I. basic iptables configuration 1. view the settings of IPTABLES on the local machine [root @ tp ~] # Iptables-L-nChainINPUT (policyACCEPT) targetprotoptsourcedestinationChainFORWARD (policyACCEPT) targetprotoptsourcedes 1,
IptablesBasic
Use Xshell to connect to the server SSH
1) about Xshell
The SSH client mentioned in more information on the Internet is putty, because it is simple, open-source, and free. However, because the function is too simple, we recommend that you use Xshell
Network monitoring is the most complex in all Linux subsystems, with too many factors, such as latency, blocking, conflict, and packet loss, even worse, the routers, switches, and wireless signals connected to Linux hosts all affect the overall
TCPDUMP introduction in traditional network analysis and testing technologies, sniffer is the most common and important technology. Sniffer is designed for network analysis by network administrators and network programmers. Network administrators
Recently, a company's business has been growing fast, resulting in heavy pressure on front-end servers. in order to solve this problem as soon as possible, I submitted a request for purchasing servers to the company. soon the company approved the
Here, I must explain the status of the firewall. for example, if you use ssh for remote access, your host and the remote host will communicate with each other. The static firewall processes the data packets sent to the machine during the check. it
The system configuration file kernel itself can also be considered as a "program ". Why does the kernel need a configuration file? The kernel needs to know the list of users and groups in the system, and then manage the file permissions (that is,
Tcpdump is a professional network analysis tool that not only helps us analyze network packets, but also helps us learn TCP/IP, although many people think that Wireshark, another software, is more advanced. First, we will introduce the-s parameter.
In the past, the three-way handshake of TCP stayed at the level of three arrows. now, with the help of tcpdump, we can clearly see how TCP established connections and transmitted data. I first ran the TCP bounce server program on the UNP book, asked
When you log on to Linux, the file execution process is as follows: when you first log on to Linux, start the/etc/profile file, and then start ~ /. Bash_profile ,~ /. Bash_login or ~ /. One of the profile files is executed in the following sequence :
On the eth0 server, the external address eth0: 192.168.1.223eth1 is set to the internal address eth1: 11920.2.1. the function to be implemented now is to limit the entire exit to 512 kbit (upload traffic ), download traffic of the 192.168.2 network
Iptables-F # Allow packets to enter iptables-AINPUT-ptcp from port 22? Dport22-jACCEPT # The packet that allows access from port 22 returns iptables-AOUTPUT-ptcp? Sport22-mstate? StateESTABLISHED-jACCEPTiptables-AOUTPUT-pudp? Dport5
Iptables-F
#
The packet capture tool has two advantages: one is snort and the other is tcpdump. this time, we don't mention snort. Although the tool is powerful, it is complicated, and tcpdump is relatively simple. Tcpdumpwindows and linux versions. You can
1. basic operations of the chain 1. clear all rules. 1) clear all rules in the rule chain in the filter of the preset table. # Iptables-F2) clears the rules in the user-defined chain in the preset table filter. # Iptables-X # iptables-Z2, set the
Iptables firewall and NAT service 1. overview 1. introduction (1) a combination of components set between different networks or network security domains, which enhances the security of the internal network of the organization (2) each packet passes
/Etc/fstab is a file used to store static information of the file system. In the/etc/directory, you can run the command less/etc/fstab to view the changes. if you want to modify the changes, run the command vi/etc/fstab to modify the changes. When
1fstab files/etc/fstab files store the file system information in the system. When the file is correctly set, you can use the mount/directoryname command to load a file system. each file system corresponds to an independent line, fields in each row
Differences between vimgs replace and global commands are one of Vim's most powerful commands (I think it is No. 1). If you are familiar with them, you can get twice the result with half the effort. This article summarizes some classic problems of
[Keywords] Vims command g command file format encoding method [abstract] This article summarizes Vim's s command and g command, as well as file line feed format and edit format conversion command. 1. s command if a text editor does not support
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.