Abim ve ailesinin istanbula tasinmalarina son 2 gün kalmist ki yegenim nalan amcalarina kendi sivesi ile ANTCHA demeyi ögrendi. Istanbul vardiklarinda bizim evdeki resimlere bakip bakip ANCTHA demis bizim velet. Insan simdiden özlüyor. Ne bileyim! Ayriligi sadece kavusmasi güzel oldugu icin seviyorum.
SATA yasa SCSI kullanicisi iseniz. debian paketleri arasinda bulabileceginiz smartmontools
araclari ile sabit dislerinizin ahvali hakkinda daha fazla bilgi edinebilirsiniz..
apt-get install smartmontools
kurulum isleminden sonra
df komutu ile sabit disklerinizin device’lerini edinin.
smartctl -i /dev/hda1
su sekilde sabit disklerinizin durumunu sorgulayabilirsiniz.
daha ayrintili bilgi icin -i yerine -a kullanin.
Not:
SMART support is: Available - device has SMART capability.
SMART support is: Disabled
seklinde bir hata olusur ise. smartctl -s on /dev/hda1 komutu ile smart destegini calisir hale getirin..
-H secenegi ile sabit diskinize durumunu test edebilirsiniz.
smartctl -H /dev/hda2
smartctl version 5.32 Copyright (C) 2002-4 Bruce Allen
Home page is http://smartmontools.sourceforge.net/
=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED
testin tipi ve yapisini ayarlamak icin isletim sisteminizin smarttools daemon ayarlarini incelemeniz gereklidir..
Daha ayrintili bilgi icin :http://smartmontools.sourceforge.net/
debain icin modsecury kurulumu
apt-get install libapache2-mod-security
vi /etc/apache2/mods-available/mod-security.conf
# Only inspect dynamic requests
# (YOU MUST TEST TO MAKE SURE IT WORKS AS EXPECTED)
# SecFilterEngine DynamicOnly
# Turn the filtering engine On or OffSecFilterEngine On
# Reject requests with status 404
SecFilterDefaultAction “deny,log,status:404″
# Some sane defaults
SecServerResponseToken Off
SecFilterScanPOST Off
SecFilterCheckURLEncoding On
SecFilterCheckCookieFormat On
SecFilterCheckUnicodeEncoding Off# If you want to scan the output, uncomment these
# SecFilterScanOutput On
# SecFilterOutputMimeTypes “(null) text/html text/plain”
# Accept almost all byte valuesSecFilterForceByteRange 1 255
# Only record the interesting stuffSecAuditEngine RelevantOnly
SecAuditLog /var/log/apache2/audit_log
# You normally won’t need debug loggingSecFilterDebugLevel 0
SecFilterDebugLog /var/log/apache2/modsec_debug_log
# Include rules
Include /etc/apache2/modsecurity/filter.conf
kurallari include ile eklemis oldugumuz dosyanin icine yazicagiz bunun icin
mkdir /etc/apache2/modsecurity/
vi /etc/apache2/modsecurity/filter.conf
#
# —————————————————————————–
#
# Start Rules (Gerneric)
#
# —————————————————————————–# Enforce proper HTTP requests
SecFilterSelective THE_REQUEST “!HTTP\/(0\.9|1\.0|1\.1)$”
# check for bad meta characters in User-Agent fieldSecFilterSelective HTTP_USER_AGENT “.*\’”
# Require Content-Length to be provided with every POST request
SecFilterSelective REQUEST_METHOD “^POST$” chain
SecFilterSelective HTTP_Content-Length “^$”
# Don’t accept transfer encodings we know we don’t handle (and you don’t need it anyway)
SecFilterSelective HTTP_Transfer-Encoding “!^$”
# Don’t accept chunked encodings
SecFilterSelective HTTP_Transfer-Encoding “chunked”
# must have a useragent stringSecFilterSelective “HTTP_USER_AGENT|HTTP_HOST” “^$”
# Again, this is better protected by removing these functions in php.ini
SecFilterSelective ARGS “(system|exec|passthru|popen|shell_exec|proc_open|fopen|fwrite)\s*\(”# Prevent path traversal (..) attacks
SecFilter “\.\./”
# generic recursion signatureSecFilterSelective THE_REQUEST “\.\./\.\./”
# generic attack sigSecFilterSelective THE_REQUEST “cd\x20*\;(cd|\;|echo|perl|python|rpm|yum|apt-get|emerge|lynx|links|mkdir|elinks|cmd|pwd|wget|id|uname|cvs|svn|(s|r)(cp|sh)|rexec|smbclient|t?ftp|ncftp|curl|telnet|gcc|cc|g\+\+|\./)”
# generic filter to prevent SQL injection attacks
SecFilter “[[:space:]]+(select|grant|delete|insert|drop|alter|replace|truncate|update|create|rename|describe)[[:space:]]+[A-Z|a-z|0-9|*| |\,]+[[:space:]]+(from|into|table|database|index|view)[[:space:]]+[A-Z|a-z|0-9|*| |\,]”
# generic PHP remote file inclusion attack
SecFilter “\.php\?” chainSecFilter “(http|https|ftp)\:/” chain
SecFilter “cmd=(cd|\;|perl|python|rpm|yum|apt-get|emerge|lynx|links|mkdir|elinks|cmd|pwd|wget|id|uname|cvs|svn|(s|r)(cp|sh)|rexec|smbclient|t?ftp|ncftp|curl|telnet|gcc|cc|g\+\+|\./)”
# generic sig for more bad PHP functions
SecFilterSelective THE_REQUEST “chr\(([0-9]{1,3})\)”
SecFilterSelective THE_REQUEST “chr\([0-9a-fA-Fx]+\)”
# SQL injection attacks
SecFilter “delete[[:space:]]+from”
SecFilter “insert[[:space:]]+into”
SecFilter “select.+from”# SQL injection in cookies
SecFilterSelective COOKIE_sessionid “.*(select|grant|delete|insert|drop|do|alter|replace|truncate|update|create|rename|describe)[[:space:]]+[A-Z|a-z|0-9|*||\,]+[[:space:]]+(from|into|table|database|index|view)”# —————————————————————————–
# Start Rules (experimental)# —————————————————————————–
# experimental generic remote download sig foo IP or FQDN or foo http/https/ftp://whatever
SecFilterSelective THE_REQUEST “(perl|t?ftp|links|elinks|lynx|ncftp|(s|r)(cp|sh)|wget|curl|cvs|svn).*\x20((http|https|ftp)\:/|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|.*[A-Za-z|0-9]\.[a-zA-Z]{2,4}/)”
SecFilterSelective THE_REQUEST “( |\;|/|\’|,|\&|\=|\.)((s|r)(sh|cp)) *(.*@.*|(http|https|ftp)\:/|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|.*[A-Za-z|0-9]\.[a-zA-Z]{2,4}/)”
enson olarak mod secury aktive edip apacheyi yeniden calistiralim.
a2enmod mod-security
/etc/init.d/apache2 restart
su url’yi kendi internet gezgininizden cagirip. apache error.log’larini inceleyin..
http://deineDomain.de/?query=”insert into users (id, name) values (1,’stefan’)”
mod secur calisiyor ise bunu loglardan konrtol edebilirsiniz. ayriyetten sayfa bulunamadi seklinde 404 hatasi verilir…
kaynak:
http://www.sspace.de/archives/52-Mod-Security-Apache2-Debian-Sarge.html
Linux dünyasinda BSD güvenlik duvari olan PF olmamasi ve Linux dünyasina bu kompenantin tasinmasi oldukca zor olmasi ve sirf PF icin yeni bir UNIX sürümünün dertleri ile ugrasmak zorunda kalma ikilemi uzun zamandir canimi sikiyordu.. Neyseki simdi kFreeBSD var. Debian GNU/kFreeBSD Freebsd kerneli baz alinarak yapilmis bir Debian sürümü. Dahaden cok yeni olan proje simdiden bir live cd cikarmis. Ileride Linux debiani arkada birakicagina inandigim proje hakkinda su siteden bilgi edinebilirsiniz..
http://www.debian.org/ports/kfreebsd-gnu/
live cd’sini buradan indirip deniyebilirsiniz..
Powered by WordPress