Security and attack prevention for Web servers (4)

Source: Internet
Author: User
Tags file system mail
Web|web Service |web Server | security | Attack can generate a network diagram that clearly shows the machine type and connection. This program can also perform port scanning, but the function is not as flexible and powerful as nmap.



Network Monitor ethereal (http://ethereal.zing.org/) is used to analyze network transmissions. Ethereal is able to track TCP flows and is useful for knowing plaintext passwords transmitted by Telnet, FTP, POP3, and so on.

With rpcinfo queries using Rpcinfo and Showmount (for some versions of Linux, you can also use Kshowmount), you can find out what services the SUNRPC of your own machine provides. If NFS is running, it is possible to obtain a list of exported file systems from the server.



# rpcinfo-p Www.example.server program vers proto port 100000 4 tcp portmapper 100000 3 tcp portmapper 100000 2 tcp portmapper 100000 4 UDP portmapper 100000 3 UDP portmapper 100000 2 UDP portmapper

As you can see, the Www.example.server sunrpc service opens up the connection to the external machine. This is not necessary, we can install the Rpcbind program with access control or configure the firewall to block it.

Because NFS defaults are extremely unreasonable, it is an extremely common mistake to expose the file system to the outside world in a way that is completely unprotected and readable. Here is an example:



#/USR/SBIN/KSHOWMOUNT-E Center2.sample-university.netexport list for Center2.sample-university.net:/usr/lib/cobol (Everyone)/usr/sys/inst.images (everyone)/stadtinf (Everyone)/var/spool/mail (Everyone)/usr/lpp/info (Everyone) /usr/local (Everyone) /pd-software (Everyone)/u1 (everyone)/user (everyone)/fix (Everyone)/ u (Everyone)/ora Rzws01/install (Everyone)/ora-client 192.168.15.20

All directories marked "Everyone" are open to the public, including the "/var/spool/mail" directory where hundreds of user messages are saved, and the user's home directory "/U" and "/u1". In addition "/usr/local" and "/usr/lib/cobol" are also allowed to write, which makes it easy to install Trojan horses. Anyone can get into the system without encountering any resistance that is worth mentioning.


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.