2006隨手札記

System Performance and Security *即時監看log #tail -f /var/log/[logfile] *查看網路狀態 ＃netstat -tupln -n : do not resolve IP address to host name -t : list TCP connections -u : list UDP connections -p : show PID and name of the program -l : listening sockets -a : --all (non-listening sockets) *檢查 Ports #nmap -sS -sU -sR -P0 -A -v stationX -sS : SYN(chronous) scan -sU: UDP scan -sR: RPC/pormap scan -P0: ping system before scanning -A : sytem and service version detection -v : verbose [root@server1 ~]# nmap -sS -sU -P0 -sR -A -v localhost Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2009-08-03 00:08 CST Initiating SYN Stealth Scan against localhost.localdomain (127.0.0.1) [1680 ports] at 00:08 Discovered open port 53/tcp on 127.0.0.1 ---略--- Discovered open port 995/tcp on 127.0.0.1 The SYN Stealth Scan took 0.32s to scan 1680 total ports. Initiating UDP Scan against localhost.localdomain (127.0.0.1) [1487 ports] at 00:08 The UDP Scan took 1.46s to scan 1487 total ports. Initiating service scan against 27 services on localhost.localdomain (127.0.0.1) at 00:08 Discovered open port 53/udp on 127.0.0.1 ---略--- Discovered open|filtered port 32772/udp on localhost.localdomain (127.0.0.1) is actually open The service scan took 76.07s to scan 27 services on 1 host. Initiating RPCGrind Scan against localhost.localdomain (127.0.0.1) at 00:09 The RPCGrind Scan took 0.04s to scan 6 ports on localhost.localdomain (127.0.0.1). For OSScan assuming port 21 is open, 1 is closed, and neither are firewalled For OSScan assuming port 21 is open, 1 is closed, and neither are firewalled For OSScan assuming port 21 is open, 1 is closed, and neither are firewalled Host localhost.localdomain (127.0.0.1) appears to be up ... good. Interesting ports on localhost.localdomain (127.0.0.1): Not shown: 3140 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 2.0.5 22/tcp open ssh OpenSSH 4.3 (protocol 2.0) 25/tcp open smtp Sendmail 8.13.8/8.13.8 53/tcp open domain ISC Bind 4.X ---略--- * 檢查file system #df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/VolGroup00-LogVol00 5.1G 1.5G 3.4G 31% / /dev/xvda2 1.9G 36M 1.8G 2% /home /dev/xvda1 99M 13M 81M 14% /boot tmpfs 129M 0 129M 0% /dev/shm [root@server118 ~]# du -sh /tmp 32K /tmp [root@server118 ~]# *搜尋檔案 #find / \( -nouser -o -nogroup \) *monitor processes #top