xinetd的两个实验
2015-12-19 19:46
239 查看
参考文章:http://blog.sina.com.cn/s/blog_88cdde9f01019fg5.html
xinetd练习一:利用xinetd设置sensor陷阱,隔离恶意访问
1.检查是否有这几个包
[root@linuxclient ~]# rpm -qa|grep rsh-server
rsh-server-0.17-60.el6.i686
[root@linuxclient ~]# rpm -qa|grep rsh
rsh-server-0.17-60.el6.i686
rsh-0.17-60.el6.i686
[root@linuxclient ~]# rpm -qa|grep telnet-server
telnet-server-0.17-46.el6.i686
[root@linuxclient ~]# rpm -qa|grep telnet
telnet-0.17-46.el6.i686
telnet-server-0.17-46.el6.i686
2.让他们启动
[root@linuxclient ~]# chkconfig rlogin on
[root@linuxclient ~]# chkconfig rsh on
[root@linuxclient ~]# chkconfig telnet on
3.修改配置文件
service login
{
disable = no
socket_type = stream
wait = no
user = root
log_on_success += USERID
log_on_failure += USERID
server = /usr/sbin/in.rlogind
flags = SENSOR
deny_time = forever
}
之前的telnet不通,可以去关闭防火墙(这个东西很虐人啊,好多次都是因为它弄的要死要活的,所以这次还是我机智,关了它)
[root@linuxserver Desktop]# telnet 192.168.70.150
Trying 192.168.70.150...
Connected to 192.168.70.150 (192.168.70.150).
Escape character is '^]'.
Red Hat Enterprise Linux Server release 6.0 (Santiago)
Kernel 2.6.32-71.el6.i686 on an i686
login: qys
Password:
Last login: Sat Dec 19 00:35:55 from 192.168.70.1
4.重新启动生效
[root@linuxclient ~]# /etc/init.d/xinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
5.客户端测试
[root@linuxserver Desktop]# rlogin 192.168.70.150
connect to address 192.168.70.150 port 543: Connection refused
trying normal rlogin (/usr/bin/rlogin)
rcmd: 192.168.70.150: Connection reset by peer
6.解释
原因是:xinetd服务实际上是监听了rlogin-server的端口,由于带有flags=SENSOR标记,sensor会记录客户ip并将其添加到针对全局的no-access列表中去,所以恶意的访问都不能访问xinetd托管的服务了
实验二:建立自定义xinetd托管服务
前提:关掉防火墙
1.自定义一个服务(别忘了要编译):
[root@linuxclient Desktop]# cat /tmp/hello.c
#include<stdio.h>
int main(){
printf("hello,buddy!\n");
return 0;
}
2.在xinetd.d里面新添加一个文件,名叫hello_server
[root@linuxclient Desktop]# cat /etc/xinetd.d/hello_server
#cp telnet hello
#vim hello
service hello_server
{
disable
= no
flags = REUSE
socket_type
= stream
wait = no
user = root
server
= /tmp/hello
log_on_failure
+=USERID
port = 9015
}
3.将新建的服务加到/etc/services里面去
[root@linuxclient Desktop]# cat /etc/services |grep 9015
hello_server 9015/tcp
4.重启xinetd服务
5.查看9015是否开启
[root@linuxclient Desktop]# netstat -tnlp|grep 9015
tcp 0 0 :::9015 :::* LISTEN 2254/xinetd
6.测试:
[root@linuxserver Desktop]# telnet 192.168.70.150 9015
Trying 192.168.70.150...
Connected to 192.168.70.150 (192.168.70.150).
Escape character is '^]'.
hello,buddy!
Connection closed by foreign host.
xinetd练习一:利用xinetd设置sensor陷阱,隔离恶意访问
1.检查是否有这几个包
[root@linuxclient ~]# rpm -qa|grep rsh-server
rsh-server-0.17-60.el6.i686
[root@linuxclient ~]# rpm -qa|grep rsh
rsh-server-0.17-60.el6.i686
rsh-0.17-60.el6.i686
[root@linuxclient ~]# rpm -qa|grep telnet-server
telnet-server-0.17-46.el6.i686
[root@linuxclient ~]# rpm -qa|grep telnet
telnet-0.17-46.el6.i686
telnet-server-0.17-46.el6.i686
2.让他们启动
[root@linuxclient ~]# chkconfig rlogin on
[root@linuxclient ~]# chkconfig rsh on
[root@linuxclient ~]# chkconfig telnet on
3.修改配置文件
service login
{
disable = no
socket_type = stream
wait = no
user = root
log_on_success += USERID
log_on_failure += USERID
server = /usr/sbin/in.rlogind
flags = SENSOR
deny_time = forever
}
之前的telnet不通,可以去关闭防火墙(这个东西很虐人啊,好多次都是因为它弄的要死要活的,所以这次还是我机智,关了它)
[root@linuxserver Desktop]# telnet 192.168.70.150
Trying 192.168.70.150...
Connected to 192.168.70.150 (192.168.70.150).
Escape character is '^]'.
Red Hat Enterprise Linux Server release 6.0 (Santiago)
Kernel 2.6.32-71.el6.i686 on an i686
login: qys
Password:
Last login: Sat Dec 19 00:35:55 from 192.168.70.1
4.重新启动生效
[root@linuxclient ~]# /etc/init.d/xinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
5.客户端测试
[root@linuxserver Desktop]# rlogin 192.168.70.150
connect to address 192.168.70.150 port 543: Connection refused
trying normal rlogin (/usr/bin/rlogin)
rcmd: 192.168.70.150: Connection reset by peer
6.解释
原因是:xinetd服务实际上是监听了rlogin-server的端口,由于带有flags=SENSOR标记,sensor会记录客户ip并将其添加到针对全局的no-access列表中去,所以恶意的访问都不能访问xinetd托管的服务了
实验二:建立自定义xinetd托管服务
前提:关掉防火墙
1.自定义一个服务(别忘了要编译):
[root@linuxclient Desktop]# cat /tmp/hello.c
#include<stdio.h>
int main(){
printf("hello,buddy!\n");
return 0;
}
2.在xinetd.d里面新添加一个文件,名叫hello_server
[root@linuxclient Desktop]# cat /etc/xinetd.d/hello_server
#cp telnet hello
#vim hello
service hello_server
{
disable
= no
flags = REUSE
socket_type
= stream
wait = no
user = root
server
= /tmp/hello
log_on_failure
+=USERID
port = 9015
}
3.将新建的服务加到/etc/services里面去
[root@linuxclient Desktop]# cat /etc/services |grep 9015
hello_server 9015/tcp
4.重启xinetd服务
5.查看9015是否开启
[root@linuxclient Desktop]# netstat -tnlp|grep 9015
tcp 0 0 :::9015 :::* LISTEN 2254/xinetd
6.测试:
[root@linuxserver Desktop]# telnet 192.168.70.150 9015
Trying 192.168.70.150...
Connected to 192.168.70.150 (192.168.70.150).
Escape character is '^]'.
hello,buddy!
Connection closed by foreign host.
相关文章推荐
- 0成本网站推广方法也是很有爱滴!
- 开源史上最成功的八个开源软件
- 指针知识总结
- Linux 文件 & 目录
- 移动互联网潮流下改变了消费者哪些习惯
- 数据结构之——用C++实现邻接表的DFS与BFS
- VBA记录当前系统时间并精确到毫秒
- 滚滚滚滚滚滚滚滚滚
- nginx使用问题记录
- 板块布局黄金视线分布法
- 单链表的建立(链式存储)
- 2015/12/19 FFC2
- 汇编与栈帧学习(一)
- Trie UVA 11732 "strcmp()" Anyone?
- 网站建设使用创意布局设计的优势
- 黑客应用之:ping命令(1)
- nodejs使用connect-mongodb报错(Please ensure that you set the default write concern)
- hdoj 免费馅饼 1176 (DP)
- 你的互联网收入停滞不前是否和这些习惯有关
- 把时间留给最重要的事情