- 博客(108)
- 资源 (2)
- 收藏
- 关注
RSS订阅转载 shred
shred - delete a file securely, first overwriting it to hide its contents SYNOPSISshred [OPTIONS] FILE [...] DESCRIPTIONOverwrite the specified FILE(s) repeatedly, in order to make it harde
2009-09-30 10:20:00
914
转载 WYWZ控制台 V4.00(完全清除系统所有痕迹)中文免费版
http://www.jfsky.com/SoftView/SoftView_18022.html
2009-09-30 10:17:00
870
转载 WinRAR v3.80 - ZIP Filename Spoofing
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1 +------------------------------------------------------------------------+| ....... |
2009-09-30 09:12:00
1205
原创 FlatPress 0.804-0.812.1 Local File Inclusion to Remote Command Execution
Security Advisory FlatPress 0.804-0.812.1 Local File Inclusion to Remote Command Execution Researcher Information Discovered by: Giuseppe `Zmax` Fuggiano Website: http://www.giusef.net Conta
2009-09-30 09:11:00
1566
转载 Modifying SSH to Capture Login Credentials from Attackers
If youve ever had your SSH server dictionary attacked and wondered what usernames / passwords the attackers were trying... Ive posted detailed instructions on modifying openssh on Ubuntu 9.04 in ord
2009-09-30 09:07:00
752
转载 Linux 测试工具
功能测试压力测试工具,如ab、LoadRunner等内存泄漏检测工具静态检测工具,如splint、PC-LINT等动态检测工具,如valgrind, Rational purify等性能分析工具,如gprof Benchmark Factory 存储:lustre,hadoop,pNFS, Moosefs,GFS,DFS, Storage X, Rainfinity
2009-09-29 16:19:00
837
转载 Windows Services for UNIX Version 3.5
Microsoft Windows Services for UNIX (SFU) 3.5 产品是一个软件包集合,适用于需要使用 Windows 平台的 UNIX 用户和管理员。 此软件包中包含的跨平台网络服务可让您将基于 Windows 和 UNIX 的环境集成在一起。 download:http://www.microsoft.com/downloads/details.aspx?Fa
2009-09-29 15:43:00
3906
转载 Metasploit 3.3 Development Updates
The last 48 hours has been a whirlwind of development at the Metasploit Project as we prepare for the 3.3 stable release. Efrain Torres completed the screenshot feature of the espia Metepreter module.
2009-09-29 09:39:00
864
转载 安全工具集合
1.Campagnol VPN分布式VPN部署系统Campagnol 是一个分布式基于IP的 VPN程序,可以无配置的直接透过防火墙和 NATs,使用的是传输层的 UDP开发语言: C/C++ 项目主页: http://campagnol.sourceforge.net/ 文档地址: http://campagnol.sourceforge.net/manual.php 下载地
2009-09-29 09:15:00
1289
转载 metasploit-unleashed
http://www.offensive-security.com/metasploit-unleashed/
2009-09-29 09:01:00
765
转载 “Cache-control”常见的取值有private、no-cache、max-age、must-revalidate等
网页的缓存是由HTTP消息头中的“Cache-control”来控制的,常见的取值有private、no-cache、max-age、must-revalidate等,默认为private。其作用根据不同的重新浏览方式分为以下几种情况:(1) 打开新窗口如果指定cache-control的值为private、no-cache、must-revalidate,那么打开新窗口访问时都会重新访问服务器。
2009-09-28 16:24:00
1003
转载 Setting Up A High-Availability Load Balancer With HAProxy/Keepalived On Debian Lenny
http://www.howtoforge.com/setting-up-a-high-availability-load-balancer-with-haproxy-keepalived-on-debian-lenny
2009-09-28 14:28:00
633
转载 haproxy
http://www.igvita.com/2008/05/13/load-balancing-qos-with-haproxy/
2009-09-28 11:48:00
538
转载 关于php5.*后的时区问题 date_default_timezone_set ();
问题:php函数date("Y-n-d H-i-s"); 输出的时间与当地时间相差8个小时.解决思路:北京时间是东8区,可能是时区问题.但是此前都没问题啊,经过google发现原来从php5.1.0开始,php.ini里加入了 date.timezone这个选项,默认情况下是关闭的,也就是显示的时间(无论用什么php命令)都是格林威治标准时间,和我们的时间(北京时间)差 了正好8个小时。知道了问题
2009-09-28 10:22:00
1688
转载 PHP文件上传源码分析(RFC1867)
文件上传,一般分为俩种方式FTP和HTTP, 对于我们的互联网应用来说: FTP上传虽然传输稳定, 但是易用性和安全性都是个问题. 你总不至于在用户要上传头像的时候告诉用户”请打开FTP客户端,上传文件到http://www.laruence.com/uploads/中, 并以2dk433423l.jpg命名”吧? 而基于HTTP的上传,相对来说易用性和安全性上就比FTP要增强了很多. 可以应
2009-09-28 09:58:00
727
转载 OSSIM 2.1 - Multiple security vulnerabilities
OSSIM - Open Source Security Information Management is vulnerable to multiple security vulnerabilities.1. SQL Injections2. Linked XSS3. Unauthorized accessDigital Security Research Group [DSecRG] Advi
2009-09-28 09:14:00
845
转载 List of Windows Auto Start Locations
This is a list of auto-start locations that malware’s normally use to restart themselves on a system reboot. It was with us since the time we basically started working on malware analysis.We have tr
2009-09-28 09:08:00
906
转载 PCI DSS Update Could Include Virtualization Security(转载自baoz)
PCI DSS这次升级主要关注虚拟环境安全。 PCI Virtualization Special Interest Group (SIG) is drafting guidelines and a mapping tool for applying PCI to virtualized systems.The PCI Data Security Standard (PCI DSS)
2009-09-28 09:03:00
620
转载 利用binlog来恢复数据库
http://bbs.kaspersky.com.cn/thread-287149-1-1.html开发库和线上表结构有很多不一样,分表个数也不同,我需要重新整理保持开发库和线上一致,之前已经告知开发数据是否允许丢失,开发说数据可以不要了,直接丢掉,等我搞好之后开发告诉我部分数据(ring)是不能删除的,我晕,只好想办法来恢复数据了,没有备份,不过还好有全部的binlog。1.根据binl
2009-09-27 21:22:00
5037
转载 BruCon video
In alphabethical order:a-new-web-attack-vector-script-fragmentation_Stephan-Chenette.ogg attacking-backbone-technologies_Daniel-Mende_Roger-Klose.ogg belgian-beer-lovers-guide-to-cloud-computi
2009-09-27 17:20:00
453
转载 Is your .svn showing (like 3300 other sites)?
TechCrunch has an article (pointing back to a Russian security company blog post (translated link)), detailing a scan of 2,253,388 web sites which yielded an amazing 3,320 Subversions .svn directorie
2009-09-27 17:08:00
643
转载 linux设置bond网卡绑定
CentOS双网卡bond绑定http://www.xxlinux.com/linux/article/accidence/install/20080215/13801.htmlhttp://coolerfeng.blog.51cto.com/133059/48986http://hrz520520.blog.hexun.com/29611754_d.htmlhttp://chen
2009-09-27 10:54:00
7283
原创 Linux 2.6 kernel versions below 2.6.19 32bit ip_append_data() ring() root exploit.
http://www.packetstormsecurity.org/0909-exploits/0x82-CVE-2009-2698.c
2009-09-26 10:33:00
538
转载 IIS防盗链
http://www.codejia.com/tool/code_200711984512_6101.htmhttp://www.onlinedown.net/soft/46945.htmhttp://www.crsky.com/soft/6112.htmlhttp://www.cnpdb.com/down/2006/d877.shtml
2009-09-25 15:12:00
467
原创 Using the Network Security Toolkit
http://nst.sourceforge.net/nst/docs/user/
2009-09-25 13:30:00
590
转载 Digital Forensics Framework v0.4.3 available
Dff (Digital Forensics Framewor) is a simple but powerfull open source tool with a flexible module system which will help you in your digital forensics works, including files recovery due to error or
2009-09-25 09:50:00
1213
转载 1分钟学会使用Tor代理教程
http://hi.baidu.com/%B7%AD%C7%BD/blog/item/931bc739833fec2eb8998f4b.html
2009-09-25 09:44:00
10460
1
原创 /etc/sudoers中的含义
Sudo是允许系统管理员让普通用户执行一些或者全部的root命令的一个工具,如halt,reboot,su等等。这样不仅减少了root用户的登陆 和管理时间,同样也提高了安全性。Sudo不是对shell的一个代替,它是面向每个命令的。它的特性主要有这样几点: § Sudo能够限制用户只在某台主机上运行某些命令。 § Sudo提供了丰富的日志,详细地记录了每个用户干了什么。它能够将日志传到中心主
2009-09-24 15:36:00
745
转载 KeePass和PuTTY的结合使用--自动登陆
http://topo.72pines.com/2009/02/11/%E7%94%A8-keepass-%E5%AE%9E%E7%8E%B0%E8%BF%9C%E7%A8%8B%E6%8E%A7%E5%88%B6%E7%9A%84%E8%87%AA%E5%8A%A8%E7%99%BB%E5%BD%95/作者:finalbsd 原载: http://www.sanotes.net/html/y
2009-09-24 15:10:00
1523
转载 减少Linux下Squid服务器的TIME_WAIT套接字数量
Linux下高并发的Squid服务器,TCP TIME_WAIT套接字数量经常达到两、三万,服务器很容易被拖死。通过修改Linux内核参数,可以减少Squid服务器的TIME_WAIT套接字数量。 vi /etc/sysctl.conf 增加以下几行: 引用net.ipv4.tcp_fin_timeout = 30net.ipv4.tcp_keepalive_time =
2009-09-24 15:00:00
543
空空如也
TA创建的收藏夹 TA关注的收藏夹
TA关注的人