Important Document Explanation: ProFTPD: A UNIX platform or Unix-like platform (such as Linux, FreeBSD, etc.) FTP server program, it is under the Free Software Foundation's copyright notice (GPL) developed, released free software, you can modify the source code. It is a completely independent and complete, re-rewritten FTP Server. Main features: A single and Apache httpd.conf similar configuration file in each directory of the. ftpaccess file (similar to Apache. htaccess) is easy to configure, multiple virtual FTP servers and anonymous FTP services Services can be run individually or from inetd/xinetd to boot anonymous FTP root directory does not require a special directory structure system for binary files and other system files without the SITE EXEC command in a separate run mode, run as a non-privileged user, reduce the attack risk log and UTMP/WTMP Support Shadow Password Support official website: Http://www.proftpd.org/Filazilla is a very popular open source free FTP client, server-side project, currently its client software FileZilla clients 3.0 has a very wide market. Mercury Mail Transport System is an integrated Internet mail server. A remote attacker could use this vulnerability to control the server when Mercury Mail Transport system's MERCURY/32 IMAP server module handles a buffer overflow vulnerability with extra-long parameters. An attacker must log on to the system with a legitimate account to exploit this vulnerability. U installation process: First, download (Enter the Linux shell and log in as the system administrator) Ii. after downloading, please enter the following command: 1. Release the downloaded compressed file to/opt:tar XVFZ xampp-linux-1.7.4.tar.gz-c/opt Warning: Only install XAMPP with the above command is allowed. Do not PROFTPD: an FTP server program on a UNIX platform or on a Unix-like platform (such as Linux, FreeBSD, etc.), which is a free software developed and released under the Free Software Foundation's copyright statement (GPL), and can be modified as a source code. It is a completely independent and complete, re-rewritten FTP Server.
Main Features:
A single and Apache httpd.conf similar configuration file
. ftpaccess files in each directory (similar to Apache. htaccess)
Easy to configure, multiple virtual FTP servers and anonymous FTP services
Can be run individually or from inetd/xinetd
Anonymous FTP root directory does not require a special directory structure
System binaries and other system files do not have SITE EXEC command
Run as a non-privileged user in a separate run mode, reducing the risk of attack
Log and UTMP/WTMP support
Shadow Password Support
Official website: http://www.proftpd.org/
Filazilla is a very popular open source free FTP client, server-side project that currently has a very wide market for client software FileZilla clients 3.0.
Mercury Mail Transport System is an integrated Internet mail server. A remote attacker could use this vulnerability to control the server when Mercury Mail Transport system's MERCURY/32 IMAP server module handles a buffer overflow vulnerability with extra-long parameters.
An attacker must log on to the system with a legitimate account to exploit this vulnerability.
U installation process:
First, download (Enter the Linux shell and log in as the system administrator)
Second, after downloading, please enter the following command:
1. Release the downloaded compressed file to/OPT:
Tar xvfz xampp-linux-1.7.4.tar.gz-c/opt
Warning: Only allow XAMPP to be installed using the above command. Do not use any Microsoft Windows tools to release compressed files, which is no use.
Warning 2: When you use this command, older versions of XAMPP that already exist will be overwritten.
This is the end. The XAMPP is installed in the/OPT/LAMPP directory.
2. Start running
Use the following command to start running XAMPP:
/opt/lampp/lampp start
You should be able to see a message similar to the following on the screen:
Starting XAMPP 1.7.2 ...
Lampp:starting Apache ...
Lampp:starting MySQL ...
Lampp started.
3: Test
Well, that's simple, but how do you detect if all the components are working correctly? Simply enter the following link in your browser: http://localhost
As mentioned earlier, XAMPP is not intended for production environments and is intended for use by the development environment only. XAMPP is set to be as open as possible and provides the developer with any features he or she wants. This is great for the development environment, but it can be deadly for production environments.
Here's a list of XAMPP. Lack of security protection:
1. MySQL administrator (Root) does not have a password.
2. MySQL is accessible over the network.
3. ProFTPD uses "Lampp" as the password for the user name "nobody".
4. PhpMyAdmin can be accessed over the network.
5. The sample program can be accessed over the network.
6. MySQL and Apache run under the same user name (nobody).
To fix most of the security weaknesses, simply execute the following command:
/OPT/LAMPP/LAMPP Security
It enables a small security check feature to make the XAMPP you install more secure.
U Important files and directories
/opt/lampp/bin/
XAMPP Command Library. For example,/opt/lampp/bin/mysql executable MySQL monitor.
/opt/lampp/htdocs/
The Apache document root directory.
/opt/lampp/etc/httpd.conf
Apache configuration files.
/opt/lampp/etc/my.cnf
MySQL configuration file.
/opt/lampp/etc/php.ini
PHP configuration files.
/opt/lampp/etc/proftpd.conf
ProFTPD the configuration file. (starting from version 0.9.5)
/opt/lampp/phpmyadmin/config.inc.php
PhpMyAdmin the configuration file.
The U/OPT/LAMPP/LAMPP parameter uses:
Start
Start XAMPP.
Stop
Stop XAMPP.
Restart
Restart XAMPP.
Startapache
Only Apache is started.
Startssl
Start the Apache SSL support. The command will continue to activate SSL support, for example: After executing the command, if you shut down and restart the Xampp,ssl will still be active.
Startmysql
Start the MySQL database only.
Startftp
Start the ProFTPD server. Via FTP, you can upload files to your Web server (username "Nobody", Password "lampp"). The command will continue to activate ProFTPD, for example: After executing the command, if you close and restart Xampp,ftp will still be active.
Stopapache
Stop Apache.
Stopssl
Stop the Apache SSL support. The command will continue to stop SSL support, for example: After executing the command, if you shut down and restart the Xampp,ssl will still be in the stopped state.
Stopmysql
Stop the MySQL database.
Stopftp
Stop the ProFTPD server. The command will continue to stop ProFTPD, for example: After executing the command, if you close and restart Xampp,ftp will still be in the stopped state.
Security
Start a small security check procedure.
U stop XAMPP, just enter the following command:
/opt/lampp/lampp stop
U unload XAMPP, just enter the following command:
Rm-rf/opt/lampp
Linux lampp detailed (GO)
