Submitted by admin on 2008, May 28, 11:57 PM
ARA (ASN RADIUS admin) is a simple but powerful web interface for managing the great FreeRADIUS server. It allows you to:
ARA is a PHP web application operating on the storage backend of FreeRADIUS (currently only MySQL is supported).
Submitted by admin on 2008, May 28, 2:34 PM
patch -p0 < /download/patch-2.6.10-bk4 或
patch -p0 -i /download/patch-2.6.10-bk4
我认为这样才是真的在做patch
patch -R //对new和old文件通通应用patch
-N //忽略反向的或已经应用的补丁
-f //不回答[y/n],假定不选择-R
-t //不回答[y/n],假定选择-R
例:让它自动完成patch -tp0 < patch-file
bzip2 -dc /download/patch-2.6.10-bk4.bz2 |patch -p1
一次打多个,
bzip2 -dc /download/patch-*.bz2 |patch -p1
但要求patch-*.bz2的字母排列顺序和补丁顺序是一样的.
patch -d dietlibc-0.27 -p1 < dietlibc-0.27-signal.patch
ppp-2.4.3
patch -p0 -i ppp-2.4.3-mppe-mppc-1.1.patch.gz
Submitted by admin on 2008, May 27, 9:27 PM
691
用户名错误
619
协议或加密方式设置错误
确定你的内核是否支持mppe
modprobe ppp-compress-18 && echo ok
如果显示ok,那么恭喜,你的内核已经具备了mppe支持
检验PPP是否支持MPPE/MPPC
[code]
[root@localhost]# strings `which pppd`|grep -i mppe|wc --lines
30
[root@localhost]# strings `which pppd`|grep -i mppc|wc --lines
7
updatedb
locate ppp|grep bin
mppe/mppc down
http://mppe-mppc.alphacron.de/#AEN56
ppp down
ftp://ftp.samba.org/pub/ppp/
Q:The remote system is required to authenticate itself
May 28 16:55:06 rhel4 pppd[2994]: but I couldn't find any suitable secret (password) for it to use to do so.
A:options.pptpd 里的 name 设置与 chap-secrets 不符
Submitted by admin on 2008, April 30, 2:37 PM
也就是不管最后后缀为什么,只要是.php.*结尾,且没在mime.types定义的,都将会被Apache服务器解析成php文件
这主要是对有上传功能的服务器比较危险,解决的办法是对允许上传的文件类型,在mime.types文件中定义即可,或者升级最新版本的apache,php
....
rar
Submitted by admin on 2008, April 30, 2:19 PM
php马当属PhpSpy了,查过几次,都是这个.今天又来一个.目前最新版是2008,更新日期为 2008.1.7
检查PHP木马
1 检查最新上传的文件 (ctime -4 最近四天)
2 检查文件属主
3 检查文件大小属性
...
--------
eval(base64_decode(''));
eval(gzinflate(base64_decode(
apa log
?dir|./..|.%2F../..|.%2F..%2F..|
Submitted by admin on 2008, April 29, 5:20 PM
一 安装
软件下载
http://sourceforge.net/project/showfiles.php?group_id=44827
-rw-r--r-- 1 root root 78681 Mar 17 2006 dkms-2.0.10-1.noarch.rpm
-rw-r--r-- 1 root root 105346 Oct 7 2005 kernel_ppp_mppe-1.0.2-3dkms.noarch.rpm
-rw-r--r-- 1 root root 356446 May 13 2005 ppp-2.4.3-5.rhel4.i386.rpm
-rw-r--r-- 1 root root 73889 Sep 5 2006 pptpd-1.3.3-1.rhel4.i386.rpm
分别用 rpm -ivh dkms,mppe,ppp,pptpd 安装
如原系统有安装,可以先用rpm -e 删除再装
二 配置
vi /etc/pptpd.conf
localip 10.10.1.1
remoteip 10.10.1.10-20
用户密码 vi /etc/ppp/chap-secrets
user1 pptpd user1 10.10.1.11
user2 pptpd user2 10.10.1.12
认证方式 vi /etc/ppp/options.pptpd
name pptpd
refuse-pap
require-chap
refuse-mschap
refuse-mschap-v2
ms-dns 202.103.176.22
如要ping, echo 1 > /proc/sys/net/ipv4/ip_forward
打开 1723,47端口
iptables -A INPUT -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -p tcp --dport 47 -j ACCEPT
启动
/etc/rc.d/init.d/pptpd start
三 在客户端设置连接,即可拔号连接
具体略
FAQ
如提示 错误734,ppp连接控制协议终止
是加密方法有问题,可以重新编译mppe相关程序,或不用加密.
要通过这台机访问其它网络,只需加上
/sbin/iptables -t nat -I POSTROUTING -s 10.10.1.0/8 -j MASQUERADE
或参考
/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P OUTPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -t nat -P PREROUTING ACCEPT
/sbin/iptables -t nat -P POSTROUTING ACCEPT
/sbin/iptables -t nat -P OUTPUT ACCEPT
/sbin/iptables -t nat -A POSTROUTING -s 10.10.1.0/8 -j MASQUERADE
/sbin/iptables -A INPUT -s 10.10.1.0/8 -j ACCEPT
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
客服端设置
连接 > 属性 > 安全 > 自定义 > 不允许加密,质询握手身份验证协议
Submitted by admin on 2008, April 19, 9:16 AM
在用NFS作文件共享,在载时提示
mount: IP:/path failed, reason given by server: Permission denied
和本机所用DNS或DNS的解释有关,在hosts文件加个名字即可,再exportfs -rv就OK了
Submitted by admin on 2008, March 25, 4:49 PM
今天把DNS服务器迁移到了另外两台机上.因之前所用版本为932,现在最新稳定版为942,就下了个最新的
也因为懒,编译好就直接把以前的配置文件给拷过来了.启动正常,直接查询的也可以.但cache的查询就有问题了.很多这样的错.
Mar 25 14:38:17 root named[12559]: client 218.13.186.57#62319: view view_any: query (cache) 'xx.com.cn/A/IN' denied
Mar 25 14:38:17 root named[12559]: client 218.13.186.57#62320: view view_any: query (cache) 'xx.com.cn/A/IN' denied
Mar 25 14:38:38 root named[12559]: client 218.13.186.57#62326: view view_any: query (cache) 'xx.com.cn/A/IN' denied
Mar 25 14:38:38 root named[12559]: client 218.13.186.57#62327: view view_any: query (cache) 'xx.com.cn/A/IN' denied
Mar 25 14:45:21 root named[12559]: client 218.13.186.57#62451: view view_any: query (cache) 'xx.com.cn/A/IN' denied
Mar 25 14:45:21 root named[12559]: client 218.13.186.57#62452: view view_any: query (cache) 'xx.com.cn/A/IN' denied
查资料,发现新版的对cache的处理有所改变
新版本的BIND对 allow-query 有着不同的处理,新增加了一个 allow-query-cache 的选项。
QUOTE:allow-query Specifies which hosts are allowed to ask ordinary DNS questions. allow-query may also
be specified in the zone statement, in which case it overrides the options allow-query statement.
If not specified, the default is to allow queries from all hosts.
QUOTE:allow-query-cache Specifies which hosts are allowed to get answers from the cache. The default is the
builtin acls localnets and localhost.
The way to set query access to the cache is now via allow-query-cache. This differs from earlier
versions which used allow-query.
BIND 9.4 的手册上还特别注释了
QUOTE:allow-query-cache is now used to specify access to the cache.
| « 2025年05月 » | ||||||
| 日 | 一 | 二 | 三 | 四 | 五 | 六 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | ||||
| 4 | 5 | 6 | 7 | 8 | 9 | 10 |
| 11 | 12 | 13 | 14 | 15 | 16 | 17 |
| 18 | 19 | 20 | 21 | 22 | 23 | 24 |
| 25 | 26 | 27 | 28 | 29 | 30 | 31 |
[11] [3] [5] [6] [27] [5] [20] [1] [6] [47] [2] [5] [7] [2] [17] [5] [24] [4] [9] [62] [30] [59] [71] [228] [16] [64] [11] [2] [3] [7] [9] [1] [10] [3] [14] [32] [16] [2] [4] [17] [2] [2] [8] [12] [6] [3] [15] [8] [3] [9] [1] [81] [2] [4] [5] [16] [3] [4] [18] [1]