• xinetd的两个实验


    参考文章:http://blog.sina.com.cn/s/blog_88cdde9f01019fg5.html

    xinetd练习一:利用xinetd设置sensor陷阱,隔离恶意访问


    1.检查是否有这几个包
    [root@linuxclient ~]# rpm -qa|grep rsh-server
    rsh-server-0.17-60.el6.i686
    [root@linuxclient ~]# rpm -qa|grep rsh
    rsh-server-0.17-60.el6.i686
    rsh-0.17-60.el6.i686
    [root@linuxclient ~]# rpm -qa|grep telnet-server
    telnet-server-0.17-46.el6.i686
    [root@linuxclient ~]# rpm -qa|grep telnet
    telnet-0.17-46.el6.i686
    telnet-server-0.17-46.el6.i686


    2.让他们启动
    [root@linuxclient ~]# chkconfig rlogin on
    [root@linuxclient ~]# chkconfig rsh on
    [root@linuxclient ~]# chkconfig telnet on


    3.修改配置文件
    service login
    {
            disable = no
            socket_type             = stream
            wait                    = no
            user                    = root
            log_on_success          += USERID
            log_on_failure          += USERID
            server                  = /usr/sbin/in.rlogind
            flags                   = SENSOR
            deny_time               = forever
    }
    之前的telnet不通,可以去关闭防火墙(这个东西很虐人啊,好多次都是因为它弄的要死要活的,所以这次还是我机智,关了它)
    [root@linuxserver Desktop]# telnet 192.168.70.150
    Trying 192.168.70.150...
    Connected to 192.168.70.150 (192.168.70.150).
    Escape character is '^]'.
    Red Hat Enterprise Linux Server release 6.0 (Santiago)
    Kernel 2.6.32-71.el6.i686 on an i686
    login: qys
    Password: 
    Last login: Sat Dec 19 00:35:55 from 192.168.70.1


    4.重新启动生效

    [root@linuxclient ~]# /etc/init.d/xinetd restart
    Stopping xinetd:                                           [  OK  ]
    Starting xinetd:                                           [  OK  ]


    5.客户端测试
    [root@linuxserver Desktop]# rlogin 192.168.70.150
    connect to address 192.168.70.150 port 543: Connection refused
    trying normal rlogin (/usr/bin/rlogin)
    rcmd: 192.168.70.150: Connection reset by peer


    6.解释
    原因是:xinetd服务实际上是监听了rlogin-server的端口,由于带有flags=SENSOR标记,sensor会记录客户ip并将其添加到针对全局的no-access列表中去,所以恶意的访问都不能访问xinetd托管的服务了

    实验二:建立自定义xinetd托管服务


    前提:关掉防火墙

    1.自定义一个服务(别忘了要编译):
    [root@linuxclient Desktop]# cat /tmp/hello.c 
    #include<stdio.h>
    int main(){
    printf("hello,buddy! ");
    return 0;
    }


    2.在xinetd.d里面新添加一个文件,名叫hello_server
    [root@linuxclient Desktop]# cat /etc/xinetd.d/hello_server 
    #cp telnet hello
    #vim hello


    service hello_server
    {
    disable = no
    flags = REUSE
    socket_type = stream
    wait = no
    user = root
    server = /tmp/hello
    log_on_failure+=USERID
    port = 9015
    }


    3.将新建的服务加到/etc/services里面去
    [root@linuxclient Desktop]# cat /etc/services |grep 9015
    hello_server 9015/tcp


    4.重启xinetd服务
    5.查看9015是否开启
    [root@linuxclient Desktop]# netstat -tnlp|grep 9015
    tcp        0      0 :::9015                     :::*                        LISTEN      2254/xinetd   
    6.测试:
    [root@linuxserver Desktop]# telnet 192.168.70.150 9015
    Trying 192.168.70.150...
    Connected to 192.168.70.150 (192.168.70.150).
    Escape character is '^]'.
    hello,buddy!
    Connection closed by foreign host.

  • 相关阅读:
    ranorex
    vue.js
    逻辑思维
    laravel-luntan
    python学习--基础
    git
    Laravel-高级篇-Auth-数据迁移-数据填充
    Laravel-高级篇-Artisan
    Laravel-表单篇-零散信息
    Laravel-表单篇-controller
  • 原文地址:https://www.cnblogs.com/qysqys/p/5059657.html
Copyright © 2020-2023  润新知