简单使用epel源来安装NTOP及使用和chkrootkit的安装应用
简单使用epel源来安装NTOP和chkrootkit
首先来说一下epel源是什么:
如果既想获得 RHEL 的高质量、高性能、高可靠性,又需要方便易用(关键是免费)的软件包更新功能,那么 Fedora Project 推出的 EPEL(Extra Packages for Enterprise Linux)正好适合你。EPEL(http://fedoraproject.org/wiki/EPEL) 是由 Fedora 社区打造,为 RHEL 及衍生发行版如 CentOS、Scientific Linux 等提供高质量软件包的项目。
下面来配置一下epel源
所使用的系统是Centos 6.3 x86_64 ip 192.168.112.129
在安装之前要事先安装yum-priorities
- # yum install -y yum-priorities
安装完成后,便可以配置epel源了
由于使用的是64位的系统,所以选择安装相对应的rpm包
可以在http://dl.fedoraproject.org/pub/epel/6/x86_64/这里面到找,执行下面的命令安装
- [root@www yum.repos.d]# rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
- Retrieving http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
- warning: /var/tmp/rpm-tmp.KQrxb7: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
- Preparing... ########################################### [100%]
- 1:epel-release ########################################### [100%]
对于32位的系统则需要执行下面的命令:
- rpm -ivh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
安装完成后导入DAG的PGP Key
- [root@www yum.repos.d]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
然后再来设置/etc/yum.repos.d/epel.repo文件中源的级别,添加priority=11 (将其级别设置为较低级别,这样系统安装软件时会首先选择官方yum源,如果实在找不到它会选择epel源)/etc/yum.repos.d/epel.repo文件内容如下:
- [root@www yum.repos.d]# cat epel.repo
- [epel]
- name=Extra Packages for Enterprise Linux 6 - $basearch
- #baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch
- mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch
- failovermethod=priority
- enabled=1
- gpgcheck=1
- gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
- priority=11 \\设置优先级
- [epel-debuginfo]
- name=Extra Packages for Enterprise Linux 6 - $basearch - Debug
- #baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch/debug
- mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-6&arch=$basearch
- failovermethod=priority
- enabled=0
- gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
- gpgcheck=1
- [epel-source]
- name=Extra Packages for Enterprise Linux 6 - $basearch - Source
- #baseurl=http://download.fedoraproject.org/pub/epel/6/SRPMS
- mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-source-6&arch=$basearch
- failovermethod=priority
- enabled=0
- gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
- gpgcheck=1
设置安装完成后就可以直接用yum安装NTOP了
- [root@www yum.repos.d]# yum install ntop
- Loaded plugins: fastestmirror, priorities
- Loading mirror speeds from cached hostfile
- epel/metalink | 4.0 kB 00:00
- * base: centos.ustc.edu.cn
- * epel: ftp.cuhk.edu.hk
- * extras: centos.ustc.edu.cn
- * updates: centos.ustc.edu.cn
- epel | 4.2 kB 00:00
- http://ftp.cuhk.edu.hk/pub/linux/fedora-epel/6/x86_64/repodata/e7f018b8041d9c4926b9587c3e1f50111f7d76a57335cc72a7106fb703eca514-primary.sqlite.bz2: [Errno 14] PYCURL ERROR 7 - "couldn't connect to host"
- Trying other mirror.
- epel/primary_db | 5.0 MB 00:05
- 73 packages excluded due to repository priority protections
- Setting up Install Process
- Resolving Dependencies
- --> Running transaction check
- ---> Package ntop.x86_64 0:5.0-5.el6 will be installed
- --> Processing Dependency: graphviz for package: ntop-5.0-5.el6.x86_64
- --> Processing Dependency: libpcap.so.1()(64bit) for package: ntop-5.0-5.el6.x86_64
- --> Processing Dependency: libGeoIP.so.1()(64bit) for package: ntop-5.0-5.el6.x86_64
- --> Running transaction check
- ---> Package GeoIP.x86_64 0:1.4.8-1.el6 will be installed
- ---> Package graphviz.x86_64 0:2.26.0-10.el6 will be installed
- --> Processing Dependency: urw-fonts for package: graphviz-2.26.0-10.el6.x86_64
- --> Processing Dependency: libXmu.so.6()(64bit) for package: graphviz-2.26.0-10.el6.x86_64
- --> Processing Dependency: libXaw.so.7()(64bit) for package: graphviz-2.26.0-10.el6.x86_64
- ---> Package libpcap.x86_64 14:1.0.0-6.20091201git117cb5.el6 will be installed
- --> Running transaction check
- ---> Package libXaw.x86_64 0:1.0.11-2.el6 will be installed
- ---> Package libXmu.x86_64 0:1.1.1-2.el6 will be installed
- ---> Package urw-fonts.noarch 0:2.4-10.el6 will be installed
- --> Finished Dependency Resolution
- Dependencies Resolved
- =======================================================================================================================================================================
- Package Arch Version Repository Size
- =======================================================================================================================================================================
- Installing:
- ntop x86_64 5.0-5.el6 epel 12 M
- Installing for dependencies:
- GeoIP x86_64 1.4.8-1.el6 epel 620 k
- graphviz x86_64 2.26.0-10.el6 base 1.0 M
- libXaw x86_64 1.0.11-2.el6 base 178 k
- libXmu x86_64 1.1.1-2.el6 base 66 k
- libpcap x86_64 14:1.0.0-6.20091201git117cb5.el6 base 126 k
- urw-fonts noarch 2.4-10.el6 base 3.1 M
- Transaction Summary
- =======================================================================================================================================================================
安装完成后就可以启动NTOP了,启动过程会提示调置admin用户的密码。
- [root@www yum.repos.d]# ntop
- Sun Mar 24 04:09:27 2013 Initializing gdbm databases
- Sun Mar 24 04:09:27 2013 ntop will be started as user ntop
- Sun Mar 24 04:09:27 2013 ntop v.5.0 Fedora RPM (64 bit)
- Sun Mar 24 04:09:27 2013 Configured on Nov 26 2012 2:27:02, built on Nov 26 2012 02:27:07.
- ……
- ……
- ……
- ntop startup - waiting for user response!
- Please enter the password for the admin user:
最后就可以在浏览器中访问了 http://192.168.112.129:3000
如图所示工作界面:
到此 使用epel源安装NTOP就完成了,具体关于NTOP的使用,还在熟悉过程中。
下面来说一下chkrootkit的安装
先来认识一下chkrootkit。Rootkit检测工具Chkrootkit
Rootkit是单个或一组软件,它针对一个或者多个弱点进行获取正式权限的攻击,或者对目标主机进行其他任何类型的攻击。很多Rootkit不仅仅是发起一个攻击以获得root权限,其同时还试图掩藏和清除攻击的行为。为了达到掩盖的目的,它们删除日志文件、安装特洛伊木马或采取其他的掩盖方法。就像网络中别的攻击一样,Rootkit通常也具有特征并且会留下一些蛛丝马迹,这些都是可以用来识别出它们。我们这里有专门的软件可对Rootkit的踪迹和特征进行查找,其中之一就是chkrootkit
Chkrootkit的安装
Chkrootkit目前的最新版本是0.49,而epel源中的Chkrootkit正好的就是最新版本。由于前面已经配置好了epel源就可以直接安装了:
- # yum install -y chkrootkit
成功安装后,再用rpm命令来检查一下,如下所示:
- [root@www ~]# rpm -ql chkrootkit
- /etc/pam.d/chkrootkit
- /etc/security/console.apps/chkrootkit
- /usr/bin/chkrootkit
- /usr/bin/chkrootkitX
- /usr/lib64/chkrootkit-0.49
- /usr/lib64/chkrootkit-0.49/check_wtmpx
- /usr/lib64/chkrootkit-0.49/chkdirs
- /usr/lib64/chkrootkit-0.49/chklastlog
- /usr/lib64/chkrootkit-0.49/chkproc
- /usr/lib64/chkrootkit-0.49/chkrootkit
- /usr/lib64/chkrootkit-0.49/chkutmp
- /usr/lib64/chkrootkit-0.49/chkwtmp
- /usr/lib64/chkrootkit-0.49/ifpromisc
- /usr/lib64/chkrootkit-0.49/strings
- /usr/lib64/chkrootkit-0.49/strings-static
- /usr/sbin/chkrootkit
- /usr/share/applications/fedora-chkrootkit.desktop
- /usr/share/doc/chkrootkit-0.49
- /usr/share/doc/chkrootkit-0.49/ACKNOWLEDGMENTS
- /usr/share/doc/chkrootkit-0.49/COPYRIGHT
- /usr/share/doc/chkrootkit-0.49/README
- /usr/share/doc/chkrootkit-0.49/README.chklastlog
- /usr/share/doc/chkrootkit-0.49/README.chkwtmp
- /usr/share/doc/chkrootkit-0.49/README.false_positives
- /usr/share/doc/chkrootkit-0.49/chkrootkit.lsm
- /usr/share/pixmaps/chkrootkit.png
这里显示的是成功安装后Chkrootkit后的相关文件。运行相关命令可以查看版本号:
- [root@www ~]# chkrootkit -V
- chkrootkit version 0.49
安装后就可以运行了
- [root@www ~]# chkrootkit -V
- chkrootkit version 0.49
- [root@www ~]# chkrootkit
- ROOTDIR is `/'
- Checking `amd'... not found
- Checking `basename'... not infected
- Checking `biff'... not found
- Checking `chfn'... not infected
- Checking `chsh'... not infected
- Checking `cron'... not infected
- Checking `crontab'... not infected
- Checking `date'... not infected
- Checking `du'... not infected
- Checking `dirname'... not infected
- Checking `echo'... not infected
- Checking `egrep'... not infected
- Checking `env'... not infected
- Checking `find'... not infected
- Checking `fingerd'... not found
- Checking `gpm'... not found
- Checking `grep'... not infected
- Checking `hdparm'... not found
- Checking `su'... not infected
- Checking `ifconfig'... not infected
- Checking `inetd'... not found
- Checking `inetdconf'... not found
- Checking `identd'... not found
- Checking `init'... not infected
- Checking `killall'... not infected
- Checking `ldsopreload'... not infected
- Checking `login'... not infected
- Checking `ls'... not infected
- Checking `lsof'... not found
- Checking `mail'... not found
- Checking `mingetty'... not infected
- Checking `netstat'... not infected
- Checking `named'... not found
- Checking `passwd'... not infected
- Checking `pidof'... not infected
- Checking `pop2'... not found
- Checking `pop3'... not found
- Checking `ps'... not infected
- Checking `pstree'... not infected
- Checking `rpcinfo'... not found
- Checking `rlogind'... not found
- Checking `rshd'... not found
- Checking `slogin'... not found
- Checking `sendmail'... not infected
- Checking `sshd'... not infected
- Checking `syslogd'... not tested
- Checking `tar'... not infected
- Checking `tcpd'... not infected
- Checking `tcpdump'... not infected
- Checking `top'... not infected
- Checking `telnetd'... not found
- Checking `timed'... not found
- Checking `traceroute'... not found
- Checking `vdir'... not infected
- Checking `w'... not infected
- Checking `write'... not infected
- Checking `aliens'... no suspect files
- Searching for sniffer's logs, it may take a while... nothing found
- Searching for HiDrootkit's default dir... nothing found
- Searching for t0rn's default files and dirs... nothing found
- Searching for t0rn's v8 defaults... nothing found
- Searching for Lion Worm default files and dirs... nothing found
- Searching for RSHA's default files and dir... nothing found
- Searching for RH-Sharpe's default files... nothing found
- Searching for Ambient's rootkit (ark) default files and dirs... nothing found
- Searching for suspicious files and dirs, it may take a while... nothing found
- Searching for LPD Worm files and dirs... nothing found
- Searching for Ramen Worm files and dirs... nothing found
- Searching for Maniac files and dirs... nothing found
- Searching for RK17 files and dirs... nothing found
- Searching for Ducoci rootkit... nothing found
- Searching for Adore Worm... nothing found
- Searching for ShitC Worm... nothing found
- Searching for Omega Worm... nothing found
- Searching for Sadmind/IIS Worm... nothing found
- Searching for MonKit... nothing found
- Searching for Showtee... nothing found
- Searching for OpticKit... nothing found
- Searching for T.R.K... nothing found
- Searching for Mithra... nothing found
- Searching for LOC rootkit... nothing found
- Searching for Romanian rootkit... nothing found
- Searching for HKRK rootkit... nothing found
- Searching for Suckit rootkit... nothing found
- Searching for Volc rootkit... nothing found
- Searching for Gold2 rootkit... nothing found
- Searching for TC2 Worm default files and dirs... nothing found
- Searching for Anonoying rootkit default files and dirs... nothing found
- Searching for ZK rootkit default files and dirs... nothing found
- Searching for ShKit rootkit default files and dirs... nothing found
- Searching for AjaKit rootkit default files and dirs... nothing found
- Searching for zaRwT rootkit default files and dirs... nothing found
- Searching for Madalin rootkit default files... nothing found
- Searching for Fu rootkit default files... nothing found
- Searching for ESRK rootkit default files... nothing found
- Searching for rootedoor... nothing found
- Searching for ENYELKM rootkit default files... nothing found
- Searching for common ssh-scanners default files... nothing found
- Searching for anomalies in shell history files... nothing found
- Checking `asp'... not infected
- Checking `bindshell'... not infected
- Checking `lkm'... chkproc: nothing detected
- chkdirs: nothing detected
- Checking `rexedcs'... not found
- Checking `sniffer'... eth0: PF_PACKET(/sbin/dhclient, /usr/sbin/ntop)
- Checking `w55808'... not infected
- Checking `wted'... chkwtmp: nothing deleted
- Checking `scalper'... not infected
- Checking `slapper'... not infected
- Checking `z2'... chklastlog: nothing deleted
- Checking `chkutmp'... chkutmp: nothing deleted
- Checking `OSX_RSPLUG'... not infected
Chkrootkit会对系统上的重要文件进行扫描,以上结果显示是正常的,一般是没有文件感染,如果Chkrootkit显示有文件感染,请认真查看是否是误报,如果有文件感染了Rootkit,请立即从网络上断开你的服务,同时采取措施进行Rootkit的清理。
好了,到此关于epel源的配置和使用epel源安装软件介绍完毕。
不对之处请大家指出,谢谢关注。
本文转自 ZhouLS 51CTO博客,原文链接:http://blog.51cto.com/zhou123/1181062
简单使用epel源来安装NTOP及使用和chkrootkit的安装应用相关推荐
- python3.6.5安装教程-[教程]Centos下使用Yum安装python3.6.5
写在开头 家里的网换移动了,连博客卡的要死,所以这篇文章是在云服务器上写的. python3.6.5已经出来一段时间了,众所周知,centos自带的python是python2,不自带python3, ...
- CentOS安装EPEL源
EPEL (Extra Packages for Enterprise Linux)是基于Fedora的一个项目,为"红帽系"的操作系统提供额外的软件包,适用于RHEL.CentO ...
- CentOS如何下载安装EPEL源
今天给大家介绍下CentOS下载安装EPEL源的步骤!希望大家喜欢! EPEL 是什么? EPEL (Extra Packages for Enterprise Linux,企业版Linux的额外软件 ...
- epel源mysql版本_linux增加epel源,yum安装nignx,脚本安装mysql服务端,shell脚本监控网站页面...
epel是一种yum仓库,里面提供了更多.更丰富linux软件,但是,它不是默认yum仓库,我们需要手工添加这个yum源. 添加epel源 然后,找到fedora-epel, 在列表里找到:6serv ...
- 如何在CentOS 5/6上安装EPEL源
如何在CentOS 5/6上安装EPEL源 2013-12-04 14:45 译者:NearTan Linux中国 字号:T | T 我们可以很容易地通过yum命令从EPEL源上获取上万个在CentO ...
- linux增加epel源,yum安装nignx,脚本安装mysql服务端,shell脚本监控网站页面
epel是一种yum仓库,里面提供了更多.更丰富linux软件,但是,它不是默认yum仓库,我们需要手工添加这个yum源. 添加epel源 参考:http://freeloda.blog.51cto. ...
- 安装epel源 失败:未知的名称或服务。 wget: 无法解析主机地址 “mirrors.aliyun.com”
安装epel源 失败:未知的名称或服务. wget: 无法解析主机地址 "mirrors.aliyun.com" 今天yum search mysql发现没有想要的mysql,于是 ...
- 如何在centos上安装epel源
一.EPEL是什么? EPEL (Extra Packages for Enterprise Linux,企业版Linux的额外软件包) 是Fedora小组维护的一个软件仓库项目,为RHEL/Cent ...
- 小程序源码:全新动态视频壁纸-多玩法安装简单
这是一款主打动态视频壁纸的一款微信小程序源码 当然啦,里面也是有静态壁纸的 其实这款小程序也可以说是短视频小程序都可以 该款小程序全采集,另外支持多种流量主 大家应该知道小编之前也发过一款动态壁纸的小 ...
最新文章
- SQL2008R2 express版本不支持维护计划
- VS2015+MySql+EF6采坑经验总结
- Spring3.1.2与Hibernate4.1.8整合
- “Paper + Code”加量豪华套餐 | PaperDaily #04
- 掀开图片显示介绍的css效果
- mysql数据库密码修改
- 微信公众号订阅号开发项目小记
- 鸟哥的Linux私房菜(基础学习篇第四版)学习笔记
- MATLAB数据类型及转换
- R语言 循环 步长 写法
- qc快充协议2.0/3.0
- 收费企业邮箱注册后,企邮邮箱如何用foxmail转移邮件?
- python合并word表格_Python实战009:读取Word文档中的表格数据及表格合并问题解决...
- ShortcutManager桌面app图标长按快捷入口
- Cylinder Candy(zoj 3866 旋转体体积和表面积)
- 百度地图Polyline画直线
- 联想笔记本Y430p升级硬件(内存扩容+升级固态)
- 某大厂程序员炫耀:来新加坡后,每天最多工作五六个小时,家庭年收入150万人民币,已躺平!...
- 关于Google Map 叠加层之Polyline(折线)、Polygon(多边形)、InfoWindow(信息窗口)
- 用isalpha函数来判断一个字符串中的字符是否是字母