The purpose of this blog post is to discuss how to remove unwanted HTTP response headers from the response. Typically we have 3 response headers which many people want to remove for security reason.
- Server – Specifies web server version.
- X-Powered-By – Indicates that the website is “powered by ASP.NET.”
- X-AspNet-Version – Specifies the version of ASP.NET used.
Before you go any further, you should evaluate whether or not you need to remove these headers. If you have decided to remove these headers because of a security scan on your site, you may want to read the following blog post by David Wang. 继续阅读
It is amazing technique to remove any information from response header about IIS server is very scarce online. So I decide to blog this.
The reason why you would want this is because you would not want to readily disclose what version of server or what server you are running. For example see blow response header I gathered from one of the site running IIS:
Notice that you have information about Server, X-AspNet-Version, X-Powered-By. There are enough information to know it is running on IIS. Why hide these info? Because why if certain version of IIS server had security hole that the hacker can expose? Sometimes, in Enterprise environment there will be external third party security firms like WhiteHat tagging such exploits so you have to fix. 继续阅读
The following warning message appears in the logs:
[26-Jul-2012 09:49:59] WARNING: [pool www] seems busy (you may need to increase pm.start_servers, or pm.min/max_spare_servers), spawning 32 children, there are 8 idle, and 58 total children
[26-Jul-2012 09:50:00] WARNING: [pool www] server reached pm.max_children setting (50), consider raising it
It means that there are not enough PHP-FPM processes. 继续阅读
On CentOS / RHEL 7, a new naming scheme is introduced.
# ip addr show
eno1: [BROADCAST,MULTICAST,UP,LOWER_UP] mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 6c:0b:84:6c:48:1c brd ff:ff:ff:ff:ff:ff
inet 10.10.10.11/24 brd 10.10.10.255 scope global eno1
inet6 2606:b400:c00:48:6e0b:84ff:fe6c:481c/128 scope global dynamic
valid_lft 2326384sec preferred_lft 339184sec
inet6 fe80::6e0b:84ff:fe6c:481c/64 scope link
valid_lft forever preferred_lft forever
This post describes how to revert to legacy naming scheme with Network Interface names as eth0, eth1, etc. 继续阅读
How do I audit file events such as read / write etc? How can I use audit to see who changed a file in Linux?
The answer is to use 2.6 kernelâ€™s audit system. Modern Linux kernel (2.6.x) comes with auditd daemon. Itâ€™s responsible for writing audit records to the disk. During startup, the rules in /etc/audit.rules are read by this daemon. You can open /etc/audit.rules file and make changes such as setup audit file log location and other option. The default file is good enough to get started with auditd.
In order to use audit facility you need to use following utilities
=> auditctl – a command to assist controlling the kernelâ€™s audit system. You can get status, and add or delete rules into kernel audit system. Setting a watch on a file is accomplished using this command:
=> ausearch – a command that can query the audit daemon logs based for events based on different search criteria.
=> aureport – a tool that produces summary reports of the audit system logs.
Note that following all instructions are tested on CentOS 4.x and Fedora Core and RHEL 4/5 Linux. 继续阅读
The audit service is provided for system auditing. By default, this service audits about SELinux AVC denials and certain types of security-relevant events such as system logins, account modifications, and authentication events performed by programs such as sudo.
Under its default configuration, auditd has modest disk space requirements, and should not noticeably impact system performance. The audit service, configured with at least its default rules, is strongly recommended for all sites, regardless of whether they are running SELinux. Networks with high security level often have substantial auditing requirements and auditd can be configured to meet these requirements:
- Ensure Auditing is Configured to Collect Certain System Events
- Information on the Use of Print Command (unsuccessful and successful)
- Startup and Shutdown Events (unsuccessful and successful)
- Ensure the auditing software can record the following for each audit event:
- When the event appears
- Who initiated the event
- Type of the event
- Success or failure of the event
- Origin of the request (example: terminal ID)
- For events that introduce an object into a user’s address space, and for object deletion events, the name of the object, and in MLS systems, the objects security level.
- Ensure daily of the audit logs
- Ensure that the audit data files have restrictive permissions (at least 640).
在本教程中，您将了解到如何通过预防对数据或其他数据库对象进行未授权查看和更改来保障数据安全。此处提供的材料主要包括考试第 8 部分的相关内容，标题为 Security，本教程涉及的主题包括：
- 允许 non-OS 用户访问数据库
- 利用 onaudit 在数据库服务器上设置并配置安全审计
Informix 11.70 安装在本系列教程的第 1 部分进行了介绍。如果还没安装，可下载并安装 IBM Informix 11.70 的副本。Informix 服务器能够帮助您了解 IBM Informix V11.70 系统管理认证考试当中涉及的许多概念。
学习本教程时，不需要 IBM Informix 的副本。但是，如果下载了 Informix Innovator-C Edition（参见 参考资料）的免费试用版，并与本教程配套使用，您将收获更大。 继续阅读
This is MySQL Python programming tutorial. It covers the basics of MySQL programming with Python. It uses the
MySQLdb module. The examples were created and tested on Ubuntu Linux.
There is a similar PostgreSQL Python tutorial, MySQL Visual Basic tutorial, or MySQL PHP tutorial on ZetCode. SQLAlchemy tutorial covers SQLAlchemy SQL Toolkit and Object Relational Mapper. If you need to refresh your knowledge of the Python language, there is a full Python tutorial. You may also consider to look at the MySQL tutorial, too.
About MySQL database
MySQL is a leading open source database management system. It is a multi user, multithreaded database management system. MySQL is especially popular on the web. It is one part of the very popular LAMP platform which consists of Linux, Apache, MySQL, and PHP. Currently MySQL is owned by Oracle. MySQL database is available on most important OS platforms. It runs on BSD Unix, Linux, Windows, or Mac OS. Wikipedia and YouTube use MySQL. These sites manage millions of queries each day. MySQL comes in two versions: MySQL server system and MySQL embedded system. 继续阅读