·ÀÓùÍøÂç¹¥»÷µÄÀûÆ÷£ºLinuxÏÂÁîµÄÔËÓÃ
·ÀÓùÍøÂç¹¥»÷µÄÀûÆ÷£ºLinuxÏÂÁîµÄÔËÓÃ
ÍøÂç¹¥»÷ÒѳÉΪµ±½ñ»¥ÁªÍøʱ´úµÄÒ»´óÌôÕ½¡£ÎªÁ˱£»¤Ð¡ÎÒ˽ÈË¡¢×éÖ¯ºÍÆóÒµµÄÍøÂçÇå¾²£¬ÎÒÃÇÐèÒªÕÆÎÕһЩ·ÀÓùÍøÂç¹¥»÷µÄÀûÆ÷¡£¶øÔÚLinuxϵͳÖУ¬Ðí¶àÇ¿Ê¢µÄÏÂÁî¿ÉÒÔ×ÊÖúÎÒÃÇÌá¸ßÍøÂçÇå¾²ÐÔ¡£±¾ÎĽ«ÏÈÈݼ¸¸ö³£ÓõÄLinuxÏÂÁ²¢ÌṩÏìÓ¦µÄ´úÂëʾÀý£¬×ÊÖú¶ÁÕ߸üºÃµØÃ÷È·ºÍÔËÓÃÕâЩÏÂÁî¡£
Éó²éÍøÂçÅþÁ¬
netstat -an
µÇ¼ºó¸´ÖÆ
netstatÏÂÁîÓÃÓÚÉó²éϵͳµÄÍøÂçÅþÁ¬×´Ì¬¡£Í¨¹ýÍŽá²ÎÊý¡°-an¡±£¬ÎÒÃÇ¿ÉÒÔ»ñȡϵͳĿ½ñµÄËùÓÐÍøÂçÅþÁ¬ºÍ¶Ë¿ÚµÄʹÓÃÇéÐΡ£Õâ¹ØÓÚʵʱ¼à¿ØÍøÂçÔ˶¯ºÍ¼ì²âÒì³£ÅþÁ¬ºÜÊÇÓÐÓá£
·À»ðǽÉèÖÃ
iptables
µÇ¼ºó¸´ÖÆ
iptablesÏÂÁîÓÃÓÚÉèÖÃLinuxϵͳµÄ·À»ðǽ¡£Í¨¹ýÌí¼Ó¹æÔò£¬ÎÒÃÇ¿ÉÒÔÏÞÖÆÌض¨¶Ë¿Ú»òIPµÄ»á¼û¡¢ÆÁÕ϶ñÒâÁ÷Á¿ºÍ×èֹδ¾ÊÚȨµÄ»á¼û¡£ÀýÈ磬ÒÔÏ´úÂëÓÃÓÚ×èÖ¹À´×ÔIPµØµãΪ192.168.1.100µÄÖ÷ʱ»ú¼û80¶Ë¿Ú£º
iptables -A INPUT -s 192.168.1.100 -p tcp --dport 80 -j DROP
µÇ¼ºó¸´ÖÆ
ÏÞÖÆÍøÂç´ø¿í
tc
µÇ¼ºó¸´ÖÆ
tcÏÂÁîÓÃÓÚÉèÖÃLinuxϵͳµÄÁ÷Á¿¿ØÖÆ¡£Í¨¹ýÏÞÖÆÍøÂç´ø¿í£¬ÎÒÃÇ¿ÉÒÔ×èÖ¹ÍøÂçÓµÈûºÍDoS¹¥»÷¡£ÒÔÏ´úÂ뽫ÍøÂç½Ó¿Úeth0µÄÊä³ö´øÍÑÆÚÖÆΪ1Mbps£º
tc qdisc add dev eth0 root tbf rate 1mbit burst 10k latency 70ms
µÇ¼ºó¸´ÖÆ
Éó¼ÆÈÕÖ¾ÆÊÎö
auditd
µÇ¼ºó¸´ÖÆ
auditdÊÇLinuxϵͳµÄÉó¼ÆÈÕÖ¾¹¤¾ß¡£Í¨¹ýÆôÓÃÉó¼Æ¹¦Ð§£¬ÎÒÃÇ¿ÉÒԼͼϵͳµÄÖÖÖÖÊÂÎñºÍ²Ù×÷£¬°üÀ¨Óû§µÇ¼¡¢ÎļþÐ޸ġ¢Àú³ÌÆôÍ£µÈ¡£ÒÔÏ´úÂëÆôÓÃÉó¼Æ¹¦Ð§²¢½«ÈÕÖ¾¼Í¼ÔÚ/var/log/audit/Ŀ¼Ï£º
systemctl enable auditd.service
µÇ¼ºó¸´ÖÆ
ÍøÂçÁ÷Á¿ÆÊÎö
tcpdump
µÇ¼ºó¸´ÖÆ
tcpdumpÏÂÁîÓÃÓÚ²¶»ñÍøÂçÁ÷Á¿Êý¾Ý°ü¡£Í¨Ì«¹ýÎöÍøÂçÁ÷Á¿£¬ÎÒÃÇ¿ÉÒÔ¼ì²â¶ñÒâÐÐΪ¡¢Ê¶±ðÍøÂç¹¥»÷ºÍ»ñÈ¡ÓмÛÖµµÄÐÅÏ¢¡£ÒÔÏ´úÂëÓÃÓÚ²¶»ñÀ´×ÔIPµØµãΪ192.168.1.100µÄÖ÷»úµÄËùÓÐÍøÂçÁ÷Á¿£º
tcpdump host 192.168.1.100
µÇ¼ºó¸´ÖÆ
ϵͳÇå¾²¼Ó¹Ì
chmod
µÇ¼ºó¸´ÖÆ
chmodÏÂÁîÓÃÓÚÐÞ¸ÄÎļþ»òĿ¼µÄȨÏÞ¡£Í¨¹ý׼ȷÉèÖÃÎļþºÍĿ¼µÄȨÏÞ£¬ÎÒÃÇ¿ÉÒÔ×èֹδÊÚȨ»á¼ûºÍ¶ñÒâÈí¼þµÄ¹¥»÷¡£ÒÔÏ´úÂ뽫Îļþtest.txtµÄËùÓÐÕßµÄдȨÏ޹رգº
chmod u-w test.txt
µÇ¼ºó¸´ÖÆ
³ýÁËÉÏÊöÏÂÁÉÐÓÐÐí¶àÆäËûÓÐÓõÄLinuxÏÂÁî¿ÉÒÔÓÃÓÚ·ÀÓùÍøÂç¹¥»÷¡£Ê¹ÓÃÕâЩÏÂÁîʱ£¬ÇëÎñ±Ø×ÐϸÔĶÁËüÃǵÄÎĵµºÍʹÓÃ˵Ã÷£¬²¢È·±£ÔÚ׼ȷµÄÇéÐÎÖоÙÐвâÊÔºÍÔËÐС£
½áÓï
ÍøÂç¹¥»÷¶ÔСÎÒ˽ÈË¡¢×éÖ¯ºÍÆóÒµµÄÍøÂçÇå¾²×é³ÉÁ˼«´óµÄÍþв¡£Í¨¹ýÊìÁ·ÕÆÎÕºÍÔËÓÃLinuxϵͳÖеÄһЩǿʢÏÂÁÎÒÃÇ¿ÉÒÔ¸üºÃµØ±£»¤ÍøÂçÇå¾²£¬Ìá¸ß·ÀÓùÄÜÁ¦¡£È»¶ø£¬·ÀÓùÍøÂç¹¥»÷ÐèÒª¶àÌõÀí¡¢È«·½Î»µÄ·À»¤Õ½ÂÔ£¬²¢ÇÒÐèÒª°´ÆÚ¸üк͵÷½â¡£Ö»ÓÐһֱѧϰºÍ̽Ë÷£¬ÎÒÃDzŻª¸üºÃµØÓ¦¶ÔÍøÂçÇå¾²µÄÌôÕ½¡£
ÒÔÉϾÍÊÇ·ÀÓùÍøÂç¹¥»÷µÄÀûÆ÷£ºLinuxÏÂÁîµÄÔËÓõÄÏêϸÄÚÈÝ£¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡