2011年7月23日 星期六

[研究] N-Stalker Free Edition 2012 網站漏洞掃描軟體使用教學


[研究] N-Stalker Free Edition 2012 網站漏洞掃描軟體使用教學

下載網址
http://nstalker.com/products/free/download-free-edition
填寫資料,下載連結會寄到電子郵件信箱中
下載得到 NStalker-WebSecurityScanner-Free2012-b105.exe

版本功能差異比較

http://www.nstalker.com/products/compare-editions/security-checks/

使用方法如下:











參考

[研究] N-Stalker Free Edition 2009 網站漏洞掃描軟體使用教學
http://forum.icst.org.tw/phpbb/viewtopic.php?t=20278

(完)

2011年7月18日 星期一

[研究] 架設 CentOS 6.0 Yum Server


[研究] 架設 CentOS 6.0 Yum Server 

如果你的 CentOS 6.0 有很多台,可能想自己架設 Yum Server,而不是連上預設的 Yum Server,或連上國內某大學 Yum Server。

以下是以 CentOS 6.0 x86 架設 CentOS 6.0 Yum Server 方法:
(你也可以拿 Fedora 15 或其他 Linux 架設給 CentOS 6.0 Yum Server,方法不保證 100% 相同)

安裝所需套件和建立相關目錄:
代碼:
yum  -y  install  yum-arch  createrepo wget

mkdir -p  /var/www/html/pub/Linux/CentOS/6.0/os/i386
mkdir -p  /var/www/html/pub/Linux/CentOS/6.0/updates/i386
mkdir -p  /var/www/html/pub/Linux/CentOS/6.0/extras/i386
mkdir -p  /var/www/html/pub/Linux/CentOS/6.0/centosplus/i386
mkdir -p  /var/www/html/pub/Linux/CentOS/6.0/contrib/i386

mkdir -p  /var/www/html/pub/Linux/CentOS/6.0/os/x86_64
mkdir -p  /var/www/html/pub/Linux/CentOS/6.0/updates/x86_64
mkdir -p  /var/www/html/pub/Linux/CentOS/6.0/extras/x86_64
mkdir -p  /var/www/html/pub/Linux/CentOS/6.0/centosplus/x86_64
mkdir -p  /var/www/html/pub/Linux/CentOS/6.0/contrib/x86_64

ln -s /var/www/html/pub/Linux/CentOS/6.0  /var/www/html/pub/Linux/CentOS/6


建立 yum_cent60.sh 檔案,此處是去抓義守大學 (ISU) 的 Yum Server 內容:
(你可以改成其他大學,路徑要再確認一下)
代碼:

#---------------------------
# yum_cent60.sh
#---------------------------

cd  /var/www/html/pub/Linux/CentOS/6.0/os/i386
wget --passive-ftp -m -nH -nd ftp://ftp.isu.edu.tw/pub/Linux/CentOS/6.0/os/i386
createrepo /var/www/html/pub/Linux/CentOS/6.0/os/i386

cd  /var/www/html/pub/Linux/CentOS/6.0/updates/i386
wget --passive-ftp -m -nH -nd ftp://ftp.isu.edu.tw/pub/Linux/CentOS/6.0/updates/i386
createrepo /var/www/html/pub/Linux/CentOS/6.0/updates/i386

cd  /var/www/html/pub/Linux/CentOS/6.0/extras/i386
wget --passive-ftp -m -nH -nd ftp://ftp.isu.edu.tw/pub/Linux/CentOS/6.0/extras/i386
createrepo /var/www/html/pub/Linux/CentOS/6.0/extras/i386

cd  /var/www/html/pub/Linux/CentOS/6.0/centosplus/i386
wget --passive-ftp -m -nH -nd ftp://ftp.isu.edu.tw/pub/Linux/CentOS/6.0/centosplus/i386
createrepo /var/www/html/pub/Linux/CentOS/6.0/centosplus/i386

cd  /var/www/html/pub/Linux/CentOS/6.0/contrib/i386
wget --passive-ftp -m -nH -nd ftp://ftp.isu.edu.tw/pub/Linux/CentOS/6.0/contrib/i386
createrepo /var/www/html/pub/Linux/CentOS/6.0/contrib/i386

#---------------------

cd  /var/www/html/pub/Linux/CentOS/6.0/os/x86_64
wget --passive-ftp -m -nH -nd ftp://ftp.isu.edu.tw/pub/Linux/CentOS/6.0/os/x86_64
createrepo /var/www/html/pub/Linux/CentOS/6.0/os/x86_64

cd  /var/www/html/pub/Linux/CentOS/6.0/updates/x86_64
wget --passive-ftp -m -nH -nd ftp://ftp.isu.edu.tw/pub/Linux/CentOS/6.0/updates/x86_64
createrepo /var/www/html/pub/Linux/CentOS/6.0/updates/x86_64

cd  /var/www/html/pub/Linux/CentOS/6.0/extras/x86_64
wget --passive-ftp -m -nH -nd ftp://ftp.isu.edu.tw/pub/Linux/CentOS/6.0/extras/x86_64
createrepo /var/www/html/pub/Linux/CentOS/6.0/extras/x86_64

cd  /var/www/html/pub/Linux/CentOS/6.0/centosplus/x86_64
wget --passive-ftp -m -nH -nd ftp://ftp.isu.edu.tw/pub/Linux/CentOS/6.0/centosplus/x86_64
createrepo /var/www/html/pub/Linux/CentOS/6.0/centosplus/x86_64

cd  /var/www/html/pub/Linux/CentOS/6.0/contrib/x86_64
wget --passive-ftp -m -nH -nd ftp://ftp.isu.edu.tw/pub/Linux/CentOS/6.0/contrib/x86_64
createrepo /var/www/html/pub/Linux/CentOS/6.0/contrib/x86_64


設定為可執行:
代碼:
chmod  +x  /root/yum_cent60.sh


執行 vi /etc/crontab 設定排程,此處設定每天 PM 6:00 (18:00) 執行 /root/yum_cent60.sh
代碼:
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root

# For details see man 4 crontabs

# Example of job definition:
# .---------------- minute (0 - 59)
# |  .------------- hour (0 - 23)
# |  |  .---------- day of month (1 - 31)
# |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
# |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# |  |  |  |  |
# *  *  *  *  * user-name  command to be executed
00 18 * * * /root/yum_cent60.sh

(完)

Client 的設定

當你有 CentOS 6.0 需要使用此台 CentOS 6.0 Yum Server 時,Client 請做下面修改
(假設該台 Yum Server IP 為 10.3.0.60)

/etc/yum.repos.d/CentOS-Base.repo 用下面的取代

代碼:
# CentOS-Base.repo
#
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client.  You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#

[base]
name=CentOS-$releasever - Base
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
baseurl=http://10.3.0.60/pub/Linux/CentOS/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

#released updates
[updates]
name=CentOS-$releasever - Updates
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
baseurl=http://10.3.0.60/pub/Linux/CentOS/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
baseurl=http://10.3.0.60/pub/Linux/CentOS/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
#baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
baseurl=http://10.3.0.60/pub/Linux/CentOS/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib
#baseurl=http://mirror.centos.org/centos/$releasever/contrib/$basearch/
baseurl=http://10.3.0.60/pub/Linux/CentOS/$releasever/contrib/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6


相關文章

[研究] Fedora 15 x86 yum server 指定義守大學方法
viewtopic.php?f=16&t=20256

[研究] CentOS 6.0 yum server 指定義守大學方法
http://forum.icst.org.tw/phpbb/viewtopic.php?f=16&t=20206

[研究] Fedora 14 yum server 指定義守大學方法
http://forum.icst.org.tw/phpbb/viewtopic.php?f=16&t=19591

[研究] CentOS 5.5 yum server 指定義守大學方法
http://forum.icst.org.tw/phpbb/viewtopic.php?f=16&t=19592

(完)

[研究] CentOS 6.0 yum server 指定義守大學方法

[研究] CentOS 6.0 Yum Server 指定義守大學方法

/etc/yum.repos.d/CentOS-Base.repo 用下面的取代

代碼:
# CentOS-Base.repo
#
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client.  You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#

[base]
name=CentOS-$releasever - Base
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
baseurl=http://ftp.isu.edu.tw/pub/Linux/CentOS/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

#released updates
[updates]
name=CentOS-$releasever - Updates
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
baseurl=http://ftp.isu.edu.tw/pub/Linux/CentOS/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
baseurl=http://ftp.isu.edu.tw/pub/Linux/CentOS/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
#baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
baseurl=http://ftp.isu.edu.tw/pub/Linux/CentOS/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib
#baseurl=http://mirror.centos.org/centos/$releasever/contrib/$basearch/
baseurl=http://ftp.isu.edu.tw/pub/Linux/CentOS/$releasever/contrib/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6


相關文章

[研究] CentOS 6.0 yum server 指定義守大學方法
http://forum.icst.org.tw/phpbb/viewtopic.php?f=16&t=20206

[研究] Fedora 14 yum server 指定義守大學方法
http://forum.icst.org.tw/phpbb/viewtopic.php?f=16&t=19591

[研究] CentOS 5.5 yum server 指定義守大學方法
http://forum.icst.org.tw/phpbb/viewtopic.php?f=16&t=19592

(完)

[研究] Fedora 15 x86 yum server 指定義守大學方法


[研究] Fedora 15 x86 yum server 指定義守大學方法

/etc/yum.respo.d 中的4個檔案用下面的取代

fedora.repo
代碼:
[fedora]
name=Fedora $releasever - $basearch
failovermethod=priority
#baseurl=http://download.fedoraproject.org/pub/fedora/linux/releases/$releasever/Everything/$basearch/os/
baseurl=http://ftp.isu.edu.tw/pub/Linux/Fedora/linux/releases/$releasever/Everything/$basearch/os/
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-$releasever&arch=$basearch
enabled=1
metadata_expire=7d
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch

[fedora-debuginfo]
name=Fedora $releasever - $basearch - Debug
failovermethod=priority
#baseurl=http://download.fedoraproject.org/pub/fedora/linux/releases/$releasever/Everything/$basearch/debug/
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-debug-$releasever&arch=$basearch
enabled=0
metadata_expire=7d
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch

[fedora-source]
name=Fedora $releasever - Source
failovermethod=priority
#baseurl=http://download.fedoraproject.org/pub/fedora/linux/releases/$releasever/Everything/source/SRPMS/
baseurl=http://ftp.isu.edu.tw/pub/Linux/Fedora/linux/releases/$releasever/Everything/$basearch/debug/
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=fedora-source-$releasever&arch=$basearch
enabled=0
metadata_expire=7d
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch


fedora-updates.repo
代碼:
[updates]
name=Fedora $releasever - $basearch - Updates
failovermethod=priority
#baseurl=http://download.fedoraproject.org/pub/fedora/linux/updates/$releasever/$basearch/
baseurl=http://ftp.isu.edu.tw/pub/Linux/Fedora/linux/updates/$releasever/$basearch/
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=updates-released-f$releasever&arch=$basearch
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch

[updates-debuginfo]
name=Fedora $releasever - $basearch - Updates - Debug
failovermethod=priority
#baseurl=http://download.fedoraproject.org/pub/fedora/linux/updates/$releasever/$basearch/debug/
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=updates-released-debug-f$releasever&arch=$basearch
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch

[updates-source]
name=Fedora $releasever - Updates Source
failovermethod=priority
#baseurl=http://download.fedoraproject.org/pub/fedora/linux/updates/$releasever/SRPMS/
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=updates-released-source-f$releasever&arch=$basearch
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch


fedora-updates-testing.repo
代碼:
[updates-testing]
name=Fedora $releasever - $basearch - Test Updates
failovermethod=priority
#baseurl=http://download.fedoraproject.org/pub/fedora/linux/updates/testing/$releasever/$basearch/
baseurl=http://ftp.isu.edu.tw/pub/Linux/Fedora/linux/updates/testing/$releasever/$basearch/
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=updates-testing-f$releasever&arch=$basearch
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch

[updates-testing-debuginfo]
name=Fedora $releasever - $basearch - Test Updates Debug
failovermethod=priority
#baseurl=http://download.fedoraproject.org/pub/fedora/linux/updates/testing/$releasever/$basearch/debug/
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=updates-testing-debug-f$releasever&arch=$basearch
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch

[updates-testing-source]
name=Fedora $releasever - Test Updates Source
failovermethod=priority
#baseurl=http://download.fedoraproject.org/pub/fedora/linux/updates/testing/$releasever/SRPMS/
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=updates-testing-source-f$releasever&arch=$basearch
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch



fedora-rawhide.repo
代碼:
# These packages are untested and still under development. This
# repository is used for development of new releases.
#
# This repository can see significant daily turnover and major
# functionality changes which cause unexpected problems with other
# development packages. Please use these packages if you want to work
# with the Fedora developers by testing these new development packages.
#
# # https://admin.fedoraproject.org/mailman/listinfo/test (Subscription
# Required) is available as a discussion forum for
# testing and troubleshooting for development packages in conjunction
# with new test releases.
#
# More information is available at http://fedoraproject.org/wiki/Testing
#
# Reproducible and reportable issues should be filed at
# http://bugzilla.redhat.com/.
#
# Product: Fedora
# Version: rawhide

[rawhide]
name=Fedora - Rawhide - Developmental packages for the next Fedora release
failovermethod=priority
#baseurl=http://download.fedoraproject.org/pub/fedora/linux/development/$basearch/os/
baseurl=http://ftp.isu.edu.tw/pub/Linux/Fedora/linux/development/$basearch/os/
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=rawhide&arch=$basearch
enabled=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch

[rawhide-debuginfo]
name=Fedora - Rawhide - Debug
failovermethod=priority
#baseurl=http://download.fedoraproject.org/pub/fedora/linux/development/$basearch/debug/
baseurl=http://ftp.isu.edu.tw/pub/Linux/Fedora/linux/development/$basearch/debug/
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=rawhide-debug&arch=$basearch
enabled=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch

[rawhide-source]
name=Fedora - Rawhide - Source
failovermethod=priority
#baseurl=http://download.fedoraproject.org/pub/fedora/linux/development/source/SRPMS/
baseurl=http://ftp.isu.edu.tw/pub/Linux/Fedora/linux/development/source/SRPMS/
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=rawhide-source&arch=$basearch
enabled=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$basearch


相關文章

[研究] Fedora 15 yum server 指定義守大學方法
http://forum.icst.org.tw/phpbb/viewtopic.php?t=20243
http://shaurong.blogspot.com/2011/07/fedora-15-x86-yum-server.html

[研究] Fedora 14 yum server 指定義守大學方法
http://forum.icst.org.tw/phpbb/viewtopic.php?t=19591

[研究] CentOS 6.0 yum server 指定義守大學方法
http://forum.icst.org.tw/phpbb/viewtopic.php?t=20206
http://shaurong.blogspot.com/2011/07/centos-60-yum-server.html

[研究] CentOS 5.5 yum server 指定義守大學方法
http://forum.icst.org.tw/phpbb/viewtopic.php?t=19592

(完)

2011年7月17日 星期日

[研究]phpSysInfo 3.0.11安裝(CentOS 6.0 x86)

[研究]phpSysInfo 3.0.11安裝(CentOS 6.0 x86)

phpSysInfo 是以網頁方式查詢主機系統資訊的系統

3.0.11 要求 PHP 至少 5.2 版 (CentOS 5.x yum 預設提供的 PHP < 5.2 版)

phpSysInfo 官方網站:
http://phpsysinfo.sourceforge.net/

代碼:
yum  -y install httpd php php-mbstring php-xml  wget
wget  http://sourceforge.net/projects/phpsysinfo/files/phpsysinfo/3.0.11/phpsysinfo-3.0.11.tar.gz/download

tar  zxvf  phpsysinfo-3.0.11.tar.gz  -C  /var/www/html/
cp  /var/www/html/phpsysinfo/config.php.new  /var/www/html/phpsysinfo/config.php
sed -i -e "s@define('PSI_DEFAULT_LANG', 'en');@define('PSI_DEFAULT_LANG', 'tw');@"  /var/www/html/phpsysinfo/config.php
grep PSI_DEFAULT_LANG /var/www/html/phpsysinfo/config.php
service httpd restart
service iptables stop
firefox http://localhost/phpsysinfo &


相關研究

[研究]phpSysInfo 3.0.11安裝(Fedora 15 x86)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=20250

[研究]phpSysInfo 3.0.11安裝(CentOS 6.0 x86)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=20228

[研究]phpSysInfo 3.0.7安裝(Fedora 14 x86)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=19189

[研究]phpSysInfo系統資訊查詢系統-安裝法(Fedora 7)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=14976

[研究] phpsysinfo 2.5.4 主機系統資訊 安裝 (CentOS 5.4 x86)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=18002

(完)