2014年8月31日 星期日

[研究] Selenium 2.6.0 - Web UI 測試工具安裝 (CentOS 6.5 x86_64)

[研究] Selenium 2.6.0 - Web UI 測試工具安裝 (CentOS 6.5 x86_64)

2014-08-31

官方網站
http://www.seleniumhq.org/

Selenium IDE 是透過 Firefox 的 Add-on 機制來實作,也就是說目前只能用在 Firefox 或能夠安裝 Firefox Add-on 的瀏覽器上。不過它所產生出來的 Script 就不一定只有 Firefox 才能執行了,我們之後可以指定其他類型的瀏覽器來執行測試。






(完)

相關

http://www.jaceju.net/blog/archives/1293/

2014年8月26日 星期二

[研究] Snort 2.9.6.2 + Barnyard 2.13 安裝 (CentOS 6.5 x64) 快速安裝程式

[研究] Snort 2.9.6.2 + Barnyard 2.13 安裝 (CentOS 6.5 x64) 快速安裝程式

2014-08-26

********************************************************************************

這幾篇是相關的 ( 3 大步驟)

[研究] snort-2.9.6.2.tar.gz (CentOS 6.5 x64) 快速安裝程式
http://shaurong.blogspot.com/2014/08/snort-2962targz-centos-65-x64.html

[研究] Snort 2.9.6.2 + Barnyard 2.13 安裝 (CentOS 6.5 x64) 快速安裝程式
http://shaurong.blogspot.com/2014/08/snort-2962-barnyard-213-centos-65-x64.html

[研究] Snort 2.9.6.1 + Barnyard + BASE 安裝 (CentOS 6.5 x64) 快速安裝程式
(待測試)

********************************************************************************

這幾篇是相關的 ( 3 大步驟)

[研究] snort-2.9.6.1.tar.gz (CentOS 6.5 x64) 快速安裝程式
http://shaurong.blogspot.tw/2014/06/snort-2961targz-centos-65-x64.html

[研究] Snort 2.9.6.1 + Barnyard 2.13 安裝 (CentOS 6.5 x64) 快速安裝程式
http://shaurong.blogspot.tw/2014/06/snort-2961-barnyard-213-centos-65-x64.html

[研究] Snort 2.9.6.1 + Barnyard 安裝 (CentOS 6.5 x64)
http://shaurong.blogspot.tw/2014/06/snort-2961-barnyard-centos-65-x64.html

[研究] Snort 2.9.6.1 + Barnyard + BASE 安裝 (CentOS 6.5 x64) 快速安裝程式
http://shaurong.blogspot.tw/2014/06/snort-2961-barnyard-base-centos-65-x64_20.html

[研究] Snort 2.9.6.1 + Barnyard + BASE 安裝 (CentOS 6.5 x64)
http://shaurong.blogspot.tw/2014/06/snort-2961-barnyard-base-centos-65-x64.html

********************************************************************************

資料庫名稱小弟用 snortdb,您可以換掉
MySQL root 密碼用 654321,您可以換掉
MySQL 帳號 barnyard2 ,您可以換掉
MySQL 帳號 barnyard2 的密碼 123456,您可以換掉

全部用 root 操作省麻煩
su  root

快速安裝程式如下
#!/bin/bash
echo -e "\033[31m"
echo -e "Program : snort2.9.6.2_barnyard2_centos6.5x64.sh "
echo -e "Barnyard 2.13 Install Shell Script (CentOS 6.5 x64 + Snort 2.9.6.2) "
echo -e "by Shau-Rong Lu 2014-08-20 "
echo -e "\033[0m"

yum  -y  install  mysql mysql-devel git libtool mysql-server  httpd  php  php-mysql php-mbstring php-mcrypt

cd /usr/local/src
git clone https://github.com/firnsy/barnyard2.git barnyard2
cd barnyard2
./autogen.sh

if [ "`uname -a | grep x86_64`" != "" ]; then
  echo "x86_64"
  ./configure --with-mysql --with-mysql-libraries=/usr/lib64/mysql
else
  echo "x86"
  ./configure --with-mysql
  exit
fi

make && make install


cp rpm/barnyard2 /etc/init.d/
chmod +x /etc/init.d/barnyard2
cp rpm/barnyard2.config /etc/sysconfig/barnyard2
chkconfig --add barnyard2

ln -s /usr/local/etc/barnyard2.conf /etc/snort/barnyard.conf
ln -s /usr/local/bin/barnyard2 /usr/bin/
mkdir -p /var/log/snort/eth0/archive/

ln -s  /usr/local/bin/snort   /usr/sbin/snort

# modify BARNYARD_OPTS=
sed -i -e "s@BARNYARD_OPTS=@#BARNYARD_OPTS=@"   /etc/init.d/barnyard2
sed -i -e "/BARNYARD_OPTS=\"-D -c \$CONF/aBARNYARD_OPTS=\"-D -c /etc/snort/barnyard.conf -d /var/log/snort -w /var/log/snort/barnyard2.waldo -l /var/log/snort -a /var/log/snort -f snort.log -X /var/lock/subsys/barnyard2-eth0.pid\""   /etc/init.d/barnyard2
cat /etc/init.d/barnyard2 | grep "BARNYARD_OPTS="

chkconfig barnyard2 reset

# modify /etc/sysconfig/barnyard2, match barnyard's and snort's setting
# remark LOG_FILE=
sed -i -e "s@LOG_FILE=@#LOG_FILE=@"   /etc/sysconfig/barnyard2
# append  LOG_FILE="snort.log"
sed -i -e "/LOG_FILE=\"snort_unified.log\"/aLOG_FILE=\"snort.log\""   /etc/sysconfig/barnyard2
# check
cat /etc/sysconfig/barnyard2 | grep "LOG_FILE="

# modify /etc/snort/snort.conf
# remark output unified2
sed -i -e "s@output unified2@#output unified2@"    /etc/snort/snort.conf
# append  output unified2: filename snort.log, limit 128
sed -i -e "/output unified2: filename merged.log, limit 128, nostamp, mpls_event_types, vlan_event_types/aoutput unified2: filename snort.log, limit 128"   /etc/snort/snort.conf
# check
cat /etc/snort/snort.conf | grep "output unified2"


# modify /etc/sysconfig/snort
cp /usr/local/src/snort-2.9.6.2/rpm/snort.sysconfig  /etc/sysconfig/snort
# remark two line
sed -i -e "s@ALERTMODE=fast@#ALERTMODE=fast@"    /etc/sysconfig/snort
sed -i -e "s@BINARY_LOG=1@#BINARY_LOG=1@"    /etc/sysconfig/snort
# check
cat /etc/sysconfig/snort | grep "ALERTMODE=fast"
cat /etc/sysconfig/snort | grep "BINARY_LOG=1"

# set MySQL root's password is 654321, you can change
service mysqld restart
/usr/bin/mysqladmin -u root password '654321'
/usr/bin/mysqladmin -u root -h localhost.localdomain password '654321'  -p654321

mysql -e "create database snortdb;" -uroot -p654321
mysql -e "grant all privileges on snortdb.* to barnyard2@localhost identified by '123456';" -uroot -p654321
mysql -e "flush privileges;" -uroot -p654321


#set barnyard2 output to  mysql
#remark
sed -i -e "s@output database@#output database@"   /etc/snort/barnyard.conf
#append
sed -i -e "/output database: log, mysql, user=root password=test dbname=db host=localhost/aoutput database: log, mysql, user=barnyard2 password=123456 dbname=snortdb host=localhost"   /etc/snort/barnyard.conf
# check
cat /etc/snort/barnyard.conf | grep "output database"


# create barnyard2's tables in snortdb
mysql snortdb -ubarnyard2 -p123456   <  /usr/local/src/barnyard2/schemas/create_mysql
#check
mysql -e "use snortdb; show tables;" -uroot -p654321

cp   /usr/local/src/snort-2.9.6.2/etc/gen-msg.map  /etc/snort/.

#Start
barnyard2 -T -c /etc/snort/barnyard.conf -d /var/log/snort -w /var/log/snort/barnyard2.waldo -l /var/log/snort -a /var/log/snort -f snort.log -X /var/lock/subsys/barnyard2-eth0.pid
if [ "$?" != "0" ]; then
  echo "Barnyard2 or Snort Setting is error !"
  exit
fi

service snortd restart
if [ "$?" != "0" ]; then
  echo "Snort ReStart Failed !"
  exit
fi
service snortd status
ps axu| grep snort

service barnyard2 restart
if [ "$?" != "0" ]; then
  echo "Barnyard2 ReStart Failed !"
  exit
fi
service barnyard2 status
ps aux | grep snort


其中 barnyard2  執行情況如下



[root@localhost barnyard2]# barnyard2 -T -c /etc/snort/barnyard.conf -d /var/log/snort -w /var/log/snort/barnyard2.waldo -l /var/log/snort -a /var/log/snort -f snort.log -X /var/lock/subsys/barnyard2-eth0.pid
Running in Test mode

        --== Initializing Barnyard2 ==--
Initializing Input Plugins!
Initializing Output Plugins!
Parsing config file "/etc/snort/barnyard.conf"


+[ Signature Suppress list ]+
----------------------------
+[No entry in Signature Suppress List]+
----------------------------
+[ Signature Suppress list ]+


Barnyard2 spooler: Event cache size set to [2048]
INFO database: Defaulting Reconnect/Transaction Error limit to 10
INFO database: Defaulting Reconnect sleep time to 5 second

[ClassificationPullDataStore()]: No Classification found in database ...
[SignaturePullDataStore()]: No signature found in database ...
[SystemPullDataStore()]: No System found in database ...
[ReferencePullDataStore()]: No Reference found in database ...
[SignatureReferencePullDataStore()]: No Reference found in database ...
database: compiled support for (mysql)
database: configured to use mysql
database: schema version = 107
database:           host = localhost
database:           user = barnyard2
database:  database name = snortdb
database:    sensor name = localhost.localdomain:NULL
database:      sensor id = 1
database:     sensor cid = 1
database:  data encoding = hex
database:   detail level = full
database:     ignore_bpf = no
database: using the "log" facility

        --== Initialization Complete ==--

  ______   -*> Barnyard2 <*-
 / ,,_  \  Version 2.1.13 (Build 327)
 |o"  )~|  By Ian Firns (SecurixLive): http://www.securixlive.com/
 + '''' +  (C) Copyright 2008-2013 Ian Firns <firnsy@securixlive.com>


Barnyard2 successfully loaded configuration file!
Barnyard2 exiting
database: Closing connection to database "snortdb"
[root@localhost barnyard2]#

[root@localhost barnyard2]# service snortd restart
Stopping Snort:                                            [  OK  ]
Starting Snort: PCAP_FRAMES -> 32768 * 4096 / 2 = 67108864 (1600)
Spawning daemon child...
My daemon child 53272 lives...
Daemon parent exiting (0)
                                                           [  OK  ]


用 ps aux | grep snort 檢查應該有兩筆,一筆是 snort 執行,一筆是 barnyard2 執行,少了就有問題。


[root@localhost src]# ps aux | grep snort
root     29164  0.2 18.2 662164 348684 ?       Ssl  23:26   0:00 /usr/local/bin/snort -D -i eth0 -c /etc/snort/snort.conf
root     29194  6.0  4.8 143656 92468 ?        Ss   23:26   0:26 barnyard2 -D -c /etc/snort/barnyard.conf -d /var/log/snort -w /var/log/snort/barnyard2.waldo -l /var/log/snort -a /var/log/snort -f snort.log -X /var/lock/subsys/barnyard2-eth0.pid
root     29333  0.0  0.0 103248   872 pts/1    S+   23:33   0:00 grep snort
[root@localhost src]#




測試

手動去
http://www.phpmyadmin.net/home_page/downloads.php
網站下載 phpMyAdmin-4.0.10-all-languages.zip 回來安裝,方便稍後檢查是否輸出到 mysql
( phpMyAdmin 4.1.x 和 4.2.x 只支援 MySQL 5.5.0 或更新,不支援 CentOS 6.5 用 yum 安裝的 5.1.x 版,只能下載 4.0.x 版用)

[root@localhost src]# yum -y install httpd 
[root@localhost src]# service httpd restart 

[root@localhost src]# cd  /usr/local/src
[root@localhost src]# unzip  phpMyAdmin-4.0.10.2-all-languages.zip -d /var/www/html

[root@localhost src]# mv  /var/www/html/phpMyAdmin-4.0.10.2-all-languages  /var/www/html/phpMyAdmin

檢查目前輸出情況


[root@localhost src]# ls -al /var/log/snort
total 36
drwx------.  5 snort snort 4096 Aug 26 23:26 .
drwxr-xr-x. 14 root  root  4096 Aug 26 23:24 ..
-rw-r--r--.  1 root  root     0 Aug 26 23:20 alert
-rw-------.  1 root  root  2056 Aug 26 23:26 barnyard2.waldo
-rw-r--r--.  1 snort snort   18 Jul 18  2013 .bash_logout
-rw-r--r--.  1 snort snort  176 Jul 18  2013 .bash_profile
-rw-r--r--.  1 snort snort  124 Jul 18  2013 .bashrc
drwxr-xr-x.  3 root  root  4096 Aug 26 23:25 eth0
drwxr-xr-x.  2 snort snort 4096 Nov 12  2010 .gnome2
drwxr-xr-x.  4 snort snort 4096 Aug 18 02:47 .mozilla
-rw-------.  1 root  root     0 Aug 26 23:26 snort.log.1409066778
[root@localhost src]#



(下圖) 用瀏覽器連上
http://192.168.128.201/phpMyAdmin
網址 (IP 是 mysql + phpMyAdmin 主機的 IP ,帳號密碼為可存取 mysql 資料庫的,例如 root 和 654321 (問你自己) 或 barnyard2 和 123456)

點選 snortdb 資料庫,看目前所有 tables 有幾 筆資料


到另一台主機,進行攻擊 (實測若 nikto.pl 和 snort 同一台,測試無攻擊效果)
Snort 那台 IP 為 192.168.128.201

[root@localhost nikto-2.1.5]# ./nikto.pl -h 192.168.128.201

回 snort 電腦檢查結果

[root@localhost src]# ls -al /var/log/snort
total 40
drwx------.  5 snort snort 4096 Aug 26 23:26 .
drwxr-xr-x. 14 root  root  4096 Aug 26 23:24 ..
-rw-r--r--.  1 root  root     0 Aug 26 23:20 alert
-rw-------.  1 root  root  2056 Aug 26 23:31 barnyard2.waldo
-rw-r--r--.  1 snort snort   18 Jul 18  2013 .bash_logout
-rw-r--r--.  1 snort snort  176 Jul 18  2013 .bash_profile
-rw-r--r--.  1 snort snort  124 Jul 18  2013 .bashrc
drwxr-xr-x.  3 root  root  4096 Aug 26 23:25 eth0
drwxr-xr-x.  2 snort snort 4096 Nov 12  2010 .gnome2
drwxr-xr-x.  4 snort snort 4096 Aug 18 02:47 .mozilla
-rw-------.  1 root  root  3572 Aug 26 23:31 snort.log.1409066778
[root@localhost src]#


應該會有一個 barnyard2.waldo 檔案存在,snort.log.xxxx 可能不只一個,在每次 snort 重新啟動都會新建立一個,只有新建立的這個 size 會變大

(下圖) 所有 tables 的資料筆數應該增加 ( 請等幾秒按 F5 更新畫面,寫入要花點時間)


alert 檔案在只安裝 snort,沒有安裝 barnyard 時候,每攻擊一次會變大一次,但是目前不會變大了

(未完待續....還有 BASE 和 ADODB)

(完)

相關文章



[研究] snort-2.9.6.1.tar.gz (CentOS 6.5 x64) 快速安裝程式

[研究] Snort 2.9.6.1 + Barnyard 2.13 安裝 (CentOS 6.5 x64) 快速安裝程式
[研究] Snort 2.9.6.1 + Barnyard 安裝 (CentOS 6.5 x64)

[研究] Snort 2.9.6.1 + Barnyard + BASE 安裝 (CentOS 6.5 x64) 快速安裝程式
[研究] Snort 2.9.6.1 + Barnyard + BASE 安裝 (CentOS 6.5 x64)

--------------

[研究] snort-2.9.5.5.tar.gz (CentOS 6.4 x64) 快速安裝程式(二)
[研究] snort-2.9.5.5.tar.gz (CentOS 6.4 x64) 快速安裝程式

[研究] Snort 2.9.5.5 + Barnyard 安裝 (CentOS 6.4 x64)

[研究] Snort 2.9.5.5 + Barnyard +BASE 安裝 (CentOS 6.4 x64)

--------------

[研究] snort-2.9.4.tar.gz (CentOS 6.3 x86) 快速安裝程式

[研究] Snort 2.9.0.5 安裝(Fedora 15 x86)

[研究] N-Stalker Web Application Security Scanner X Free Edition 網站漏洞掃描軟體使用

[研究] N-Stalker Free Edition 2012 網站漏洞掃描軟體使用教學

[研究] Snort 2.9.0.5 安裝(Fedora 15 x86)

[研究] Snort 2.9.0.3 (tar.gz)安裝(Fedora 14 x86)

[研究] Snort 2.8.5.2.tar.gz+MySQL+BASE快速安裝程式(CentOS 5.4)

[研究]Snort 2.8.5.2.tar.gz+MySQL+BASE快速安裝程式(Fedora 12 x86)

[教學] [研究] Snort 2.8.1快速安裝程式精簡版(Fedora 8 )

[研究] snort-2.9.6.2.tar.gz (CentOS 6.5 x64) 快速安裝程式

[研究] snort-2.9.6.2.tar.gz (CentOS 6.5 x64) 快速安裝程式

2014-08-26

官方網站
https://www.snort.org/

連上
http://ftp.uninett.no/linux/epel/6/x86_64/
看看 epel-release-6-8.noarch.rpm 是否存在,或更新版本為
epel-release-6-9.noarch.rpm
epel-release-6-10.noarch.rpm
...
下方的快速安裝程式的這一行或許要修改
rpm  -Uvh  http://ftp.uninett.no/linux/epel/6/x86_64/epel-release-6-8.noarch.rpm

參考
http://shaurong.blogspot.tw/2012/12/snort-294targz-centos-63-x86.html
http://manual.snort.org/
http://www.snort.org/docs
http://s3.amazonaws.com/snort-org/www/assets/202/snort2953_centos6x.pdf

snort-2.9.6.1.tar.gz 和 daq-2.0.2.tar.gz 下載網址
http://www.snort.org/

libdnet-1.11.tar.gz 下載網址
http://libdnet.sourceforge.net/

PS:後來發現這裡有 libdnet-1.12.tar.gz,官方網站搬家?
https://code.google.com/p/libdnet/downloads/list

snortrules-snapshot-2962.tar.gz 下載網址 (免費註冊,右上角點 Sign In,登入後才能下載)
http://www.snort.org/

Subscriber Release 是花錢訂閱才能下載的,跳過不看
Registered User Release 免費註冊,登入後才能下載

請自己手動下載下面檔案,放到 /usr/local/src 目錄
libdnet-1.12.tar.gz
daq-2.0.2.tar.gz
snort-2.9.6.2.tar.gz
snortrules-snapshot-2962.tar.gz

snort在版本2.9.3開始不再支援MySQL,好像可以靠 Barnyard2解決,ADOdb 和 BASE 小弟在本篇也暫不討論,有機會再說。

Database output is dead. R.I.P.
Wednesday, July 18, 2012
http://blog.snort.org/2012/07/database-output-is-dead-rip.html

Barnyard 2 官方網站
http://www.securixlive.com/

ADOdb 官方網站
http://adodb.sourceforge.net/
http://sourceforge.net/projects/adodb/files/adodb-php5-only/
(最後更新為 2014-04-30,檔案 adodb-519-for-php5 )

BASE 官方網站 (Basic Analysis and Security Engine)
http://base.secureideas.net/
http://sourceforge.net/projects/secureideas/files/BASE/
(最後更新為 v1.4.5 版 May 2010-03-05)

快速安裝程式內容(實際測試可用),請先用  su  root 切換成 root 執行


#!/bin/bash
echo -e "\033[31m"
echo -e "Program : snort2.9.6.2_centos6.5x64.sh "
echo -e "snort-2.9.6.2.tar.gz Install Shell Script (CentOS 6.5 x64) "
echo -e "by Shau-Rong Lu 2014-08-26 "
echo -e "\033[0m"

rpm -Uvh http://ftp.uninett.no/linux/epel/6/i386/epel-release-6-8.noarch.rpm
yum -y install gcc gcc-c++ flex bison zlib zlib-devel libpcap libpcap-devel pcre pcre-devel tcpdump libdnet libdnet-devel

cd  /usr/local/src

# if [ ! -s libdnet-1.12.tar.gz ]; then
#   echo "Can not find  /usr/local/src/libdnet-1.12.tar.gz"
#   wget http://downloads.sourceforge.net/project/libdnet/libdnet/libdnet-1.11/libdnet-1.11.tar.gz?r=http%3A%2F%2Flibdnet.sourceforge.net%2F&ts=1382718432&use_mirror=nchc
  # exit
# fi

if [ ! -s daq-2.0.2.tar.gz ]; then
  echo "Can not find /usr/local/src/daq-2.0.2.tar.gz"
  exit
fi

if [ ! -s snort-2.9.6.2.tar.gz]; then
  echo "Can not find /usr/local/src/snort-2.9.6.2.tar.gz"
  exit
fi

if [ ! -s snortrules-snapshot-2962.tar.gz]; then
  echo "Can not find  /usr/local/src/snortrules-snapshot-2962.tar.gz"
  exit
fi



# tar zxvf libdnet-1.11.tar.gz
tar zxvf daq-2.0.2.tar.gz
tar zxvf snort-2.9.6.2.tar.gz

# cd /usr/local/src/libdnet-1.11
# ./configure --with-pic
# make
# make install

cd /usr/local/src/daq-2.0.2
./configure
make
make install

cd /usr/local/src/snort-2.9.6.2
./configure --enable-sourcefire
make
make install

# cd /usr/local/lib
# ldconfig -v /usr/local/lib

mkdir -p /etc/snort
cd /usr/local/src
tar xzvf /usr/local/src/snortrules-snapshot-2962.tar.gz -C /etc/snort
touch /etc/snort/rules/white_list.rules /etc/snort/rules/black_list.rules

groupadd -g 40000 snort
useradd snort -d /var/log/snort -s /sbin/nologin -c SNORT_IDS -g snort
cd /etc/snort
chown -R snort:snort *
chown -R snort:snort /var/log/snort

cp /etc/snort/etc/* /etc/snort/.

sed -i -e "s@var RULE_PATH@#var RULE_PATH@"   /etc/snort/snort.conf
sed -i -e "/var RULE_PATH/avar RULE_PATH /etc/snort/rules"   /etc/snort/snort.conf
cat /etc/snort/snort.conf | grep "var RULE_PATH"

sed -i -e "s@var SO_RULE_PATH@#var SO_RULE_PATH@"   /etc/snort/snort.conf
sed -i -e "/var SO_RULE_PATH/avar SO_RULE_PATH /etc/snort/so_rules"   /etc/snort/snort.conf
cat /etc/snort/snort.conf | grep "var SO_RULE_PATH"

sed -i -e "s@var PREPROC_RULE_PATH@#var PREPROC_RULE_PATH@"   /etc/snort/snort.conf
sed -i -e "/var PREPROC_RULE_PATH/avar PREPROC_RULE_PATH /etc/snort/preproc_rules"   /etc/snort/snort.conf
cat /etc/snort/snort.conf | grep "var PREPROC_RULE_PATH"

sed -i -e "s@var WHITE_LIST_PATH@#var WHITE_LIST_PATH@"   /etc/snort/snort.conf
sed -i -e "/var WHITE_LIST_PATH/avar WHITE_LIST_PATH /etc/snort/rules"   /etc/snort/snort.conf
cat /etc/snort/snort.conf | grep "var WHITE_LIST_PATH"

sed -i -e "s@var BLACK_LIST_PATH@#var BLACK_LIST_PATH@"   /etc/snort/snort.conf
sed -i -e "/var BLACK_LIST_PATH/avar BLACK_LIST_PATH /etc/snort/rules"   /etc/snort/snort.conf
cat /etc/snort/snort.conf | grep "var BLACK_LIST_PATH"


mkdir -p /usr/local/lib/snort_dynamicrules
chown -R snort:snort /usr/local/lib/snort_dynamicrules
chmod -R 700 /usr/local/lib/snort_dynamicrules

snort -T -c /etc/snort/snort.conf
if [ "$?" != "0" ]; then
  echo "Snort Test Failed !"
  exit
fi

#cp /root/snort-2.9.6.2/rpm/snortd  /etc/init.d/.
#chmod +x /etc/init.d/snortd
#cp /root/snort-2.9.6.2/rpm/snort.sysconfig /etc/sysconfig/snort
#ln -s /usr/local/bin/snort /usr/sbin/snort

rm -fr /etc/init.d/snortd

echo '#!/bin/bash'  > /etc/init.d/snortd

echo ""  >> /etc/init.d/snortd
echo "# chkconfig: 345 99 01"  >> /etc/init.d/snortd
echo "# description: Snort startup script"  >> /etc/init.d/snortd
echo "# 345 - levels to configure"  >> /etc/init.d/snortd
echo "# 99 - startup order"  >> /etc/init.d/snortd
echo "# 01 - stop order"  >> /etc/init.d/snortd
echo "" >> /etc/init.d/snortd
echo ". /etc/rc.d/init.d/functions "  >> /etc/init.d/snortd
echo "INTERFACE=eth0" >> /etc/init.d/snortd
echo "" >> /etc/init.d/snortd
echo "case \"\$1\" in " >> /etc/init.d/snortd
echo "start)" >> /etc/init.d/snortd
echo "  echo -n \"Starting Snort: \"" >> /etc/init.d/snortd
echo "  daemon PCAP_FRAMES=max /usr/local/bin/snort -D -i \$INTERFACE -c /etc/snort/snort.conf" >> /etc/init.d/snortd
echo "  echo" >> /etc/init.d/snortd
echo "  ;;" >> /etc/init.d/snortd
echo "" >> /etc/init.d/snortd
echo "stop)" >> /etc/init.d/snortd
echo "  echo -n \"Stopping Snort: \"" >> /etc/init.d/snortd
echo "  killproc snort" >> /etc/init.d/snortd
echo "  echo" >> /etc/init.d/snortd
echo "  ;;" >> /etc/init.d/snortd
echo "" >> /etc/init.d/snortd
echo "restart)" >> /etc/init.d/snortd
echo "  \$0 stop" >> /etc/init.d/snortd
echo "  \$0 start" >> /etc/init.d/snortd
echo "  ;;" >> /etc/init.d/snortd
echo "status)" >> /etc/init.d/snortd
echo "  status snort" >> /etc/init.d/snortd
echo "  ;;" >> /etc/init.d/snortd
echo "*)" >> /etc/init.d/snortd
echo "  echo \"Usage: $0 {start|stop|restart|status}\"" >> /etc/init.d/snortd
echo "  exit 1" >> /etc/init.d/snortd
echo "  esac" >> /etc/init.d/snortd
echo "  exit 0" >> /etc/init.d/snortd

chmod +x /etc/init.d/snortd
chkconfig  --add  snortd
chkconfig  snortd on
service  snortd  start

echo "You can service httpd restart, then use N-Stalker Free Edition (http://nstalker.com/products/free/download-free-edition) on MS-Windows to attack WebSite "
echo ""
echo "or Nikto (http://www.cirt.net/nikto2) on another Linux to attack WebSite"
echo "  wget http://www.cirt.net/nikto/nikto-current.tar.gz"
echo "  tar zxvf nikto-current.tar.gz"
echo "  cd nikto-*"
echo "  chmod +x nikto.pl"
echo "  ./nikto.pl -h xxx.xxx.xxx.xxx"


看到下面訊息,表示快速安裝程式成功


        --== Initialization Complete ==--

   ,,_     -*> Snort! <*-
  o"  )~   Version 2.9.6.2 GRE (Build 77)
   ''''    By Martin Roesch & The Snort Team: http://www.snort.org/snort/snort-team
           Copyright (C) 2014 Cisco and/or its affiliates. All rights reserved.
           Copyright (C) 1998-2013 Sourcefire, Inc., et al.
           Using libpcap version 1.4.0
           Using PCRE version: 7.8 2008-09-05
           Using ZLIB version: 1.2.3

           Rules Engine: SF_SNORT_DETECTION_ENGINE  Version 2.1  <Build 1>
           Preprocessor Object: SF_SDF  Version 1.1  <Build 1>
           Preprocessor Object: SF_DNP3  Version 1.1  <Build 1>
           Preprocessor Object: SF_SSLPP  Version 1.1  <Build 4>
           Preprocessor Object: SF_SIP  Version 1.1  <Build 1>
           Preprocessor Object: SF_SSH  Version 1.1  <Build 3>
           Preprocessor Object: SF_DCERPC2  Version 1.0  <Build 3>
           Preprocessor Object: SF_POP  Version 1.0  <Build 1>
           Preprocessor Object: SF_SMTP  Version 1.1  <Build 9>
           Preprocessor Object: SF_IMAP  Version 1.0  <Build 1>
           Preprocessor Object: SF_FTPTELNET  Version 1.2  <Build 13>
           Preprocessor Object: SF_GTP  Version 1.1  <Build 1>
           Preprocessor Object: SF_MODBUS  Version 1.1  <Build 1>
           Preprocessor Object: SF_DNS  Version 1.1  <Build 4>
           Preprocessor Object: SF_REPUTATION  Version 1.1  <Build 1>

Snort successfully validated the configuration!
Snort exiting
Starting Snort: PCAP_FRAMES -> 32768 * 4096 / 2 = 67108864 (1600)
Spawning daemon child...
My daemon child 26660 lives...
Daemon parent exiting (0)
                                                           [  OK  ]
You can service httpd restart, then use N-Stalker Free Edition (http://nstalker.com/products/free/download-free-edition) on MS-Windows to attack WebSite

or Nikto (http://www.cirt.net/nikto2) on another Linux to attack WebSite
  wget http://www.cirt.net/nikto/nikto-current.tar.gz
  tar zxvf nikto-current.tar.gz
  cd nikto-*
  chmod +x nikto.pl
  ./nikto.pl -h xxx.xxx.xxx.xxx
[root@localhost ~]#



測試


[root@localhost ~]# service  snortd  start
Starting Snort: PCAP_FRAMES -> 32768 * 4096 / 2 = 67108864 (1600)
Spawning daemon child...
My daemon child 47656 lives...
Daemon parent exiting (0)
                                                           [  OK  ]
[root@localhost ~]# service  snortd  status
snort (pid 26660) is running...
[root@localhost ~]# ps aux | grep snort
root     26660  0.0 17.7 662132 339188 ?       Ssl  20:08   0:00 /usr/local/bin/snort -D -i eth0 -c /etc/snort/snort.conf
root     47669  0.0  0.0 103252   832 pts/1    S+   20:11   0:00 grep snort
[root@localhost ~]#


準備當被攻擊主機

[root@localhost snort]# service httpd restart
Stopping httpd:                                            [FAILED]
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain for ServerName
                                                           [  OK  ]
[root@localhost snort]#

                                                           [  OK  ]

防火牆暫時關閉


[root@localhost ~]# service iptables stop
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Unloading modules:                               [  OK  ]
[root@localhost ~]#


先看一下 snort 目前 log,其中 alert 為 0 byte


[root@localhost ~]#  ls -al /var/log/snort
total 28
drwx------.  4 snort snort 4096 Aug 26 20:08 .
drwxr-xr-x. 14 root  root  4096 Aug 26 20:08 ..
-rw-r--r--.  1 root  root     0 Aug 26 20:08 alert
-rw-r--r--.  1 snort snort   18 Jul 18  2013 .bash_logout
-rw-r--r--.  1 snort snort  176 Jul 18  2013 .bash_profile
-rw-r--r--.  1 snort snort  124 Jul 18  2013 .bashrc
drwxr-xr-x.  2 snort snort 4096 Nov 12  2010 .gnome2
drwxr-xr-x.  4 snort snort 4096 Aug 18 02:47 .mozilla
-rw-------.  1 root  root     0 Aug 26 20:08 snort.log.1409054919
[root@localhost ~]#


另外找一台主機來攻擊 ( nikto 好像無法對自己攻擊,所以必須另外找一台)
192.168.128.101 是安裝 snort 主機
192.168.128.201 是安裝 nikto 主機


[root@localhost ~]# wget http://www.cirt.net/nikto/nikto-current.tar.gz
[root@localhost ~]# tar zxvf nikto-current.tar.gz
[root@localhost ~]# cd nikto-*
[root@localhost nikto-2.1.5]# chmod +x nikto.pl
[root@localhost nikto-2.1.5]# ./nikto.pl -h 192.168.128.201
- ***** SSL support not available (see docs for SSL install) *****
- Nikto v2.1.5
---------------------------------------------------------------------------
+ Target IP:          192.168.128.201
+ Target Hostname:    192.168.128.201
+ Target Port:        80
+ Start Time:         2014-08-26 20:14:35 (GMT8)
---------------------------------------------------------------------------
+ Server: Apache/2.2.15 (CentOS)
+ The anti-clickjacking X-Frame-Options header is not present.
+ Apache/2.2.15 appears to be outdated (current is at least Apache/2.2.22). Apache 1.3.42 (final release) and 2.0.64 are also current.
+ Allowed HTTP Methods: GET, HEAD, POST, OPTIONS, TRACE
+ OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
+ OSVDB-3268: /icons/: Directory indexing found.
+ Server leaks inodes via ETags, header found with file /icons/README, inode: 1714765, size: 5108, mtime: 0x438c0358aae80
+ OSVDB-3233: /icons/README: Apache default file found.
+ 6544 items checked: 0 error(s) and 7 item(s) reported on remote host
+ End Time:           2014-08-26 20:14:42 (GMT8) (7 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
[root@localhost nikto-2.1.5]#



回到原來安裝 snort 主機,可以看到 alert 檔案從 0 byte 變成不是 0 bytes,表示 snort 有正常運作


[root@localhost ~]#  ls -al /var/log/snort
total 40
drwx------.  4 snort snort 4096 Aug 26 20:08 .
drwxr-xr-x. 14 root  root  4096 Aug 26 20:08 ..
-rw-r--r--.  1 root  root  4338 Aug 26 20:14 alert
-rw-r--r--.  1 snort snort   18 Jul 18  2013 .bash_logout
-rw-r--r--.  1 snort snort  176 Jul 18  2013 .bash_profile
-rw-r--r--.  1 snort snort  124 Jul 18  2013 .bashrc
drwxr-xr-x.  2 snort snort 4096 Nov 12  2010 .gnome2
drwxr-xr-x.  4 snort snort 4096 Aug 18 02:47 .mozilla
-rw-------.  1 root  root  2876 Aug 26 20:14 snort.log.1409054919
[root@localhost ~]#


測試成功。

(完)

[研究] snort-2.9.6.2.tar.gz (CentOS 6.5 x64) 快速安裝程式
http://shaurong.blogspot.com/2014/08/snort-2962targz-centos-65-x64.html

2014年8月25日 星期一

[研究] hadoop-2.5.0-src.tar.gz 快速編譯安裝程式(CentOS 7.0 x86_64)

[研究] hadoop-2.5.0-src.tar.gz 快速編譯安裝程式(CentOS 7.0 x86_64)

2014-08-25

下載
http://www.apache.org/dyn/closer.cgi/hadoop/common/
http://apache.stu.edu.tw/hadoop/common/hadoop-2.5.0/hadoop-2.5.0.tar.gz

程式內容如下

#!/bin/bash

echo -e "\033[31m"
echo -e "Program : Hadoop-2.5.0_CentOS-7.0-x86_64-Compile.sh "
echo -e "Hadoop 2.5.0 Compile Shell Script (CentOS 7.0 x86_64) "
echo -e "by Shau-Rong Lu 2014-08-25 "
echo -e "\033[0m"

cd /usr/local/src
#yum -y groupinstall  "Development tools"
yum -y install gcc  gcc-c++  svn  cmake git zlib zlib-devel openssl openssl-devel rsync java-1.7.0-openjdk.x86_64 java-1.7.0-openjdk-devel.x86_64  make  wget

# echo "********** Install OpenJDK **********"

yum -y install  java
# or
#yum -y install java-1.7.0-openjdk

yum -y install  java-1.7.0-openjdk-devel

#export JAVA_HOME=/usr
#echo 'export JAVA_HOME=/usr' >> /etc/profile
#echo 'export JAVA_HOME=/usr/lib/jvm/java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el7_0.x86_64' >> /etc/profile
echo 'export JAVA_HOME=/usr/lib/jvm/java' >> /etc/profile
echo 'export PATH=$PATH:$JAVA_HOME/bin' >> /etc/profile
echo 'export CLASSPATH=$JAVA_HOME/jre/lib/ext:$JAVA_HOME/lib/tools.jar' >> /etc/profile

source /etc/profile
java -version
#export | grep JAVA
#export | grep jdk

echo "********** Install Apache Maven 3.0.5 (yum) **********"

yum -y install maven

# mvn -version

echo "********** Install FindBugs 3.0.0 **********"

cd  /usr/local/src
if [ ! -s findbugs-3.0.0.tar.gz ]; then
  wget  http://jaist.dl.sourceforge.net/project/findbugs/findbugs/3.0.0/findbugs-3.0.0.tar.gz
fi
tar zxvf findbugs-3.0.0.tar.gz -C /usr/local/
ln -s /usr/local/findbugs-3.0.0/bin/findbugs  /usr/bin/findbugs
echo 'export FINDBUGS_HOME=/usr/local/findbugs-3.0.0' >> /etc/profile
echo 'export PATH=$PATH:$FINDBUGS_HOME/bin' >> /etc/profile
source /etc/profile

#export | grep FINDBUGS_HOME
#export | grep PATH
#read -n 1 -p "Press Enter to continue..."

echo "********** Install Protoc 2.5.0 **********"
# https://code.google.com/p/protobuf/
# https://code.google.com/p/protobuf/downloads/list

cd  /usr/local/src
if [ ! -s protobuf-2.5.0.tar.gz ]; then
  wget https://protobuf.googlecode.com/files/protobuf-2.5.0.tar.gz
fi
tar zxvf protobuf-2.5.0.tar.gz -C /usr/local/src
cd /usr/local/src/protobuf-2.5.0
./configure
make
make install
ln -s /usr/local/bin/protoc /usr/bin/protoc
echo 'export PROTO_HOME=/usr/local/' >> /etc/profile
echo 'export PATH=$PATH:$PROTO_HOME/bin' >> /etc/profile
source /etc/profile
#read -n 1 -p "Press Enter to continue..."

echo "********** Compile Hadoop **********"

cd  /usr/local/src
if [ ! -s hhadoop-2.5.0-src.tar.gz ]; then
  wget  http://ftp.tc.edu.tw/pub/Apache/hadoop/common/hadoop-2.5.0/hadoop-2.5.0-src.tar.gz
fi
tar zxvf hadoop-2.5.0-src.tar.gz -C /usr/local/src
cd  /usr/local/src/hadoop-2.5.0-src/

#mvn clean
mvn package -Pdist,native -DskipTests -Dtar
#read -n 1 -p "Press Enter to continue..."


執行結果

[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Apache Hadoop Main ................................ SUCCESS [1:22.827s]
[INFO] Apache Hadoop Project POM ......................... SUCCESS [31.451s]
[INFO] Apache Hadoop Annotations ......................... SUCCESS [1:08.120s]
[INFO] Apache Hadoop Assemblies .......................... SUCCESS [0.361s]
[INFO] Apache Hadoop Project Dist POM .................... SUCCESS [20.008s]
[INFO] Apache Hadoop Maven Plugins ....................... SUCCESS [27.762s]
[INFO] Apache Hadoop MiniKDC ............................. SUCCESS [5:35.471s]
[INFO] Apache Hadoop Auth ................................ SUCCESS [3:40.768s]
[INFO] Apache Hadoop Auth Examples ....................... SUCCESS [7.497s]
[INFO] Apache Hadoop Common .............................. SUCCESS [8:56.929s]
[INFO] Apache Hadoop NFS ................................. SUCCESS [7.474s]
[INFO] Apache Hadoop Common Project ...................... SUCCESS [0.036s]
[INFO] Apache Hadoop HDFS ................................ SUCCESS [4:39.195s]
[INFO] Apache Hadoop HttpFS .............................. SUCCESS [49.129s]
[INFO] Apache Hadoop HDFS BookKeeper Journal ............. SUCCESS [2:41.863s]
[INFO] Apache Hadoop HDFS-NFS ............................ SUCCESS [4.417s]
[INFO] Apache Hadoop HDFS Project ........................ SUCCESS [0.025s]
[INFO] hadoop-yarn ....................................... SUCCESS [0.082s]
[INFO] hadoop-yarn-api ................................... SUCCESS [56.352s]
[INFO] hadoop-yarn-common ................................ SUCCESS [2:13.086s]
[INFO] hadoop-yarn-server ................................ SUCCESS [0.033s]
[INFO] hadoop-yarn-server-common ......................... SUCCESS [18.730s]
[INFO] hadoop-yarn-server-nodemanager .................... SUCCESS [1:07.616s]
[INFO] hadoop-yarn-server-web-proxy ...................... SUCCESS [3.369s]
[INFO] hadoop-yarn-server-applicationhistoryservice ...... SUCCESS [8.325s]
[INFO] hadoop-yarn-server-resourcemanager ................ SUCCESS [15.645s]
[INFO] hadoop-yarn-server-tests .......................... SUCCESS [1.039s]
[INFO] hadoop-yarn-client ................................ SUCCESS [7.058s]
[INFO] hadoop-yarn-applications .......................... SUCCESS [0.035s]
[INFO] hadoop-yarn-applications-distributedshell ......... SUCCESS [2.694s]
[INFO] hadoop-yarn-applications-unmanaged-am-launcher .... SUCCESS [1.824s]
[INFO] hadoop-yarn-site .................................. SUCCESS [0.041s]
[INFO] hadoop-yarn-project ............................... SUCCESS [5.085s]
[INFO] hadoop-mapreduce-client ........................... SUCCESS [0.059s]
[INFO] hadoop-mapreduce-client-core ...................... SUCCESS [22.787s]
[INFO] hadoop-mapreduce-client-common .................... SUCCESS [20.851s]
[INFO] hadoop-mapreduce-client-shuffle ................... SUCCESS [4.765s]
[INFO] hadoop-mapreduce-client-app ....................... SUCCESS [11.581s]
[INFO] hadoop-mapreduce-client-hs ........................ SUCCESS [9.319s]
[INFO] hadoop-mapreduce-client-jobclient ................. SUCCESS [12.257s]
[INFO] hadoop-mapreduce-client-hs-plugins ................ SUCCESS [1.750s]
[INFO] Apache Hadoop MapReduce Examples .................. SUCCESS [6.832s]
[INFO] hadoop-mapreduce .................................. SUCCESS [5.110s]
[INFO] Apache Hadoop MapReduce Streaming ................. SUCCESS [13.689s]
[INFO] Apache Hadoop Distributed Copy .................... SUCCESS [18.718s]
[INFO] Apache Hadoop Archives ............................ SUCCESS [1.928s]
[INFO] Apache Hadoop Rumen ............................... SUCCESS [8.149s]
[INFO] Apache Hadoop Gridmix ............................. SUCCESS [5.195s]
[INFO] Apache Hadoop Data Join ........................... SUCCESS [3.349s]
[INFO] Apache Hadoop Extras .............................. SUCCESS [3.349s]
[INFO] Apache Hadoop Pipes ............................... SUCCESS [11.121s]
[INFO] Apache Hadoop OpenStack support ................... SUCCESS [6.424s]
[INFO] Apache Hadoop Client .............................. SUCCESS [9.014s]
[INFO] Apache Hadoop Mini-Cluster ........................ SUCCESS [0.103s]
[INFO] Apache Hadoop Scheduler Load Simulator ............ SUCCESS [1:00.964s]
[INFO] Apache Hadoop Tools Dist .......................... SUCCESS [5.597s]
[INFO] Apache Hadoop Tools ............................... SUCCESS [0.029s]
[INFO] Apache Hadoop Distribution ........................ SUCCESS [38.967s]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 41:13.828s
[INFO] Finished at: Mon Aug 25 17:14:14 CST 2014
[INFO] Final Memory: 152M/480M
[INFO] ------------------------------------------------------------------------
[root@localhost hadoop-2.5.0-src]#

(完)

相關

[研究] hadoop-2.5.0-src.tar.gz 快速編譯安裝程式(CentOS 7.0 x86_64)
http://shaurong.blogspot.com/2014/08/hadoop-250-srctargz-centos-70-x8664.html
http://forum.icst.org.tw/phpbb/viewtopic.php?f=26&t=81015
http://download.ithome.com.tw/article/index/id/2722

[研究] Hadoop 2.5.0 安裝 (CentOS 7.0 x86_64)
http://shaurong.blogspot.com/2014/08/hadoop-250-centos-70-x8664.html
http://forum.icst.org.tw/phpbb/viewtopic.php?f=26&t=81014
http://download.ithome.com.tw/article/index/id/2721

[研究] Hadoop 2.4.1 安裝 (CentOS 7.0 x86_64)
http://shaurong.blogspot.com/2014/08/hadoop-241-centos-70-x8664.html

[研究] hadoop-2.4.1-src.tar.gz 快速編譯安裝程式(CentOS 7.0 x86_64)
http://shaurong.blogspot.com/2014/08/hadoop-241-srctargz-centos-70-x8664.html
http://download.ithome.com.tw/article/index/id/2375

[研究] hadoop-2.2.0-src.tar.gz 快速編譯安裝程式(二)(CentOS 6.5 x86_64)
http://shaurong.blogspot.com/2014/02/hadoop-220-srctargz-centos-65-x8664_8080.html

[研究] hadoop-2.2.0-src.tar.gz 快速編譯安裝程式(CentOS 6.5 x86_64)
http://shaurong.blogspot.com/2014/02/hadoop-220-srctargz-centos-65-x8664_7.html

[研究] hadoop-2.2.0-src.tar.gz 編譯研究(CentOS 6.5 x86_64)
http://shaurong.blogspot.com/2014/02/hadoop-220-srctargz-centos-65-x8664.html

[研究] Hadoop 2.2.0 編譯 (CentOS 6.4 x64)
http://shaurong.blogspot.tw/2013/11/hadoop-220-centos-64-x64.html

[研究] Hadoop 2.2.0 Single Cluster 安裝 (二)(CentOS 6.4 x64)
http://shaurong.blogspot.tw/2013/11/hadoop-220-single-cluster-centos-64-x64_7.html

[研究] Hadoop 2.2.0 Single Cluster 安裝 (一)(CentOS 6.4 x64)
http://shaurong.blogspot.tw/2013/11/hadoop-220-single-cluster-centos-64-x64.html

[研究] Hadoop 1.2.1 (rpm)安裝 (CentOS 6.4 x64)
http://shaurong.blogspot.tw/2013/10/hadoop-121-rpm-centos-64-x64.html

[研究] Hadoop 1.2.1 (bin)安裝 (CentOS 6.4 x64)
http://shaurong.blogspot.tw/2013/07/hadoop-112-centos-64-x64.html

[研究] Hadoop 1.2.1 安裝 (CentOS 6.4 x64)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=80035

[研究] 雲端軟體 Hadoop 1.0.0 安裝 (CentOS 6.2 x86)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=21166

[研究] 雲端軟體 Hadoop 0.20.2 安裝 (CentOS 5.5 x86)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=18513

[研究] 雲端軟體 Hadoop 0.20.2 安裝 (CentOS 5.4 x86)



[研究] Hadoop 2.5.0 安裝 (CentOS 7.0 x86_64)

[研究] Hadoop 2.5.0 安裝 (CentOS 7.0 x86_64)

2014-08-25

The Apache Hadoop project develops open-source software for reliable, scalable, distributed computing.
它參考Google Filesystem,以Java開發,提供HDFS與MapReduce API。

官方網站
http://hadoop.apache.org/

安裝參考
http://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-common/SingleNodeSetup.html
http://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-common/SingleCluster.html

下載
http://www.apache.org/dyn/closer.cgi/hadoop/common/

安裝

# 為了省事,避免意外的情況,關閉 SELinux (Security Linux ) 和 iptables

# 立刻關閉 SELinux
setenforce 0 

# 設定 reboot 後自動關閉 SELinux
#vi  /etc/selinux/config
#找到
#SELINUX=
#設為
#SELINUX=disabled  

sed -i -e "s@SELINUX=enforcing@#SELINUX=enforcing@"   /etc/selinux/config
sed -i -e "s@SELINUX=permissive@#SELINUX=permissive@"   /etc/selinux/config
sed -i -e "/SELINUX=/aSELINUX=disabled"   /etc/selinux/config


# 立刻停掉 iptables
#service iptables stop  
#service ip6tables stop 
systemctl   stop  firewalld 

# 設定 reboot 後自動關閉 iptable
#chkconfig iptables off  
#chkconfig ip6tables off  
systemctl   disable  firewalld 
systemctl status  firewalld

yum -y install  java
# or
#yum -y install java-1.7.0-openjdk

yum -y install  java-1.7.0-openjdk-devel   

echo 'export JAVA_HOME=/usr/lib/jvm/java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el7_0.x86_64' >> /etc/profile

source /etc/profile

cd /usr/local
wget http://apache.cdpa.nsysu.edu.tw/hadoop/common/hadoop-2.5.0/hadoop-2.5.0.tar.gz
tar zxvf hadoop-2.5.0.tar.gz

echo 'export HADOOP_HOME=/usr/local/hadoop-2.5.0' >> /etc/profile
echo 'export PATH=$PATH:$HADOOP_HOME/bin' >> /etc/profile
echo 'export PATH=$PATH:$HADOOP_HOME/sbin' >> /etc/profile
source /etc/profile

檢視現況

[root@localhost local]# hadoop version
Hadoop 2.5.0
Subversion http://svn.apache.org/repos/asf/hadoop/common -r 1616291
Compiled by jenkins on 2014-08-06T17:31Z
Compiled with protoc 2.5.0
From source with checksum 423dcd5a752eddd8e45ead6fd5ff9a24
This command was run using /usr/local/hadoop-2.5.0/share/hadoop/common/hadoop-common-2.5.0.jar
[root@localhost local]#


[root@localhost local]# hadoop

Usage: hadoop [--config confdir] COMMAND
       where COMMAND is one of:
  fs                   run a generic filesystem user client
  version              print the version
  jar <jar>            run a jar file
  checknative [-a|-h]  check native hadoop and compression libraries availability
  distcp <srcurl> <desturl> copy file or directories recursively
  archive -archiveName NAME -p <parent path> <src>* <dest> create a hadoop archive
  classpath            prints the class path needed to get the
                       Hadoop jar and the required libraries
  daemonlog            get/set the log level for each daemon
 or
  CLASSNAME            run the class named CLASSNAME

Most commands print help when invoked w/o parameters.
[root@localhost ~]#

(完)

相關

[研究] Hadoop 2.5.0 安裝 (CentOS 7.0 x86_64)
http://shaurong.blogspot.com/2014/08/hadoop-250-centos-70-x8664.html
http://forum.icst.org.tw/phpbb/viewtopic.php?f=26&t=81014
http://download.ithome.com.tw/article/index/id/2721

[研究] Hadoop 2.4.1 安裝 (CentOS 7.0 x86_64)
http://shaurong.blogspot.com/2014/08/hadoop-241-centos-70-x8664.html

[研究] hadoop-2.4.1-src.tar.gz 快速編譯安裝程式(CentOS 7.0 x86_64)
http://shaurong.blogspot.com/2014/08/hadoop-241-srctargz-centos-70-x8664.html
http://download.ithome.com.tw/article/index/id/2375

[研究] hadoop-2.2.0-src.tar.gz 快速編譯安裝程式(二)(CentOS 6.5 x86_64)
http://shaurong.blogspot.com/2014/02/hadoop-220-srctargz-centos-65-x8664_8080.html

[研究] hadoop-2.2.0-src.tar.gz 快速編譯安裝程式(CentOS 6.5 x86_64)
http://shaurong.blogspot.com/2014/02/hadoop-220-srctargz-centos-65-x8664_7.html

[研究] hadoop-2.2.0-src.tar.gz 編譯研究(CentOS 6.5 x86_64)
http://shaurong.blogspot.com/2014/02/hadoop-220-srctargz-centos-65-x8664.html

[研究] Hadoop 2.2.0 編譯 (CentOS 6.4 x64)
http://shaurong.blogspot.tw/2013/11/hadoop-220-centos-64-x64.html

[研究] Hadoop 2.2.0 Single Cluster 安裝 (二)(CentOS 6.4 x64)
http://shaurong.blogspot.tw/2013/11/hadoop-220-single-cluster-centos-64-x64_7.html

[研究] Hadoop 2.2.0 Single Cluster 安裝 (一)(CentOS 6.4 x64)
http://shaurong.blogspot.tw/2013/11/hadoop-220-single-cluster-centos-64-x64.html

[研究] Hadoop 1.2.1 (rpm)安裝 (CentOS 6.4 x64)
http://shaurong.blogspot.tw/2013/10/hadoop-121-rpm-centos-64-x64.html

[研究] Hadoop 1.2.1 (bin)安裝 (CentOS 6.4 x64)
http://shaurong.blogspot.tw/2013/07/hadoop-112-centos-64-x64.html

[研究] Hadoop 1.2.1 安裝 (CentOS 6.4 x64)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=80035

[研究] 雲端軟體 Hadoop 1.0.0 安裝 (CentOS 6.2 x86)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=21166

[研究] 雲端軟體 Hadoop 0.20.2 安裝 (CentOS 5.5 x86)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=18513

[研究] 雲端軟體 Hadoop 0.20.2 安裝 (CentOS 5.4 x86)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=17974

[研究] Microsoft Web Application Configuration Analyzer (WACA) v2.0

[研究] Microsoft Web Application Configuration Analyzer (WACA) v2.0

2014-08-25

下載
http://www.microsoft.com/en-us/download/details.aspx?id=573
釋出日期:5/16/2011
檔案名稱:WACAV20.msi

Web Application Configuration Analyzer (WACA) analyzes server configuration for security best practices related to General Windows, IIS , ASP.NET and SQL Server settings.










(完)

[研究] Microsoft Security Compliance Manager v3.0.60

[研究] Microsoft Security Compliance Manager v3.0.60

2014-08-25

檔案名稱:Security_Compliance_Manager_Setup.exe
釋出日期:1/30/2013
http://www.microsoft.com/en-us/download/details.aspx?id=16776

This Solution Accelerator provides centralized security baseline management features, a baseline portfolio, customization capabilities, and security baseline export flexibility to accelerate your organization’s ability to efficiently manage the security and compliance process for the most widely used Microsoft technologies.











(完)

[研究] Attack Surface Analyzer v1.0.0.0 簡易安裝與使用

[研究] Attack Surface Analyzer v1.0.0.0 簡易安裝與使用

2014-08-25

下載
http://www.microsoft.com/en-us/download/details.aspx?id=24487
檔案名稱 (8/2/2012) :
Attack_Surface_Analyzer_x64.msi
Attack_Surface_Analyzer_ReadMe.docx
Attack_Surface_Analyzer_x86.msi

Attack Surface Analyzer is developed by the Trustworthy Computing Security group. It is the same tool used by Microsoft's internal product groups to catalogue changes made to operating system attack surface by the installation of new software.

Attack Surface Analyzer takes a snapshot of your system state before and after the installation of product(s) and displays the changes to a number of key elements of the Windows attack surface.

This allows:
- Developers to view changes in the attack surface resulting from the introduction of their code on to the Windows platform
- IT Professionals to assess the aggregate Attack Surface change by the installation of an organization's line of business applications
- IT Security Auditors evaluate the risk of a particular piece of software installed on the Windows platform during threat risk reviews
- IT Security Incident Responders to gain a better understanding of the state of a systems security during investigations (if a baseline scan was taken of the system during the deployment phase)



















(完)

相關

Attack Surface Analyzer
http://en.wikipedia.org/wiki/Attack_Surface_Analyzer

[研究] Windows Azure Pack

[研究] Windows Azure Pack

2014-08-25

Windows Azure Pack 是免費提供給 Microsoft 客戶的 Microsoft Azure 技術集合。一旦安裝在您的資料中心內之後,Windows Azure Pack 就會與 System Center 和 Windows Server 整合,協助提供用於管理網站、虛擬機器和 Service Bus 等服務的自助入口網站、讓系統管理員管理資源雲端的入口網站、可擴充的虛擬主機,以及其他功能。

官方網站
http://www.microsoft.com/zh-tw/server-cloud/products/windows-azure-pack/default.aspx?nv1if4=1

安裝 (它需要 SQL Server )









































(完)