---------- Forwarded message ----------
From: XIE WEN-MFK346 <wenxie at motorola.com>
Date: 2008/8/28
Subject: nessus安装截图
To: xiewenxiewen at gmail.com
nessus是世界上最好用的安全扫描工具之一,而且对个人用户是免费的
1.下载nessus
访问网址 http://www.nessus.org/download/
下载nessus安装程序
不用填个人信息,直接点"Click Here to Download Nessus Directly"
服务器是redhat es4 64位的,要下载对应的版本,用es4.i386的就行
2. 申请注册号
http://www.nessus.org/plugins/?view=register-info
选"Register a HomeFeed"
输入邮件地址
等一会,注册号会发到你的邮箱
3. 安装
rpm -Uvh Nessus-3.2.1-es4.i386.rpm
4.注册
访问网址 https://plugins.nessus.org/offline.php
按提示运行 /opt/nessus/bin/nessus-fetch --challenge 获取口令
输入口令和注册号
显示
记住第一个url地址
http://plugins.nessus.org/get.php?f=all-2.0.tar.gz&u=34a15dd5903bb80755a35dc1eedb56ac&p=a37a58daefcd003abccdeefc5dae2166
以后手工下载插件还会用到
然后点击第二个链接,下载 nessus-fetch.rc,url地址是:
http://plugins.nessus.org/mkconfig.php?ac=注册号&c=口令
如
https://plugins.nessus.org/mkconfig.php?ac=F7B4-D650-0C92-3B97-5373&c=4b3302bf5896ffc9555c53768352f5342c9ba479
把nessus-fetch.rc拷到/opt/nessus/etc/nessus/下
cat /opt/nessus/etc/nessus/nessus-fetch.rc
5.下载安装最新插件
修改配置文件/opt/nessus/etc/nessus/nessusd.conf,禁止自动升级
grep auto_update /opt/nessus/etc/nessus/nessusd.conf
a.如果服务器可以连接互联网,那么运行
/opt/nessus/sbin/nessus-update-plugins
自动下载最新插件
b.也可以手工下载,下载地址就是第4步得到的地址
然后解压
tar -C /opt/nessus/lib/nessus/plugins/ -zxf all-2.0.tar.gz
重建插件数据库 /opt/nessus/var/nessus/plugins-code.db,运行
/opt/nessus/sbin/nessusd -Q 或 /opt/nessus/sbin/nessusd -R
6.创建用户
运行 /opt/nessus/sbin/nessus-adduser
创建一个用户并设置用户登录权限
用户名:admin
认证方式:pass
密码:admin
规则:只允许本机访问
accept
127.0.0.1/32
default
deny
7. 启动nessusd服务
运行
/sbin/service nessusd start
nessus服务器安装完成。
然后就可以用bin/nessus扫描服务器漏洞了,这是命令行模式的,最好再装个图形界面的NessusClient
8. 安装NessusClient
下载地址http://www.nessus.org/download/
安装
rpm -Uvh NessusClient-3.2.1-es4.i386.rpm
9.运行NessusClient
/opt/nessus/bin/NessusClient
点"Connect...",选"localhost", 点"Edit..."
改成正确的用户名和密码
点"Save"保存
选"localhost",点"Connect"
连接nessus服务
如果是第一次连接,会出现确认框,选"Yes"
连上后
10. 增加扫描策略
点右边的"+",
按需编辑各种选项
点"Save"保存
选中"my_policy",点菜单"File"->"Export Policy...",保存到文件my_policy.nessusrc
(不过好像只能export,不能import, import菜单永远是灰的???)
11. 增加扫描目标
按需增加要扫描的地址
点"Save"
12. 保存配置
选菜单"File"->"Save As...",保存配置好了的目标和策略到文件my.nessus
.nessus文件是xml格式的
比如:
....
nohostname192.168.11.16
nohostname192.168.11.15
nohostname192.168.11.10
nohostname192.168.11.12
norange10.194.132.24010.194.132.255
yesrange192.168.11.0192.168.16.255
yesnetwork192.168.30.0255.255.255.0
yesnetwork192.168.50.0255.255.255.0
yesnetwork10.194.132.0255.255.255.0
....
13. 扫描
可以点"Scan Now"在图形界面扫描,也可以在字符界面用命令扫描
运行
/opt/nessus/bin/nessus -V -x --dot-nessus /root/my.nessus --policy-name "my_policy" 127.0.0.1
1241 admin admin /root/my_report.nessus >/root/my_nessus.log 2>&1
生成html格式的报表
/opt/nessus/bin/nessus -V -x --dot-nessus /root/my_report.nessus \
-i "`/opt/nessus/bin/nessus -V -x --dot-nessus /root/my_report.nessus --list-reports|/usr/bin/tail -1|/bin/cut -c4-|/bin/sed 's/.$//g'`" \
-o /root/my_report.html
观看报表
elinks /root/my_report.html
14.定期运行脚本
[root@MGT scripts]# cat nessus.sh
#!/bin/bash
usage ()
{
cat <
Usage: $0 {help=n|y} target={sendmail=y|n}
Examples:
$0 help=y
$0
target=test
EOF
}
if [ $# -lt 1 ]; then
usage
exit 1
fi
for f; do eval $f; done
if [ x$help = xy ]; then
usage
exit 0
fi
PD=`/usr/bin/dirname $0`
WD=`(cd $PD/..;pwd)`
#NPATH=/data/nessus
NPATH=$WD
LPATH=$NPATH/logs
RPATH=$NPATH/reports
SPATH=$NPATH/scripts
P=`/bin/basename $0|/bin/cut -d. -f1`
N=${target:-test}
D=`/bin/date '+%Y%m%d'`
LOG=$LPATH/${P}_${N}_${D}.log
UMASK=`umask`
umask 0077
exec 3>&1 4>&2
exec >>$LOG 2>&1
echo "Begin at `/bin/date '+%Y%m%d%H%M%S'`"
NESSUS=/opt/nessus/bin/nessus
CFG=$SPATH/${N}.nessus
NRPT=$LPATH/report_${N}_${D}.nessus
RPT=$RPATH/report_${N}_${D}.html
PARAM="-V -x"
NSERVER="localhost 1241 admin admin"
$NESSUS $PARAM --dot-nessus $CFG --policy-name "my_policy" $NSERVER $NRPT
$NESSUS --dot-nessus $NRPT --list-reports
RPTNAME="`$NESSUS --dot-nessus $NRPT --list-reports|/usr/bin/tail -1|/bin/cut -c4-|/bin/sed 's/.$//g'`"
$NESSUS $PARAM --dot-nessus $NRPT -i "$RPTNAME" -o $RPT
if [ x$sendmail != xn ]; then
ADDR="wenxie@motorola.com"
/usr/sbin/sendmail -v $ADDR <
To: $ADDR
Subject:
Nessus Scan Report for $N - $D
Content-Type: text/html; charset="iso-8859-1"
`cat $RPT`
EOF
fi
echo "End at `/bin/date '+%Y%m%d%H%M%S'`"
echo ""
exec 1>&3 2>&4 3>&- 4>&-
umask $UMASK
[root@MGT scripts]#
[root@MGT ~]# crontab -l |grep ness
#0 2 * * * /data/nessus/scripts/nessus.sh target=wjlab sendmail=n
[root@MGT ~]#
Xie wen(谢文)
Network & Operations,
Mobile Software Solutions (MDB)
MOTOROLA Inc.
No. 108 Jian Guo Road, Chao Yang District, Beijing
100022 P. R. China
e-mail wenxie at motorola.com
-fin-
Blog Archive
-
▼
2008
(27)
-
▼
August
(7)
- nessus installation snapshots - nessus安装截图
- how to determine oracle block size - 如何查看oracle块大小
- setup ssh for netapp filer - 配置netapp filer文件存储系统的...
- ssh tunnel - ssh 隧道
- recover from cold backup of control files - 恢复冷备份的...
- escaping special characters in Oracle - 转义Oracle的特殊字符
- generate sequence numbers - 用SQL语句生成序号
-
▼
August
(7)
Thursday, August 28, 2008
Wednesday, August 27, 2008
how to determine oracle block size - 如何查看oracle块大小
---------- Forwarded message ----------
From: wen xie
Date: 2008/12/16
- Hide quoted text -
Subject: Fwd: how to determine oracle block size
To: xiewenxiewen at googlemail.com
---------- Forwarded message ----------
From: XIE WEN-MFK346
Date: 2008/12/16
Subject: how to determine oracle block size
To: xiewenxiewen at gmail.com
how to determine oracle block size
数据块特指data block,是数据文件的组成部分
重做日志的叫redo block,不叫data block, 大小一般等于操作系统块的大小,
可以查询select max(lebsz) from x$kccle;知道大小
控制文件的也不叫data block,叫control file block,查询select distinct block_size from v$controlfile;看大小
alter session set events 'immediate trace name controlf level 10';
然后查看udump下的跟踪文件
也可以用dbfilesize命令看大小
控制文件块大小是16k
重做日志的是512
数据文件的是8k
外部链接:
Log Block Size
Controlfile Structure
Description Of V$Controlfile fields- BLOCK_SIZE and FILE_SIZE_BLKS
How to Determine the Exact Size of a Controlfile on a Raw Device
Xie Wen (谢文)
Network & Operations,
Multimedia Applications & Services (MDB) MOTOROLA Inc.
NO.104 mail box,
8th floor, Motorola Tower,
No. 1 Wang Jing East Road, Chao Yang District,
Beijing 100102 P. R. China
e-mail wenxie at motorola.com
-fin-
From: wen xie
Date: 2008/12/16
- Hide quoted text -
Subject: Fwd: how to determine oracle block size
To: xiewenxiewen at googlemail.com
---------- Forwarded message ----------
From: XIE WEN-MFK346
Date: 2008/12/16
Subject: how to determine oracle block size
To: xiewenxiewen at gmail.com
how to determine oracle block size
数据块特指data block,是数据文件的组成部分
重做日志的叫redo block,不叫data block, 大小一般等于操作系统块的大小,
可以查询select max(lebsz) from x$kccle;知道大小
SQL> select max(lebsz) from x$kccle;
MAX(LEBSZ)
----------
512
SQL>
MAX(LEBSZ)
----------
512
SQL>
控制文件的也不叫data block,叫control file block,查询select distinct block_size from v$controlfile;看大小
SQL> select distinct block_size from v$controlfile;
BLOCK_SIZE
----------
16384
或查询跟踪文件BLOCK_SIZE
----------
16384
alter session set events 'immediate trace name controlf level 10';
然后查看udump下的跟踪文件
DUMP OF CONTROL FILES, Seq # 6886 = 0x1ae6
V10 STYLE FILE HEADER:
Compatibility Vsn = 169870080=0xa200300
Db ID=1955690436=0x749177c4, Db Name='TEST'
Activation ID=0=0x0
Control Seq=6886=0x1ae6, File size=492=0x1ec
File Number=0, Blksiz=16384, File Type=1 CONTROL
Logical block number 1 (header block)
V10 STYLE FILE HEADER:
Compatibility Vsn = 169870080=0xa200300
Db ID=1955690436=0x749177c4, Db Name='TEST'
Activation ID=0=0x0
Control Seq=6886=0x1ae6, File size=492=0x1ec
File Number=0, Blksiz=16384, File Type=1 CONTROL
Logical block number 1 (header block)
也可以用dbfilesize命令看大小
oracle@MGT ~/app/oracle/oradata/test]$ dbfsize control01.ctl
Database file: control01.ctl
Database file type: file system
Database file size: 460 16384 byte blocks
[oracle@MGT ~/app/oracle/oradata/test]$ dbfsize redo01.log
Database file: redo01.log
Database file type: file system
Database file size: 204800 512 byte blocks
[oracle@MGT ~/app/oracle/oradata/test]$ dbfsize system01.dbf
Database file: system01.dbf
Database file type: file system
Database file size: 38400 8192 byte blocks
(Database file size显示了两个数字,第二个是块大小,第一个是块数,但没计算文件头占用的那一块,所以再加一才是真正的块数)Database file: control01.ctl
Database file type: file system
Database file size: 460 16384 byte blocks
[oracle@MGT ~/app/oracle/oradata/test]$ dbfsize redo01.log
Database file: redo01.log
Database file type: file system
Database file size: 204800 512 byte blocks
[oracle@MGT ~/app/oracle/oradata/test]$ dbfsize system01.dbf
Database file: system01.dbf
Database file type: file system
Database file size: 38400 8192 byte blocks
控制文件块大小是16k
重做日志的是512
数据文件的是8k
外部链接:
Log Block Size
Controlfile Structure
Description Of V$Controlfile fields- BLOCK_SIZE and FILE_SIZE_BLKS
How to Determine the Exact Size of a Controlfile on a Raw Device
Xie Wen (谢文)
Network & Operations,
Multimedia Applications & Services (MDB) MOTOROLA Inc.
NO.104 mail box,
8th floor, Motorola Tower,
No. 1 Wang Jing East Road, Chao Yang District,
Beijing 100102 P. R. China
e-mail wenxie at motorola.com
-fin-
Wednesday, August 20, 2008
setup ssh for netapp filer - 配置netapp filer文件存储系统的ssh登录
---------- Forwarded message ----------
From: XIE WEN-MFK346 <wenxie at motorola.com>
Date: 2008/8/20
Subject: ssh自动登录netapp filer
To: xiewenxiewen at gmail.com
1. 启用netapp的ssh登录方式
默认没有启用ssh登录方式
先telnet登录到netapp
检查系统配置,发现没有打开ssh
options ssh
修改ssh配置
options ssh.enable on
按屏幕提示运行secureadmin setup ssh
按四次回车,即可
运行secureadmin enable ssh
ssh已被启用了
options ssh
按ctrl-d退出
现在可以用ssh登录了
但仍需要输入密码
下面配置自动登录,不用密码登录
2. 配置自动登录
回到unix
生成ssh密钥
运行ssh-keygen -t dsa
回车3次,不要输入私钥密码
生成了一个私钥id_dsa, 和公钥id_dsa.pub
root用户挂载netapp根卷vol0
将刚才生成的公钥添加到 etc/sshd/root/.ssh/authorized_keys 文件内
卸载vol0根卷
回到s3op1用户,ssh登录不用输入密码了
Xie wen(谢文)
Network & Operations,
Mobile Software Solutions (MDB)
MOTOROLA Inc.
No. 108 Jian Guo Road, Chao Yang District, Beijing
100022 P. R. China
e-mail wenxie at motorola.com
-fin-
From: XIE WEN-MFK346 <wenxie at motorola.com>
Date: 2008/8/20
Subject: ssh自动登录netapp filer
To: xiewenxiewen at gmail.com
1. 启用netapp的ssh登录方式
默认没有启用ssh登录方式
先telnet登录到netapp
检查系统配置,发现没有打开ssh
options ssh
修改ssh配置
options ssh.enable on
按屏幕提示运行secureadmin setup ssh
按四次回车,即可
运行secureadmin enable ssh
ssh已被启用了
options ssh
按ctrl-d退出
现在可以用ssh登录了
但仍需要输入密码
下面配置自动登录,不用密码登录
2. 配置自动登录
回到unix
生成ssh密钥
运行ssh-keygen -t dsa
回车3次,不要输入私钥密码
生成了一个私钥id_dsa, 和公钥id_dsa.pub
root用户挂载netapp根卷vol0
将刚才生成的公钥添加到 etc/sshd/root/.ssh/authorized_keys 文件内
卸载vol0根卷
回到s3op1用户,ssh登录不用输入密码了
Xie wen(谢文)
Network & Operations,
Mobile Software Solutions (MDB)
MOTOROLA Inc.
No. 108 Jian Guo Road, Chao Yang District, Beijing
100022 P. R. China
e-mail wenxie at motorola.com
-fin-
Subscribe to:
Posts (Atom)