HTTP协议追踪与挂站脚本漏洞XST
[
2008/12/18 13:05 | by askwan ]
2008/12/18 13:05 | by askwan ]
在服务器漏洞常规扫描报告发现这个问题 这里小结一下
看标准漏洞描述:
简单的说就是如果web服务器支持HTTP TRACE 和 TRACK 方法就可能会扫描出这个缺陷或者漏洞,
导致可能的XST跨站方式的脚本攻击,而我们的web服务器,以apache为例,默认都是开启并支持TRACE TRACK的,随便
扫描一个网络的C类IP段,会发现七成web服务器都有这个问题,这不得不引起我们的重视。
看标准漏洞描述:
Quotation
The remote webserver supports the TRACE and/or TRACK methods. TRACE
and TRACK are HTTP methods which are used to debug web server
connections.
In addition, it has been shown that servers supporting the TRACE
method are subject to cross-site scripting attacks, dubbed XST for
"Cross-Site Tracing", when used in conjunction with various weaknesses
in browsers. An attacker may use this flaw to trick your legitimate
web users to give him their credentials.
and TRACK are HTTP methods which are used to debug web server
connections.
In addition, it has been shown that servers supporting the TRACE
method are subject to cross-site scripting attacks, dubbed XST for
"Cross-Site Tracing", when used in conjunction with various weaknesses
in browsers. An attacker may use this flaw to trick your legitimate
web users to give him their credentials.
简单的说就是如果web服务器支持HTTP TRACE 和 TRACK 方法就可能会扫描出这个缺陷或者漏洞,
导致可能的XST跨站方式的脚本攻击,而我们的web服务器,以apache为例,默认都是开启并支持TRACE TRACK的,随便
扫描一个网络的C类IP段,会发现七成web服务器都有这个问题,这不得不引起我们的重视。
prebuilt ppm packages for win32 activeperl
[ 2008/12/14 08:20 | by askwan ]
2008/12/14 08:20 | by askwan ]
This area contains prebuilt ppm packages for Win32 for ActivePerl builds
for 10xx
http://cpan.uwinnipeg.ca/PPMPackages/
http://www.bribes.org/perl/ppm
http://trouchelle.com/ppm10/
http://cpan.uwinnipeg.ca/PPMPackages/10xx/
for 8xx
http://theoryx5.uwinnipeg.ca/ppms/
http://www.bribes.org/perl/ppm
http://theoryx5.uwinnipeg.ca/cgi-bin/ppmserver?urn:/PPMServer58
http://theoryx5.uwinnipeg.ca/ppms/
http://trouchelle.com/ppm/
http://ppm.tcool.org/archives/
for 6xx
http://theoryx5.uwinnipeg.ca/ppmpackages/
http://www.bribes.org/perl/ppm
http://theoryx5.uwinnipeg.ca/cgi-bin/ppmserver?urn:/PPMServer
eg::
Packages in this directory may be installed by giving the following command at a DOS prompt:
C:\>ppm install http://cpan.uwinnipeg.ca/PPMPackages/10xx/[package].ppd
for 10xx
http://cpan.uwinnipeg.ca/PPMPackages/
http://www.bribes.org/perl/ppm
http://trouchelle.com/ppm10/
http://cpan.uwinnipeg.ca/PPMPackages/10xx/
for 8xx
http://theoryx5.uwinnipeg.ca/ppms/
http://www.bribes.org/perl/ppm
http://theoryx5.uwinnipeg.ca/cgi-bin/ppmserver?urn:/PPMServer58
http://theoryx5.uwinnipeg.ca/ppms/
http://trouchelle.com/ppm/
http://ppm.tcool.org/archives/
for 6xx
http://theoryx5.uwinnipeg.ca/ppmpackages/
http://www.bribes.org/perl/ppm
http://theoryx5.uwinnipeg.ca/cgi-bin/ppmserver?urn:/PPMServer
eg::
Packages in this directory may be installed by giving the following command at a DOS prompt:
C:\>ppm install http://cpan.uwinnipeg.ca/PPMPackages/10xx/[package].ppd
mysql的ibdata1
[ 2008/11/23 08:57 | by askwan ]
2008/11/23 08:57 | by askwan ]
myisam和innodb类型,用这两种存储引擎的都有不少,这次我将公司一库所有表由innodb转为myisam,很顺利,有个问题就生存了,库的体积增大了几乎一倍,原来主要是ibdata1超大,每天几十几百M的增加,现在转为myisam了,数据又重新存储了,备份和维护都挺麻烦,既然已经转为myisam了,这个文件ibdata1 和日志文件ib_logfile0 ib_logfile1都是检查文件一致性的,关闭库,删之,重启库,库体积减少一倍多,搞掂。
总结:
删除ibdata文件大致有两种方法
1.将表类型转为myisam后(其实数据已经转为文件方式存储了,数据不会丢失,不过有时候需要重新建立索引。)
删除ibdata1 ,ib_logfile0, ib_logfile1,重新启动,重建这三个文件,默认新建一个10M和2个5M大小文件,这比直接动辄10G的ibdata文件可让人轻松多了。
2.将数据库用mysqldump导出后,重新部署mysql或者删除数据库,停止库,删除三个大文件,重新启动库,在导入,耗费时间比较长。
这两种方法都需要停止数据库,大库可能需要较长时间,操作都需慎重。
总结:
删除ibdata文件大致有两种方法
1.将表类型转为myisam后(其实数据已经转为文件方式存储了,数据不会丢失,不过有时候需要重新建立索引。)
删除ibdata1 ,ib_logfile0, ib_logfile1,重新启动,重建这三个文件,默认新建一个10M和2个5M大小文件,这比直接动辄10G的ibdata文件可让人轻松多了。
2.将数据库用mysqldump导出后,重新部署mysql或者删除数据库,停止库,删除三个大文件,重新启动库,在导入,耗费时间比较长。
这两种方法都需要停止数据库,大库可能需要较长时间,操作都需慎重。
php扩展模块tidy安装
[ 2008/11/20 14:09 | by askwan ]
2008/11/20 14:09 | by askwan ]
tidy是一个非常好用的html代码分析和纠错的工具,
这里有相关介绍:http://pecl.php.net/package/tidy
首先安装tidy库支持
可以用svn checkout 最新源代码
或者直接到这里:http://pecl.php.net/package/tidy下载已经打包好的源码包
这里有相关介绍:http://pecl.php.net/package/tidy
首先安装tidy库支持
可以用svn checkout 最新源代码
Quotation
#cvs -d:pserver:anonymous@tidy.cvs.sourceforge.net:/cvsroot/tidy login
#cvs -z3 -d:pserver:anonymous@tidy.cvs.sourceforge.net:/cvsroot/tidy co tidy
#cvs -z3 -d:pserver:anonymous@tidy.cvs.sourceforge.net:/cvsroot/tidy co tidy
或者直接到这里:http://pecl.php.net/package/tidy下载已经打包好的源码包
