ***
actionmailer (3.2.6)
actionpack (3.2.6)
activemodel (3.2.6)
activerecord (3.2.6)
activeresource (3.2.6)
activesupport (3.2.6)
arel (3.0.2)
builder (3.0.0)
bundler (1.1.4)
coderay (1.0.7)
daemon_controller (1.0.0)
erubis (2.7.0)
fastercsv (1.5.5)
fastthread (1.0.7)
flexmock (0.8.6)
hike (1.2.1)
i18n (0.6.0)
journey (1.0.4)
json (1.7.3)
mail (2.4.4)
metaclass (0.0.1)
mime-types (1.19)
mocha (0.12.0)
multi_json (1.3.6)
mysql (2.8.1)
net-ldap (0.3.1)
passenger (3.0.13)
pg (0.14.0)
polyglot (0.3.3)
prototype-rails (3.2.1)
rack (1.4.1)
rack-cache (1.2)
rack-openid (1.3.1)
rack-ssl (1.3.2)
rack-test (0.6.1)
rails (3.2.6)
railties (3.2.6)
rake (0.9.2.2, 0.8.7)
rdoc (3.12)
rmagick (2.13.1)
ruby-openid (2.2.0, 2.1.8)
rubygems-update (1.8.24)
shoulda (2.11.3)
sprockets (2.4.5, 2.1.3)
sqlite3 (1.3.6)
thor (0.15.4)
tilt (1.3.3)
treetop (1.4.10)
tzinfo (0.3.33)
yard (0.8.2.1)
[root@CentOS63 src]#
# bundle install
Fetching gem metadata from http://rubygems.org/.......
Using rake (0.9.2.2)
Using i18n (0.6.0)
Using multi_json (1.3.6)
Using activesupport (3.2.6)
Using builder (3.0.0)
Using activemodel (3.2.6)
Using erubis (2.7.0)
Using journey (1.0.4)
Using rack (1.4.1)
Using rack-cache (1.2)
Using rack-test (0.6.1)
Using hike (1.2.1)
Using tilt (1.3.3)
Using sprockets (2.1.3)
Using actionpack (3.2.6)
Using mime-types (1.19)
Using polyglot (0.3.3)
Using treetop (1.4.10)
Using mail (2.4.4)
Using actionmailer (3.2.6)
Using arel (3.0.2)
Using tzinfo (0.3.33)
Using activerecord (3.2.6)
Using activeresource (3.2.6)
Using bundler (1.1.4)
Using coderay (1.0.7)
Using fastercsv (1.5.5)
Using json (1.7.3)
Using metaclass (0.0.1)
Using mocha (0.12.0)
Using mysql (2.8.1)
Using net-ldap (0.3.1)
Using pg (0.14.0)
Using rack-ssl (1.3.2)
Using rdoc (3.12)
Using thor (0.15.4)
Using railties (3.2.6)
Using rails (3.2.6)
Using prototype-rails (3.2.1)
Installing ruby-openid (2.1.8)
Using rack-openid (1.3.1)
Using rmagick (2.13.1)
Installing shoulda (2.11.3)
Installing sqlite3 (1.3.6) with native extensions
Installing yard (0.8.2.1)
Your bundle is complete! Use `bundle show [gemname]` to see where a bundled gem is installed.
#
#gem install passenger
#passenger-install-apache2-module
[root@CentOS63 conf]# gem install passenger
Fetching: fastthread-1.0.7.gem (100%)
Building native extensions. This could take a while...
Fetching: daemon_controller-1.0.0.gem (100%)
Fetching: passenger-3.0.13.gem (100%)
Successfully installed fastthread-1.0.7
Successfully installed daemon_controller-1.0.0
Successfully installed passenger-3.0.13
3 gems installed
Installing ri documentation for fastthread-1.0.7...
Building YARD (yri) index for fastthread-1.0.7...
Installing ri documentation for daemon_controller-1.0.0...
Building YARD (yri) index for daemon_controller-1.0.0...
Installing ri documentation for passenger-3.0.13...
Building YARD (yri) index for passenger-3.0.13...
Installing RDoc documentation for fastthread-1.0.7...
Installing RDoc documentation for daemon_controller-1.0.0...
Installing RDoc documentation for passenger-3.0.13...
# passenger-install-apache2-module
================================================
Welcome to the Phusion Passenger Apache 2 module installer, v3.0.13.
This installer will guide you through the entire installation process. It
shouldn't take more than 3 minutes in total.
Here's what you can expect from the installation process:
1. The Apache 2 module will be installed for you.
2. You'll learn how to configure Apache.
3. You'll learn how to deploy a Ruby on Rails application.
Don't worry if anything goes wrong. This installer will advise you on how to
solve any problems.
Press Enter to continue, or Ctrl-C to abort.
--------------------------------------------
Checking for required software...
* GNU C++ compiler... found at /usr/bin/g++
* Curl development headers with SSL support... found
* OpenSSL development headers... found
* Zlib development headers... found
* Ruby development headers... found
* OpenSSL support for Ruby... found
* RubyGems... found
* Rake... found at /usr/bin/rake
* rack... found
* Apache 2... found at /usr/sbin/httpd
* Apache 2 development headers... found at /usr/sbin/apxs
* Apache Portable Runtime (APR) development headers... found at /usr/bin/apr-1-config
* Apache Portable Runtime Utility (APU) development headers... found at /usr/bin/apu-1-config
--------------------------------------------
Compiling and installing Apache 2 module...
...........
...........
............
--------------------------------------------
The Apache 2 module was successfully installed.
Please edit your Apache configuration file, and add these lines:
LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-3.0.13/ext/apache2/mod_passenger.so
PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-3.0.13
PassengerRuby /usr/bin/ruby
After you restart Apache, you are ready to deploy any number of Ruby on Rails
applications on Apache, without any further Ruby on Rails-specific
configuration!
Press ENTER to continue.
--------------------------------------------
Deploying a Ruby on Rails application: an example
Suppose you have a Rails application in /somewhere. Add a virtual host to your
Apache configuration file and set its DocumentRoot to /somewhere/public:
<VirtualHost *:80>
ServerName http://www.yourhost.com/
# !!! Be sure to point DocumentRoot to 'public'!
DocumentRoot /somewhere/public
<Directory /somewhere/public>
# This relaxes Apache security settings.
AllowOverride all
# MultiViews must be turned off.
Options -MultiViews
</Directory>
</VirtualHost>
And that's it! You may also want to check the Users Guide for security and
optimization tips, troubleshooting and other useful information:
/usr/lib/ruby/gems/1.8/gems/passenger-3.0.13/doc/Users guide Apache.html
Enjoy Phusion Passenger, a product of Phusion (http://www.phusion.nl/) :-)
http://www.modrails.com/
Phusion Passenger is a trademark of Hongli Lai & Ninh Bui.
=============================================================
cd /var/www/html/redmine/public/
cp dispatch.fcgi.example dispatch.fcgi
cp htaccess.fcgi.example htaccess.fcgi
cd /var/www/html/
chown apache.apache dispatch.fcgi
chown apache.apache htaccess.fcgi
chmod 755 dispatch.fcgi
cd /var/www/html/redmine/config/
cp database.yml.example database.yml
設定 redmine DB 相關資訊
vi database.yml
Mysql> create database redmine character set utf8;
mysql> GRANT ALL ON redmine.* TO redmine@localhost IDENTIFIED BY 'redmine';
mysql> flush privileges;
Create Redmine Session Store
# RAILS_ENV=production bundle exec rake generate_session_store
Migrate the Database models
# RAILS_ENV=production bundle exec rake db:migrate
load Redmine defafut data ....
# RAILS_ENV=production bundle exec rake redmine:load_default_data
設定 Apache
vi /etc/httpd/conf/httpd.conf
Listen 8080
LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-3.0.13/ext/apache2/mod_passenger.so
PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-3.0.13
PassengerRuby /usr/bin/ruby
<VirtualHost *:8080>
DocumentRoot /var/www/html/redmine/public
ErrorLog logs/redmine_error_log
<directory /var/www/html/redmine/publie >
AllowOverride all
Options -MultiViews
</directory>
</VirtualHost>
2012年7月9日 星期一
滲透測試 & 弱點掃描 w3af + WAF for Apache (Part 1)
滲透測試
w3af
http://w3af.sourceforge.net/
http://sourceforge.net/projects/w3af/files/w3af/
弱點掃描
dragonsoft ( http://www.dragonsoft.com.tw/ ) or
nessus ( http://www.nessus.org/products/nessus ) or
openvas ( http://www.openvas.org/ )
WAF for Apache
ModSecurity
http://www.modsecurity.org/
yum install httpd-devel* pcre-devel* pcre* libxml2* libcurl* lua* libtool openssl
cd /usr/local/src/
wget http://www.modsecurity.org/download/modsecurity-apache_2.6.6.tar.gz
tar -xvzf modsecurity-apache_2.6.6.tar.gz
cd modsecurity-apache_2.6.6
./configure --with-apxs=/usr/sbin/apxs
make
make test
make install
/etc/httpd/modules/mod_security2.so
/usr/local/modsecurity/lib/mod_security2.so
vi /etc/httpd/conf.d/modsecurity.conf
[root@lvm conf]# cat /etc/httpd/conf.d/modsecurity.conf
LoadModule security2_module modules/mod_security2.so
<IfModule mod_security>
SecFilterEngine On
SecServerSignature "Microsoft-IIS/6.0"
</IfModule>
<IfModule mod_security2.c>
SecServerSignature "Microsoft-IIS/6.0"
</IfModule>
[root@lvm conf]#
wget http://www6.atomicorp.com/channels/rules/delayed/modsec-2.5-free-latest.tar.gz
tar -zvxf modsec-2.5-free-latest.tar.gz
cd modsec
mkdir /etc/httpd/conf/rule
cp ??_*.conf /etc/httpd/conf/rule/
vi /etc/httpd/conf/httpd.conf
include conf/rule/*.conf
mkdir -p /etc/asl/whitelist
cp whitelist.txt /etc/asl/whitelist/
vi /etc/httpd/conf/rule/00_asl_rbl.conf
vi /etc/httpd/conf/rule/00_asl_whitelist.conf
cp mal* /etc/httpd/conf/rule/
cp sql* /etc/httpd/conf/rule/
cp do* /etc/httpd/conf/rule/
vi /etc/httpd/conf/rule/domain-spam-whitelist.con
vi /etc/httpd/conf/rule/domain-spam-whitelist.conf
service httpd restart
參考文件
http://www.openfoundry.org/tw/tech-column/8286--modsecurity-webapp-firewall
yum install python-*
[root@lvm w3af]# ./w3af_gui
Your python installation needs the following packages:
nltk pysvn scapy
On debian based systems:
sudo apt-get install python-nltk python-svn python-scapy
Additional information:
If you can not install nltk, please try the following:
wget http://pyyaml.org/download/pyyaml/PyYAML-3.09.tar.gz
tar -xzvf PyYAML-3.09.tar.gz
cd PyYAML-3.09
python setup.py install
cd ..
wget http://nltk.googlecode.com/files/nltk-2.0b9.tar.gz
tar -xzvf nltk-2.0b9.tar.gz
cd nltk-2.0b9
python setup.py install
[root@lvm w3af]#
rpm -Uvh http://www6.atomicorp.com/channels/atomic/centos/6/i386/RPMS/atomic-release-1.0-14.el6.art.noarch.rpm
yum install python-nltk pysvn scapy
yum install tigervnc-server*
yum install graphviz graphviz-*
yum install pygtksourceview*
VNC:
[root@lvm .vnc]# yum search vncserver
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
* atomic: www3.atomicorp.com
* base: ftp://ftp.cs.pu.edu.tw/
* extras: ftp://ftp.cs.pu.edu.tw/
* updates: ftp://ftp.cs.pu.edu.tw/
atomic | 1.9 kB 00:00
base | 3.7 kB 00:00
extras | 3.5 kB 00:00
updates | 3.5 kB 00:00
================================================================== N/S Matched: vncserver ===================================================================
libvncserver-devel.i686 : Development files for libvncserver
libvncserver.i686 : Library to make writing a vnc server easy
Name and summary matches only, use "search all" for everything.
[root@lvm .vnc]# rpm -qa | grep vnc
tigervnc-server-applet-1.0.90-0.17.20110314svn4359.el6.noarch
libvncserver-0.9.7-4.el6.i686
tigervnc-server-module-1.0.90-0.17.20110314svn4359.el6.i686
tigervnc-server-1.0.90-0.17.20110314svn4359.el6.i686
[root@lvm .vnc]#
[root@lvm w3af]# vncserver
You will require a password to access your desktops.
Password:
Verify:
xauth: creating new authority file /root/.Xauthority
xauth: (stdin):1: bad display name "lvm:1" in "add" command
New 'lvm:1 (root)' desktop is lvm:1
Creating default startup script /root/.vnc/xstartup
Starting applications specified in /root/.vnc/xstartup
Log file is /root/.vnc/lvm:1.log
[root@lvm w3af]# netstat -an | grep :59
tcp 0 0 0.0.0.0:5901 0.0.0.0:* LISTEN
[root@lvm w3af]# cat /etc/sysconfig/vncservers
# The VNCSERVERS variable is a list of display:user pairs.
#
# Uncomment the lines below to start a VNC server on display :2
# as my 'myusername' (adjust this to your own). You will also
# need to set a VNC password; run 'man vncpasswd' to see how
# to do that.
#
# DO NOT RUN THIS SERVICE if your local area network is
# untrusted! For a secure way of using VNC, see this URL:
# http://kbase.redhat.com/faq/docs/DOC-7028
# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.
# Use "-localhost" to prevent remote VNC clients connecting except when
# doing so through a secure tunnel. See the "-via" option in the
# `man vncviewer' manual page.
# VNCSERVERS="2:myusername"
# VNCSERVERARGS[2]="-geometry 800x600 -nolisten tcp -localhost"
[root@lvm w3af]# vi /etc/sysconfig/vncservers
# The VNCSERVERS variable is a list of display:user pairs.
#
# Uncomment the lines below to start a VNC server on display :2
# as my 'myusername' (adjust this to your own). You will also
# need to set a VNC password; run 'man vncpasswd' to see how
# to do that.
#
# DO NOT RUN THIS SERVICE if your local area network is
# untrusted! For a secure way of using VNC, see this URL:
# http://kbase.redhat.com/faq/docs/DOC-7028
# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.
# Use "-localhost" to prevent remote VNC clients connecting except when
# doing so through a secure tunnel. See the "-via" option in the
# `man vncviewer' manual page.
VNCSERVERS="2:root"
VNCSERVERARGS[2]="-geometry 800x600 -nolisten tcp -localhost"
w3af
http://w3af.sourceforge.net/
http://sourceforge.net/projects/w3af/files/w3af/
弱點掃描
dragonsoft ( http://www.dragonsoft.com.tw/ ) or
nessus ( http://www.nessus.org/products/nessus ) or
openvas ( http://www.openvas.org/ )
WAF for Apache
ModSecurity
http://www.modsecurity.org/
yum install httpd-devel* pcre-devel* pcre* libxml2* libcurl* lua* libtool openssl
cd /usr/local/src/
wget http://www.modsecurity.org/download/modsecurity-apache_2.6.6.tar.gz
tar -xvzf modsecurity-apache_2.6.6.tar.gz
cd modsecurity-apache_2.6.6
./configure --with-apxs=/usr/sbin/apxs
make
make test
make install
/etc/httpd/modules/mod_security2.so
/usr/local/modsecurity/lib/mod_security2.so
vi /etc/httpd/conf.d/modsecurity.conf
[root@lvm conf]# cat /etc/httpd/conf.d/modsecurity.conf
LoadModule security2_module modules/mod_security2.so
<IfModule mod_security>
SecFilterEngine On
SecServerSignature "Microsoft-IIS/6.0"
</IfModule>
<IfModule mod_security2.c>
SecServerSignature "Microsoft-IIS/6.0"
</IfModule>
[root@lvm conf]#
wget http://www6.atomicorp.com/channels/rules/delayed/modsec-2.5-free-latest.tar.gz
tar -zvxf modsec-2.5-free-latest.tar.gz
cd modsec
mkdir /etc/httpd/conf/rule
cp ??_*.conf /etc/httpd/conf/rule/
vi /etc/httpd/conf/httpd.conf
include conf/rule/*.conf
mkdir -p /etc/asl/whitelist
cp whitelist.txt /etc/asl/whitelist/
vi /etc/httpd/conf/rule/00_asl_rbl.conf
vi /etc/httpd/conf/rule/00_asl_whitelist.conf
cp mal* /etc/httpd/conf/rule/
cp sql* /etc/httpd/conf/rule/
cp do* /etc/httpd/conf/rule/
vi /etc/httpd/conf/rule/domain-spam-whitelist.con
vi /etc/httpd/conf/rule/domain-spam-whitelist.conf
service httpd restart
參考文件
http://www.openfoundry.org/tw/tech-column/8286--modsecurity-webapp-firewall
yum install python-*
[root@lvm w3af]# ./w3af_gui
Your python installation needs the following packages:
nltk pysvn scapy
On debian based systems:
sudo apt-get install python-nltk python-svn python-scapy
Additional information:
If you can not install nltk, please try the following:
wget http://pyyaml.org/download/pyyaml/PyYAML-3.09.tar.gz
tar -xzvf PyYAML-3.09.tar.gz
cd PyYAML-3.09
python setup.py install
cd ..
wget http://nltk.googlecode.com/files/nltk-2.0b9.tar.gz
tar -xzvf nltk-2.0b9.tar.gz
cd nltk-2.0b9
python setup.py install
[root@lvm w3af]#
rpm -Uvh http://www6.atomicorp.com/channels/atomic/centos/6/i386/RPMS/atomic-release-1.0-14.el6.art.noarch.rpm
yum install python-nltk pysvn scapy
yum install tigervnc-server*
yum install graphviz graphviz-*
yum install pygtksourceview*
VNC:
[root@lvm .vnc]# yum search vncserver
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
* atomic: www3.atomicorp.com
* base: ftp://ftp.cs.pu.edu.tw/
* extras: ftp://ftp.cs.pu.edu.tw/
* updates: ftp://ftp.cs.pu.edu.tw/
atomic | 1.9 kB 00:00
base | 3.7 kB 00:00
extras | 3.5 kB 00:00
updates | 3.5 kB 00:00
================================================================== N/S Matched: vncserver ===================================================================
libvncserver-devel.i686 : Development files for libvncserver
libvncserver.i686 : Library to make writing a vnc server easy
Name and summary matches only, use "search all" for everything.
[root@lvm .vnc]# rpm -qa | grep vnc
tigervnc-server-applet-1.0.90-0.17.20110314svn4359.el6.noarch
libvncserver-0.9.7-4.el6.i686
tigervnc-server-module-1.0.90-0.17.20110314svn4359.el6.i686
tigervnc-server-1.0.90-0.17.20110314svn4359.el6.i686
[root@lvm .vnc]#
[root@lvm w3af]# vncserver
You will require a password to access your desktops.
Password:
Verify:
xauth: creating new authority file /root/.Xauthority
xauth: (stdin):1: bad display name "lvm:1" in "add" command
New 'lvm:1 (root)' desktop is lvm:1
Creating default startup script /root/.vnc/xstartup
Starting applications specified in /root/.vnc/xstartup
Log file is /root/.vnc/lvm:1.log
[root@lvm w3af]# netstat -an | grep :59
tcp 0 0 0.0.0.0:5901 0.0.0.0:* LISTEN
[root@lvm w3af]# cat /etc/sysconfig/vncservers
# The VNCSERVERS variable is a list of display:user pairs.
#
# Uncomment the lines below to start a VNC server on display :2
# as my 'myusername' (adjust this to your own). You will also
# need to set a VNC password; run 'man vncpasswd' to see how
# to do that.
#
# DO NOT RUN THIS SERVICE if your local area network is
# untrusted! For a secure way of using VNC, see this URL:
# http://kbase.redhat.com/faq/docs/DOC-7028
# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.
# Use "-localhost" to prevent remote VNC clients connecting except when
# doing so through a secure tunnel. See the "-via" option in the
# `man vncviewer' manual page.
# VNCSERVERS="2:myusername"
# VNCSERVERARGS[2]="-geometry 800x600 -nolisten tcp -localhost"
[root@lvm w3af]# vi /etc/sysconfig/vncservers
# The VNCSERVERS variable is a list of display:user pairs.
#
# Uncomment the lines below to start a VNC server on display :2
# as my 'myusername' (adjust this to your own). You will also
# need to set a VNC password; run 'man vncpasswd' to see how
# to do that.
#
# DO NOT RUN THIS SERVICE if your local area network is
# untrusted! For a secure way of using VNC, see this URL:
# http://kbase.redhat.com/faq/docs/DOC-7028
# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.
# Use "-localhost" to prevent remote VNC clients connecting except when
# doing so through a secure tunnel. See the "-via" option in the
# `man vncviewer' manual page.
VNCSERVERS="2:root"
VNCSERVERARGS[2]="-geometry 800x600 -nolisten tcp -localhost"
訂閱:
文章 (Atom)