µ±Ç°Î»ÖãºLinux½Ì³Ì - Linux - Ìá¸ß¿ª·Åʽ UNIX ƽ̨µÄ°²È«ÐÔ

Ìá¸ß¿ª·Åʽ UNIX ƽ̨µÄ°²È«ÐÔ

ʹÓà Mandrake MD5 УÑéºÍ
Igor Maximov ([email protected])
Web ¿ª·¢ÈËÔ±£¬softPilot.2000
2001 Äê 9 ÔÂ

±¾ÎÄÒª¿´Ò»ÏÂʹÓÃÒ»ÖÖз½·¨Ìá¸ß¿ª·Åʽ UNIX °²È«ÐÔµÄСÍâ¿Ç£¨shell£©Ó¦ÓóÌÐò¡£±¾ÎÄÌṩÁ˶ԴúÂëÖ𲽵ķÖÎö¡£×÷ÕßµÄרҵÁìÓòÊÇ Web ±à³Ì¼°¼â¶ËÍøÂ簲ȫÐÔ¿ª·¢¡£
ÆÆ»µÏµÍ³²¢»ñµÃ³¬¼¶Óû§È¨Ï޵ĶñÒâÓû§¶ÔËùÓеÄϵͳ¹ÜÀíÔ±¶¼½«ÊÇÒ»³¡¶ñÃΡ£Îª±£»¤¿ª·Åʽ UNIX ƽ̨£¬ÏÂÃæµÄСÍâ¿ÇÓ¦ÓóÌÐò½«Îª¿ª·Åʽ UNIX °²È«±ÚÀÝÌíש¼ÓÍß¡£

¿ª·Åʽ UNIX ²Ù×÷ϵͳ FreeBSD ºÍ Linux Mandrake ¶¼ÓÐÍêÕûµÄÍâ¿Ç°²È«ÏµÍ³¡£FreeBSD ³ÌÐòµÄλÖÃÔÚ /etc/security¡£Linux µÄ Mandrake °²È«°ü¿ÉÒÔÔÚ /usr/share/msec ÏÂÕÒµ½¡£ÕâЩ±ê×¼¹¤¾ß¹¦ÄÜÏà½ü£¬µ«ÊÇ£¬ËüÃǰѶÔÎļþϵͳÍêÕûÐԵĿØÖÆÏÞÓÚÓÐ SUID ºÍ SGID ±êÖ¾µÄÎļþ¡£¿É Mandrake ¼ÆËã MD5 ÎļþУÑéºÍµÄ·½Ê½²»Í¬ÓÚ FreeBSD¡£

ͨ³£ÕýÔÚÔËÐеijÌÐò¶Ôϵͳ×ÊÔ´µÄ·ÃÎÊȨÏÞͬ¸Ã³ÌÐòÓû§µÄȨÏÞ¶ÔÓ¦¡£ÉèÖà SGID ºÍ SUID ±êÖ¾»á¸ü¸ÄÕâÒ»µã£¬ÒÔ±ã¸ù¾ÝÎļþËùÓÐÕßµÄȨÏÞÀ´Ö¸¶¨·ÃÎÊȨÏÞ¡£Òò´Ë£¬²»¹Ü³ÌÐòÓû§ÊÇË­£¬root Óû§µÄÕýÔËÐÐ×ŵĿÉÖ´ÐгÌÐòÈ«¶¼¿ÉÒÔÎÞÈκÎÏÞÖƵķÃÎÊϵͳ×ÊÔ´¡£ÔÚÕâÖÖÇé¿öÏ£¬ÉèÖà SUID ºÍ SGID ±êÖ¾µ¼ÖÂÁËÎļþËùÓÐÕßµÄȨÏÞºÍ×éËùÓÐÕßµÄȨÏ޷ֱ𱻼̳С£È»ºó£¬µ¥ÎªÔËÐÐʱ¼°µ¥Îª³ÌÐò¶ÔÌØȨ½øÐиü¸Ä£¨Í¨³£ÊÇÀ©Õ¹£©¡£ÓÉÓ¦ÓóÌÐòÆô¶¯µÄÆäËü½ø³ÌÒ²¼Ì³Ð¸ÃÓ¦ÓóÌÐòµÄȨÏÞ¡£Òò´Ë£¬Ó¦¸Ã½÷É÷µÄÉèÖà SUID ºÍ SGID ±êÖ¾£¬¶øÇÒÖ»¸øÄÇЩ²»ÄÜÆô¶¯ÈÎÒâÈÎÎñµÄ³ÌÐòÉèÖá£

MD5
MD5 ÊÇÊý×ÖÇ©ÃûÓ¦ÓóÌÐòµÄÏûÏ¢ÕªÒªËã·¨£¬×÷Õß Ronald L. Rivest ÔÚ 1991 Ä꿪·¢µÄ¡£Çë²ÎÔı¾ÎĺóÃæ²Î¿¼×ÊÁÏÒԵõ½Ëã·¨µÄÔ´´úÂë¼°¸ü¶àÐÅÏ¢¡£
½â¾ö·½°¸£ºÊ¹Óà MD5 УÑéºÍ
ʹÓà SGID/SUID ±êÖ¾¸ú×Ù¶ÔÐÂϵͳÎļþËù×öµÄÐÞ¸ÄÊÇÒ»ÏÆäÀ§ÄѵÄÈÎÎñ¡£µ«ÊÇ£¬ÒÀ¿¿×ã¹»µÄ¾­ÑéºÍ½÷É÷£¬¿ÉÒÔÐÞ¸Äϵͳ·þÎñÓëÉèÖöø²»¸ü¸Ä±ê×¼ÎļþÊôÐÔ£¨Í¨³£¹ÜÀíÔ±»á×¢ÒâÎļþ´´½¨¼°Ð޸ĵÄÈÕÆÚ£©¡£ÏÂÃæµÄ³ÌÐò»ùÓÚ¶ÔΪ·ÀÖ¹Ð޸Ķø±»Î±×°µÄ MD5 УÑéºÍ½øÐеÄÍêÕûÐÔ²âÊÔ£¬¸ú×Ù¶ÔÖ¸¶¨Ä¿Â¼ÖÐÈ«²¿ÎļþËù×öµÄÐ޸ġ£

FreeBSD µÄ files-diffs ÅäÖÃÓëÔ´´úÂë
±ê×¼·þÎñÔÚÒÔÏÂĿ¼ÖУº/etc *¡¢/bin¡¢/sbin¡¢/modules¡¢/usr/bin¡¢/usr/sbin¡¢/usr/lib *¡¢/usr/libexec *¡¢/usr/X11R6/bin¡¢/usr/X11R6/lib *¡¢/usr/local/bin¡¢/usr/local/etc * ¼° /usr/local/sbin¡£ÕâÑùµÄ²ã´Î½á¹¹¶Ô±ê×¼·þÎñµÄÍêÕûÐÔ½øÐиú×Ù£¬µ«ÊÇÎÞ·¨¸ú×ÙÄÇЩҲ»áÊܵ½Ë𺦵ĸ½¼Ó·þÎñ£¨Perl¡¢Web¡¢News µÈ£©¡£Óà * ±ê¼ÇµÄĿ¼º¬Óи½¼Ó²ã´Î£¬ÇÒÒ²Ó¦¶ÔËüÃǽøÐиú×Ù¡£Èà root Óû§ÊÕµ½¹ØÓÚÐ޸ĹýµÄÎļþµÄÿÈյĵç×ÓÓʼþ±¨¸æÊǸöºÃÖ÷Òâ¡£ÉèÖÃÎÒÃǵÄÍâ¿Ç³ÌÐò£º

ÒÔ root Óû§Éí·ÝµÇ¼
[cd /etc/periodic/daily]
°Ñ´úÂë´æµ½ files-diffs Îļþ
[chmod 755 files-diffs]
[chown root:wheel files-diffs]
Çåµ¥ 1. FreeBSD µÄ files-diffs
#!/bin/bash
#
#Checking files for modification
#
#Written by Igor B. Maximov, [email protected]
#
#Dirs with sub-folders checking
DeepDirs=""/boot /etc /lib /sbin /usr/bin /usr/lib /usr/libexec""

#Dirs without sub-folders checking
Dirs=""/bin /usr/local/bin /usr/local/sbin /usr/sbin""

TMP=/var/run/files-diff.$$
LOG=/var/log/security

(
for j in $DeepDirs
do
cd $j
for i in ``/usr/bin/find . -type f -or -type l -or -type s -or -type p -xdev``
do
echo ${j}""/ ""``(/bin/ls -l $i; /usr/bin/md5sum $i)``
done
done

for j in $Dirs
do
cd $j
for i in ``/usr/bin/find . -type f -or -type l -or -type s -or -type p -xdev -maxdepth 1``
do
echo ${j}""/ ""``(/bin/ls -l $i; /usr/bin/md5sum $i)``
done
done

)>${TMP}

if [ ! -f ${LOG}/files-diff.today ]; then
(
echo ""No ${LOG}/files-diff.today""
cp ${TMP} ${LOG}/files-diff.today
)|mail -sNo_${LOG}/files-diff.today root

fi

if cmp ${LOG}/files-diff.today ${TMP} >/dev/null; then :; else
(
echo ""files diffs: ""
diff -b ${LOG}/files-diff.today ${TMP}
mv ${LOG}/files-diff.today ${LOG}/files-diff.yesterday
mv ${TMP} ${LOG}/files-diff.today
)|mail -sfiles-diff root

fi

if [ -f ${TMP} ]; then
rm ${TMP}
fi



Linux Mandrake µÄ files-diffs ÅäÖÃÓëÔ´´úÂë
±ê×¼·þÎñµÄλÖÃÔÚÒÔÏÂĿ¼ÖУº/boot *¡¢/etc *¡¢/bin¡¢/sbin *¡¢/usr/bin *¡¢/usr/sbin¡¢/usr/lib *¡¢/usr/libexec *¡¢/usr/local/bin¡¢/usr/local/etc * ¼° /usr/local/sbin¡£¼Ù¶¨ÄúÒѾ­°²×°ÁË Mandrake °²È«°ü£¨¶Ô RPM: /System/Base/msec£©£¬Çë×ñÕÕÈçÏÂÕâЩ°²×°ËµÃ÷£º

ÒÔ root Óû§Éí·ÝµÇ¼
[cd /usr/share/msec]
°Ñ´úÂë´æÔÚ files-diffs Îļþ
[chmod 755 files-diffs.sh]
[chown root:root files-diffs.sh]
´ò¿ª Security.sh Îļþ±à¼­²¢°ÑÏÂÁд®Ìí¼Óµ½ÎļþµÄĩβ£º
. /usr/share/msec/files-diffs.sh
Çåµ¥ 2. Linux Mandrake µÄ files-diffs
#!/bin/sh
#
#Checking files for modification
#
#Written by Igor B. Maximov, [email protected]
#
#Dirs with sub-folders checking
DeepDirs=""/etc /usr/lib /usr/libexec /usr/X11R6/lib /usr/local/etc""

#Dirs without sub-folders checking
Dirs=""/bin /sbin /modules /usr/bin /usr/sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin""

TMP=/var/run/_files-diffs.$$
LOG=/var/log

(
for j in $DeepDirs
do

cd $j
for i in ``/usr/bin/find . -type f -or -type l -or -type s -or -type p -xdev``
do
echo ${j}""/ ""``(/bin/ls -l $i; /sbin/md5 $i)``
done
done

for j in $Dirs
do
cd $j
for i in ``/usr/bin/find . -type f -or -type l -or -type s -or -type p -xdev -maxdepth 1``
do
echo ${j}""/ ""``(/bin/ls -l $i; /sbin/md5 $i)``
done
done

)>${TMP}
if [ ! -f ${LOG}/files-diffs.today ]; then
(
echo ""No ${LOG}/files-diffs.today""
cp ${TMP} ${LOG}/files-diffs.today
)|mail -sNo_${LOG}/files-diffs.today root
fi

if cmp ${LOG}/files-diffs.today ${TMP} >/dev/null; then :; else
(
echo ""files diffs:""
diff -b ${LOG}/files-diffs.today ${TMP}
mv ${LOG}/files-diffs.today ${LOG}/files-diffs.yesterday
mv ${TMP} ${LOG}/files-diffs.today
)|mail -sfiles-diffs root
fi

if [ -f ${TMP} ]; then
rm ${TMP}
fi



½øÒ»²½¸Ä½ø
ͨ¹ýÔÚ±ê×¼°²È«ÏµÍ³Öе¥¶ÀʹÓøóÌÐò£¬Äú¿ÉÒÔ½øÒ»²½¸Ä½øϵͳµÄÎȶ¨ÐÔ¡£ÈçÄú²ÉÓÃÕâÖÖ×ö·¨£¬¸Ã³ÌÐòµÄλÖÃÓ¦¸ÃÔÚÁíһĿ¼£¬¶øÇÒÓ¦¸ÃÓò»Í¬µÄ·¾¶´æ´¢ÁÙʱÎļþºÍÔ´´úÂë¡£ÕâÑù£¬¼àÊÓϵͳµÄ´æÔÚ¶Ô¶ñÒâÓû§²¢²»Ã÷ÏÔ£¬Òò¶ø£¬²»ÈÝÒ×±»±Ü¿ª¡£

²Î¿¼×ÊÁÏ

µ½ FreeBSD ¹Ù·½Õ¾µãÈ¥ÕÒÐÂÎÅ¡¢Èí¼þ¡¢Îĵµ¼°Ö§³Ö¡£
ÇëÔĶÁ FreeBSD Handbook ²éÕÒ¹ØÓÚ FreeBSD 4.3 °²×°ÓëÈÕ³£Ó÷¨µÄÐÅÏ¢¡£
Çëµ½¹Ù·½µÄ Linux Mandrake Õ¾µãÈ¥ÕÒÐÂÎÅÒÔ¼°¿ª·¢ÕߺͲúÆ·Ö§³ÖÐÅÏ¢¡£
²éÕÒ¸ü¶à¹ØÓÚ MDx µÄÐÅÏ¢¡£
»ñÈ¡ MD5 µÄÃèÊöºÍÔ´´úÂë¡£
ÔĶÁÊÖ²áÒ³£¨Man page£©£º
ÊÊÓÃÓÚ FreeBSD£º[man md5]
ÊÊÓÃÓÚ Linux Mandrake£º[man md5sum]
²éÕÒ¸ü¶à¹ØÓÚ IBM ViaVoice ASR SDK µÄ Linux Mandrake ºÍÆäËü·Ö·¢°ü°æ±¾¡£
²éÕÒ¸ü¶à¹ØÓÚ IBM µÄ Internet Security Services.
»¹¿ÉÒÔÔÚ developerWorks ÉÏÔĶÁ£º
Addressing security issues in Linux
Linux Ó²¼þÎȶ¨ÐÔÖ¸ÄÏ£¬µÚ 1 ²¿·Ö
Linux Ó²¼þÎȶ¨ÐÔÖ¸ÄÏ£¬µÚ 2 ²¿·Ö
½Ì³Ì£º°²×° FreeBSD
¿´Ò»Ï developerWorks ÉϵݲȫÐԲο¼×ÊÁÏ¡£
ä¯ÀÀ developerWorks Éϵĸü¶àµÄ Linux ²Î¿¼×ÊÁÏ¡£
ä¯ÀÀ developerWorks Éϵĸü¶àµÄ¿ª·ÅÔ´´úÂë²Î¿¼×ÊÁÏ¡£

¹ØÓÚ×÷Õß
Igor Maximov ÊÇ softPilot.2000 ÏîÄ¿£¨CONSUL Bureau, Sevastopol, Ukraine£©µÄÒ»Ãû Web ¿ª·¢ÈËÔ±ºÍϵͳ¹ÜÀíÔ±¡£ËûרעÓÚÍøÂ簲ȫÐÔ·½Ãæ¼° Web ±à³Ì·½ÃæµÄÐÂÏë·¨¡£Äú¿ÉÒÔͨ¹ý [email protected] ͬËûÁªÏµ¡£