w3af
http://w3af.sourceforge.net/
http://sourceforge.net/projects/w3af/files/w3af/
弱點掃描
dragonsoft ( http://www.dragonsoft.com.tw/ ) or
nessus ( http://www.nessus.org/products/nessus ) or
openvas ( http://www.openvas.org/ )
WAF for Apache
ModSecurity
http://www.modsecurity.org/
yum install httpd-devel* pcre-devel* pcre* libxml2* libcurl* lua* libtool openssl
cd /usr/local/src/
wget http://www.modsecurity.org/download/modsecurity-apache_2.6.6.tar.gz
tar -xvzf modsecurity-apache_2.6.6.tar.gz
cd modsecurity-apache_2.6.6
./configure --with-apxs=/usr/sbin/apxs
make
make test
make install
/etc/httpd/modules/mod_security2.so
/usr/local/modsecurity/lib/mod_security2.so
vi /etc/httpd/conf.d/modsecurity.conf
[root@lvm conf]# cat /etc/httpd/conf.d/modsecurity.conf
LoadModule security2_module modules/mod_security2.so
<IfModule mod_security>
SecFilterEngine On
SecServerSignature "Microsoft-IIS/6.0"
</IfModule>
<IfModule mod_security2.c>
SecServerSignature "Microsoft-IIS/6.0"
</IfModule>
[root@lvm conf]#
wget http://www6.atomicorp.com/channels/rules/delayed/modsec-2.5-free-latest.tar.gz
tar -zvxf modsec-2.5-free-latest.tar.gz
cd modsec
mkdir /etc/httpd/conf/rule
cp ??_*.conf /etc/httpd/conf/rule/
vi /etc/httpd/conf/httpd.conf
include conf/rule/*.conf
mkdir -p /etc/asl/whitelist
cp whitelist.txt /etc/asl/whitelist/
vi /etc/httpd/conf/rule/00_asl_rbl.conf
vi /etc/httpd/conf/rule/00_asl_whitelist.conf
cp mal* /etc/httpd/conf/rule/
cp sql* /etc/httpd/conf/rule/
cp do* /etc/httpd/conf/rule/
vi /etc/httpd/conf/rule/domain-spam-whitelist.con
vi /etc/httpd/conf/rule/domain-spam-whitelist.conf
service httpd restart
參考文件
http://www.openfoundry.org/tw/tech-column/8286--modsecurity-webapp-firewall
yum install python-*
[root@lvm w3af]# ./w3af_gui
Your python installation needs the following packages:
nltk pysvn scapy
On debian based systems:
sudo apt-get install python-nltk python-svn python-scapy
Additional information:
If you can not install nltk, please try the following:
wget http://pyyaml.org/download/pyyaml/PyYAML-3.09.tar.gz
tar -xzvf PyYAML-3.09.tar.gz
cd PyYAML-3.09
python setup.py install
cd ..
wget http://nltk.googlecode.com/files/nltk-2.0b9.tar.gz
tar -xzvf nltk-2.0b9.tar.gz
cd nltk-2.0b9
python setup.py install
[root@lvm w3af]#
rpm -Uvh http://www6.atomicorp.com/channels/atomic/centos/6/i386/RPMS/atomic-release-1.0-14.el6.art.noarch.rpm
yum install python-nltk pysvn scapy
yum install tigervnc-server*
yum install graphviz graphviz-*
yum install pygtksourceview*
VNC:
[root@lvm .vnc]# yum search vncserver
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
* atomic: www3.atomicorp.com
* base: ftp://ftp.cs.pu.edu.tw/
* extras: ftp://ftp.cs.pu.edu.tw/
* updates: ftp://ftp.cs.pu.edu.tw/
atomic | 1.9 kB 00:00
base | 3.7 kB 00:00
extras | 3.5 kB 00:00
updates | 3.5 kB 00:00
================================================================== N/S Matched: vncserver ===================================================================
libvncserver-devel.i686 : Development files for libvncserver
libvncserver.i686 : Library to make writing a vnc server easy
Name and summary matches only, use "search all" for everything.
[root@lvm .vnc]# rpm -qa | grep vnc
tigervnc-server-applet-1.0.90-0.17.20110314svn4359.el6.noarch
libvncserver-0.9.7-4.el6.i686
tigervnc-server-module-1.0.90-0.17.20110314svn4359.el6.i686
tigervnc-server-1.0.90-0.17.20110314svn4359.el6.i686
[root@lvm .vnc]#
[root@lvm w3af]# vncserver
You will require a password to access your desktops.
Password:
Verify:
xauth: creating new authority file /root/.Xauthority
xauth: (stdin):1: bad display name "lvm:1" in "add" command
New 'lvm:1 (root)' desktop is lvm:1
Creating default startup script /root/.vnc/xstartup
Starting applications specified in /root/.vnc/xstartup
Log file is /root/.vnc/lvm:1.log
[root@lvm w3af]# netstat -an | grep :59
tcp 0 0 0.0.0.0:5901 0.0.0.0:* LISTEN
[root@lvm w3af]# cat /etc/sysconfig/vncservers
# The VNCSERVERS variable is a list of display:user pairs.
#
# Uncomment the lines below to start a VNC server on display :2
# as my 'myusername' (adjust this to your own). You will also
# need to set a VNC password; run 'man vncpasswd' to see how
# to do that.
#
# DO NOT RUN THIS SERVICE if your local area network is
# untrusted! For a secure way of using VNC, see this URL:
# http://kbase.redhat.com/faq/docs/DOC-7028
# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.
# Use "-localhost" to prevent remote VNC clients connecting except when
# doing so through a secure tunnel. See the "-via" option in the
# `man vncviewer' manual page.
# VNCSERVERS="2:myusername"
# VNCSERVERARGS[2]="-geometry 800x600 -nolisten tcp -localhost"
[root@lvm w3af]# vi /etc/sysconfig/vncservers
# The VNCSERVERS variable is a list of display:user pairs.
#
# Uncomment the lines below to start a VNC server on display :2
# as my 'myusername' (adjust this to your own). You will also
# need to set a VNC password; run 'man vncpasswd' to see how
# to do that.
#
# DO NOT RUN THIS SERVICE if your local area network is
# untrusted! For a secure way of using VNC, see this URL:
# http://kbase.redhat.com/faq/docs/DOC-7028
# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.
# Use "-localhost" to prevent remote VNC clients connecting except when
# doing so through a secure tunnel. See the "-via" option in the
# `man vncviewer' manual page.
VNCSERVERS="2:root"
VNCSERVERARGS[2]="-geometry 800x600 -nolisten tcp -localhost"
沒有留言:
張貼留言