Monitoring is typically implemented through scripting, and regular detection is performed using timed tasks.
1. Ports
Local: Ss,netstat,lsof
Remote: TELNET,NAMP,NC
2. Number of local processes
For example:
Lsof-i:80|wc-l
Ps-ef|grep nginx|wc-l
Nmap 192.168.220.139-p 80|grep open|wc-l
3. View HTTP return codes
Return 200 is normal.
[~]# curl-i-s-w "%{http_code}"-o/dev/null 127.0.0.1
200[~]#
4. How to impersonate a user
Wget,curl command
Use short program detection, for example: using PHP to write a program that takes data from a database, you can detect both Web services and databases.
Summarize:
Student movement important is the idea, technology is just one aspect, the above methods of monitoring the Web, for the database is also applicable, such as the database is not logged in the case of the execution of some database statements.
1. Ports
Local: Ss,netstat,lsof
Remote: TELNET,NAMP,NC
2. Number of local processes
For example:
Lsof-i:80|wc-l
Ps-ef|grep nginx|wc-l
Nmap 192.168.220.139-p 80|grep open|wc-l
3. View HTTP return codes
Return 200 is normal.
[~]# curl-i-s-w "%{http_code}"-O www.qixoo.qixoo.com/dev/null 127.0.0.1
200[~]#
4. How to impersonate a user
Wget,curl command
Use short program detection, for example: using PHP to write a program that takes data from a database, you can detect both Web services and databases.
Summarize:
Student movement important is the idea, technology is just one aspect, the above methods of monitoring the Web, for the database is also applicable, such as the database is not logged in the case of the execution of some database statements.
How Web services run in Linux