Home
- Details
1. Datenbank starten
"C:\Program Files\MongoDB 2.6 Standard\bin\mongod.exe" --dbpath=D:\data\db --logpath=D:\data\mongo.log
--dbpath - Path to the database
--logpath - Path to the log file (optional)
- Details
# Path to jmeter
jmeter=/home/apache-jmeter-2.10/bin/jmeter.sh
# Path to the test skript
skripts=/home/test
# host of the server under test (user variable, optional)
host=localhost
# Path to result file of the test case
result=/home/test/testresults.jtl
# Path to the log files of jmeter
logs=/home/dhl/test
${jmeter} -n -t ${skripts}/Testplan.jmx -Jhost=${host} -l ${result} -j ${logs}/test.log
- Details
Login to Hub
docker login
Show version
docker version
Search an image or repository
docker search <image>
Download a repository
docker pull <username>/<repository>
Run repository
docker run <username>/<repository>
Example:
docker run -d -t -i -p 80:80 ubuntu:14.04 /bin/bash
(the image will be pulled, if it doesn`t exist localy)
-d - run the container in the background
-p - required network ports inside our container to our host
docker run <username>/<repository> apt-get install -y wget (install a simple utility. use -y for noninteractive mode installation.)
docker run <username>/<newrepository> ping <IP_for_ping>
Go to the running container
sudo docker attach <CONTAINER_ID>
Show all local containers
docker ps -l
Show container details
docker inspect <CONTAINER_ID>
Save container changes
docker commit <CONTAINER_ID > <username>/<new_image>
Push your container to the repository
docker push <username>/< new_image>
- Details
1. Download a Puttygen-Client
2. Create and save Public Key by the puttygen-client
3. Generate and save a Private-Key (this file is very important and shouldn`t be lost)
4. Create a user on the server, who will use this key
5. Login with created user to the system and execute follow commands:
mkdir .ssh
chmod 700 .ssh
cd .ssh
6. Open the file 'authorized_keys' and put the generated public key string:
ssh-rsa <string_aus_public_key>
7. Change the data access privileges:
chmod 600 authorized_keys
8. Restart SSH-Service
/etc/init.d/ssh restart
9. Test the key login functionality
10. If the test was successful, then login as root and edit the /etc/ssh/sshd_config file:
# line 50: uncomment and change to 'no'
PasswordAuthentication no
11. Restart SSH service. The login without a key after executing of this command is not possible anymore:
/etc/init.d/ssh restart
More informations:
- Details
Die oben erwähnte Anfrage ist ein Fingerprint von DFind. Eine Software (Haacktool.DFind), die Schwachstellen von Webservern ausfindig macht. Von der Firma Symantec wurde die Software als Hacker-Tool eingestuft, denn der Vulnerability Scanner (Portscanner) sucht nach offenen Server-Ports und auch nach Diensten. Die Software selbst nutzt scheinbar noch keine Schwachstelle aus, dafür liefert es einen Report über die gefundenen Anwendungen und sofern ermittelbar, ihre Versionsnummer und mögliche Schwachstellen an den Hacker.
Mögliche HTTP/1.1 Anfragen mit Fingerprints:
/w00tw00t.at.ISC.SANS.DFind
/w00tw00t.at.ISC.SANS.MSlog
/w00tw00t.at.ISC.SANS.test0
Lösung mit iptables:
Hiermit blocken wir die w00tw00t-Anfragen für den Port 80 (HTTP) und 443 (SSL) auf TCP-Basis. Eingetragen werden können die Regeln in der “/etc/rc.local”-Datei oder in eurer “/etc/iptables.rules”-Datei.
# drop w00tw00t attacks
iptables -I INPUT -p tcp --dport 80 -m string --to 60 --algo bm --string 'GET /w00tw00t' -j DROP
iptables -I INPUT -p tcp --dport 443 -m string --to 60 --algo bm --string 'GET /w00tw00t' -j DROP
Wobei:
-p (or --protocol)
-m (or --match)
--algo {bm|kmp}
Select the pattern matching strategy. (bm = Boyer-Moore, kmp = Knuth-Pratt-Morris)
--to offset
Set the offset from which it starts looking for any matching. If not passed, default is the packet size.
[!] --string pattern
Matches the given pattern.
Mehr Infos unter:
http://blog.joergboesche.de/apache2-w00tw00t-at-isc-sans-dfind-server-portscan
http://ipset.netfilter.org/iptables.man.html
Seite 8 von 10