?? 1089.html
字號(hào):
<HTML><HEAD><TITLE>
linux知識(shí)寶庫/網(wǎng)絡(luò)安全/用LIDS增強(qiáng)Linux系統(tǒng)安全</TITLE>
<META http-equiv=content-type content="text/html; charset=gb2312">
<META content=linuxtips,linux,php,mysql,apache name=keywords>
<STYLE type=text/css>A:link {
COLOR: #666666; TEXT-DECORATION: underline
}
A:active {
COLOR: #666666; TEXT-DECORATION: underline
}
A:visited {
COLOR: #666666; TEXT-DECORATION: underline
}
A:hover {
COLOR: #708090; TEXT-DECORATION: none
}
.articletitle {
FONT-WEIGHT: bold; FONT-SIZE: 18px; COLOR: #335588; LINE-HEIGHT: 26px; FONT-FAMILY: trebuchet ms, arial, verdana, helvetica, sans-serif; TEXT-DECORATION: none
}
INPUT {
FONT-WEIGHT: normal; FONT-SIZE: 11px; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋體
}
TEXTAREA {
FONT-WEIGHT: normal; FONT-SIZE: 11px; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋體
}
.bginput {
BORDER-RIGHT: #999999 1px solid; BORDER-TOP: #999999 1px solid; FONT-SIZE: 8pt; BORDER-LEFT: #999999 1px solid; BORDER-BOTTOM: #999999 1px solid; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; BACKGROUND-COLOR: #f9f9f9
}
.text {
BORDER-RIGHT: #cccccc 1px solid; BORDER-TOP: #666666 1px solid; BORDER-LEFT: #666666 1px solid; BORDER-BOTTOM: #cccccc 1px solid
}
SELECT {
FONT-WEIGHT: normal; FONT-SIZE: 12px; COLOR: #000000; FONT-FAMILY: 宋體; BACKGROUND-COLOR: #ffffff
}
.firstalt {
BACKGROUND-COLOR: #eeeeee
}
.secondalt {
BACKGROUND-COLOR: #ffffff
}
.bigfont {
FONT-SIZE: 45px; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋體
}
.normalfont {
FONT-SIZE: 12px; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋體
}
.middlefont {
FONT-SIZE: 11px; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋體
}
.smallfont {
FONT-SIZE: 9px; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋體
}
.smallbold {
FONT-WEIGHT: bold; COLOR: #000000
}
.articletitle {
FONT-WEIGHT: bold; FONT-SIZE: 18px; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋體
}
.subhead {
FONT-WEIGHT: bold; FONT-SIZE: 13px; COLOR: #006699; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋體
}
#content A:link {
COLOR: #3366cc; TEXT-DECORATION: underline
}
#content A:active {
COLOR: #3366cc; TEXT-DECORATION: underline
}
#content A:visited {
COLOR: #3366cc; TEXT-DECORATION: underline
}
#content A:hover {
COLOR: #9966cc; TEXT-DECORATION: none
}
.content {
FONT-SIZE: 14px; LINE-HEIGHT: 130%; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋體
}
.titlefont {
FONT-SIZE: 12px; COLOR: #ffffff; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋體
}
.bodyline {
BORDER-RIGHT: #aebdc4 1px solid; BORDER-TOP: #aebdc4 1px solid; BORDER-LEFT: #aebdc4 1px solid; BORDER-BOTTOM: #aebdc4 1px solid; BACKGROUND-COLOR: #ffffff
}
.cattitle {
FONT-WEIGHT: bold; FONT-SIZE: 12px; COLOR: #000000; LETTER-SPACING: 1px
}
.tableoutline {
BORDER-RIGHT: #c4c4c4 1px solid; BORDER-TOP: #c4c4c4 1px solid; BORDER-LEFT: #c4c4c4 1px solid; BORDER-BOTTOM: #c4c4c4 1px solid
}
.root_td {
PADDING-LEFT: 5px; FONT-WEIGHT: bold; FONT-SIZE: 12px; FONT-FAMILY: Verdana; HEIGHT: 22px; BACKGROUND-COLOR: #ffffff; font-color: #000000
}
.child_td {
PADDING-RIGHT: 10px; PADDING-LEFT: 10px; FONT-SIZE: 12px; PADDING-BOTTOM: 3px; COLOR: #000000; FONT-FAMILY: Verdana; HEIGHT: 22px; BACKGROUND-COLOR: #f5f5f5; TEXT-DECORATION: underline
}
#cattitle A:link {
COLOR: #000000; TEXT-DECORATION: none
}
#cattitle A:visited {
COLOR: #000000; TEXT-DECORATION: none
}
#cattitle A:active {
COLOR: #000000; TEXT-DECORATION: none
}
#cattitle A:hover {
COLOR: #000000; TEXT-DECORATION: none
}
</STYLE>
<SCRIPT language=JavaScript type=text/javascript>
<!--
if (parent.frames.length > 0) {
parent.location.href = self.document.location
}
function ToggleNode(nodeObject, imgObject){
if(nodeObject.style.display == '' || nodeObject.style.display == 'inline'){
nodeObject.style.display = 'none';
imgObject.src = 'images/plus.gif'/*tpa=http://www.linuxhero.com/docs/images/plus.gif*/;
}else{
nodeObject.style.display = 'inline';
imgObject.src = 'images/minus.gif'/*tpa=http://www.linuxhero.com/docs/images/minus.gif*/;
}
}
-->
</SCRIPT>
<BODY text=#000000 bgColor=#ffffff leftMargin=0 topMargin=0 marginwidth="0"
marginheight="0">
<CENTER>
<TABLE cellSpacing=0 cellPadding=0 width="100%" border=0>
<TR>
<TD vAlign=top>
<TABLE cellSpacing=0 cellPadding=0 width="100%" border=0>
<TBODY>
<TR>
<TD><IMG height=1 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=296
border=0></TD>
<TD><IMG height=1 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=76
border=0></TD>
<TD><IMG height=1 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=100
border=0></TD>
<TD><IMG height=1 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=98
border=0></TD>
<TD><IMG height=1 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=79
border=0></TD>
<TD><IMG height=1 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=103
border=0></TD>
<TD><IMG height=1 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=26
border=0></TD>
<TD><IMG height=1 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=1
border=0></TD></TR>
<TR>
<TD colSpan=3><A title=linux知識(shí)寶庫
href="index.html" tppabs="http://www.linuxhero.com/docs/index.html"><IMG height=83
src="images/header_r1_c1.gif" tppabs="http://www.linuxhero.com/docs/images/header_r1_c1.gif" width=472 border=0
name=header_r1_c1></A></TD>
<TD colSpan=3>
<form action="http://www.linuxhero.com/docs/search.html" method=get>
<table
style="BORDER-RIGHT: #c4c4c4 1px solid; BORDER-TOP: #c4c4c4 1px solid; BORDER-LEFT: #c4c4c4 1px solid; BORDER-BOTTOM: #c4c4c4 1px solid"
cellspacing=0 cellpadding=3 width="95%" border=0 align="center">
<tbody>
<tr>
<td noWrap background="images/bgline.gif" tppabs="http://www.linuxhero.com/docs/images/bgline.gif">
<div align=center><font class=normalfont>搜索文章:
<input type=hidden value=result name=action2>
<input type=radio checked value=title name=type>標(biāo)題
<input type=radio value=content name=type>內(nèi)容
<input type=image src="images/button_go.gif" tppabs="http://www.linuxhero.com/docs/images/button_go.gif" border=0 name=image2>
</font></div>
</td>
</tr>
<tr>
<td noWrap>
<div align="center">
<input maxlength=100 size=30 name=keyword2>
</div>
</td>
</tr></tbody>
</table>
</form>
</TD>
<TD rowSpan=2><IMG src="images/header_r1_c7.gif" tppabs="http://www.linuxhero.com/docs/images/header_r1_c7.gif" width=26 border=0 name=header_r1_c7></TD>
<TD><IMG height=83 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=1 border=0></TD></TR>
<TR>
<TD background="images/bgline.gif" tppabs="http://www.linuxhero.com/docs/images/bgline.gif"><IMG height=22
src="images/header_r2_c1.gif" tppabs="http://www.linuxhero.com/docs/images/header_r2_c1.gif" width=296 border=0
name=header_r2_c1></TD>
<TD background="images/bgline.gif" tppabs="http://www.linuxhero.com/docs/images/bgline.gif" colSpan=5>
<DIV align=right><FONT class=normalfont>當(dāng)前位置:
<A href="index.html" tppabs="http://www.linuxhero.com/docs/index.html">本站首頁</A>
<font color="#FF6699">>></font>
<A href="type15.html" tppabs="http://www.linuxhero.com/docs/type15.html">網(wǎng)絡(luò)安全</A> | <A href="copyright.html" tppabs="http://www.linuxhero.com/docs/copyright.html">版權(quán)說明</A></font></DIV>
</TD>
<TD><IMG height=22 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=1
border=0></TD></TR></TBODY></TABLE>
<TABLE cellSpacing=10 cellPadding=0 width="100%" bgColor=#ffffff
border=0>
<TR>
<TD>
<TABLE cellSpacing=0 cellPadding=3 width="100%" border=0>
<TR>
<TD vAlign=top align=middle width="60%">
<TABLE cellSpacing=0 cellPadding=0 width="100%"
background="images/back.gif" tppabs="http://www.linuxhero.com/docs/images/back.gif" border=0>
<TBODY>
<TR>
<TD vAlign=top width="80%">
<DIV align=center>
<FORM action="search.html" tppabs="http://www.linuxhero.com/docs/search.html" method=get>
</FORM>
<TABLE cellSpacing=0 cellPadding=0 width="95%"
border=0><TBODY>
<TR>
<TD background="images/bgi.gif" tppabs="http://www.linuxhero.com/docs/images/bgi.gif"
height=30></TD></TR></TBODY></TABLE>
<TABLE cellSpacing=0 cellPadding=3 width="95%"
align=center border=0>
<TBODY>
<TR>
<TD>
<TABLE cellSpacing=0 cellPadding=3 width="100%"
border=0>
<TBODY>
<TR>
<TD vAlign=top>
<p><FONT class=normalfont><B><font color=blue>用LIDS增強(qiáng)Linux系統(tǒng)安全</font></B></FONT><BR><FONT class=smallfont color=#ff9900>2004-04-23 15:18 pm</FONT><BR><FONT class=normalfont>作者:作者<br>來自:Linux知識(shí)寶庫<br>聯(lián)系方式:無名<br><br>LIDS( Linux入侵偵察系統(tǒng))是Linux內(nèi)核補(bǔ)丁和系統(tǒng)管理員工具(lidsadm),它加強(qiáng)了Linus內(nèi)核。 它在內(nèi)核中實(shí)現(xiàn)了一種安全模式 -- 參考模式以及內(nèi)核中的Mandatory Access Contro l(命令進(jìn)入控制)模式。本文將闡述LIDS的功能和如何使用它來建立一個(gè)安全的Linux系統(tǒng)。<br>
<br>
1. 為什么選擇LIDS<br>
<br>
隨著互連網(wǎng)上Linux越來越受歡迎 ,越來越多現(xiàn)有GNU/LINUX系統(tǒng)上的應(yīng)用軟件中的安全漏洞被發(fā)現(xiàn)。很多程序利用了程序員的粗心,例如緩存溢出、格式化代碼攻擊。當(dāng)系統(tǒng)安全受到程序的危及,黑客獲得ROOT權(quán)限以后,整個(gè)系統(tǒng)將被入侵者控制。<br>
<br>
由于代碼的開放性,我們可以獲得很多所希望Linux應(yīng)用程序的原代碼,并且根據(jù)我們的需要來修改。所以bug能很容易地被找到,并很快修補(bǔ)。但是當(dāng)漏洞被揭示后,而系統(tǒng)管理員疏于給漏洞打補(bǔ)丁,從而造成很容易地就被入侵,更糟的是黑客能獲得ROOT SHELL。利用現(xiàn)有的GNU/Linux系統(tǒng),他為所欲為。這正是LIDS想要解決的問題。<br>
<br>
首先看看現(xiàn)有的GNU/Linux系統(tǒng)存在哪些問題。<br>
<br>
文件系統(tǒng)未受到保護(hù)<br>
<br>
系統(tǒng)中的很多重要的文件,例如 /bin/login,一旦黑客入侵后,他可以上傳修改過的l<br>
ogin文件來代替/bin/login ,然后他就可以不需要任何登陸名和密碼就登陸系統(tǒng)。這常被稱<br>
為Trojan house。<br>
<br>
進(jìn)程未受到保護(hù)<br>
<br>
系統(tǒng)上運(yùn)行的進(jìn)程是為某些系統(tǒng)功能所服務(wù)的,例如HTTPD是一個(gè)web服務(wù)器來滿足遠(yuǎn)程客戶端對于web的需求。作為web服務(wù)器系統(tǒng),保護(hù)其進(jìn)程不被非法終止是很重要的。但是當(dāng)入侵者獲得了ROOT權(quán)限后,我們卻無能為力。<br>
<br>
系統(tǒng)管理未受保護(hù)<br>
<br>
?? 快捷鍵說明
復(fù)制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號(hào)
Ctrl + =
減小字號(hào)
Ctrl + -