Windows快速修改用户密码
cmd运行
net user administrator "密码"
administrator为用户名
cmd运行
net user administrator "密码"
administrator为用户名
环境:centos6.6,带有CSF的服务器;该安装方法也适用于XEN、KVM虚拟化结构VPS
首先编辑 /etc/csf/csf.conf ,打开1723、1356端口;
vi /etc/csf/csfpre.sh
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE iptables -A INPUT -p gre -j ACCEPT iptables -A OUTPUT -p gre -j ACCEPT iptables -A FORWARD -i ppp+ -o eth1 -p ALL -j ACCEPT iptables -A FORWARD -i eth1 -o ppp+ -p ALL -j ACCEPT iptables -t nat -A POSTROUTING -s 172.16.22.0/24 -j SNAT --to-source `ifconfig | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk 'NR==1 { print $1}'` iptables -A FORWARD -p tcp --syn -s 172.16.22.0/24 -j TCPMSS --set-mss 1356
创建 csfore.sh 设置防火墙开启转发等;注意代码中 eth1 为公网IP网卡
创建安装PPTP一键脚本
vi /root/pptpd6.sh
yum remove pptpd ppp -y iptables --flush POSTROUTING --table nat iptables --flush FORWARD rm -f /etc/pptpd.conf rm -f /etc/ppp arch=`uname -m` yum -y install make libpcap iptables gcc-c++ logrotate tar cpio perl pam tcp_wrappers dkms kernel_ppp_mppe ppp wget https://www.cnweed.com/usr/uploads/2015/08/pptpd-1.4.0-1.el6.$arch.rpm rpm -Uvh pptpd-1.4.0-1.el6.$arch.rpm mknod /dev/ppp c 108 0 echo 1 > /proc/sys/net/ipv4/ip_forward echo "mknod /dev/ppp c 108 0" >> /etc/rc.local echo "echo 1 > /proc/sys/net/ipv4/ip_forward" >> /etc/rc.local echo "localip 172.16.22.254" >> /etc/pptpd.conf echo "remoteip 172.16.22.1-253" >> /etc/pptpd.conf echo "ms-dns 8.8.8.8" >> /etc/ppp/options.pptpd echo "ms-dns 8.8.4.4" >> /etc/ppp/options.pptpd pass=`openssl rand 6 -base64` if [ "$1" != "" ] then pass=$1 fi echo "vpn pptpd ${pass} *" >> /etc/ppp/chap-secrets #iptables -t nat -A POSTROUTING -s 172.16.22.0/24 -j SNAT --to-source `ifconfig | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk 'NR==1 { print $1}'` #iptables -A FORWARD -p tcp --syn -s 172.16.22.0/24 -j TCPMSS --set-mss 1356 #service iptables save #chkconfig iptables on chkconfig pptpd on #service iptables restart service pptpd start echo "" echo "VPN service installed successfully, your VPN username is vpn, VPN password is ${pass}" echo "Please visit: http://www.cnweed.com" echo ""
保存。然后 csf -r 重启CSF防火墙,以及sh /root/pptpd6.sh 安装脚本
chmod 755 /root/pptpd6.sh csf -r sh /root/pptpd6.sh
注:如果ip_forward没有打开,可以直接修改/etc/sysctl.conf
net.ipv4.ip_forward=1
修改之后运行 sysctrl -p 使其生效
打开控制面板-管理工具,终端服务-终端服务配置
1、连接:RDP-tcp 点右键,属性。网络适配器-最大连接数,只允许1个。
2、终端服务器授权模式:点右键,属性。常规,限制每个用户只能使用一个会话,掉勾,确定。
3、防止恶搞,阻止远程用户终止控制台管理员
运行-gpedit.msc ,计算机配置-管理模板-Windows组件-终端服务。
终端服务器-连接。
配置:拒绝将已经登录到控制台会话的管理员注销,设置启用。
重启生效
参考:http://dengcunhong.blog.163.com/blog/static/28812917201242611115897/
Capri是一套商務的DirectAdmin主題,用的人應該不少,我個人也相當喜歡。
前段時間,作者已經將這套主題放到github開源了,並且去掉了function.php的license認證機制。
所以現在算是免費提供使用了,就如上圖所示,當然顯示的license就是github version的。
github地址:https://github.com/Terrorhawk/Capri
wget -O capri.sh http://localserver.flaxe.eu/Capri-install/capri.sh chmod +x capri.sh ./capri.sh
相關詳情請查看:
https://forum.directadmin.com/showthread.php?t=51079
转载:http://www.guyusoftware.com/2015-05-16-5921.html
一、安装hdparm
yum install hdparm -y
二、评估读取
SSD 硬盘,请使用hdparm命令进行读取测试。
hdparm -t /dev/sda1 L
SSH执行以上命令,可使用hdparm评估SSD的读取速率。
注意,“/dev/sda1”指的是对应磁盘的驱动号,请执行“fdisk -l”查看。
转载自:http://linux.it.net.cn/CentOS/server/2014/0226/332.html
添加到 configuration.php
$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR']; // 获取真实IP list($_SERVER['REMOTE_ADDR']) = explode(', ', $_SERVER['REMOTE_ADDR'], 2); // 可能通过多个代理,其中第一个为真实ip地址 $_SERVER['HTTP_X_FORWARDED_FOR'] = $_SERVER['REMOTE_ADDR']; // 添加到WHMCS IP变量
参考:http://www.365mini.com/page/php-get-real-client-ip.htm
Add the following lines to your /usr/local/directadmin/conf/directadmin.conf file:
/etc/init.d/directadmin restart
---
skip_databases_in_backups=1: This will exclude all MySQL databases during the backup process.
skip_domains_in_backups=1: This will exclude all domains (website files) during the backup process.
skip_imap_in_backups=1: This will exclude all email messages which are stored in user mailboxes during the backup process.
wget -c --referer=引用地址 -O 文件名 "真实下载地址"
In this section, we will analyze real-world examples of programs that
call the gethostbyname*() functions, but we first introduce a small test
program that checks whether a system is vulnerable or not:
[user@...ora-19 ~]$ cat > GHOST.c << EOF #include <netdb.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <errno.h> #define CANARY "in_the_coal_mine" struct { char buffer[1024]; char canary[sizeof(CANARY)]; } temp = { "buffer", CANARY }; int main(void) { struct hostent resbuf; struct hostent *result; int herrno; int retval; /*** strlen (name) = size_needed - sizeof (*host_addr) - sizeof (*h_addr_ptrs) - 1; ***/ size_t len = sizeof(temp.buffer) - 16*sizeof(unsigned char) - 2*sizeof(char *) - 1; char name[sizeof(temp.buffer)]; memset(name, '0', len); name[len] = '\0'; retval = gethostbyname_r(name, &resbuf, temp.buffer, sizeof(temp.buffer), &result, &herrno); if (strcmp(temp.canary, CANARY) != 0) { puts("vulnerable"); exit(EXIT_SUCCESS); } if (retval == ERANGE) { puts("not vulnerable"); exit(EXIT_SUCCESS); } puts("should not happen"); exit(EXIT_FAILURE); } EOF [user@...ora-19 ~]$ gcc GHOST.c -o GHOST On Fedora 19 (glibc-2.17): [user@...ora-19 ~]$ ./GHOST vulnerable On Fedora 20 (glibc-2.18): [user@...ora-20 ~]$ ./GHOST not vulnerable
修复漏洞
升级glibc库
RHEL/CentOS : sudo yum update glibc
Ubuntu : sudo apt-get update ; sudo apt-get install libc6
参考:http://www.openwall.com/lists/oss-security/2015/01/27/9