¦£¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¤ ¦¢Linux System Network Security - À̹οì(leeminwoo@boanin.com)¦¢ ¦¢(ÀÌ ÅؽºÆ®´Â 1024*768Çػ󵵿¡ 2009-02-26 ÀÛ¼º ¦¢ ¦¢ ÃÖÀûÈ­ µÇ¾î ÀÖ½À´Ï´Ù.) 2009-02-28 ¼öÁ¤ ¦¢ ¦¦¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¥ ¦®¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¯ ¦­Linux System Network Security ¸ñÂ÷¦­ ¦±¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦° ************************************************************** ¢¿ ¸®´ª½º Ãʱ⼳ġ ÈÄ ¼³Á¤ ¹× °£´ÜÇÑ ÀÀ±ÞÁ¶Ä¡ ¡æ 1. ÇöÀç ³¯Â¥¿Í ½Ã°£À» µ¿±âÈ­ ½ÃÅ°±â ¡æ 2. ºñÇÁÀ½ ¼Ò¸® ¾ø¾Ö±â(Disable Beep Sound) ¡æ 3. VmwareÀÇ Çػ󵵸¦ 1024 * 768·Î º¯°æÇϱ⠡æ 4. vi¿¡µðÅÍ È¯°æ¼³Á¤ ¡æ 5. ³×Æ®¿öÅ© ¼³Á¤(IP, Gateway, DNS¼³Á¤) ¡æ 6. ½Ã½ºÅÛ ÀçºÎÆà & ½Ã½ºÅÛ Á¾·á ¡æ 7. ¸®´ª½º µð·ºÅ丮 Á¾·ù¿Í Ư¡ ¢¿ ¸®´ª½ºÀÇ °³³äÁ¤¸® ¹× ¼³Ä¡¹æ¹ý ¡æ Ä¿³Î ¡æ BSD ¡æ UNIX System V ¡æ POSIX ¡æ MD5 ¡æ ¸í·É¾î ¢Ù ÆÄÀÏ°ü·Ã ¸í·É¾î ¢Ù ÆÄÀÏ´Ù·ç±â ¢Ù ÆÄÀÏ ±ÇÇѺ¯°æ ¢Ù ÆÄÀÏ °Ë»öÇÏ±â ¡æ °£´ÜÇÑ Á¤±ÔÇ¥Çö½Ä ¡æ vi ¿¡µðÅÍ ÆíÁý±â ¢¿ ¸®´ª½ºÀÇ ¹°¸®Àû º¸¾È¹æ¹ý(.65) ¡æ Physical Security ¡æ Single mode ¢¿ General System Security(p.75) ¡æ RPMÀÇ °³¿ä ¡æ RPMÀÇ ´Ù¼¸°¡Áö mode ¡æ RPMÆÐÅ°Áö À̸§ ±¸Á¶ ¡æ chattrÀÇ ¼Ó¼ºº¸±â(p.83) ¡æ º¸¾È»ó »èÁ¦µÇ¾î¾ß ÇÏ´Â ÆÄÀÏ ÆÐÅ°Áö ¡æ Ç¥ÁØ º¸¾È ÆÛ¹Ì¼Ç ¢¿ System Initialization(p.93) ¡æ ÆÄÀÏ ÀоîµéÀÌ´Â ¼ø¼­ ¡æ ½Ã½ºÅÛ Á¾·á °ü·Ã ¸í·É¾î ¢¿ File System Management / Security(p.111) ¡æ EXT2 ¡æ EXT3 ¡æ Àú³Î¸µ ÆÄÀϽýºÅÛ ¢Ù Journal (¸®½ºÅ© ÃÖ¼Ò) ¢Ù Ordered (¸®½ºÅ© Áß°£) ¢Ù Writeback (¸®½ºÅ© ÃÖ°í) ¡æ 1. ÆÄÀϽýºÅÛÀÇ ¸ñ·ÏÀ» È®ÀÎ ¡æ 2. µð·ºÅ丮 ±¸Á¶ ¡æ 3. ÆÄÀϽýºÅÛ Á¡°Ë ¢¿ Network Configuration(p.141) ¡æ ³×Æ®¿öÅ© ¼³Á¤(IP, Gateway, DNS¼³Á¤) ¡æ ifconfig¸¦ ÀÌ¿ëÇÏ¿© ³×Æ®¿öÅ© ¼³Á¤ ¡æ ¶ó¿ìÆà Å×ÀÌºí ¼³Á¤ ¡æ ¶ó¿ìÆà Å×À̺íÀÇ »èÁ¦ ¡æ ¶ó¿ìÆà Å×À̺íÀÇ Ãß°¡ ¡æ ³×Æ®¿öÅ© ¸í·É¾î ¢Ù 1. arp(p.151) ¢Ù 2. netstat(p.151) ¢Ù 3. traceroute(p.153) ¢Ù 4. nslookup(p.153) ¢Ù 5. dig(p.154) ¢Ù 6. host(p.155) ¡æ °¡»ó ÀÎÅÍÆäÀ̽º(p.157) ¢Ù ÀϽÃÀû Ãß°¡¹æ¹ý ¢Ù ¿µ±¸Àû Ãß°¡¹æ¹ý ¡æ iptables(p.160) ¢¿ Controlling Daemon(p.165) ¡æ µ¥¸óÀ̶õ ¡æ ´ëÇ¥ÀûÀÎ µ¥¸ó ¡æ inetd ¹æ½Ä°ú Standalone ¹æ½ÄÀÇ Â÷ÀÌÁ¡(p.178) ¢¿ Account Management / Security(p.179) ¡æ John the ripper¸¦ ÀÌ¿ëÇÏ¿© Æнº¿öµå Å©·¢¹æ¹ý ¢¿ PAM (Pluggable Authentication Module)(p.197) ¢¿ Kernel Security / Optimizing (p.215) ¢¿ Log Management / Security (p.239) ¡æ Log Files(p.240) ¡æ syslogd(p.252) ¡æ logrotate(p.256) ¢¿ Monitoring / Integrity (p.261) ¡æ Tripwire(p.262) ¡æ COPS(p.273) ¢¿ Backup and Update (p.277) ¡æ ¹é¾÷ÀÇ Á߿伺(p.278) ¡æ tar (p.281) ¡æ crontab (p.296) ¡æ yum (p.300) ¢¿ ¸®´ª½º ½Ã½ºÅÛ Áß°£Å×½ºÆ® ¹®Á¦ ¢¿ ¸®´ª½º ½Ã½ºÅÛ ÃÖÁ¾Å×½ºÆ® ¹®Á¦ ************************************************************** ¦®¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¯ ¦­¸®´ª½º Ãʱ⼳ġ ÈÄ ¼³Á¤ ¹× °£´ÜÇÑ ÀÀ±ÞÁ¶Ä¡¦­ ¦±¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦° ************************************************************** TIP. TabÅ°¸¦ »ç¿ëÇϸé ÀÚµ¿À¸·Î Á¸ÀçÇÏ´Â ÇØ´ç ÆÄÀϸíÀ̳ª Æú´õ¸íÀÌ ¿Ï¼ºµÈ´Ù. TabÅ°¸¦ 2¹ø ´­·¶À» °æ¿ì ³»°¡ ã°íÀÚÇÏ´Â µð·ºÅ丮 ³»ÀÇ ¸ñ·ÏÀ» º¼¼öÀÖ´Ù('ls'³ª 'll' °°Àº ±â´É) TIP. Âü°íÇÒ¸¸ÇÑ »çÀÌÆ® Á¤¸® ¡æ IT ¿ë¾îÁ¤¸® »çÀÌÆ® ¢Ù http://terms.co.kr ¢Ù http://ktword.co.kr ¢Ù http://word.tta.or.kr/index.jsp ¡æ ¸®´ª½º°ü·Ã»çÀÌÆ® ¢Ù http://www.superuser.co.kr ¢Ù http://www.smilezone.info ¢Ù http://kldp.org ¡æ IT°ü·Ã ½Å¹® ¢Ù http://www.boannews.com ¢Ù http://www.dt.co.kr ¢Ù http://www.zdnet.co.kr ¢Ù http://www.etnews.co.kr ¢Ù http://www.ionthenet.co.kr ------------------------------------ 1. ÇöÀç ³¯Â¥¿Í ½Ã°£À» µ¿±âÈ­ ½ÃÅ°±â ------------------------------------ [root@mail root]# date ¢Ñ ³¯Â¥ ¹× ½Ã°£À» º¸¿©ÁÖ´Â ¸í·É¾î. Thu Feb 26 16:21:39 KST 2009 [root@mail root]# rdate -s time.bora.net ¢Ñ ½Ã°£À» µ¿±âÈ­ ÇØÁÖ´Â ¸í·É¾î, -s ¿É¼ÇÀº sync(½Ã°£À» ÀÏÄ¡½ÃÅ´) ----------------------------------------- 2. ºñÇÁÀ½ ¼Ò¸® ¾ø¾Ö±â(Disable Beep Sound) ----------------------------------------- [root@mail root]# vi /etc/profile --> viÆíÁý±â»ó¿¡¼­ profile ÆÄÀÏÀ» ¿­¾î ¶óÀÎÆíÁý¸ðµå¿¡¼­ :$(°¡Àå ¾Æ·¡ÁÙ·Î À̵¿ - 50¶óÀÎ)¸¦ ÀÔ·ÂÇÑ´Ù. --> echo -ne '\033[11;0]' ¢Ñ ºñÇÁÀ½ ¼Ò¸® ¾ø¾Ö´Â ±¸¹®. '´Â ¾ïÀ½ºÎÈ£(`)°¡ ¾Æ´Ñ Ȭµû¿ÈÇ¥(') --> À§¿Í °°ÀÌ ÀԷµǾúÀ¸¸é :wq ¸¦ ÅëÇؼ­ ÀúÀåÇÏ°í ºüÁ®³ª¿Â´Ù. [root@sak11 root]# source /etc/profile ¢Ñ ¼Ò½º¸¦ º¯°æÇÏ¿´±â¶§¹®¿¡ Àç¼³Á¤ ÇØÁÖ´Â ºÎºÐÀÓ. ----------------------------------------- 3. VmwareÀÇ Çػ󵵸¦ 1024 * 768·Î º¯°æÇϱâ ----------------------------------------- [root@sak11 root]# vi /boot/grub/grub.conf --> 15¶óÀο¡ ¾Æ·¡¿Í °°ÀÌ vga=788 ¸¦ Ãß°¡ÇÑ´Ù.. --> 15 kernel /vmlinuz-2.4.20-8 ro root=LABEL=/ vga=788 --> :wq ·Î ÀúÀåÇÏ°í ³ª°¡¼­ shutdown -r now ¸í·É¾î¸¦ ÅëÇØ ½Ã½ºÅÛÀ» ÀçºÎÆÃÇØÁØ´Ù.(Æë±Ï·Î°í°¡ ¶á´Ù¸é ¼º°ø) ¡Ø ÇØ»óµµ ¿É¼Ç 640 x 480 800 x 600 1024 x 768 1280 x 1024 (256) 0x301=769 0x303=771 0x305=773 0x307=775 (32k) 0x310=784 0x313=787 0x316=790 0x319=793 (64k) 0x311=785 0x314=788 0x317=791 0x31A=794 <-- Ãßõ¶óÀÎ(785,788,791,794) (16m) 0x312=786 0x315=789 0x318=792 0x31B=795 ----------------------------------------- 4. vi¿¡µðÅÍ È¯°æ¼³Á¤ ----------------------------------------- ÀÚ½ÅÀÇ È¨µð·ºÅ丮(/root, cd ~ ¸í·É¾î)¾È¿¡ .vimrc¶ó´Â ÆÄÀÏÀ» »õ·Î »ý¼º ÈÄ¿¡ ¿É¼ÇÀ» ³Ö¾îÁÖ¸é µÈ´Ù. [root@sak11 root]# cp /usr/share/vim/vim61/vimrc_example.vim ~/.vimrc À§ÀÇ ¸í·É¾î °°ÀÌ ¹Ì¸® Á¤ÇسõÀº »ùÇà ȯ°æ¼³Á¤À» °¡Á®´Ù ½áµµ µÈ´Ù. ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢¼³Á¤³»¿ë¦¢ ¦¦¦¡¦¡¦¡¦¡¦¥ set autoindent - ÀÚµ¿ µé¿©¾²±â set cindent - C ÆÄÀÏ ÀÚµ¿ µé¿©¾²±â set ruler - Ä¿¼­ À§Ä¡ Ç¥½Ã set number - Çà¹øÈ£ Ç¥½Ã ¢Ñ ÀÌ°æ¿ì se nu, set nu ·Î ½áµµ µÈ´Ù. --> Çà¹øÈ£¸¦ Áö¿ï¶§´Â set nonumber, se nonu, set nonu ¸¦ »ç¿ëÇÑ´Ù(viÆíÁý±â»ó¿¡¼­ ¶óÀÎÆíÁý¸ðµå) set backup - ¹é¾÷ÆÄÀÏ ÀÚµ¿»ý¼º ----------------------------------------- 5. ³×Æ®¿öÅ© ¼³Á¤(IP, Gateway, DNS¼³Á¤) ----------------------------------------- ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢°ü·ÃÆÄÀϦ¢ ¦¦¦¡¦¡¦¡¦¡¦¥ /etc/hosts : È£½ºÆ®ÀÇ À̸§À» °¡Áö°í ÀÖ´Â ÆÄÀÏ, È£½ºÆ®ÀÇ ½ÇÁ¦À̸§°ú alias¸¦ ¼³Á¤ /etc/host.conf : order hosts,bind ¶ó´Â ÇÑÁÙ·Î µÇ¾îÀÖ°í hostsÆÄÀÏÀ» ¸ÕÀú Âü°íÇÒÁö DNS¿¡ ¸ÕÀú ¹°¾îº¼Áö¸¦ °áÁ¤ --> ½ÇÁ¦·Î´Â /etc/nsswitch.conf ÆÄÀÏÀÇ 38¶óÀÎ files dns ¼ø¼­¿¡ µû¶ó¼­ °áÁ¤µÈ´Ù. (À̷аúÀÇ Â÷ÀÌÁ¡) /etc/resolv.conf : ³×ÀÓ¼­¹öÀÇ Á¤º¸¸¦ ´ã°í ÀÖÀ½ (KT´Â 168.126.63.1) /etc/sysconfig/network : ³×Æ®¿öÅ·À» ÇÒ °ÍÀÎÁö¿Í È£½ºÆ® ³×ÀÓÀÇ Á¤º¸°¡ µé¾îÀÖÀ½ --> È£½ºÆ®À̸§À» ¹Ù²Ù°íÀÚ ÇÑ´Ù¸é /etc/hostsÆÄÀÏ°ú À§ÀÇ networkÆÄÀÏÀÇ ¼³Á¤À» ¸ðµÎ ¹Ù²Ù¾îÁÖ¾î¾ß ÇÔ /etc/sysconfig/network-scripts/ifcfg-eth0 : ³×Æ®¿öÅ© Åë½ÅÀ» Çϱâ À§ÇÑ °¡Àå Áß¿äÇÑ ¼³Á¤ ÆÄÀÏ --> IP¿Í NetMAST, GATEWAY¸¦ ¼³Á¤ÇÒ¼ö ÀÖ´Ù. ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢Àû¿ë¹æ¹ý¦¢ ¦¦¦¡¦¡¦¡¦¡¦¥ [root@sak11 root]# netconfig ¢Ñ ÀÌ ¸í·É¾î¸¦ ÀÌ¿ëÇÏ¿©¼­ ¾ÆÀÌÇÇ¿Í ³Ý¸¶½ºÅ©, DNS¼­¹öÁÖ¼Ò¸¦ º¯°æÇØÁØ´Ù. [root@sak11 root]# /etc/rc.d/init.d/network restart ¢Ñ ³×Æ®¿öÅ©¸¦ Àç½ÃÀÛÇØÁØ´Ù. --> service network restart ´Â À§ÀÇ ¸í·É¾î¿Í µ¿ÀÏÇÑ ¿ªÈ°À» ÇÏÁö¸¸ RedHat °è¿­¿¡¼­¸¸ »ç¿ëµÇ¾î ÃßõÇÏÁö¾ÊÀ½ ----------------------------------------- 6. ½Ã½ºÅÛ ÀçºÎÆà & ½Ã½ºÅÛ Á¾·á ----------------------------------------- ½Ã½ºÅÛ ÀçºÎÆà - shutdown -r now(Ãßõ), init 6(À¯´Ð½º¿¡¼­ ÁÖ·Î »ç¿ë), reboot ½Ã½ºÅÛ Á¾·á - shutdown -h now(Á¢¼ÓµÈ »ç¿ëÀÚ¿¡°Ô ¾Ë¸²), init 0(¾Ë¸®Áö¾Ê°í Á¾·á), halt, power off ----------------------------------------- 7. ¸®´ª½º µð·ºÅ丮 Á¾·ù¿Í Ư¡ ----------------------------------------- ¡Ø ¸®´ª½º¸¶½ºÅÍ 2±Þ - »çÀÌÅØ ¹Ìµð¾î(p.11) ¦£¦¡¦¡¦¤ ¦¢ / ¦¢ ÃÖ»óÀ§¿¡ ÀÖ´Â µð·ºÅ丮·Î, ·çÆ® µð·ºÅ丮¶ó°í ÇÑ´Ù. ¦¦¦¨¦¡¦¥ ¦¢ ¦¢¦£¦¡¦¡¦¡¦¡¦¤ ¦§¦© /bin ¦¢ ±âº» ½ÇÇà ÆÄÀϵé, Áï »ç¿ëÀÚ ¸í·É¾îµéÀÌ µé¾îÀÖ´Ù. ¦¢¦¦¦¡¦¡¦¡¦¡¦¥ ¦¢¦£¦¡¦¡¦¡¦¡¦¤ ¦§¦© /boot ¦¢ ½Ã½ºÅÛ ºÎÆýà ÇÊ¿äÇÑ ÆÄÀϵéÀÌ µé¾îÀÖ´Ù. ¦¢¦¦¦¡¦¡¦¡¦¡¦¥ ¦¢¦£¦¡¦¡¦¡¦¡¦¤ ¦§¦© /dev ¦¢ Ç÷ÎÇÇ, Çϵåµð½ºÅ©, CD-ROM µå¶óÀÌºê µîÀÇ °¢Á¾ ÀåÄ¡ ÆÄÀϵéÀ» ¸ð¾Æ ³õÀº °÷ÀÌ´Ù. ¦¢¦¦¦¡¦¡¦¡¦¡¦¥ ¦¢¦£¦¡¦¡¦¡¦¡¦¤ ¦§¦© /etc ¦¢ ½Ã½ºÅÛ °ü¸®½Ã ÇÊ¿äÇÑ ½ºÅ©¸³Æ® ÆÄÀϵé°ú ¼³Á¤ ÆÄÀϵéÀÌ µé¾î ÀÖ´Ù. ¦¢¦¦¦¡¦¡¦¡¦¡¦¥ ¦¢¦£¦¡¦¡¦¡¦¡¦¤ ÀϹÝÀûÀ¸·Î »ç¿ëÀÚµéÀÌ »ç¿ëÇÒ ¼ö ÀÖ´Â °èÁ¤ÀÇ È¨ µð·ºÅ丮°¡ À§Ä¡ÇÑ´Ù. ¦§¦© /home ¦¢ ¿¹¸¦ µé¾î, linuxer¶ó´Â °èÁ¤À¸·Î ·Î±×ÀÎÇÒ °æ¿ì Ȩ µð·ºÅ丮´Â /home/linuxerÀÌ´Ù. ¦¢¦¦¦¡¦¡¦¡¦¡¦¥ ¦¢¦£¦¡¦¡¦¡¦¡¦¤ ¦§¦© /lib ¦¢ °¢Á¾ ¶óÀ̺귯¸®°¡ ÀúÀåµÈ µð·ºÅ丮·Î Ä¿³Î ¸ðµâµµ ÀÌ°÷¿¡ ÀÖ´Ù. ¦¢¦¦¦¡¦¡¦¡¦¡¦¥ ¦¢¦£¦¡¦¡¦¡¦¡¦¡¦¡¦¤ ¦§¦©/lost+found ¦¢ ext2 ¹× ext3 ÆÄÀÏ ½Ã½ºÅÛ¿¡¼­ ÆÄÀÏ ½Ã½ºÅÛ º¹±¸¸¦ À§ÇÑ µð·ºÅ丮ÀÌ´Ù. ¦¢¦¦¦¡¦¡¦¡¦¡¦¡¦¡¦¥ ¦¢¦£¦¡¦¡¦¡¦¡¦¤ ¸¶¿îÆ®µÉ ÆÄÀϽýºÅÛÀÇ ¸¶¿îÆ® Æ÷ÀÎÅÍ°¡ µÇ´Â µð·ºÅ丮µéÀÌ À§Ä¡ÇÏ´Â ºÎºÐÀ¸·Î ½Ã½ºÅÛ¿¡ ¼³Ä¡µÈ ÀÔÃâ·Â ¦§¦© /mnt ¦¢ ÀåÄ¡µé°ú ¿¬°á½Ã À̵éÀº ÇØ´ç µð·ºÅ丮¿¡ À§Ä¡ÇÏ°Ô µÈ´Ù. ¦¢¦¦¦¡¦¡¦¡¦¡¦¥ ¿¹·Î¼­ /mnt/floppy ¶Ç´Â /mnt/cdrom°¡ Á¸ÀçÇÑ´Ù. ¦¢¦£¦¡¦¡¦¡¦¡¦¤ ¦§¦© /opt ¦¢ Ãß°¡µÈ ÀÀ¿ë ÇÁ·Î±×·¥ ÆÐÅ°Áö°¡ ¼³Ä¡µÇ´Â µð·ºÅ丮ÀÌ´Ù. ¦¢¦¦¦¡¦¡¦¡¦¡¦¥ ¦¢¦£¦¡¦¡¦¡¦¡¦¤ ½Ã½ºÅÛ °ü¸®¸¦ ¸ñÀûÀ¸·Î ¸Þ¸ð¸®»ó¿¡ ¸¸µé¾î ³õÀº °¡»ó µð·ºÅ丮·Î ¦§¦© /proc ¦¢ µð·ºÅ丮 ¾ÈÀÇ ÆÄÀϵéÀº ÇöÀç ½Ã½ºÅÛ ¼³Á¤À» º¸¿©ÁØ´Ù. ¦¢¦¦¦¡¦¡¦¡¦¡¦¥ ¦¢¦£¦¡¦¡¦¡¦¡¦¤ ¦§¦© /root ¦¢ ·çÆ® »ç¿ëÀÚÀÇ È¨ µð·ºÅ丮·Î ·çÆ® »ç¿ëÀÚ¸¸ Á¢±ÙÇÒ¼ö ÀÖ´Ù. ¦¢¦¦¦¡¦¡¦¡¦¡¦¥ ¦¢¦£¦¡¦¡¦¡¦¡¦¤ ½Ã½ºÅÛ Á¡°Ë ¹× º¹±¸ ¸í·É, ³×Æ®¿öÅ© ÀÎÅÍÆäÀ̽º ¼³Á¤ ¸í·É, ½Ã½ºÅÛ ÃÊ±â ¹× Á¾·á ¸í·É, ¦§¦© /sbin ¦¢ Ä¿³Î ¸ðµâ µî ½Ã½ºÅÛ °ü¸®¿¡ °ü·ÃµÈ ½ÇÇà ÆÄÀϵéÀÌ Æ÷ÇԵǾî ÀÖ´Ù. ¦¢¦¦¦¡¦¡¦¡¦¡¦¥ ¦¢¦£¦¡¦¡¦¡¦¡¦¤ ¦§¦© /tmp ¦¢ °¢ ÀåÄ¡¿¡ ÇÊ¿äÇÑ socketÀÌ À§Ä¡ÇÏ°í ½Ã½ºÅÛ¿¡ ÇÊ¿äÇÑ Àӽà ÆÄÀϵéÀ» ¸¸µé°í »èÁ¦ÇÏ´Â µð·ºÅ丮ÀÌ´Ù. ¦¢¦¦¦¡¦¡¦¡¦¡¦¥ ¦¢¦£¦¡¦¡¦¡¦¡¦¤ ¦§¦© /usr ¦¢ ½Ã½ºÅÛÀÌ Á¤»óÀûÀ¸·Î °¡µ¿µÇ´Âµ¥ ÇÊ¿äÇÑ ¸ðµç ¸í·Éµé°ú ¶óÀ̺귯¸®µé, ¸Þ´º¾ó ÆäÀÌÁöµéÀÌ ÀÖ´Ù. ¦¢¦¦¦¡¦¨¦¡¦¡¦¥ ¦¢ ¦¢¦£¦¡¦¡¦¡¦¡¦¤ ¦¢ ¦§¦©/usr/bin¦¢ /bin¿¡ ¾ø´Â À¯¿ëÇÑ ½ÇÇà ÆÄÀϵéÀÌ À§Ä¡ÇØ ÀÖ´Ù. ¦¢ ¦¢¦¦¦¡¦¡¦¡¦¡¦¥ ¦¢ ¦¢¦£¦¡¦¡¦¡¦¡¦¡¦¡¦¤ ¦¢ ¦§¦©/usr/include¦¢ C ¾ð¾î Çì´õ ÆÄÀϵéÀ» º¸°üÇÏ´Â °÷ÀÌ´Ù. ¦¢ ¦¢¦¦¦¡¦¡¦¡¦¡¦¡¦¡¦¥ ¦¢ ¦¢¦£¦¡¦¡¦¡¦¡¦¤ ½Ã½ºÅÛ¿¡ ÀÖ´Â ´Ù¾çÇÑ ÇÁ·Î±×·¥ÀÇ ÄÄÆÄÀϵÇÁö ¾ÊÀº ¼Ò½ºÄÚµåµéÀ» Æ÷ÇÔÇÏ°í ÀÖ´Ù. ¦¢ ¦§¦©/usr/src¦¢ Áß¿äÇÑ °ÍÀº /usr/src/linux·Î ¸®´ª½º Ä¿³ÎÀÇ ¼Ò½º Äڵ带 Æ÷ÇÔÇÏ°í ÀÖ´Ù. ¦¢ ¦¢¦¦¦¡¦¡¦¡¦¡¦¥ ¦¢ ¦¢¦£¦¡¦¡¦¡¦¡¦¤ ¦¢ ¦¦¦©/usr/man¦¢ ¸í·É¾î·Î º¼ ¼ö ÀÖ´Â man page(¸Þ´º¾ó ÆäÀÌÁö)¸¦ Æ÷ÇÔÇÏ°í ÀÖ´Ù. ¦¢ ¦¦¦¡¦¡¦¡¦¡¦¥ ¦¢ ¦¢¦£¦¡¦¡¦¡¦¡¦¤ ÀÚ·á µ¥ÀÌÅÍ°¡ º¯°æµÉ ¶§ ÀúÀåµÇ´Â µð·ºÅ丮·Î ½Ã½ºÅÛ ÀÛµ¿ logµé°ú ³×Æ®¿öÅ©¿¡ °ü·ÃµÈ ±â·Ï ÆÄÀϵé. ¦¦¦© /var ¦¢ º¸¾È ±â·ÏÀ» ÀúÀåÇÏ°í ¸ÞÀϼ­¹ö·Î ¿î¿µÇÏ´Â °æ¿ì Àü¼ÛµÈ ¸ÞÀÏÀ» ¹Þ¾Æ ÀúÀåÇÏ°í ÀÖ´Â °¡º¯ÀúÀå°ø°£ÀÌ´Ù. ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** ¦®¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¯ ¦­¸®´ª½ºÀÇ °³³äÁ¤¸® ¹× ¼³Ä¡¹æ¹ý ¦­ ¦±¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦° ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢°³³äÁ¤¸®¦¢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** ¸®´ª½º°¡ µîÀåÇÏ°Ô µÈ°ÍÀ» °Å½½·¯ ¿Ã¶ó°¡º¸¸é ´ëÇ¥ÀûÀÎ ¼­¹ö ¿î¿µÃ¼Á¦ÀÎ À¯´Ð½º°¡ °³ÀÎ¿ë ¿î¿µÃ¼Á¦·Î °Åµì ³­ °ÍÀ̶ó ÇÒ¼ö ÀÖ´Ù. 1991³â ¸®´©Áî Åä¹ßÁî¶ó´Â Çɶõµå Çï½ÌÅ°ÀÇ ´ëÇлýÀÌ °³Àοë PC¿¡¼­ ¸ÖƼŽºÅ·À» ±¸ÇöÇϱâ À§ÇÑ ¿î¿µÃ¼Á¦¸¦ ¿¬±¸ÇÏ¿´°í, ±× ¿¬±¸°á°ú¸¦ ÀÎÅÍ³Ý»ó¿¡ °ø°³Çؼ­ ¼ö¸¹Àº ÇÁ·Î±×·¡¸ÓµéÀÌ »õ·Î¿î ±â´ÉÀ» º¸°­ÇÏ¿©¼­ ¿À´Ã³¯ÀÇ ¸®´ª½º ¿î¿µÃ¼Á¦¸¦ ¸¸µé¾î ³Â´Ù. ¸®´ª½º°¡ ¿©Å¸ ¿î¿µÃ¼Á¦¿Í ´Ù¸£°Ô ¾öû³­ µµ¾àÀ» ÇÏ°Ô µÈ °è±â´Â Free Software FoundationÀÇ È¸ÀåÀÎ ¸®Â÷µå ½ºÅ縸¶§¹®ÀÌ´Ù. ±×´Â ¼ÒÇÁÆ®¿þ¾î´Â »ç¿ëÇÏ´Â ¸ðµç À̵éÀÌ ÀÚÀ¯·Ó°Ô »ç¿ëÇÒ ¼ö ÀÖµµ·Ï ÇØÁÖ¾î¾ß ÇѴٴ öÇÐÀ» °¡Áö°í ÀÖ¾ú´Ù. ±×ÀÇ ¾ê±â¸¦ ÇÒ¶§ »©³õÀ» ¼ö ¾ø´Â ¾ê±â´Â GNU¼±¾ð¹®¿¡ °üÇÑ °ÍÀÌ´Ù. "Gnu's Not Unix" ¶ó´Â Àü ¼¼°èÀûÀÎ ÇÁ·ÎÁ§Æ® ±×·ìÀº ¼ÒÇÁÆ®¿þ¾îÀÇ ÀÚÀ¯Á¤½Å°ú »ó¡À» ³ªÅ¸³»°í ÀÖ´Ù. (GNU ¼±¾ð¹® ÇѱÛÆÇ - http://www.gnu.org/gnu/manifesto.ko.html) (FSF ÇÁ¸®¼ÒÇÁÆ®¿þ¾îÀç´Ü - http://www.fsf.org/) ------------- ¡Ø Ä¿³Î(p.10) ------------- Ä¿³Î(Kernel)À̶õ Çϵå¿þ¾î¿Í ¼ÒÇÁÆ®¿þ¾îÀÇ ¿¬°á´Ù¸® H/W -> Ä¿³Î -> ½© -> ÀÀ¿ëÇÁ·Î±×·¥ £ªÄ¿³Î¼Ò½º ¼ýÀÚ - linux-x.y.z.tar.gzÀÇ Çü½Ä - x : ÁÖ¹öÀü(Major Version) - y : Ȧ¼ö - º£Å¸, ¦¼ö - ¾ÈÁ¤ - z : ¹ö±× ¼öÁ¤ Ƚ¼ö - ¼ýÀÚ°¡ ³ôÀ»¼ö·Ï ÀåÄ¡ÀÇ Áö¿øÀÌ ÁÁ´Ù. - http://www.kernel.org ¿¡¼­ ÃÖ½ÅÄ¿³Î È®ÀÎ - Redhat 9 : 2.4.20 ¹öÀü Æ÷ÇÔ £ªÄ¿³Î°ú ¸ðµâ - ÀÚÁÖ »ç¿ëÇÏ´Â ¿ä¼Ò : Ä¿³Î¿¡ Æ÷ÇÔ - °¡²û »ç¿ëÇÏ´Â ¿ä¼Ò : ¸ðµâ(µ¶¸³ÆÄÀÏ)·Î ÀÛ¼ºÇÏ¿© ÇÊ¿ä½Ã¸¶´Ù È£Ãâ -> monolithic-kernel --------- ¡Ø BSD --------- - Berkeley Software Distribution, Berkeley Software Design(¹öŬ¸® ¼ÒÇÁÆ®¿þ¾î ¹èÆ÷ÆÇ) - BSD´Â 1980³â´ë Ķ¸®Æ÷´Ï¾Æ ¹öŬ¸®´ëÇп¡¼­ ÁÖµµÀûÀ¸·Î °³¹ß ¹èÆ÷µÈ À¯´Ð½º °è¿­ÀÇ ¿î¿µÃ¼Á¦·Î¼­ ¹«·á·Î ¹èÆ÷µÇ´Â À¯´Ð½º ¹öÁ¯À» ¸»ÇÑ´Ù. - ¹öŬ¸®´ë ÁÖµµ, ÃÖÃÊ 1981³â 3BSD ¹ßÇ¥, ÀÌÈÄ 4.0, 4.1, 4.2, 4.3 BSD ¿¬ÀÌ¾î ¹ßÇ¥ÇÏ°í ¸¶Áö¸· ¹öÀüÀ¸·Î´Â 1993³â BSD 4.4 - TCP/IP ÇÁ·ÎÅäÄݵéÀÌ ÀÌ À¯´Ð½º ¹öÁ¯À» ÅëÇØ ½ÇÁ¦ ±¸ÇöµÈ ¹Ù ÀÖÀ¸¸ç, À̸¦ÅëÇØ TCP/IPÀÇ È®»ê¿¡ ±â¿©ÇÏ°Ô µÇ´Â Ãø¸éÀÌ ÀÖ¾úÀ½. - ÇöÀç·Î´Â FreeBSD, NetBSD, OpenBSD µîÀ¸·Î À̾îÁü ------------------- ¡Ø UNIX System V ------------------- AT&T»ç°¡ 1983³â¿¡ ¹ß¸ÅÇÏ¿© º»°ÝÀûÀ¸·Î ÀÌ¿ëÀÚ Áö¿øÀ» °³½ÃÇÑ »ó¾÷¿ë À¯´Ð½º ½Ã½ºÅÛ. ±âÁ¸ÀÇ À¯´Ð½º´Â º§(Bell) ¿¬±¸¼Ò°¡ Á¦°øÇÏ´Â ¿¬±¸ °³¹ßÆÇÀ̾úÁö¸¸ 1983³âºÎÅÍ´Â AT&T»çÀÇ À¯´Ð½º Áö¿ø ±×·ìÀÌ °³¹ßÀ» ´ã´çÇÏ°Ô µÇ¾úÀ¸¸ç, ÀÌ°ÍÀÌ À¯´Ð½º ½Ã½ºÅÛ V Á¦1ÆÇ(UNIX System V Release 1:SVR 1)ÀÌ´Ù. ±× ÈÄ SVR 2, SVR 3, SVR 4 µîÀ¸·Î °³·®µÇ¾úÀ¸¸ç, ¶óÀ̼±½º´Â AT&T»ç¿¡¼­ µ¶¸³ÇÑ À¯´Ð½º ½Ã½ºÅÛ ·¡¹ö·¯Å͸®Áî(USL)°¡ °®°í ÀÖ´Ù. ---------- ¡Ø POSIX ---------- - Portable Operating System Interface for Computer Environment - ÄÄÇ»ÅÍ Ã³¸® ȯ°æÀ» À§ÇÑ ÀÌ½Ä °¡´ÉÇÑ ¿î¿µ ü°è ÀÎÅÍÆäÀ̽º·Î, IEEE »êÇÏ P1003 ±â¼ú À§¿øȸ¿¡¼­ ÀÛ¼ºÇÑ ÄÄÇ»ÅÍ ¿î¿µ ü°è ¼­ºñ½ºÀÇ Ç¥ÁØ ±Ô°Ý. ´çÃÊ¿¡´Â À¯´Ð½º »ç¿ëÀÚ ±×·ìÀÌ À¯´Ð½º¸¦ ±â¹ÝÀ¸·Î Ç¥ÁØÈ­ ÀÛ¾÷À» ½ÃÀÛÇÏ¿´À¸³ª, ¹Ì±¹ÀÇ ±¹³» Ç¥ÁØÀÎ ANSI Ç¥ÁØÀ¸·Î Á¦Á¤ÇÒ ¸ñÀûÀ¸·Î IEEE°¡ ÀΰèÇÏ¿© ÃßÁøÇÏ°Ô µÇ¾ú´Ù. P1003 ±â¼ú À§¿øȸ´Â ¿©·¯ °³ÀÇ ÀÛ¾÷ ºÎȸ¸¦ ±¸¼ºÇÏ¿© ÁÖÁ¦º°·Î Ç¥ÁØÈ­¸¦ ÃßÁøÇÏ°í ÀÖ´Ù. - ÀÌ½Ä °¡´É ¿î¿µ üÁ¦ ÀÎÅÍÆäÀ̽º(ì¹ãÕʦÒöê¡ç½ô÷ð¤ interface, portable operating system interface), ¶Ç´Â Æ÷½Ä½º(POSIX, ÆĽĽº)´Â ¼­·Î ´Ù¸¥ UNIX OSÀÇ °øÅë API¸¦ Á¤¸®ÇÏ¿© À̽ļºÀÌ ³ôÀº À¯´Ð½º ÀÀ¿ë ÇÁ·Î±×·¥À» °³¹ßÇϱâ À§ÇÑ ¸ñÀûÀ¸·Î IEEE°¡ Ã¥Á¤ÇÑ ¾ÖÇø®ÄÉÀÌ¼Ç ÀÎÅÍÆäÀ̽º ±Ô°ÝÀÌ´Ù. POSIXÀÇ ¸¶Áö¸· ±ÛÀÚ X´Â À¯´Ð½º ȣȯ ¿î¿µÃ¼Á¦¿¡ º¸Åë X°¡ ºÙ´Â °Í¿¡¼­ À¯·¡ÇÑ´Ù.±Ô°ÝÀÇ ³»¿ëÀº Ä¿³Î·ÎÀÇ C ¾ð¾î ÀÎÅÍÆäÀ̽ºÀÎ ½Ã½ºÅÛ ÄÝ »Ó ¾Æ´Ï¶ó, ÇÁ·Î¼¼½º ȯ°æ, ÆÄÀÏ°ú µð·ºÅ͸®, ½Ã½ºÅÛ µ¥ÀÌÅͺ£À̽º(¾ÏÈ£ ÆÄÀÏ µî), tar ¾ÐÃà Æ÷¸Ë µî ´Ù¾çÇÑ ºÐ¾ß¸¦ ¾Æ¿ì¸¥´Ù. À¯´Ð½º °è¿­ ¿Ü¿¡ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ® À©µµ NT´Â POSIX 1.0¿¡ ÁØÇÏ´Â POSIX ¼­ºê ½Ã½ºÅÛÀ» žÀçÇÏ°í ÀÖÀ¸¸ç, POSIX ÀÀ¿ë ÇÁ·Î±×·¥À» ¼­ºê ½Ã½ºÅÛ¿¡¼­ ½ÇÇàÇÒ ¼ö ÀÖ´Ù. ÀÌ´Â ÁÖ·Î ¹Ì±¹ Á¤ºÎ±â°üÀÇ ÄÄÇ»ÅÍ ½Ã½ºÅÛ µµÀÔÁ¶°Ç(FIPS)¿¡¼­ POSIX ÁØ°ÅÇÒ °ÍÀ» ¿ä±¸Çϱ⠶§¹®ÀÌ´Ù. À©µµ 2000±îÁö POSIX ¼­ºê½Ã½ºÅÛÀ» žÀçÇÏ°í ÀÖ¾úÁö¸¸ À©µµ XP¿¡¼­ ÆóÁöµÇ¾ú´Ù. ---------- ¡Ø MD5 ---------- - ¾ÏÈ£Çп¡¼­ MD5(Message-Digest algorithm 5)´Â 128ºñÆ® Çؽø¦ Á¦°øÇÏ´Â ¾Ïȣȭ Çؽà ÇÔ¼öÀÌ´Ù. RFC 1321·Î ÁöÁ¤µÇ¾î ÀÖÀ¸¸ç ¼ö¸¹Àº ÇÁ·Î±×·¥°ú ÆÄÀÏÀÇ ¹«°á¼º °Ë»ç¿¡ »ç¿ëµÈ´Ù. MD5´Â 1991³â¿¡ ·Î³Îµå ¶óÀ̺£½ºÆ®°¡ ¿¹Àü¿¡ ¾²ÀÌ´ø MD4¸¦ ´ëüÇϱâ À§ÇØ °í¾ÈÇß´Ù. 1996³â¿¡´Â MD5ÀÇ ¼³°è»ó °áÇÔÀÌ ¹ß°ßµÇ¾ú´Ù. ¸Å¿ì Ä¡¸íÀûÀÎ °áÇÔÀº ¾Æ´Ï¾úÁö¸¸, ¾ÏÈ£ÇÐÀÚµéÀº SHA-1 °°Àº ´Ù¸¥ ¾Ë°í¸®ÁòÀ» »ç¿ëÇÒ °ÍÀ» ±ÇÀåÇϱ⠽ÃÀÛÇß´Ù. 2004³â¿¡´Â ´õ¿í ½ÉÇÑ ¾Ïȣȭ °áÇÔÀÌ ¹ß°ßµÇ¾ú°í 2006³â¿¡´Â ³ëÆ®ºÏ ÄÄÇ»ÅÍ ÇÑ ´ëÀÇ °è»ê ´É·ÂÀ¸·Î 1ºÐ ³»¿¡ Çؽà Ãæµ¹À» ãÀ» Á¤µµ·Î ºü¸¥ ¾Ë°í¸®ÁòÀÌ ¹ßÇ¥µÇ±âµµ ÇÏ¿´´Ù. MD5 ¾Ë°í¸®ÁòÀ» º¸¾È °ü·Ã ¿ëµµ·Î ¾²´Â °ÍÀº ±ÇÀåÇÏÁö ¾ÊÀ¸¸ç, ½É°¢ÇÑ º¸¾È ¹®Á¦¸¦ ¾ß±âÇÒ ¼öµµ ÀÖ´Ù. 2008³â 12¿ù¿¡´Â MD5ÀÇ °áÇÔÀ» ÀÌ¿ëÇØ SSL ÀÎÁõ¼­¸¦ º¯Á¶ÇÏ´Â °ÍÀÌ °¡´ÉÇÏ´Ù´Â °ÍÀÌ ¹ßÇ¥µÇ±âµµ Çß´Ù. ************************************************************** ¦£¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¤ ¦¢¼³Ä¡¹æ¹ý(p.22 Âü°í) ¦¢ ¦¦¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¥ ************************************************************** ---------------------------------------- ¼³Ä¡Àü Áغñ»çÇ× (³»°¡ Å×½ºÆ® Çß´ø ¼³Á¤) ---------------------------------------- HDD 10GB RAM 256MB SCSI/RAID SCSI VideoCard X(¼³Ä¡¾ÈÇÔ) Monitor Ç¥Áظð´ÏÅÍ IP À©µµ¿ìIP + 30 netmask 255.255.255.0 gateway 192.168.10.1 (±³½Ç³» »ç¼³¸Á) DNS 168.126.63.1 (KT DNSÀÓ), 168.126.63.2 hostname SAK13 (ÀÓÀÇ´ë·Î ¼³Á¤) networkcard ·£Ä«µå(¹°¸®ÀûÀÎ NIC) ------------------------------------------------- ÆÄƼ¼Ç Á¤Ã¥(SCSIÇϵ尡 10GB, 256MB ¸Þ¸ð¸®ÀÏ°æ¿ì) - ¼³Á¤¼ø¼­´ë·Î ¹èÄ¡ ------------------------------------------------- /boot 300MB (¾Æ·¡ /tmp±îÁö ¼³Á¤¹æ¹ýÀº µ¿ÀÏ) / 1024MB (/boot,/,/usr ´Â Force to be a primary partition ¿¡ üũÇÒ°Í) /usr 4096MB /var 1024MB (¾Æ·¡ /var, /tmp´Â primary partitionüũÇÏÁö¾Ê°í µðÆúÆ®·Î ¼³Á¤) /tmp 1024MB 384MB (ÆÄÀÏÀ̸§ ¾²Áö¾Ê°í ÆÄÀϽýºÅÛ Å¸ÀÔ¿¡¼­ ext3°¡ ¾Æ´Ñ swap·Î ¼³Á¤ÇØÁØ´Ù.) /home ³ª¸ÓÁö ÀüºÎ (Additional Size Options¿¡¼­ Fill to maximum allowable size¸¦ ¼³Á¤ÇØÁØ´Ù.) --> Swap Partition : ¹°¸®ÀûÀÎ ¸Þ¸ð¸® ºÎÁ·À» ÇØ°áÇϱâ À§ÇØ °í¼ÓÀÇ Çϵåµð½ºÅ©(SCSI)¸¦ ·¥Ã³·³ È°¿ëÇϱâ À§Çؼ­ Çϵåµð½ºÅ©¸¦ Æ÷¸ËÇÏ´Â ÆÄÀϽýºÅÛ ¹æ½ÄÀ» SWAP¶ó°í ºÎ¸§. DB¼­¹ö¿Í °°ÀÌ ´ë¿ë·®ÀÇ µ¥ÀÌÅ͸¦ ¼ø°£ ó¸®Çϱâ À§Çؼ­´Â swap ÆÄƼ¼ÇÀ» ¸¹ÀÌ ÇÊ¿ä·ÎÇÑ´Ù. ************************************************************** ¦£¦¡¦¡¦¡¦¤ ¦¢¸í·É¾î¦¢ ¦¦¦¡¦¡¦¡¦¥ ************************************************************** ---------------- ¡Ø À¯¿ëÇÑ ¸í·É¾î ---------------- £ªbanner : ¹®ÀÚ¿­À» Å« ¹®ÀÚ·Î Ãâ·Â ex) banner 'unix&c' £ªdate : ÇöÀç ³¯Â¥¿Í ½Ã°£ Ãâ·Â £ªclear : È­¸éÀ» ±ú²ýÀÌ Áö¿öÁÜ £ªman : ¸í·É¿¡ ´ëÇÑ ÀÚ¼¼ÇÑ ¼³¸í Ãâ·Â ex) man banner £ªpasswd : ¾ÏÈ£º¯°æ ----------------- ¡Ø ÆÄÀÏ°ü·Ã ¸í·É¾î ----------------- £ªpwd : ÇöÀç À§Ä¡¸¦ È®ÀÎÇؼ­ Àý´ë °æ·Î·Î Ãâ·ÂÇÑ´Ù £ªcd(Change Directory) - ÇöÀçÀÇ µð·ºÅ丮¿¡¼­ ´Ù¸¥ µð·ºÅ丮·Î À§Ä¡º¯°æ(ÁöÁ¤ÇÏÁö¾ÊÀ¸¸é ÀÚ½ÅÀÇ È¨µð·ºÅ丮·Î À̵¿) £ªls: ÆÄÀÏÀ̳ª µð·ºÅ丮¿¡ ´ëÇÑ Á¤º¸ Ãâ·Â -u : ÆÄÀÏ, µð·ºÅ丮 À̸§À» ÃÖÁ¾ Á¢±Ù ½Ã°£ ¼øÀ¸·Î È­¸é¿¡ Ãâ·Â -F : ÆÄÀÏ Á¾·ù¸¦ ±¸ºÐ. (½ÇÇà ÆÄÀÏÀº *, µð·ºÅ丮´Â /¸¦ ºÙÀÓ) -R : Recursive. ¼­ºê µð·ºÅ丮³»ÀÇ ¸ðµç µð·ºÅ丮µéÀ» ¹Ýº¹ Ãâ·Â -d : Directory. µð·ºÅ丮¿¡ ´ëÇÑ Á¤º¸¸¸ Ãâ·Â -l : Long. ÆÄÀÏ°ú µð·ºÅ丮¿¡ ´ëÇÑ »ó¼¼ Á¤º¸¸¦ º¸¿©ÁÜ -a : All. ½Ã½ºÅÛ¿¡ ¼û°ÜÁø ÆÄÀÏ(µð·ºÅ丮µé)À» ¸ðµÎ º¸¿©ÁÜ £ªmkdir : µð·ºÅ丮¸¦ »ý¼ºÇÑ´Ù -p : Áß°£¿¡ µð·ºÅ丮°¡ ¾øÀ¸¸é »ý¼ºÇÑ´Ù £ªrmdir : µð·ºÅ丮¸¦ »èÁ¦ÇÑ´Ù -p : ÇØ´çÇÏ´Â µð·ºÅ丮 »Ó¾Æ´Ï¶ó ºÎ¸ð µð·ºÅ丮µµ »èÁ¦Çϴµ¥ Á¶°ÇÀº ºÎ¸ð µð·ºÅ丮°¡ ºñ¾îÀÖ¾î¾ß »èÁ¦µÈ´Ù.. rm ¸í·É¾î·Î ÆÄÀÏÀ» ¸ðµÎ »èÁ¦ÇÏ¿©¾ß ÇÑ´Ù ex) rm -rf ÆÄÀϸí --------------- ¡Ø ÆÄÀÏ´Ù·ç±â --------------- £ªcat : ÆÄÀÏ ³»¿ëÀ» Ãâ·ÂÇÑ´Ù. (¿É¼Ç -n : Çà¹øÈ£¸¦ ºÙ¿©¼­ Ãâ·Â) £ªmore : ÆÄÀÏ ³»¿ëÀ» È­¸é ´ÜÀ§·Î Ãâ·ÂÇÑ´Ù. +Çà¹øÈ£ : ÁöÁ¤ÇÑ ÇàºÎÅÍ Ãâ·Â £ªtail : ÆÄÀÏÀÇ µÞºÎºÐÀ» Ãâ·ÂÇÑ´Ù. +Çà¹øÈ£ : ÁöÁ¤ÇÑ ÇàºÎÅÍ ³¡±îÁö Ãâ·Â -¼ýÀÚ : È­¸éÀÌ Ãâ·ÂÇÒ ÇàÀÇ ¼ö¸¦ ÁöÁ¤ÇÑ´Ù(±âº»°ªÀº 10ÀÌ´Ù) £ªcp : ÆÄÀÏÀ̳ª µð·ºÅ丮¸¦ º¹»çÇÑ´Ù -i : ÆÄÀÏÀ» µ¤¾î¾µ ¶§ °æ°í ¸Þ½ÃÁö Ãâ·Â -r : µð·ºÅ丮 º¹»ç(µð·ºÅ丮¾ÈÀÇ ¼ÓÇØÀÖ´Â ÆÄÀϵµ ÇÔ²² º¹»ç) ex) cp -r µð·ºÅ丮1 µð·ºÅ丮2 -> µð·ºÅ丮1(ÆÄÀÏÆ÷ÇÔ)À» µð·ºÅ丮2·Î º¹»ç. £ªrm : ÆÄÀÏÀ̳ª µð·ºÅ丮¸¦ º¹»çÇÑ´Ù -i : È®ÀÎ ÈÄ »èÁ¦ -f : ¹«Á¶°Ç »èÁ¦ -r : µð·ºÅ丮 »èÁ¦ -> ÆÄÀÏÆ÷ÇÔµÈ µð·ºÅ丮 »èÁ¦ÇÒ ¶§ ÁÖ·Î rm -rf ¸í·É¾î¾¸ £ªmv : ÆÄÀÏÀÇ À̸§À» ¹Ù²Ù°Å³ª À̵¿ -i : È®ÀÎÈÄ À̵¿ ex) mv [ÆÄÀϸí] [µð·ºÅ丮] : ÁöÁ¤ÇÑ ÆÄÀϵéÀ» µð·ºÅ丮·Î ¿Å±è. ex) mv [µð·ºÅ丮1] [µð·ºÅ丮2] : µð·ºÅ丮1ÀÇ À̸§À» µð·ºÅ丮2·Î ¹Ù²Þ. £ªln : ÇϳªÀÇ ÆÄÀÏ¿¡ »õ·Î¿î À̸§À» ºÙÀÓ -s : ½Éº¼¸¯ ¸µÅ© ÆÄÀÏ »ý¼º(À©µµ¿ì ¹Ù·Î°¡±â ¾ÆÀÌÄÜÀ̶ó°í »ý°¢ÇÏ¸é µÊ)º¹»ç¿Í ´Ù¸£°Ô ÇϳªÀÇ ÆÄÀÏÀ» µÎ °³ÀÇ À̸§À¸·Î °¡¸®Å°°í À־ Çϳª¸¸ ¼öÁ¤À» ÇßÀ» ¶§ µ¿½Ã¿¡ ¼öÁ¤µÈ´Ù. ´Ù¸¸ ½Éº¼¸¯ ¸µÅ©°¡ ¾Æ´Ò¶§´Â »èÁ¦Çϸé Çϵ帵ũ·Î½á °³¼ö¸¸ ÁÙ¾îµé°í ÇϳªÀÇ ÆÄÀÏÀ» »ç¿ë°¡´ÉÇϳª ½Éº¼¸¯ ¸µÅ©ÀÏ ¶§ ¿øº»ÆÄÀÏÀ» »èÁ¦ÇÏ¸é ½Éº¼¸¯ ¸µÅ©µÈ ÆÄÀÏÀº »ç¿ëÀ» ÇÒ ¼ö°¡ ¾ø´Ù. £ªtouch : ÁöÁ¤ÇÑ ÆÄÀÏÀÌ Á¸ÀçÇÏÁö ¾ÊÀ¸¸é »ý¼º, Á¸ÀçÇϸé ÇöÀç ½Ã°£ ¶Ç´Â ÁöÁ¤ÇÑ ½Ã°£À¸·Î ¼öÁ¤½Ã°£ º¯°æ -a : Á¢±Ù ½Ã°£¸¸ º¯°æ -m : ¼öÁ¤ ½Ã°£¸¸ º¯°æ --------------- ¡Ø ÆÄÀÏ ±ÇÇѺ¯°æ --------------- £ªchmod : ÀÚ½ÅÀÌ ¼ÒÀ¯ÇÑ ÆÄÀÏÀÇ »ç¿ë±ÇÇÑÀ» º¯°æ -r : ÇÏÀ§ µð·ºÅ丮 Æ÷ÇÔ - ¿¬»êÀÚ±âÈ£ : +(Çã°¡±ÇºÎ¿©), -(Çã°¡±ÇÁ¦°Å), =(ƯÁ¤Àο¡°Ô Çã°¡±ÇºÎ¿©) ex) chmod +rwx first.dat -> ¸ðµç»ç¿ëÀÚ¿¡°Ô rwxÀÇ +(Çã°¡±Ç)À» ÁØ´Ù ex) chmod o=rw first.dat -> o(±âŸ»ç¿ëÀÚ)¿¡°Ô¸¸ rwÀÇ Çã°¡±ÇÀ» ÁØ´Ù ex) chmod g+rw first.dat -> g(±×·ì)¿¡°Ô¸¸ rwÀÇ Çã°¡±ÇÁØ´Ù(+À̴ϱî). -ÀÏ°æ¿ì´Â Çã°¡±Ç Á¦°Å --------------- ¡Ø ÆÄÀÏ °Ë»öÇϱâ --------------- £ªgrep : ÁöÁ¤ÇÑ ÆÄÀÏ¿¡ ÆÐÅÏÀÌ µé¾îÀÖ´ÂÁö °Ë»ö -i : ´ë¼Ò¹®ÀÚ¸¦ ¹«½ÃÇÏ°í °Ë»ö -l : ÇØ´ç ÆÐÅÏÀÌ µé¾îÀÖ´Â ÆÄÀÏ À̸§À» Ãâ·Â -n : °¢ ¶óÀÎÀÇ ¹øÈ£µµ ÇÔ²² Ãâ·Â -v : ¸í½ÃµÈ ÆÐÅÏ°ú ÀÏÄ¡ÇÏÁö ¾Ê´Â ÁÙÀ» Ãâ·Â -c : ÆÐÅÏ°ú ÀÏÄ¡ÇÑ ÁÙÀÇ °³¼ö Ãâ·Â -w : ÆÐÅÏÀÌ ÇϳªÀÇ ´Ü¾î·Î µÈ °Í¸¸ °Ë»ö £ªfind : Á¶°Ç¿¡ ¸Â´Â ÆÄÀÏÀ» ÁöÁ¤ÇÑ À§Ä¡¿¡¼­ ã´Â´Ù °Ë»öÁ¶°ÇÇ¥Çö ÀÇ¹Ì ±â´É -name filename ÆÄÀÏÀ̸§ ƯÁ¤ ÆÄÀÏ¸í¿¡ ÀÏÄ¡ÇÏ´Â ÆÄÀÏ °Ë»ö -type ÆÄÀÏÁ¾·ù ƯÁ¤ ÆÄÀÏ Á¾·ù¿¡ ÀÏÄ¡ÇÏ´Â ÆÄÀÏ °Ë»ö -user loginID »ç¿ëÀÚID loginID°¡ ¼ÒÀ¯ÇÑ ÆÄÀÏ ¸ðµç ÆÄÀÏ °Ë»ö -size [+|-]n ÆÄÀÏÅ©±â +nº¸´Ù Å©°Å³ª, -nº¸´Ù À۰ųª, Á¤È®È÷ Å©±â°¡ nÀÎ ÆÄÀÏ°Ë»ö --------------------- ¡Ø °£´ÜÇÑ Á¤±ÔÇ¥Çö½Ä --------------------- ¹®ÀÚ ÀÇ¹Ì ¿¹ °á°ú ^ ¶óÀÎÀÇ ½ÃÀÛ '^¹®ÀÚ¿­' ¹®ÀÚ¿­·Î ½ÃÀÛÇÏ´Â ¸ðµç Çà $ ¶óÀÎÀÇ ³¡ '¹®ÀÚ¿­$' ¹®ÀÚ¿­·Î ³¡³ª´Â ¸ðµç Çà . ÇÑ ±ÛÀÚ 'a...b' ÇѱÛÀÚ ´ëÀÀ, a·Î ½ÃÀÛÇؼ­ b·Î ³¡³ª´Â 5±ÛÀÚ °Ë»ö ? ¾ø°Å³ª ÇѱÛÀÚ 'patter?' patter¶Ç´Â patter°ú Çѹ®ÀÚ ´õ ÀÖ´Â ¹®ÀÚ¿­ °Ë»ö ------------------- ¡Ø vi ¿¡µðÅÍ ÆíÁý±â ------------------- £ª3°¡Áö ¸ðµå (°¢¸ðµå¸¦ ÀüȯÇÒ¶§´Â ESCÅ°¿Í Á¶ÇÕÅ°¸¦ ÀÌ¿ëÇÔ) ¢Ñ ÀԷ¸ðµå : ÀÔ·ÂÇÑ ³»¿ëÀÌ ¹öÆÛ·Î ¿Å°ÜÁ® Ãß°¡, ¼öÁ¤µÊ (i³ª oÅ°¸¦ ´­·¯¼­ µé¾î°¨) ¸í·É¸ðµå : ÀÔ·ÂÇÑ ³»¿ëÀ» ¸í·É¾î·Î Çؼ® (escÅ°¸¦ ´­·¯¼­ µé¾î°¨) ¸¶Áö¸·Çà¸ðµå : °Ë»ö, ÀúÀå, ¹Ù²Ù±â, ÁÙ À̵¿ µî (:(ÄÝ·Ð)À» ÀÌ¿ëÇÏ¿© µé¾î°¨) £ª¸í·É¾î ºÐ¼® ¢Ñ vi : ±×³É vi¶ó°í Ä¡¸é vi¿¡µðÅÍ°¡ ¶ß¸é¼­ °Å±â¿¡ ÀÚÀ¯·Ó°Ô ±âÀÔÇÏ°í ³ªÁß¿¡ ³ª¿Ã ¶§ ¸¶Áö¸·Çà ¸ðµå¿¡¼­ :wq ¸í·É¾î·Î ÀúÀåÇÑ´Ù. vi [ÆÄÀϸí] : ÁöÁ¤ÇÑ ÆÄÀÏÀÌ ÀÖÀ» ¶§´Â ¿­°í ¾øÀ»¶© »õ·Î¿î ÆÄÀÏ »ý¼ºµÊ £ªÀԷ¸í·É ¢Ñ i(¼Ò¹®ÀÚ ¾ÆÀÌ) : Ä¿¼­ ¾Õ¿¡ »ðÀÔ a(¼Ò¹®ÀÚ ¿¡ÀÌ) : Ä¿¼­ µÚ¿¡ »ðÀÔ o(¼Ò¹®ÀÚ ¿À) : ÇöÀç ÁÙ ´ÙÀ½¿¡ »ðÀÔ I(´ë¹®ÀÚ ¾ÆÀÌ) : ÇöÀç Á٠ù Ä­ ¾Õ¿¡ ÅؽºÆ® ÀÔ·Â A(´ë¹®ÀÚ ¿¡ÀÌ) : ÇöÀç ÁÙ ³¡¿¡ ÅؽºÆ® ÀÔ·Â O(´ë¹®ÀÚ ¿À) : ÇöÀç ÁÙ ¾Õ¿¡ »ðÀÔ x : ÇѱÛÀÚ »èÁ¦(deleteÅ°¿Í µ¿ÀÏ) dd : ÇÑ ¶óÀÎ »çÁ¦ yy : ÇÑ ¶óÀÎ º¹»ç p : º¹»çµÈ ³»¿ëÀ» Ä¿¼­ ´ÙÀ½¶óÀο¡ ºÙ¿©³Ö±â £ªÀúÀå¸í·É ¢Ñ w : ÇöÀçÀÇ ÆÄÀϸíÀ¸·Î ÆÄÀÏ ÀúÀå w [ÆÄÀϸí] : ÁöÁ¤ÇÑ ÆÄÀϸíÀ¸·Î ÆÄÀÏ ÀúÀå q : ÀÛ¾÷ ³»¿ëÀ» ÀúÀåÇÏ¿´À¸¸é vi Á¾·á q! : ÀÛ¾÷³»¿ëÀ» ÀúÀåÇÏÁö ¾Ê°í vi Á¾·á £ªÄ¡È¯¸í·É :%s/old/new/g old¸¦ new·Î ġȯ :1,5s/old/new/g 1~5¶óÀο¡ ÀÖ´Â old¸¦ new·Î ġȯ £ªÄ¿¼­À̵¿ k : ÇÑ Çà À§ j : ÇÑ Çà ¾Æ·¡ h : ÇÑ ¹®ÀÚ ¿ÞÂÊ l : ÇÑ ¹®ÀÚ ¿À¸¥ÂÊ ^ : ÇàÀÇ ½ÃÀÛ(:0) $ : ÇàÀÇ ¸¶Áö¸· - : ÀÌÀü ÇàÀÇ Ã³À½ + : ´ÙÀ½ ÇàÀÇ Ã³À½ H : Å° È­¸é ¸Ç À§·Î M : Å° È­¸é Áß°£À¸·Î L : Å° È­¸é ¸Ç ¾Æ·¡·Î w : ´ÙÀ½ ´Ü¾îÀÇ Ã¹¹®ÀÚ·Î b : ÀÌÀü ´Ü¾îÀÇ Ã¹¹®ÀÚ·Î e : ´ÙÀ½ ´Ü¾îÀÇ ³¡ ±ÛÀÚ·Î ************************************************************** ¦®¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¯ ¦­¸®´ª½ºÀÇ ¹°¸®Àû º¸¾È¹æ¹ý(.65) ¦­ ¦±¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦° ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢°³³äÁ¤¸®¦¢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** --------------------------- ¡Ø Physical Security(p.66) --------------------------- £ª BIOS Á¢±ÙÅëÁ¦ - ÄַܼÎÀÇ Á¢±ÙÀ» ¸·±â À§Çؼ­´Â BIOS¿¡ ¾ÏÈ£¸¦ ¼³Á¤ - Ç÷ÎÇÇ¿Í CD-ROMÀ¸·ÎÀÇ ºÎÆÃÀº ÇÏÁö ¸øÇϵµ·Ï ¼³Á¤ - ¹°¸®ÀûÀ¸·Î ½Ã½ºÅÛ¿¡ Á¢¼ÓÇÏ°Ô µÇ¸é ½Ã½ºÅÛÀ» º¸È£ÇÒ ¹æ¹ýÀº ¾ø´Ù. £ª Loader(LILO, GRUB) Á¢±ÙÅëÁ¦ - LILO ¼³Á¤ÆÄÀÏ(/etc/lilo.conf)À» ¼öÁ¤ÇÏ¿© ºÎÆýà ¾ÏÈ£¸¦ °É¼ö ÀÖ´Ù. - GRUB ¼³Á¤ÆÄÀÏ(/boot/grub/grub.conf)À» ¼öÁ¤ÇÏ¿© ºÎÆýà ¾ÏÈ£¸¦ °É¼ö ÀÖ´Ù. £ª Console¿¡¼­ÀÇ Root Login ÅëÁ¦ - Single User Mode·ÎÀÇ Á¢±Ù ÅëÁ¦ - Ctrl + Alt + Del Booting ±ÝÁö --------------------- ¡Ø Single mode (p.67) --------------------- º°µµÀÇ ÀÎÁõ ÀýÂ÷¸¦ °ÅÄ¡Áö ¾Ê°í root·Î Á¢±ÙÇÒ ¼ö ÀÖ´Â ¸ðµå·Î½á ³×Æ®¿öÅ·ÀÌ µÇÁö´Â ¾ÊÁö¸¸ rootÀÇ Æнº¿öµå¸¦ ÀÔ·ÂÇÏÁö ¾Ê°í root ±ÇÇÑÀÌ µÉ¼ö ÀÖ´Ù. ************************************************************** ¦£¦¡¦¡¦¡¦¡¦¡¦¡¦¤ ¦¢Single Mode ¦¢ ¦¦¦¡¦¡¦¡¦¡¦¡¦¡¦¥ ************************************************************** [root@sak root]# vi /boot/grub/grub.conf [root@sak root]# grub-md5-crypt ¢Ñ grub¿¡ ´ëÇÑ ºñ¹Ð¹øÈ£(MD5¾Ë°í¸®Áò¿¡ ÀÇÇÑ ¾ÏÈ£) »ý¼º ================================ Password: Retype password: $1$WocKu$NpZxurUwU.P6lYwrPSImi1 ¢Ñ ȯ°æ¼³Á¤ÆÄÀÏ¿¡¼­ »ç¿ëµÇ¹Ç·Î º¹»çÇسõ±â ================================ [root@sak root]# vi /boot/grub/grub.conf ¢Ñ grub.conf ÆÄÀÏ ¼öÁ¤ ================================================================ # grub.conf generated by anaconda # # Note that you do not have to rerun grub after making changes to this file # NOTICE: You have a /boot partition. This means that # all kernel and initrd paths are relative to /boot/, eg. # root (hd0,0) # kernel /vmlinuz-version ro root=/dev/sda3 # initrd /initrd-version.img #boot=/dev/sda default=0 password --md5 $1$WocKu$NpZxurUwU.P6lYwrPSImi1 ¢Ñ º¹»çÇسõÀº ¾ÏÈ£ ºÙ¿©³Ö°í ³»¿ëÃß°¡ timeout=10 splashimage=(hd0,0)/grub/splash.xpm.gz title Red Hat Linux (2.4.20-8) root (hd0,0) kernel /vmlinuz-2.4.20-8 ro root=LABEL=/ initrd /initrd-2.4.20-8.img :wq ================================================================ [root@sak root]# vi /etc/inittab ===================================== ~~:S:wait:/sbin/sulogin ¢Ñ 19¶óÀο¡ Ãß°¡ - ½Ì±Û¸ðµå¿¡ ´ëÇÑ rootÀÇ Æнº¿öµå ¼³Á¤ # Trap CTRL-ALT-DELETE CTRL-ALT-DELETE »ç¿ëÁ¦Çѹý ca::ctrlaltdel:/sbin/shutdown -a -t3 -r now ¢Ñ /etc/shutdown.allow ÆÄÀÏ¿¡ Ãß°¡µÈ »ç¿ëÀÚ¸¸ »ç¿ë°¡´ÉÇÏ°Ô ÇÔ #ca::ctrlaltdel:/sbin/shutdown -t3 -r now ¢Ñ ¾ÕºÎºÐÀ» ÁÖ¼®Ã³¸®ÇÔÀ¸·Î ¸ðµç »ç¿ëÀÚ°¡ »ç¿ëÀÌ ±ÝÁöµÊ. ¢Ñ ÀÌÁß µÑ Áß¿¡ Çϳª¸¸ ÀÔ·ÂÇÏ¸é µÊ. :wq ===================================== [root@sak root]# shutdown -r now ¢Ñ ½Ã½ºÅÛ ÀçºÎÆà ===================================== Broadcast message from root (pts/0) (Wed Feb 4 15:25:24 2009): The system is going down for reboot NOW! ===================================== [root@sak root]# vi /etc/inittab [root@sak root]# /sbin/init q [root@sak root]# vi /etc/inittab [root@sak root]# cat > /etc/shutdown.allow ¢Ñ /etc/shutdown.allow ÆÄÀÏ »ý¼º root ¢Ñ Ctrl+D ¸¦ ´©¸£°í ÀúÀåÇÏ°í ³ª¿Â´Ù [root@sak root]# useradd kim ¢Ñ »ç¿ëÀÚÃß°¡ [root@sak root]# passwd kim ¢Ñ »ç¿ëÀÚ ºñ¹Ð¹øÈ£ ¼³Á¤ Changing password for user kim. New password: BAD PASSWORD: it's WAY too short Retype new password: passwd: all authentication tokens updated successfully. [root@sak root]# su - »ç¿ëÀÚ °èÁ¤ - »ç¿ëÀÚ °èÁ¤À¸·ÎÀÇ Àüȯ ------------------------ ¡Ø su¿Í su - ¿ÍÀÇ Â÷ÀÌÁ¡ ------------------------ su : ÀÚ½ÅÀÇ È¯°æº¯¼öÀÇ °ªÀ» °¡Áö°í ´Ù¸¥ »ç¶÷ÀÇ ±ÇÇѸ¸À» °¡Áö°Ô ÇÑ´Ù su - : »ç¿ëÀÚÀÇ È¯°æº¯¼öÀÇ ³»¿ëµµ ¿Ïº®ÇÏ°Ô »ç¿ëÇÑ´Ù. ·çÆ® ±ÇÇÑ »ç¿ë½Ã - ¿É¼ÇÀ» »ç¿ëÇؾ߸¸ ½Ã½ºÅÛ ¸í·É¾î(¿¹¸¦ µé¾î /sbin µð·ºÅ丮ÀÇ ¸í·É¾îµî)À» »ç¿ëÇÒ ¼ö ÀÖ´Ù. ÀϹÝÀûÀº su - ÀÌ·¸°Ô ÀÔ·ÂÇÏ¸é ±âº»ÀûÀ¸·Î root·Î ÀüȯÀÌ µÈ´Ù. ************************************************************** ¦®¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¯ ¦­General System Security(p.75) ¦­ ¦±¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦° ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢°³³äÁ¤¸®¦¢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** -------------- ¡Ø RPMÀÇ °³¿ä -------------- ¸®´ª½º ½Ã½ºÅÛÀÇ °¡Àå Æí¸®ÇÏ°í Ư¡ÀûÀÎ ¸éÀ̶ó¸é RPMÀ» ¸»ÇÒ¼ö ÀÖ´Ù. - RPM(Redhat Package Manager)Àº ¿©·¯°¡Áö ÇÁ·Î±×·¥µé°ú À¯Æ¿¸®Æ¼ ¾îÇø®ÄÉÀ̼ǵéÀÇ ¼³Ä¡, °ü¸®, »èÁ¦, ¾÷µ¥ÀÌÆ®¸¦ ÇÒ ¼ö ÀÖµµ·Ï ·¹µåÇÞ ¸®´ª½º¿¡¼­ Á¦°øÇÏ´Â ÆÐÅ°Áö °ü¸® ½Ã½ºÅÛÀÌ´Ù. - ·¹µåÇÞ¿¡¼­ Á¦°øÇÏ´Â ¸ðµç ¸®´ª½º ÇÁ·Î±×·¥µéÀº ÆÐÅ°Áö¶ó´Â ´ÜÀ§·Î ¹èÆ÷ÇÏ°í ÀÖÀ¸¸ç ·¹µåÇÞ ¸®´ª½º¸¦ °³¹ßÇÏ°í ¹èÆ÷ÇÏ´Â °³¹ßÀڵ鿡 ÀÇÇØ ÄÄÆÄÀÏ µÇ¾î ÀÏ¹Ý »ç¿ëÀڵ鿡°Ô ¹èÆ÷µÇ°í ÀÖ´Ù. - ¸®´ª½º ¹èÆ÷ÆǵéÀº ±âº»ÀûÀ¸·Î package¶ó´Â ´ÜÀ§·Î ±¸¼ºµÇ¾îÀÖ´Ù. ÀϹÝÀûÀÎ .tar.gz(.tgz)ÆÄÀϺ¸´Ù RPMÆÐÅ°Áö´Â ¸Å¿ì ¶Ù¾î³­ ±â´ÉÀ» °¡Áö°í ÀÖ´Â °íÂ÷¿øÀûÀÎ ÆÐŰ¡ ½Ã½ºÅÛÀÌ´Ù. ----------------------- ¡Ø RPMÀÇ ´Ù¼¸°¡Áö mode ----------------------- - ¼³Ä¡¸ðµå : rpm -i ¶Ç´Â rpm -U(¾÷±×·¹À̵å) - Á¦°Å¸ðµå : rpm -e - ÁúÀǸðµå : rpm -q - °ËÁõ¸ðµå : rpm -V ¶Ç´Â rpm -v - ÆÐÅ°ÁöÁ¦ÀÛ¸ðµå : rpm -b ----------------------- ¡Ø RPMÆÐÅ°Áö À̸§ ±¸Á¶ ----------------------- ÆÐÅ°Áö À̸§_¹öÀü-¸±¸®Áî.¾ÆÅ°ÅØÃÄ.rpm ex) tcp_wrappers-7.6-10.i386.rpm tcp_wrappers : ÆÐÅ°Áö À̸§ 7.6 : ¹öÀü 10 : ¸±¸®Áî i386 : ¾ÆÅ°ÅØÃÄ(intel Ç÷§Æû ÀǹÌ) 1.3 ÆÐÅ°Áö ¼³Ä¡/¾÷±×·¹À̵å/Á¦°Å ------------------------- ¡Ø chattrÀÇ ¼Ó¼ºº¸±â(p.83) ------------------------- # chattr +i /etc/passwd ¢Ñ ¼öÁ¤À̳ª ³»¿ëÃß°¡ ±ÝÁö(¸ðµÎ ±ÝÁö), ½ÇÇุ °¡´É # chattr +i /etc/shadow ¢Ñ ¸ðµÎ±ÝÁöµÇ°í ½ÇÇุ °¡´ÉÇÏ°Ô²û ¼³Á¤ÇÔ(ÆÛ¹Ì¼Ç Á¶Á¤) # chattr +i /etc/group +a - ÆÄÀÏ ³»¿ë Ãß°¡, ¼öÁ¤°¡´É(ÆÄÀÏÀ̸§ ¼öÁ¤, »èÁ¦´Â ºÒ°¡´É) +c - Ä¿³Î, ÀÚµ¿¾ÐÃà,ÀúÀå +d - dump·Î ¹é¾÷ÀÌ µÇÁö ¾Ê´Â´Ù. +i - ¸ðµç°ÍÀÌ ±ÝÁöµÇÁö¸¸ ½ÇÇàÀº °¡´ÉÇÔ +s - »èÁ¦½Ã ÇØ´ç ÆÄÀÏ ºí·° +S - ÆÄÀϺ¯°æ½Ã¸¶´Ù µ¿±âÈ­ +u - µÇµ¹¸®´Â ±â´É # lsattr - chattr ¿É¼ÇÀû¿ë»óÅ ȮÀÎÇϱâ # ¸¸¾à chattr ¼Ó¼ºÀ» Áö¿ì°í ½Í´Ù¸é +¿É¼Ç¸»°í -¿É¼ÇÀ» ÁÖ¸éµÊ. ************************************************************** ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢¼³Á¤Çϱ⦢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** --------------------------------------- º¸¾È»ó »èÁ¦µÇ¾î¾ß ÇÏ´Â ÆÄÀÏ ÆÐÅ°Áö(p.80) --------------------------------------- anacron, apmd, at, dhcpcd, dosfstools, eject hotplug, ipchains, ksymoops, kudzu, lokkit, mailcap pciutils, pump, raidtools, redhat-logos, redhat-release, setserial [root@sak root]# rpm -qa | grep apmd ¢Ñ apmd ¶ó´Â ÆÐÅ°Áö°¡ ¼³Ä¡µÇ¾ú´ÂÁö °Ë»öÇغ»´Ù. apmd-3.0.2-18 ¢Ñ apmd°¡ ¼³Ä¡µÇ¾ú´Ù°í ³ª¿Â´Ù. [root@sak root]# rpm -e apmd ¢Ñ apmd´Â º¸¾È»ó »èÁ¦µÇ´Â°ÍÀÌ ÁÁÀ¸¹Ç·Î »èÁ¦ÇÑ´Ù. [root@sak root]# /etc/rc.d/init.d/atd stop Stopping atd: [ OK ] [root@sak root]# /etc/rc.d/init.d/gpm stop Shutting down console mouse services: [ OK ] [root@sak root]# rpm -e --nodeps anacron apmd at dhcpd dosfstools eject hotplug ipchains ksymoops kudzu lokkit mailcp pciutils pump raidtools redhat-logos redhat-release setserial [root@sak root]# rm -rf /var/spool/anacron [root@sak root]# echo "Red Hat Linux" > /etc/redhat-release [root@sak root]# rpm -e hdparm ¢Ñ SCSI / RAID HDD¸¦ »ç¿ëÇϱ⶧¹®¿¡ IDE HDD°ü·Ã rpmÀ» »èÁ¦ÇÑ´Ù.(p.81 Âü°í) [root@sak root]# rpm -e kbd redhat-config-mouse setuptool ¢Ñ Å°º¸µå,¸¶¿ì½º,½Ã°£,ÅؽºÆ® ±â¹Ý ¸Þ´º [root@sak root]# rpm -e sendmail procmail openldap cyrus-sasl ash time [root@sak root]# rpm -e --nodeps sendmail procmail openldap cyrus-sasl ash time [root@sak root]# rpm -e up2date warning: /etc/sysconfig/rhn/up2date-uuid saved as /etc/sysconfig/rhn/up2date-uuid.rpmsave [root@sak root]# rm -rf /etc/sysconfig/rhn/up2date-uuid.rpmsave [root@sak root]# rm -rf /usr/share/doc /etc/exports /etc/printcap /etc/ldap.conf /etc/yp.conf /etc/hotplug /etc/ppp /etc/opt /etc/X11 /opt /var/opt /var/nis /var/spool/lpd /usr/X11R6 /usr/bin/X11 /usr/lib/X11 /usr/games /usr/share/pixmaps /usr/share/empty /usr/share/emacs [root@sak root]# chattr +i /etc/passwd ¢Ñ passwdÆÄÀÏ¿¡ ´ëÇØ ¸ðµÎ ±ÝÁöÇÏ°í ½ÇÇุ °¡´ÉÇÏ°Ô ²û ¼³Á¤ [root@sak root]# chattr +i /etc/shadow [root@sak root]# chattr +i /etc/group [root@sak root]# lsattr /etc/passwd ¢Ñ lsattr ¸í·É¾î·Î ¿É¼Ç Àû¿ëµÈ°Å È®ÀÎÇϱâ ----i-------- /etc/passwd ---------------------- Ç¥ÁØ º¸¾È Æ۹̼Ç(p.90) ---------------------- ±³Àç 91ÆäÀÌÁö¸¦ º¸°í ÀÏÀÏÀÌ Àû¿ë½ÃÄÑÁÖ¾î¾ß Çϳª ºÒÆíÇϱ⶧¹®¿¡ .sh È®ÀåÀÚ¸¦ °®´Â ½©½ºÅ©¸³Æ®¿¡ Æ۹̼ÇÀ» ÁöÁ¤ÇØÁÖ°í ½ÇÇà½ÃÅ°¸é ÀÚµ¿À¸·Î Àû¿ëµÈ´Ù. chmod.sh ÆÄÀÏÀ» »ý¼ºÇÏ°í ¾Æ·¡ ³»¿ëÀ» º¹»çÇÏ¿© ºÙ¿©³Ö´Â´Ù. ---------------- chmod.shÀÇ ³»¿ë ---------------- [root@sak root]# vi chmod.sh ====================================================================================================== #/bin/bash/ chmod 711 /bin/ /dev/ /etc/ /var/log/ chmod 700 /boot/ /etc/rc.d/init.d/* /root/ chmod 600 /dev/audio* /dev/dsp* /etc/grub.conf /var/log/* chmod 750 /etc/cron.daily/ /etc/cron.hourly/ /etc/cron.monthly/ /etc/cron.weekly/ /etc/rc.d/init.d/ /mnt/ chmod 640 /etc/crontab /etc/esd.conf /etc/ftpaccess /etc/ftpconversions /etc/ftpgroups /etc/ftphosts /etc/ftpusers /etc/hosts /etc/xinetd.conf /etc/inittab /etc/ld.so.conf /etc/modules.conf /etc/rc.d/ /etc/security /etc/ssh/ssh_host_key /etc/ssh/sshd_config /etc/syslog.conf chmod 740 /etc/rc.d/init.d/syslog chmod 644 /etc/motd /etc/profile /etc/ssh/ssh_config /etc/ssh/ssh_host_key.pub chmod 751 /lib/ /sbin/ /usr/ /usr/* /usr/bin/ /usr/sbin/ chmod 1777 /tmp/ chmod 755 /usr/bin/* /usr/sbin/* /var/ chmod 771 /var/spool/mail chmod 0700 /usr/bin/gcc /usr/bin/g++ /usr/bin/cc /usr/bin/make chmod 0700 /usr/bin/w /usr/bin/who /usr/bin/finger /usr/bin/which /usr/bin/nslookup /usr/bin/pstree /usr/bin/whereis /usr/bin/top chmod 0700 /bin/ping /usr/sbin/traceroute /usr/bin/rlog /usr/bin/rlogin /usr/bin/wget /usr/bin/ftp /bin/netstat /bin/ps ====================================================================================================== [root@sak root]# chmod 744 chmod.sh [root@sak root]# ./chmod.sh chmod: failed to get attributes of `/etc/ftpaccess': No such file or directory chmod: failed to get attributes of `/etc/ftpconversions': No such file or directory chmod: failed to get attributes of `/etc/ftpgroups': No such file or directory chmod: failed to get attributes of `/etc/ftphosts': No such file or directory chmod: failed to get attributes of `/etc/ftpusers': No such file or directory À§¿Í °°ÀÌ ³ª¿Â´Ù¸é Ç¥ÁØ º¸¾È Æ۹̼ÇÀÌ Á¦´ë·Î ¼³Á¤µÈ °ÍÀÌ´Ù. ************************************************************** ¦®¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¯ ¦­System Initialization(p.93) ¦­ ¦±¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦° ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢°³³äÁ¤¸®¦¢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** ------------------------ ¡Ø ÆÄÀÏ ÀоîµéÀÌ´Â ¼ø¼­ ------------------------ 1. init 2. /etc/inittab 3. /etc/rc.d/rc.sysinit 4. /etc/rc.d/rc 5. /etc/rc.d/rc[0~6].d/* 6. /etc/rc.d/rc.local 7. /etc/rc.d/rc.serial --------------------------- ¡Ø ½Ã½ºÅÛ Á¾·á °ü·Ã ¸í·É¾î --------------------------- £ª½Ã½ºÅÛ Á¾·á init 0 = halt = power off = shutdown -h now £ª½Ã½ºÅÛ ÀçºÎÆà init 6 = reboot = shutdown -r now ************************************************************** ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢¼³Á¤Çϱ⦢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** [root@sak root]# ls -l /etc/rc.d ¢Ñ rc.dÀÇ ³»¿ëÀ» È®ÀÎ total 36 drwxr-x--- 2 root root 1024 Jan 29 12:43 init.d -rwxr-xr-x 1 root root 2338 Feb 19 2003 rc drwxr-xr-x 2 root root 1024 Jan 29 12:42 rc0.d drwxr-xr-x 2 root root 1024 Jan 29 12:42 rc1.d drwxr-xr-x 2 root root 1024 Jan 29 12:42 rc2.d drwxr-xr-x 2 root root 1024 Jan 29 12:42 rc3.d drwxr-xr-x 2 root root 1024 Jan 29 12:42 rc4.d drwxr-xr-x 2 root root 1024 Jan 29 12:42 rc5.d drwxr-xr-x 2 root root 1024 Jan 29 12:42 rc6.d -rwxr-xr-x 1 root root 220 Jul 11 2001 rc.local -rwxr-xr-x 1 root root 23299 Feb 25 2003 rc.sysinit [root@sak root]# [root@sak root]# ls -l /etc/rc.d/rc3.d ¢Ñ ·±·¹º§ÀÌ 3ÀÎ µð·ºÅ丮ÀÇ ½ºÅ©¸³Æ®¸¦ È®ÀÎ total 0 lrwxrwxrwx 1 root root 13 Jan 23 17:36 K01yum -> ../init.d/yum lrwxrwxrwx 1 root root 19 Jan 23 01:30 K05saslauthd -> ../init.d/saslauthd lrwxrwxrwx 1 root root 13 Jan 23 01:31 K20nfs -> ../init.d/nfs lrwxrwxrwx 1 root root 14 Jan 23 01:30 K24irda -> ../init.d/irda lrwxrwxrwx 1 root root 14 Jan 29 12:42 K74nscd -> ../init.d/nscd lrwxrwxrwx 1 root root 15 Jan 23 01:29 S05kudzu -> ../init.d/kudzu lrwxrwxrwx 1 root root 18 Jan 23 01:30 S08iptables -> ../init.d/iptables [root@sak root]# ls -l /etc/rc.d/rc0.d ¢Ñ·±·¹º§ÀÌ 0ÀÎ µð·ºÅ丮ÀÇ ½ºÅ©¸³Æ®¸¦ È®ÀÎ total 0 lrwxrwxrwx 1 root root 13 Jan 23 17:36 K01yum -> ../init.d/yum lrwxrwxrwx 1 root root 15 Jan 23 01:31 K03rhnsd -> ../init.d/rhnsd lrwxrwxrwx 1 root root 17 Jan 23 01:31 K05anacron -> ../init.d/anacron lrwxrwxrwx 1 root root 13 Jan 23 01:30 K05atd -> ../init.d/atd lrwxrwxrwx 1 root root 18 Jan 23 01:30 K05keytable -> ../init.d/keytable lrwxrwxrwx 1 root root 19 Jan 23 01:30 K05saslauthd -> ../init.d/saslauthd lrwxrwxrwx 1 root root 22 Jan 22 16:48 K08vmware-tools -> ../init.d/vmware-tools lrwxrwxrwx 1 root root 13 Jan 23 01:30 K15gpm -> ../init.d/gpm lrwxrwxrwx 1 root root 13 Jan 23 01:31 K20nfs -> ../init.d/nfs lrwxrwxrwx 1 root root 14 Jan 23 01:30 K24irda -> ../init.d/irda lrwxrwxrwx 1 root root 14 Jan 23 01:31 K25sshd -> ../init.d/sshd lrwxrwxrwx 1 root root 18 Jan 23 01:31 K30sendmail -> ../init.d/sendmail lrwxrwxrwx 1 root root 20 Jan 23 01:29 K44rawdevices -> ../init.d/rawdevices lrwxrwxrwx 1 root root 16 Jan 23 01:31 K50xinetd -> ../init.d/xinetd lrwxrwxrwx 1 root root 15 Jan 23 01:31 K60crond -> ../init.d/crond lrwxrwxrwx 1 root root 16 Jan 23 01:30 K72autofs -> ../init.d/autofs lrwxrwxrwx 1 root root 14 Jan 23 01:30 K74apmd -> ../init.d/apmd lrwxrwxrwx 1 root root 14 Jan 29 12:42 K74nscd -> ../init.d/nscd lrwxrwxrwx 1 root root 15 Jan 23 01:29 K75netfs -> ../init.d/netfs lrwxrwxrwx 1 root root 16 Jan 23 01:29 K80random -> ../init.d/random lrwxrwxrwx 1 root root 17 Jan 23 01:31 K86nfslock -> ../init.d/nfslock lrwxrwxrwx 1 root root 17 Jan 23 01:31 K87portmap -> ../init.d/portmap lrwxrwxrwx 1 root root 16 Jan 23 01:29 K88syslog -> ../init.d/syslog lrwxrwxrwx 1 root root 17 Jan 23 01:29 K90network -> ../init.d/network lrwxrwxrwx 1 root root 14 Jan 23 01:30 K91isdn -> ../init.d/isdn lrwxrwxrwx 1 root root 18 Jan 23 01:30 K92iptables -> ../init.d/iptables lrwxrwxrwx 1 root root 15 Jan 23 01:29 K95kudzu -> ../init.d/kudzu lrwxrwxrwx 1 root root 16 Jan 23 01:29 K96pcmcia -> ../init.d/pcmcia lrwxrwxrwx 1 root root 17 Jan 23 01:29 S00killall -> ../init.d/killall lrwxrwxrwx 1 root root 14 Jan 23 01:29 S01halt -> ../init.d/halt rc script´Â ½Éº¼¸¯ ¸µÅ©·Î ¿¬°áµÇ¾îÀÖÀ¸¸ç ½ÃÀÛÀº S, Á¾·á´Â K·Î ½ÃÀÛÇϸç ÇØ´ç ·±·¹º§¿¡ ¸¸µé¸é µÈ´Ù. ************************************************************** ¦®¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¯ ¦­File System Management / Security(p.111)¦­ ¦±¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦° ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢°³³äÁ¤¸®¦¢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** -------- ¡Ø EXT2 -------- ÆÄÀÏÀÇ µ¥ÀÌÅÍ¿Í ¸ÞŸ-µ¥ÀÌÅ͸¦ µ¿½Ã¿¡ ÀúÀåÇÏÁö ¾Ê´Â ºñµ¿±â½Ä ÆÄÀÏ ½Ã½ºÅÛ ½Ã½ºÅÛ¿¡ ¹®Á¦(Á¤Àü)µîÀÌ ¹ß»ýÇϸç Áï°¢ÀûÀÎ º¹±¸°¡ ¾î·Æ´Ù. ÆÄÀϽýºÅÛ Àüü¸¦ °Ë»çÇÏ¿©¾ß ÇϹǷΠ½Ã°£ÀÌ ¿À·¡ °É¸°´Ù. -------- ¡Ø EXT3 -------- EXT2ÀÇ ¹®Á¦Á¡À» ÇØ°áÇÑ ÆÄÀϽýºÅÛ Àú³Î¸µ(Journalling) ±â¹ýÀ» »ç¿ë ½Å¼ÓÇÑ º¹±¸°¡ °¡´É ------------------------ ¡Ø Àú³Î¸µ ÆÄÀϽýºÅÛ ------------------------ Ext3¸¦ Áö¿øÇÏ´Â ¸®´ª½º ½Ã½ºÅÛ¿¡¼­´Â ´ÙÀ½°ú °°Àº 3´Ü°è Àú³Î¸µÀ» »ç¿ëÇÒ ¼ö ÀÖ´Ù. £ª Journal (¸®½ºÅ© ÃÖ¼Ò) - µÎ ÆÄÀÏ ½Ã½ºÅÛÀÇ ¸ÞŸ µ¥ÀÌÅÍ¿Í ÆÄÀÏ ÄÁÅÙÃ÷´Â ¸ÞÀÎ ÆÄÀÏ ½Ã½ºÅÛ¿¡ Àü´ÞµÇ±â Àü¿¡ Àú³Î¿¡ ±â·ÏµÈ´Ù. Àú³ÎÀº ºñ±³Àû µð½ºÅ©¿Í °ü·ÃÀÌ À־ ¾î¶² °æ¿ì¿¡´Â ¼º´ÉÀ» Çâ»ó½Ãų ¼ö ÀÖÀ¸³ª, µ¥ÀÌÅÍ°¡ Àú³Î¿¡ ÇÑ ¹ø, ÆÄÀÏ ½Ã½ºÅÛ¿¡ ÇÑ ¹ø, ÀÌ·¸°Ô µÎ ¹ø ±â·ÏµÇ±â ¶§¹®¿¡ ¼º´ÉÀÌ ÀúÇ쵃 ¼öµµ ÀÖ´Ù. £ª Ordered (¸®½ºÅ© Áß°£) - ¸ÞŸ µ¥ÀÌÅ͸¸ Àú³Î¿¡ ±â·ÏµÈ´Ù. ÆÄÀÏ ÄÁÅÙÃ÷´Â ±â·ÏµÇÁö´Â ¾ÊÁö¸¸ ¸¸ÀÏ °ü·ÃµÈ ¸ÞŸ µ¥ÀÌÅÍ°¡ Àú³Î¿¡ ±â·ÏµÇ¸é ÆÄÀÏ ÄÁÅÙÃ÷´Â µð½ºÅ©¿¡ ¹Ýµå½Ã ±â·ÏµÈ´Ù. ÀÌ´Â ¸¹Àº ¸®´ª½º ¹èÆ÷ÆÇ¿¡ ±âº» ¼³Á¤À¸·Î µÇ¾î ÀÖ´Ù. ¸¸ÀÏ ÆÄÀÏÀ» Àаųª ¾²´Â µµÁß¿¡ Àü¿øÀÌ °©Àڱ⠲¨Áö°Å³ª Ä¿³Î ÆдР»óÅ°¡ µÇ¸é, Àú³ÎÀº »õ·Î¿î ÆÄÀÏÀ» °¡¸®Å°°Ô µÇ°Å³ª Ãß°¡µÈ µ¥ÀÌÅÍ°¡ ³Ñ°ÜÁöÁö ¾ÊÀ¸¸ç, »èÁ¦ 󸮵ȴÙ. ÇÏÁö¸¸, Áߺ¹ ¾²±â°¡ µÈ ÆÄÀÏÀº ¿øº»ÀÌ ÀúÀåµÇÁö ¾Ê¾Æ ÆÄÀÏÀÌ ¼Õ»óµÉ ¼ö Àִµ¥, ÆÄÀÏÀ» º¹±¸Çϱâ À§ÇÑ ÃæºÐÇÑ Á¤º¸ ¾øÀÌ »õ ÆÄÀÏ°ú ÀÌÀü ÆÄÀÏÀÇ Áß°£ »óÅ¿¡¼­ ÆÄÀÏÀÌ Á¾·áµÉ ¼ö ÀÖ´Ù. - »õ·Î¿î µ¥ÀÌÅÍ´Â ¿Ïº®ÇÏ°Ô µð½ºÅ©¿¡ ÀúÀåµÇÁö ¾ÊÀ¸¸ç, ÀÌÀü µ¥ÀÌÅÍ´Â ¾îµð¿¡µµ ÀúÀåµÇÁö ¾Ê´Â´Ù. - ½ÉÇÑ °æ¿ì¿¡´Â, Áß°£ »óÅ°¡ ÀÌÀü µ¥ÀÌÅÍ¿Í »õ µ¥ÀÌÅÍ »çÀÌ¿¡ È¥¶õÀ» ÁÙ ¼ö ÀÖ´Ù. £ª Writeback (¸®½ºÅ© ÃÖ°í) - ¸ÞŸ µ¥ÀÌÅ͸¸ Àú³Î¿¡ ±â·ÏµÇ¸ç, ÆÄÀÏÀÇ ³»¿ëÀº ±â·ÏµÇÁö ¾Ê´Â´Ù. ÆÄÀÏ ³»¿ëÀº Àú³ÎÀÌ ¾÷µ¥ÀÌÆ®µÈ ÈÄ¿¡³ª ¾Æ´Ï¸é ±× ÀÌÀü¿¡ ±â·ÏµÉ ¼ö ÀÖÀ¸¸ç, °á°úÀûÀ¸·Î Ãæµ¹ ¹Ù·Î Àü¿¡ ¼öÁ¤µÈ ÆÄÀϵéÀº ¼Õ»óµÉ ¼ö ÀÖ´Ù. ¿¹¸¦ µé¾î, Ãß°¡µÈ ÆÄÀÏÀÌ ½ÇÁ¦ Å©±âº¸´Ù ´õ Å« ÆÄÀÏ·Î Àú³Î¿¡ ±â·ÏµÇ¸é, °á±¹Àº "¾²·¹±â(ÀÇ¹Ì ¾ø´Â Á¤º¸)"¸¦ ¸¸µé°Ô µÈ´Ù. ¿À·¡µÈ ÆÄÀÏÀϼö·Ï Àú³ÎÀÌ º¹±¸µÈ ÈÄ¿¡ ¿¹»óÄ¡ ¸øÇÑ °á°ú°¡ ³ªÅ¸³¯ ¼ö ÀÖ´Ù. µ¥ÀÌÅÍ¿Í Àú³Î »çÀÌ¿¡ µ¿½Ã¼ºÀÌ °á¿©µÇ¸ç ´ëºÎºÐÀÇ °æ¿ì¿¡¼­ Á¡Á¡ ½ÉÇØÁø´Ù. XFS¿Í JFS´Â ÀÌ·¯ÇÑ Àú³Î¸µ ·¹º§À» »ç¿ëÇÏÁö¸¸ µ¥ÀÌÅ͸¦ ±â·ÏÇÏÁö ¾Ê±â ¶§¹®¿¡ ¸ðµç "¾²·¹±â"´Â ÀçºÎÆà ½Ã ¿ÏÀüÈ÷ »èÁ¦µË´Ï´Ù. ÀϺΠ»óȲ¿¡¼­´Â µ¿Àû inode ÇÒ´ç ¹× È®Àå°ú °°Àº Çö´ë ÆÄÀϽýºÅÛÀÇ ±â´É ºÎÁ·ÀÌ ´ÜÁ¡À¸·Î ¿©°ÜÁú ¼ö ÀÖÁö¸¸, º¹±¸ÀÇ Ãø¸é¿¡¼­´Â ÀÌ·¯ÇÑ »ç½ÇÀÌ ¾ÆÁÖ ¶Ù¾î³­ ÀåÁ¡ÀÌ µÈ´Ù. ÆÄÀÏ ½Ã½ºÅÛÀÇ ¸ÞŸ µ¥ÀÌÅÍ´Â ¸ðµÎ ¼öÁ¤µÇ°í, Àß ¾Ë·ÁÁø À§Ä¡¿¡ Á¸ÀçÇϸç, µ¥ÀÌÅÍ ±¸Á¶¿¡ ÀϺΠÁߺ¹¼ºÀÌ ³»ÀçµÇ¾î ÀÖ¾î, Æ®¸® ±â¹ÝÀÇ ÆÄÀÏ ½Ã½ºÅÛÀÌ º¹±¸µÇ±â ¾î·Á¿î »óȲ¿¡¼­µµ ¶Ñ·ÇÇÑ µ¥ÀÌÅÍ ¼Õ»ó¿¡µµ ºÒ±¸ÇÏ°í ext2 ¹× ext3 ÆÄÀϽýºÅÛÀÌ º¹±¸µÉ ¼ö ÀÖ´Ù. ************************************************************** ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢¼³Á¤Çϱ⦢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** ---------------------------- 1. ÆÄÀϽýºÅÛÀÇ ¸ñ·ÏÀ» È®ÀÎ ---------------------------- [root@sak root]# fdisk /dev/sda ¢Ñ ¸®´ª½º¿¡ Áö¿øÇÏ´Â ÆÄÀϽýºÅÛÀÇ ¸ñ·ÏÀ» È®ÀÎ The number of cylinders for this disk is set to 1305. There is nothing wrong with that, but this is larger than 1024, and could in certain setups cause problems with: 1) software that runs at boot time (e.g., old versions of LILO) 2) booting and partitioning software from other OSs (e.g., DOS FDISK, OS/2 FDISK) Command (m for help): l ¢Ñ ¸®½ºÆ®¸¦ È®ÀÎ 0 Empty 1c Hidden Win95 FA 70 DiskSecure Mult bb Boot Wizard hid 1 FAT12 1e Hidden Win95 FA 75 PC/IX be Solaris boot 2 XENIX root 24 NEC DOS 80 Old Minix c1 DRDOS/sec (FAT- 3 XENIX usr 39 Plan 9 81 Minix / old Lin c4 DRDOS/sec (FAT- 4 FAT16 <32M 3c PartitionMagic 82 Linux swap c6 DRDOS/sec (FAT- 5 Extended 40 Venix 80286 83 Linux c7 Syrinx 6 FAT16 41 PPC PReP Boot 84 OS/2 hidden C: da Non-FS data 7 HPFS/NTFS 42 SFS 85 Linux extended db CP/M / CTOS / . 8 AIX 4d QNX4.x 86 NTFS volume set de Dell Utility 9 AIX bootable 4e QNX4.x 2nd part 87 NTFS volume set df BootIt a OS/2 Boot Manag 4f QNX4.x 3rd part 8e Linux LVM e1 DOS access b Win95 FAT32 50 OnTrack DM 93 Amoeba e3 DOS R/O c Win95 FAT32 (LB 51 OnTrack DM6 Aux 94 Amoeba BBT e4 SpeedStor e Win95 FAT16 (LB 52 CP/M 9f BSD/OS eb BeOS fs f Win95 Ext'd (LB 53 OnTrack DM6 Aux a0 IBM Thinkpad hi ee EFI GPT 10 OPUS 54 OnTrackDM6 a5 FreeBSD ef EFI (FAT-12/16/ 11 Hidden FAT12 55 EZ-Drive a6 OpenBSD f0 Linux/PA-RISC b 12 Compaq diagnost 56 Golden Bow a7 NeXTSTEP f1 SpeedStor 14 Hidden FAT16 <3 5c Priam Edisk a8 Darwin UFS f4 SpeedStor 16 Hidden FAT16 61 SpeedStor a9 NetBSD f2 DOS secondary 17 Hidden HPFS/NTF 63 GNU HURD or Sys ab Darwin boot fd Linux raid auto 18 AST SmartSleep 64 Novell Netware b7 BSDI fs fe LANstep 1b Hidden Win95 FA 65 Novell Netware b8 BSDI swap ff BBT Command (m for help): q ¢Ñ Á¾·á ---------------- 2. µð·ºÅ丮 ±¸Á¶ ---------------- [root@sak root]# ls -l /proc [root@sak root]# fdisk -l /dev/sda ¢Ñ µð½ºÅ©ÀÇ ÆÄƼ¼Ç È®ÀÎ ================================================================= Disk /dev/sda: 10.7 GB, 10737418240 bytes 255 heads, 63 sectors/track, 1305 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sda1 * 1 38 305203+ 83 Linux /dev/sda2 39 560 4192965 83 Linux /dev/sda3 561 625 522112+ 83 Linux /dev/sda4 626 1305 5462100 5 Extended /dev/sda5 626 756 1052226 82 Linux swap /dev/sda6 757 887 1052226 83 Linux /dev/sda7 888 1018 1052226 83 Linux /dev/sda8 1019 1305 2305296 83 Linux ================================================================= [root@sak root]# vi /etc/fstab ¢Ñ ÇöÀç µð½ºÅ©ÀÇ ÆÄƼ¼Ç Á¤º¸¸¦ °¡Áö°í ÀÖÀ½. LABEL=/ / ext3 defaults 1 1 LABEL=/boot /boot ext3 defaults 1 2 none /dev/pts devpts gid=5,mode=620 0 0 LABEL=/home /home ext3 defaults,nosuid,nodev 1 2 none /proc proc defaults 0 0 none /dev/shm tmpfs defaults 0 0 LABEL=/tmp /tmp ext3 defaults,nosuid,noexec 1 2 LABEL=/usr /usr ext3 defaults 1 2 LABEL=/var /var ext3 defaults 1 2 /dev/sda5 swap swap defaults 0 0 /dev/cdrom /mnt/cdrom udf,iso9660 noauto,owner,kudzu,ro 0 0 /dev/fd0 /mnt/floppy auto noauto,owner,kudzu 0 0 [root@sak root]# mount -o remount /tmp [root@sak root]# mount -o remount /home ------------------ 3. ÆÄÀϽýºÅÛ Á¡°Ë ------------------ [root@sak root]# pwd /root [root@sak root]# cd ~ [root@sak root]# umount /dev/sda1 ¢Ñ /dev/sda1ÀÇ mountÇØÁ¦ [root@sak root]# badblocks /dev/sda1 > bad-blocks ¢Ñ /dev/sda1¿¡ ´ëÇÑ ¹èµåºí·Ï°Ë»ç ÈÄ bad-blocks¶ó´Â ÆÄÀÏ·Î ³»¿ëÀ» ÀúÀåÇÑ´Ù [root@sak root]# fsck --help ¢Ñ fsck¿¡ ´ëÇÑ µµ¿ò¸» ====================================================================== fsck 1.32 (09-Nov-2002) fsck.ext3: invalid option -- h Usage: fsck.ext3 [-panyrcdfvstDFSV] [-b superblock] [-B blocksize] [-I inode_buffer_blocks] [-P process_inode_size] [-l|-L bad_blocks_file] [-C fd] [-j ext-journal] [-E extended-options] device Emergency help: -p Automatic repair (no questions) -n Make no changes to the filesystem -y Assume "yes" to all questions -c Check for bad blocks -f Force checking even if filesystem is marked clean -v Be verbose -b superblock Use alternative superblock -B blocksize Force blocksize when looking for superblock -j external-journal Set location of the external journal -l bad_blocks_file Add to badblocks list -L bad_blocks_file Set badblocks list ====================================================================== [root@sak root]# fsck -t ext3 -l bad-blocks /dev/sda1 ¢Ñ /dev/sda1ÀÇ ÆÄÀϽýºÅÛ Ã¼Å© fsck 1.32 (09-Nov-2002) e2fsck 1.32 (09-Nov-2002) Pass 1: Checking inodes, blocks, and sizes Pass 2: Checking directory structure Pass 3: Checking directory connectivity Pass 4: Checking reference counts Pass 5: Checking group summary information /boot: ***** FILE SYSTEM WAS MODIFIED ***** /boot: 52/76304 files (3.8% non-contiguous), 31455/305203 blocks ************************************************************** ¦®¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¯ ¦­Network Configuration(p.141)¦­ ¦±¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦° ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢°³³äÁ¤¸®¦¢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** ----------------------------------------- ¡Ø ³×Æ®¿öÅ© ¼³Á¤(IP, Gateway, DNS¼³Á¤) ----------------------------------------- ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢°ü·ÃÆÄÀϦ¢ ¦¦¦¡¦¡¦¡¦¡¦¥ /etc/hosts : È£½ºÆ®ÀÇ À̸§À» °¡Áö°í ÀÖ´Â ÆÄÀÏ, È£½ºÆ®ÀÇ ½ÇÁ¦À̸§°ú alias¸¦ ¼³Á¤ /etc/host.conf : order hosts,bind ¶ó´Â ÇÑÁÙ·Î µÇ¾îÀÖ°í hostsÆÄÀÏÀ» ¸ÕÀú Âü°íÇÒÁö DNS¿¡ ¸ÕÀú ¹°¾îº¼Áö¸¦ °áÁ¤ --> ½ÇÁ¦·Î´Â /etc/nsswitch.conf ÆÄÀÏÀÇ 38¶óÀÎ files dns ¼ø¼­¿¡ µû¶ó¼­ °áÁ¤µÈ´Ù. (À̷аúÀÇ Â÷ÀÌÁ¡) /etc/resolv.conf : ³×ÀÓ¼­¹öÀÇ Á¤º¸¸¦ ´ã°í ÀÖÀ½ (KT´Â 168.126.63.1) /etc/sysconfig/network : ³×Æ®¿öÅ·À» ÇÒ °ÍÀÎÁö¿Í È£½ºÆ® ³×ÀÓÀÇ Á¤º¸°¡ µé¾îÀÖÀ½ --> È£½ºÆ®À̸§À» ¹Ù²Ù°íÀÚ ÇÑ´Ù¸é /etc/hostsÆÄÀÏ°ú À§ÀÇ networkÆÄÀÏÀÇ ¼³Á¤À» ¸ðµÎ ¹Ù²Ù¾îÁÖ¾î¾ß ÇÔ /etc/sysconfig/network-scripts/ifcfg-eth0 : ³×Æ®¿öÅ© Åë½ÅÀ» Çϱâ À§ÇÑ °¡Àå Áß¿äÇÑ ¼³Á¤ ÆÄÀÏ --> IP¿Í NetMAST, GATEWAY¸¦ ¼³Á¤ÇÒ¼ö ÀÖ´Ù. ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢Àû¿ë¹æ¹ý¦¢ ¦¦¦¡¦¡¦¡¦¡¦¥ [root@sak11 root]# netconfig ¢Ñ ÀÌ ¸í·É¾î¸¦ ÀÌ¿ëÇÏ¿©¼­ ¾ÆÀÌÇÇ¿Í ³Ý¸¶½ºÅ©, DNS¼­¹öÁÖ¼Ò¸¦ º¯°æÇØÁØ´Ù. [root@sak11 root]# /etc/rc.d/init.d/network restart ¢Ñ ³×Æ®¿öÅ©¸¦ Àç½ÃÀÛÇØÁØ´Ù. --> service network restart ´Â À§ÀÇ ¸í·É¾î¿Í µ¿ÀÏÇÑ ¿ªÈ°À» ÇÏÁö¸¸ RedHat °è¿­¿¡¼­¸¸ »ç¿ëµÇ¾î ÃßõÇÏÁö¾ÊÀ½ ************************************************************** ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢¼³Á¤Çϱ⦢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** ------------------------------------ ¡Ø ifconfig¸¦ ÀÌ¿ëÇÏ¿© ³×Æ®¿öÅ© ¼³Á¤ ------------------------------------ [root@sak root]# ifconfig lo 127.0.0.1 ¢Ñ ·ÎÄÃÈ£½ºÆ®Ãß°¡ [root@sak root]# ifconfig eth0 192.168.10.32 netmask 255.255.255.0 ¢Ñ ¾ÆÀÌÇÇ¿Í ³Ý¸¶½ºÅ©ºÎ¿© [root@sak root]# route add default gw 192.168.10.1 ¢Ñ °ÔÀÌÆ®¿þÀÌ ¼³Á¤ SIOCADDRT: File exists ¢Ñ °ÔÀÌÆ®¿þÀÌ°¡ Á¸ÀçÇÔÀ¸·Î ÀÌ·¸°Ô ³ª¿È --------------------- ¡Ø ¶ó¿ìÆà Å×ÀÌºí ¼³Á¤ --------------------- [root@sak root]# route ¢Ñ ¶ó¿ìÆà Å×À̺í È®ÀÎ ============================================================================= Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.10.0 * 255.255.255.0 U 0 0 0 eth0 169.254.0.0 * 255.255.0.0 U 0 0 0 eth0 127.0.0.0 * 255.0.0.0 U 0 0 0 lo default 192.168.10.1 0.0.0.0 UG 0 0 0 eth0 ============================================================================= ----------------------- ¡Ø ¶ó¿ìÆà Å×À̺íÀÇ »èÁ¦ ----------------------- [root@sak root]# route del -net 192.168.10.0/24 [root@sak root]# route del -net 169.254.0.0/16 [root@sak root]# route del -net 127.0.0.0/8 [root@sak root]# route del default [root@sak root]# route ¢Ñ ¶ó¿ìÆà Å×À̺í È®ÀÎ ============================================================================= Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface ============================================================================= ----------------------- ¡Ø ¶ó¿ìÆà Å×À̺íÀÇ Ãß°¡ ----------------------- [root@sak root]# route add -net 192.168.10.0/24 eth0 [root@sak root]# route add -net 127.0.0.0/8 lo [root@sak root]# route add default gw 192.168.10.1 [root@sak root]# route ============================================================================= Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.10.0 * 255.255.255.0 U 0 0 0 eth0 127.0.0.0 * 255.0.0.0 U 0 0 0 lo default 192.168.10.1 0.0.0.0 UG 0 0 0 eth0 ============================================================================= ------------------ ¡Ø ³×Æ®¿öÅ© ¸í·É¾î ------------------ ------------- 1. arp(p.151) ------------- ARP(Address Resolution Protocol)ij½¬¸¦ ¼³Á¤ÇÏ´Â °ÍÀ¸·Î ARPij½¬´Â ÇöÀç Á¢¼ÓµÇ¾î ÀÖ´Â 32ºñÆ® IPÁÖ¼Ò¸¦ Çϵå¿þ¾îÁÖ¼Ò(MAC address)·Î ¹Ù²Ù¾î¼­ ±â¾ïÇÏ´Â °÷ÀÌ´Ù. ÀÌ ARPij½¬¸¦ º¸¸é ÇöÀç µé¾î¿Í Àִ ȣ½ºÆ®¸¦ ¾Ë¾Æ³¾¼ö ÀÖ´Ù. ¾à 15ºÐ Á¤µµ ¾²ÀÌÁö ¾ÊÀº MACÁÖ¼Ò´Â ARP ij½¬¿¡¼­ Á¦°ÅµÈ´Ù. [¿É¼Ç] -a : ARP ij½¬¿¡ ±â·ÏµÇ¾î ÀÖ´Â °ÍÁß Æ¯Á¤ÇÑ È£½ºÆ®ÀÇ Á¤º¸¸¦ º¸¿©ÁØ´Ù. -d : ARP ij½¬¿¡¼­ ÇØ´ç È£½ºÆ®¸¦ Á¦°ÅÇÑ´Ù. -n : °á°ú¸¦ µµ¸ÞÀÎ ÁÖ¼Ò´ë½Å¿¡ 32bit IP ÁÖ¼Ò·Î Ãâ·ÂÇÑ´Ù. [root@sak root]# arp -a ¢Ñ a¿É¼ÇÀº ARPij½¬¿¡ ±â·ÏµÇ¾î ÀÖ´Â °Í Áß Æ¯Á¤ÇÑ È£½ºÆ®ÀÇ Á¤º¸¸¦ º¸¿©ÁØ´Ù. ===================================================== ? (192.168.10.2) at 00:14:0B:3C:90:CF [ether] on eth0 ? (192.168.10.2) at 00:14:0B:3C:90:CF [ether] on eth0 ===================================================== [root@sak root]# arp -n ¢Ñ n¿É¼ÇÀº °á°ú¸¦ µµ¸ÞÀÎ ÁÖ¼Ò´ë½Å¿¡ 32bit IPÁÖ¼Ò·Î Ãâ·ÂÇÑ´Ù. ================================================================================= Address HWtype HWaddress Flags Mask Iface 192.168.10.1 ether 00:0E:E8:4E:29:ED C eth0 192.168.10.2 ether 00:14:0B:3C:90:CF C eth0 ================================================================================= [root@sak root]# arp ================================================================================= Address HWtype HWaddress Flags Mask Iface 192.168.10.1 ether 00:0E:E8:4E:29:ED C eth0 192.168.10.2 ether 00:14:0B:3C:90:CF C eth0 ================================================================================= [root@sak root]# ping 192.168.10.34 ¢Ñ pingÀ» ÅëÇØ arpÅ×ÀÌºí¿¡ ÀÌ ¾ÆÀÌÇǸ¦ Ãß°¡½ÃŲ´Ù. ================================================================================= PING 192.168.10.34 (192.168.10.34) 56(84) bytes of data. 64 bytes from 192.168.10.34: icmp_seq=1 ttl=64 time=1.01 ms 64 bytes from 192.168.10.34: icmp_seq=2 ttl=64 time=0.396 ms 64 bytes from 192.168.10.34: icmp_seq=3 ttl=64 time=0.381 ms --- 192.168.10.34 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2008ms rtt min/avg/max/mdev = 0.381/0.597/1.014/0.294 ms ================================================================================= [root@sak root]# arp ¢Ñ È®Àΰá°ú ¾ÆÀÌÇÇ 34¹øÀÌ Å×ÀÌºí¿¡ µé¾î¿Í ÀÖ´Â °ÍÀ» º¼¼ö ÀÖ´Ù. ================================================================================= Address HWtype HWaddress Flags Mask Iface 192.168.10.34 ether 00:0C:29:90:48:15 C eth0 192.168.10.1 ether 00:0E:E8:4E:29:ED C eth0 192.168.10.2 ether 00:14:0B:3C:90:CF C eth0 ================================================================================= ------------------ 2. netstat(p.151) ------------------ ³×Æ®¿öÅ©ÀÇ ¿¬°á»óŸ¦ È®ÀÎÇÏ´Â ¸í·ÉÀÌ´Ù. [¿É¼Ç] -a : ¿¬°áµÈ ¸ðµç ¼ÒÄÏÀ» Ãâ·Â -n : ±âȣȭµÈ È£½ºÆ®³ª Æ÷Æ®À̸§, À¯ÀúÀ̸§ ´ë½Å¿¡ ¼ýÀڷΠǥ½ÃÇÑ´Ù. ¿¹¸¦ µé¸é wwwÀº 80À¸·Î Ç¥±âÇÑ´Ù. -p : ¼ÒÄÏ¿¡ ´ëÇÑ PID/ÇÁ·Î±×·¥À» Ãâ·Â -r : ¶ó¿ìÆà Å×À̺íÀ» Ãâ·Â -i : ÀÎÅÍÆäÀ̽º Å×À̺íÀ» Ãâ·Â [¿¹Á¦] 1) netstat -arp -> ¿¬°áµÈ ¸ðµç ¼ÒÄÏÀÇ PID ¹× ÇÁ·Î±×·¥À» Ãâ·ÂÇÏµÇ È£½ºÆ®, Æ÷Æ®À̸§µîÀ» ¼ýÀÚ·Î Ãâ·ÂÇÑ´Ù. 2) netstat -r -> ¶ó¿ìÆà Å×ÀÌºí¿¡ ´ëÇÑ Á¤º¸¸¦ Ãâ·ÂÇÑ´Ù. route ¸í·ÉÀÇ °á°ú¿Í À¯»çÇÏ´Ù. 3) netstat -t -> tcp·Î Á¢¼ÓÇÑ ¸®½ºÆ®¸¦ Ãâ·ÂÇÑ´Ù. 4) netstat -inet -p ( = ifconfig¿Í À¯»ç) -> ÀÎÅͳÝÀ¸·Î Á¢¼ÓÇÑ »óŸ¦ º¸¿©ÁÖ°í ÇÁ·Î±×·¥°ú PID¸¦ Ãâ·ÂÇÑ´Ù. [root@sak root]# netstat -a ========================================================================== Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:32768 *:* LISTEN tcp 0 0 sak:32769 *:* LISTEN tcp 0 0 *:sunrpc *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 sak:smtp *:* LISTEN tcp 0 0 192.168.10.32:ssh 192.168.10.2:1161 ESTABLISHED tcp 0 0 192.168.10.32:ssh 192.168.10.2:2160 ESTABLISHED udp 0 0 *:32768 *:* udp 0 0 *:721 *:* udp 0 0 *:sunrpc *:* Active UNIX domain sockets (servers and established) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 1534 /dev/gpmctl unix 9 [ ] DGRAM 926 /dev/log unix 2 [ ] DGRAM 1532 unix 2 [ ] DGRAM 1499 unix 2 [ ] DGRAM 1485 unix 2 [ ] DGRAM 1427 unix 2 [ ] DGRAM 1132 unix 2 [ ] DGRAM 987 unix 2 [ ] DGRAM 934 ========================================================================== [root@sak root]# netstat -an ========================================================================== Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:32768 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:32769 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp 0 0 192.168.10.32:22 192.168.10.2:1161 ESTABLISHED tcp 0 52 192.168.10.32:22 192.168.10.2:2160 ESTABLISHED udp 0 0 0.0.0.0:32768 0.0.0.0:* udp 0 0 0.0.0.0:721 0.0.0.0:* udp 0 0 0.0.0.0:111 0.0.0.0:* Active UNIX domain sockets (servers and established) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 1534 /dev/gpmctl unix 9 [ ] DGRAM 926 /dev/log unix 2 [ ] DGRAM 1532 unix 2 [ ] DGRAM 1499 unix 2 [ ] DGRAM 1485 unix 2 [ ] DGRAM 1427 unix 2 [ ] DGRAM 1132 unix 2 [ ] DGRAM 987 unix 2 [ ] DGRAM 934 ========================================================================== [root@sak root]# netstat -p ========================================================================== Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 192.168.10.32:ssh 192.168.10.2:1161 ESTABLISHED 1064/sshd tcp 0 52 192.168.10.32:ssh 192.168.10.2:2160 ESTABLISHED 14521/sshd Active UNIX domain sockets (w/o servers) Proto RefCnt Flags Type State I-Node PID/Program name Path unix 9 [ ] DGRAM 926 504/syslogd /dev/log unix 2 [ ] DGRAM 1532 712/crond unix 2 [ ] DGRAM 1499 693/ unix 2 [ ] DGRAM 1485 684/ unix 2 [ ] DGRAM 1427 664/xinetd unix 2 [ ] DGRAM 1132 612/apmd unix 2 [ ] DGRAM 987 545/ unix 2 [ ] DGRAM 934 508/klogd [root@sak root]# netstat -r Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.10.0 * 255.255.255.0 U 0 0 0 eth0 127.0.0.0 * 255.0.0.0 U 0 0 0 lo default 192.168.10.1 0.0.0.0 UG 0 0 0 eth0 ========================================================================== [root@sak root]# netstat -anp ========================================================================== Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:32768 0.0.0.0:* LISTEN 545/ tcp 0 0 127.0.0.1:32769 0.0.0.0:* LISTEN 664/xinetd tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 526/ tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 649/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 684/ tcp 0 0 192.168.10.32:22 192.168.10.2:1161 ESTABLISHED 1064/sshd tcp 0 52 192.168.10.32:22 192.168.10.2:2160 ESTABLISHED 14521/sshd udp 0 0 0.0.0.0:32768 0.0.0.0:* 545/ udp 0 0 0.0.0.0:721 0.0.0.0:* 545/ udp 0 0 0.0.0.0:111 0.0.0.0:* 526/ Active UNIX domain sockets (servers and established) Proto RefCnt Flags Type State I-Node PID/Program name Path unix 2 [ ACC ] STREAM LISTENING 1534 703/gpm /dev/gpmctl unix 9 [ ] DGRAM 926 504/syslogd /dev/log unix 2 [ ] DGRAM 1532 712/crond unix 2 [ ] DGRAM 1499 693/ unix 2 [ ] DGRAM 1485 684/ unix 2 [ ] DGRAM 1427 664/xinetd unix 2 [ ] DGRAM 1132 612/apmd unix 2 [ ] DGRAM 987 545/ unix 2 [ ] DGRAM 934 508/klogd ========================================================================== [root@sak root]# netstat -t ========================================================================== Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 192.168.10.32:ssh 192.168.10.2:1161 ESTABLISHED tcp 0 52 192.168.10.32:ssh 192.168.10.2:2160 ESTABLISHED [root@sak root]# netstat -u Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State [root@sak root]# netstat -inet -p Kernel Interface table eth0 Link encap:Ethernet HWaddr 00:0C:29:F5:56:5B inet addr:192.168.10.32 Bcast:192.168.10.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:10149 errors:0 dropped:0 overruns:0 frame:0 TX packets:5682 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:1021551 (997.6 Kb) TX bytes:671802 (656.0 Kb) Interrupt:5 Base address:0x2000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:74 errors:0 dropped:0 overruns:0 frame:0 TX packets:74 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:7952 (7.7 Kb) TX bytes:7952 (7.7 Kb) ========================================================================== -------------------- 3. traceroute(p.153) -------------------- ƯÁ¤ È£½ºÆ® ¶Ç´Â ¿¬°áµÈ ³ëµå¸¦ ¾Ë¾Æº¸´Â ¸í·É¾î·Î ƯÈ÷ ¶ó¿ìÆÿ¡ ¾î¶² Àå¾Ö°¡ ÀÖÀ» °æ¿ì ±× À§Ä¡¸¦ ÆľÇÇÒ ¼ö ÀÖ´Ù. À©µµ¿ì °è¿­ÀÇ tracert ¸í·É°ú À¯»çÇÏ´Ù. ·çÆ®±ÇÇÑÀÚ¸¸ »ç¿ë °¡´ÉÇÑ ¸í·ÉÀÌ´Ù. [root@sak root]# traceroute www.securitya.kr ================================================================================ traceroute to www.securitya.kr (211.115.110.87), 30 hops max, 38 byte packets 1 192.168.10.1 (192.168.10.1) 1.152 ms 0.647 ms 0.619 ms 2 59.186.22.129 (59.186.22.129) 1.382 ms 1.237 ms 1.149 ms 3 10.50.71.105 (10.50.71.105) 1.633 ms 1.524 ms 1.468 ms 4 10.50.70.121 (10.50.70.121) 1.568 ms 1.219 ms 1.161 ms 5 192.168.107.197 (192.168.107.197) 1.370 ms 192.168.107.5 (192.168.107.5) 1.528 ms 192.168.107.197 (192.168.107.197) 1.386 ms 6 203.248.238.217 (203.248.238.217) 1.516 ms 203.248.238.221 (203.248.238.221) 2.306 ms 1.396 ms 7 203.233.60.169 (203.233.60.169) 2.250 ms 210.180.226.169 (210.180.226.169) 2.128 ms 203.233.60.169 (203.233.60.169) 1.908 ms 8 203.233.60.133 (203.233.60.133) 8.061 ms 7.414 ms 7.239 ms 9 210.120.155.6 (210.120.155.6) 7.992 ms 7.329 ms 7.223 ms 10 211.233.88.234 (211.233.88.234) 7.824 ms 8.048 ms 7.776 ms 11 * * * 12 * * * 13 211.115.110.87 (211.115.110.87) 7.677 ms 7.533 ms 7.901 ms ================================================================================ -------------------- 4. nslookup(p.153) -------------------- DNS¸¦ Á¶È¸ÇÏ´Â ¸í·ÉÀÌ´Ù. nslookup[¿¡³×½º-·çÄÅ]Àº ÀÎÅÍ³Ý ¼­¹ö°ü¸®ÀÚ³ª ¶Ç´Â »ç¿ëÀÚ°¡ È£½ºÆ® À̸§À» ÀÔ·ÂÇϸé, ±×¿¡ »óÀÀÇÏ´Â ÀÎÅÍ³Ý ÁÖ¼Ò¸¦ ã¾ÆÁÖ´Â ÇÁ·Î±×·¥ÀÇ À̸§ÀÌ´Ù. ÀÌ ÇÁ·Î±×·¥Àº ¶ÇÇÑ ÁöÁ¤ÇÑ IP ÁּҷΠȣ½ºÆ® À̸§À» ã¾Æ³»´Â Á¤¹Ý´ëÀÇ Ã£±âµµ ¼öÇàÇÑ´Ù. ¿¹¸¦ µé¾î, ¸¸¾à nslookup¿¡ "terms.co.kr"À̶ó°í ÀÔ·ÂÇϸé ÀÌ »çÀÌÆ®ÀÇ IP ÁÖ¼ÒÀÎ "211.47.67.126"À» °á°ú·Î ¹Þ°Ô µÇ¸ç, ¹Ý´ë·Î "211.47.67.126"À̶ó°í ÀÔ·ÂÇϸé "terms.co.kr"À» °á°ú·Î ¹Þ°ÔµÈ´Ù. nslookupÀº µµ¸ÞÀÎ À̸§ ÁúÀÇ ÆÐŶÀ» ÁöÁ¤µÈ DNS ¼­¹ö·Î º¸³½´Ù. »ç¿ëÇÏ°í ÀÖ´Â ½Ã½ºÅÛ¿¡ µû¶ó, ´ë°³ ÀÎÅÍ³Ý ¼­ºñ½º Á¦°ø»ç¾÷ÀÚ¿¡°Ô ÀÖ´Â ¼­¹ö°¡ ±âº» ³×ÀÓ¼­¹ö°¡ µÇ¸ç, ¾îµò°¡ÀÇ Áß°£ ³×ÀÓ¼­¹ö, ±×¸®°í Àüü µµ¸ÞÀÎ À̸§ ü°è¸¦ À§Çؼ­´Â ÀÎÅʹп¡ ÀÖ´Â ·çÆ® ³×ÀÓ¼­¹ö°¡ ±âº» ³×ÀÓ¼­¹ö°¡ µÈ´Ù. ¸®´ª½º³ª Ȥ½Ã ´Ù¸¥ ¹öÀüÀÇ nslookupÀ» »ç¿ëÇϸé, È£½ºÆ® À̸§À̳ª IP ÁÖ¼Ò¿Í °ü·ÃµÈ Á¤º¸¸¦ ¹Þ¾Æº¼ ¼ö ÀÖ´Ù. nslookupÀº ÈçÈ÷ À¯´Ð½º ±â¹ÝÀÇ ¿î¿µÃ¼°è¿¡ Æ÷ÇԵǾî ÀÖ´Ù. À©µµ¿ì9x ½Ã¸®ÁîÀÇ ¿î¿µÃ¼°è¿¡ Ãß°¡ÇÒ ¼ö ÀÖ´Â ¹«·á¹öÀüµµ ÀÖ´Ù. [root@sak root]# nslookup ======================================================================== Note: nslookup is deprecated and may be removed from future releases. Consider using the `dig' or `host' programs instead. Run nslookup with the `-sil[ent]' option to prevent this message from appearing. > server ns.chosun.ac.kr Default server: ns.chosun.ac.kr Address: 203.237.102.12#53 > set type=axfr > chosun.ac.kr Server: ns.chosun.ac.kr Address: 203.237.102.12#53 ======================================================================== [root@sak root]# nslookup ======================================================================== Note: nslookup is deprecated and may be removed from future releases. Consider using the `dig' or `host' programs instead. Run nslookup with the `-sil[ent]' option to prevent this message from appearing. > server 59.0.170.23 Default server: 59.0.170.23 Address: 59.0.170.23#53 > ctrl+C ´©¸£¸é ³ª¿Â´Ù ======================================================================== -------------------- 5. dig(p.154) -------------------- µµ¸ÞÀθí(FQDN:Fully Qualified Domain Name)À¸·Î Á¤º¸¸¦ ¾Ë¾Æº¼ ¼ö ÀÖ´Â ¸í·ÉÀÌ´Ù. [root@sak root]# dig www.kt.co.kr ======================================================================== ; <<>> DiG 9.2.1 <<>> www.kt.co.kr ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3401 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.kt.co.kr. IN A ;; ANSWER SECTION: www.kt.co.kr. 315 IN A 147.6.114.70 ;; AUTHORITY SECTION: kt.co.kr. 315 IN NS name.kt.co.kr. kt.co.kr. 315 IN NS name2.kt.co.kr. ;; Query time: 31 msec ;; SERVER: 168.126.63.1#53(168.126.63.1) ;; WHEN: Mon Feb 9 14:54:56 2009 ;; MSG SIZE rcvd: 85 ======================================================================== [root@sak root]# dig @name.kt.co.kr axfr kt.co.kr ======================================================================== ; <<>> DiG 9.2.1 <<>> @name.kt.co.kr axfr kt.co.kr ;; global options: printcmd ; Transfer failed. [root@sak root]# dig @168.126.63.1 version.bind chaos txt ; <<>> DiG 9.2.1 <<>> @168.126.63.1 version.bind chaos txt ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29697 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;version.bind. CH TXT ;; ANSWER SECTION: version.bind. 0 CH TXT "Cyber World Leader Kornet!" ¢Ñ ÀÌ°÷¿¡¼­ ÅؽºÆ®°¡ ÁöÁ¤µÇÁö¾ÊÀ¸¸é bindÁ¤º¸°¡ º¸ÀδÙ. ;; AUTHORITY SECTION: version.bind. 0 CH NS version.bind. ;; Query time: 12 msec ;; SERVER: 168.126.63.1#53(168.126.63.1) ;; WHEN: Mon Feb 9 14:58:04 2009 ;; MSG SIZE rcvd: 83 ======================================================================== [root@sak root]# dig www.pusan.ac.kr ======================================================================== ; <<>> DiG 9.2.1 <<>> www.pusan.ac.kr ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64846 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;www.pusan.ac.kr. IN A ;; ANSWER SECTION: www.pusan.ac.kr. 591 IN A 164.125.6.19 ;; AUTHORITY SECTION: pusan.ac.kr. 591 IN NS ns2.pusan.ac.kr. pusan.ac.kr. 591 IN NS jagalchi.pusan.ac.kr. ¢Ñ µ¶Æ¯ÇÏ°Ôµµ ³×ÀÓ¼­¹ö°¡ ÀÚ°¥Ä¡ÀÌ´Ù..^^ ¢Ñ º¸¾È»óÀ¸·Î º¼¶§ ÇØÄ¿°¡ ¾Ë¾Æç¼ö ¾øµµ·Ï ÇÏ´Â°Ô Áß¿äÇÏ´Ù. ;; ADDITIONAL SECTION: jagalchi.pusan.ac.kr. 56221 IN A 164.125.9.2 ;; Query time: 12 msec ;; SERVER: 168.126.63.1#53(168.126.63.1) ;; WHEN: Mon Feb 9 15:05:18 2009 ;; MSG SIZE rcvd: 106 ======================================================================== [root@sak root]# dig @164.125.9.2 version.bind chaos txt ======================================================================== ; <<>> DiG 9.2.1 <<>> @164.125.9.2 version.bind chaos txt ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11333 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;version.bind. CH TXT ;; ANSWER SECTION: version.bind. 0 CH TXT "PNU DNS!!!" ;; AUTHORITY SECTION: version.bind. 0 CH NS version.bind. ;; Query time: 41 msec ;; SERVER: 164.125.9.2#53(164.125.9.2) ;; WHEN: Mon Feb 9 15:05:59 2009 ;; MSG SIZE rcvd: 67 ======================================================================== [root@sak root]# dig chunnam-c.ac.kr ¢Ñ DNS ÁÖ¼Ò È®Àιý ======================================================================== ; <<>> DiG 9.2.1 <<>> chunnam-c.ac.kr ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65153 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;chunnam-c.ac.kr. IN A ;; ANSWER SECTION: chunnam-c.ac.kr. 86246 IN A 59.0.170.21 chunnam-c.ac.kr. 86246 IN A 59.0.170.25 chunnam-c.ac.kr. 86246 IN A 59.0.170.26 ;; AUTHORITY SECTION: chunnam-c.ac.kr. 86246 IN NS ns2.chunnam-c.ac.kr. ;; Query time: 22 msec ;; SERVER: 168.126.63.1#53(168.126.63.1) ;; WHEN: Mon Feb 9 15:06:28 2009 ;; MSG SIZE rcvd: 99 ======================================================================== [root@sak root]# dig @59.0.170.20 version.bind chaos txt ¢Ñ DNSÀÇ BIND Á¤º¸ È®ÀÎ(¿É¼ÇÀº ´õ ºÙ¿©ÁØ´Ù.) ======================================================================== ; <<>> DiG 9.2.1 <<>> @59.0.170.20 version.bind chaos txt ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59202 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;version.bind. CH TXT ;; ANSWER SECTION: version.bind. 0 CH TXT "9.3.4-P1" ;; AUTHORITY SECTION: version.bind. 0 CH NS version.bind. ;; Query time: 21 msec ;; SERVER: 59.0.170.20#53(59.0.170.20) ;; WHEN: Mon Feb 9 15:10:31 2009 ;; MSG SIZE rcvd: 65 ======================================================================== -------------------- 6. host(p.155) -------------------- ¿ø°ÝÀÇ È£½ºÆ®¿¡ ´ëÇÑ Á¤º¸¸¦ Ãâ·ÂÇØ ÁØ´Ù. [root@sak root]# host -a www.daum.net ¢Ñ È£½ºÆ®Á¤º¸ È®ÀÎ ======================================================================== Trying "www.daum.net" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45342 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 5 ;; QUESTION SECTION: ;www.daum.net. IN ANY ;; ANSWER SECTION: www.daum.net. 6776 IN CNAME daumtop.daum.akadns.net. ;; AUTHORITY SECTION: daum.net. 13949 IN NS ns2.daum.net. daum.net. 13949 IN NS ns3.daum.net. daum.net. 13949 IN NS ns5.daum.net. daum.net. 13949 IN NS ns4.daum.net. daum.net. 13949 IN NS ns.daum.net. ;; ADDITIONAL SECTION: ns.daum.net. 17359 IN A 211.32.117.10 ns2.daum.net. 17359 IN A 211.32.117.11 ns3.daum.net. 6239 IN A 211.115.114.240 ns4.daum.net. 6256 IN A 211.115.116.251 ns5.daum.net. 164496 IN A 211.172.253.240 Received 233 bytes from 168.126.63.1#53 in 1011 ms ======================================================================== ------------------------- ¡Ø °¡»ó ÀÎÅÍÆäÀ̽º(p.157) ------------------------- [¡Ø ÀϽÃÀû Ãß°¡¹æ¹ý] [root@sak root]# ifconfig eth0:0 192.168.10.62 netmask 255.255.255.0 [root@sak root]# route add -host 192.168.10.62/32 eth0:0 [root@sak root]# route ==================================================================================== Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.10.62 * 255.255.255.255 UH 0 0 0 eth0 192.168.10.0 * 255.255.255.0 U 0 0 0 eth0 127.0.0.0 * 255.0.0.0 U 0 0 0 lo default 192.168.10.1 0.0.0.0 UG 0 0 0 eth0 ==================================================================================== [root@sak root]# ifconfig ==================================================================================== eth0 Link encap:Ethernet HWaddr 00:0C:29:F5:56:5B inet addr:192.168.10.32 Bcast:192.168.10.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:12513 errors:0 dropped:0 overruns:0 frame:0 TX packets:6907 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:1264160 (1.2 Mb) TX bytes:806510 (787.6 Kb) Interrupt:5 Base address:0x2000 eth0:0 Link encap:Ethernet HWaddr 00:0C:29:F5:56:5B inet addr:192.168.10.62 Bcast:192.168.10.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:12513 errors:0 dropped:0 overruns:0 frame:0 TX packets:6907 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:1264160 (1.2 Mb) TX bytes:806510 (787.6 Kb) Interrupt:5 Base address:0x2000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:74 errors:0 dropped:0 overruns:0 frame: TX packets:74 errors:0 dropped:0 overruns:0 carrie 0 collisions:0 txqueuelen:0 RX bytes:7952 (7.7 Kb) TX bytes:7952 (7.7 Kb) ==================================================================================== [root@sak root]# ping 192.168.10.62 ==================================================================================== PING 192.168.10.62 (192.168.10.62) 56(84) bytes of data. 64 bytes from 192.168.10.62: icmp_seq=1 ttl=64 time=0.069 ms 64 bytes from 192.168.10.62: icmp_seq=2 ttl=64 time=0.039 ms 64 bytes from 192.168.10.62: icmp_seq=3 ttl=64 time=0.040 ms 64 bytes from 192.168.10.62: icmp_seq=4 ttl=64 time=0.040 ms 64 bytes from 192.168.10.62: icmp_seq=5 ttl=64 time=0.039 ms --- 192.168.10.62 ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 3999ms rtt min/avg/max/mdev = 0.039/0.045/0.069/0.013 ms ==================================================================================== [¡Ø ¿µ±¸Àû Ãß°¡¹æ¹ý] [root@sak root]# cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth0:0 [root@sak root]# vi /etc/sysconfig/network-scripts/ifcfg-eth0:0 ==================================================================================== 1 DEVICE=eth0:0 ¢Ñ µð¹ÙÀ̽º¸í º¯°æ 2 ONBOOT=yes 3 BOOTPROTO=static 4 IPADDR=192.168.10.62 ¢Ñ ¾ÆÀÌÇÇ º¯°æÈÄ ÀúÀåÇÏ°í ³ª¿À¸é µÊ 5 NETMASK=255.255.255.0 6 GATEWAY=192.168.5.2 ==================================================================================== [root@sak root]# /etc/rc.d/init.d/network restart ==================================================================================== Shutting down interface eth0: [ OK ] Shutting down loopback interface: [ OK ] Setting network parameters: [ OK ] Bringing up loopback interface: [ OK ] Bringing up interface eth0: [ OK ] ==================================================================================== [root@sak root]# ifconfig ==================================================================================== eth0 Link encap:Ethernet HWaddr 00:0C:29:F5:56:5B inet addr:192.168.10.32 Bcast:192.168.10.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:13136 errors:0 dropped:0 overruns:0 frame:0 TX packets:7217 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:1327908 (1.2 Mb) TX bytes:844466 (824.6 Kb) Interrupt:5 Base address:0x2000 eth0:0 Link encap:Ethernet HWaddr 00:0C:29:F5:56:5B inet addr:192.168.10.62 Bcast:192.168.10.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:13136 errors:0 dropped:0 overruns:0 frame:0 TX packets:7217 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:1327908 (1.2 Mb) TX bytes:844466 (824.6 Kb) Interrupt:5 Base address:0x2000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:84 errors:0 dropped:0 overruns:0 frame:0 TX packets:84 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:8792 (8.5 Kb) TX bytes:8792 (8.5 Kb) ==================================================================================== ------------------------- ¡Ø iptables(p.160) ------------------------- ¸®´ª½º¿¡¼­ Ä¿³ÎÀ» Á¦¾îÇÏ°í ÆÐŶ ÇÊÅ͸µÀ» Çϱâ À§ÇÑ µµ±¸ [root@sak root]# lsmod ¢Ñ ¸ðµâÀÇ ¸ñ·ÏÈ®ÀÎ ==================================================================================== Module Size Used by Not tainted autofs 13268 0 (autoclean) (unused) pcnet32 18240 1 mii 3976 0 [pcnet32] keybdev 2944 0 (unused) mousedev 5492 0 (unused) hid 22148 0 (unused) input 5856 0 [keybdev mousedev hid] usb-uhci 26348 0 (unused) ehci-hcd 19976 0 (unused) usbcore 78784 1 [hid usb-uhci ehci-hcd] ext3 70784 6 jbd 51892 6 [ext3] BusLogic 100796 7 sd_mod 13452 14 scsi_mod 107128 2 [BusLogic sd_mod] ==================================================================================== ¡Ø À§¿¡¼­ º¸¸é ¸ðµâ¿¡ iptable°ü·ÃµÈ ¸ðµâÀÌ ¾ø´Â °ÍÀ» È®ÀÎÇÒ¼ö°¡ ÀÖ´Ù. ±×·²¶§´Â ¾Æ·¡ ¸í·É¾î¸¦ ÅëÇؼ­ iptable¸ðµâÀÌ ¿Ã¶ó¿À°Ô ÇÒ¼ö°¡ ÀÖ´Ù. [root@sak root]# iptables -L ¢Ñ iptablesÀÇ ¸ñ·ÏÈ®ÀÎ ==================================================================================== Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination ==================================================================================== ¡Ø ¾Æ·¡ ¸ðµâÀÇ ¸ñ·ÏÀ» º¸¸é iptable°ü·Ã ¸ðµâÀÌ ¿Ã¶ó¿Í Àִ°ÍÀ» º¼¼ö°¡ ÀÖ´Ù. [root@sak root]# lsmod ==================================================================================== Module Size Used by Not tainted iptable_filter 2412 0 (autoclean) (unused) ip_tables 15096 1 [iptable_filter] autofs 13268 0 (autoclean) (unused) pcnet32 18240 1 mii 3976 0 [pcnet32] keybdev 2944 0 (unused) mousedev 5492 0 (unused) hid 22148 0 (unused) input 5856 0 [keybdev mousedev hid] usb-uhci 26348 0 (unused) ehci-hcd 19976 0 (unused) usbcore 78784 1 [hid usb-uhci ehci-hcd] ext3 70784 6 jbd 51892 6 [ext3] BusLogic 100796 7 sd_mod 13452 14 scsi_mod 107128 2 [BusLogic sd_mod] ==================================================================================== ¡Ø ±âº»Á¤Ã¥À» ¸ðµÎ °ÅºÎÇÏ°í ƯÁ¤È£½ºÆ®ÀÇ ÆÐŶ¸¸À» ¹Þ¾ÆµéÀ̱â À§ÇÑ ¼³Á¤ÀÌ ¾Æ·¡¿Í °°´Ù. [root@sak root]# iptables -A INPUT -p icmp -s 192.168.10.2 -j DROP [root@sak root]# iptables -L ==================================================================================== Chain INPUT (policy ACCEPT) target prot opt source destination DROP icmp -- 192.168.10.2 anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination ==================================================================================== [root@sak root]# iptables -D INPUT 1 [root@sak root]# iptables -L ==================================================================================== Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination ==================================================================================== TIP. Æ÷Æ®¸ñ·Ï È®ÀÎÇϱâ ==================================== [root@sak root]# vi /etc/services ==================================== ************************************************************** ¦®¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¯ ¦­Controlling Daemon(p.165) ¦­ ¦±¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦° ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢°³³äÁ¤¸®¦¢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** ----------- ¡Ø µ¥¸óÀ̶õ ----------- - ÁÖ±âÀûÀÎ ¼­ºñ½º ¿äûÀ» ó¸®Çϱâ À§ÇØ °è¼Ó ½ÇÇàµÇ´Â ÇÁ·Î±×·¥ - ¼öÁýµÈ ¿ä±¸µéÀ» ¶Ç ´Ù¸¥ ÇÁ·Î±×·¥À̳ª ÇÁ·Î¼¼½ºµéÀÌ Ã³¸®ÇÒ ¼ö ÀÖµµ·Ï Àü´Þ ----------------- ¡Ø ´ëÇ¥ÀûÀÎ µ¥¸ó ----------------- - HTTPD (À¥ ¼­¹ö µ¥¸ó) - FTPD (FTP µ¥¸ó) - TELNETD (ÅÚ³Ý µ¥¸ó) - SMTPD (¸ÞÀÏ°ü·Ã µ¥¸ó) - NAMED (µµ¸ÞÀÎ ³×ÀÓ¼­ºñ½º µ¥¸ó) -------------------------------------------- ¡Ø The New Hacker's Dictionary¿¡¼­ÀÇ ±¸ºÐ -------------------------------------------- - daemon : ¿î¿µÃ¼°èÇÏ¿¡¼­ ±× ÀÚ½ÅÀÌ Á÷Á¢ ½ÇÇàµÇ´Â ÇϳªÀÇ ÇÁ·Î±×·¥ - demon : Ä¿´Ù¶õ ÀÀ¿ëÇÁ·Î±×·¥ÀÇ ÀϺκР----------------------------------------------- ¡Ø inetd ¹æ½Ä°ú Standalone ¹æ½ÄÀÇ Â÷ÀÌÁ¡(p.178) ----------------------------------------------- £ªinetd ¹æ½Ä(ÇÊ¿äÇÒ¶§¸¸ ºÎ¸£´Â ¹æ½Ä) - ftp³ª ¸ÞÀϼ­ºñ½º¿¡ ÀûÇÕ - ¿¬°á ¿äûÀÌ µé¾î¿Ã °æ¿ì inetd°¡ ¼­ºñ½º¿¡°Ô ¿¬°á - ¸Þ¸ð¸® ³¶ºñ ÀûÀ½ - ´À¸° ÀÀ´ä ¼Óµµ - /etc/xinetd.d/ - Ŭ¶óÀ̾ðÆ®ÀÇ ¿¬°á ¿äûÀÌ ÀûÀº °æ¿ì ÀûÇÕ £ªStandalone ¹æ½Ä(Ç×»ó ´ë±âÁßÀÎ »óÅÂ) - À¥¼­¹ö, httpÀÇ °æ¿ì¿¡ ÀûÇÕ - Ç×»ó LISTEN »óÅ - ¸Þ¸ð¸® ³¶ºñ ¸¹À½ - ºü¸¥ ÀÀ´ä ¼Óµµ - /etc/rc.d/init.d - Ŭ¶óÀ̾ðÆ®ÀÇ ¿¬°á ¿äûÀÌ ¸¹Àº °æ¿ì ÀûÇÕ ************************************************************** ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢¼³Á¤Çϱ⦢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** ------------------ ¡Ø Daemon(p.166) ------------------ [root@sak root]# ls -al /etc/rc.d/init.d ¢Ñ Ç×»ó ´ë±âÁßÀÎ Standalone¹æ½ÄÀÇ µ¥¸ó ¼­ºñ½º ¸ñ·Ï ============================================================================ total 180 drwxr-xr-x 2 root root 4096 Feb 9 06:48 . drwxr-xr-x 10 root root 4096 Feb 9 06:47 .. -rwxr-xr-x 1 root root 941 Jan 25 2003 anacron -rwxr-xr-x 1 root root 1458 Feb 25 2003 apmd -rwxr-xr-x 1 root root 1176 Jan 25 2003 atd -rwxr-xr-x 1 root root 9435 Jan 28 2003 autofs -rwxr-xr-x 1 root root 1316 Feb 19 2003 crond -rwxr-xr-x 1 root root 10332 Feb 4 2003 functions -rwxr-xr-x 1 root root 1541 Jan 30 2003 gpm -rwxr-xr-x 1 root root 5025 Jan 14 2003 halt -rwxr-xr-x 1 root root 5528 Feb 4 2003 iptables -rwxr-xr-x 1 root root 1414 Jan 25 2003 irda -rwxr-xr-x 1 root root 5838 Feb 4 2003 isdn -rwxr-xr-x 1 root root 1084 Mar 7 2003 kdcrotate -rwxr-xr-x 1 root root 1335 Jan 31 2003 keytable -rwxr-xr-x 1 root root 481 Jul 6 2002 killall -rwxr-xr-x 1 root root 2163 Feb 26 2003 kudzu -rwxr-xr-x 1 root root 5080 Jan 7 2003 netfs -rwxr-xr-x 1 root root 6784 Feb 4 2003 network -rwxr-xr-x 1 root root 4522 Jan 25 2003 nfs -rwxr-xr-x 1 root root 2343 Jan 25 2003 nfslock -rwxr-xr-x 1 root root 2066 Mar 14 2003 nscd -r-xr-xr-x 1 root root 4590 Jan 25 2003 pcmcia -rwxr-xr-x 1 root root 1898 Feb 25 2003 portmap -rwxr-xr-x 1 root root 1516 Jun 26 2002 random -rwxr-xr-x 1 root root 2246 Jan 7 2003 rawdevices -rwxr-xr-x 1 root root 1782 Feb 25 2003 rhnsd -rwxr-xr-x 1 root root 1260 Jan 26 2003 saslauthd -rwxr-xr-x 1 root root 2440 Feb 25 2003 sendmail -rwxr-xr-x 1 root root 1175 Jul 10 2002 single -rwxr-xr-x 1 root root 2647 Feb 15 2003 sshd -rwxr-xr-x 1 root root 1369 Feb 8 2003 syslog -rwxr-xr-x 1 root root 2292 Feb 25 2003 xinetd -rwxr-xr-x 1 root root 2501 Jan 25 2003 ypbind ============================================================================ ¡Ø ¾Æ·¡º¸´Â °Íó·³ µ¥¸óµéÀÌ ¾î¶² ¿ªÇÒÀ» ÇÏ´ÂÁö´Â ½ºÅ©¸³Æ® ÆÄÀÏÀÇ Ã¹ ºÎºÐ¿¡ °£´ÜÈ÷ ¼³¸íµÇ¾î ÀÖ´Ù. [root@sak root]# head /etc/rc.d/init.d/iptables ============================================================================ #!/bin/sh # # Startup script to implement /etc/sysconfig/iptables pre-defined rules. # # chkconfig: 2345 08 92 # # description: Automates a packet filtering firewall with iptables. # # by bero@redhat.com, based on the ipchains script: # Script Author: Joshua Jensen [root@sak root]# head /etc/rc.d/init.d/sshd #!/bin/bash # # Init file for OpenSSH server daemon # # chkconfig: 2345 55 25 # description: OpenSSH server daemon # # processname: sshd # config: /etc/ssh/ssh_host_key # config: /etc/ssh/ssh_host_key.pub ============================================================================ [root@sak root]# ps -ef | grep gpm ============================================================================ root 721 1 0 08:43 ? 00:00:00 gpm -t imps2 -m /dev/mouse root 2439 1992 0 10:32 pts/1 00:00:00 grep gpm ============================================================================ [root@sak root]# kill -9 721 [root@sak root]# kill -l ¢Ñ kill ÇÁ·Î¼¼½º¿¡ »ç¿ëµÇ´Â ¿É¼Ç Ç¥½Ã ============================================================================ 1) SIGHUP 2) SIGINT 3) SIGQUIT 4) SIGILL 5) SIGTRAP 6) SIGABRT 7) SIGBUS 8) SIGFPE 9) SIGKILL 10) SIGUSR1 11) SIGSEGV 12) SIGUSR2 13) SIGPIPE 14) SIGALRM 15) SIGTERM 17) SIGCHLD 18) SIGCONT 19) SIGSTOP 20) SIGTSTP 21) SIGTTIN 22) SIGTTOU 23) SIGURG 24) SIGXCPU 25) SIGXFSZ 26) SIGVTALRM 27) SIGPROF 28) SIGWINCH 29) SIGIO 30) SIGPWR 31) SIGSYS 33) SIGRTMIN 34) SIGRTMIN+1 35) SIGRTMIN+2 36) SIGRTMIN+3 37) SIGRTMIN+4 38) SIGRTMIN+5 39) SIGRTMIN+6 40) SIGRTMIN+7 41) SIGRTMIN+8 42) SIGRTMIN+9 43) SIGRTMIN+10 44) SIGRTMIN+11 45) SIGRTMIN+12 46) SIGRTMIN+13 47) SIGRTMIN+14 48) SIGRTMIN+15 49) SIGRTMAX-14 50) SIGRTMAX-13 51) SIGRTMAX-12 52) SIGRTMAX-11 53) SIGRTMAX-10 54) SIGRTMAX-9 55) SIGRTMAX-8 56) SIGRTMAX-7 57) SIGRTMAX-6 58) SIGRTMAX-5 59) SIGRTMAX-4 60) SIGRTMAX-3 61) SIGRTMAX-2 62) SIGRTMAX-1 63) SIGRTMAX ============================================================================ ¡Ø gpmÀ̶õ µ¥¸óÀÌ ÇÊ¿ä°¡ ¾ø´Ù¸é À§¿Í °°ÀÌ ÇÁ·Î¼¼½º¸¦ È®ÀÎÇÑ ÈÄ PID¸¦ È®ÀÎÇؼ­ Kill ¸í·ÉÀ¸·Î ¼­ºñ½º¸¦ Á×ÀÎ ´ÙÀ½ ¾Æ·¡¿Í °°ÀÌ rpm¸í·É¾î·Î Á¦°ÅÇØÁÖ¸é µÈ´Ù. [root@sak root]# rpm -qf /etc/rc.d/init.d/gpm gpm-1.19.3-27 [root@sak root]# rpm -e gpm ¢Ñ óÀ½ ¼³Á¤ÇÒ¶§ ÀÌ¹Ì Á¦°ÅÇ߱⶧¹®¿¡ ¾Æ·¡¿Í °°Àº ¿¡·¯ ¸Þ¼¼Áö°¡ ¶á´Ù. error: Failed dependencies: libgpm.so.1 is needed by (installed) vim-enhanced-6.1-29 gpm = 1.19.3 is needed by (installed) gpm-devel-1.19.3-27 ------------------ ¡Ø chkconfig(p.169) ------------------ ¡Ø chkconfig ¸í·ÉÀ» »ç¿ëÇؼ­ ¼­ºñ½º¸¦ È°¼ºÈ­ÇÏ°í ºñÈ°¼ºÈ­ ÇÒ¼ö ÀÖ´Ù. ¡Ø chkconfig --list ¸í·ÉÀ» »ç¿ëÇÏ¿© ½Ã½ºÅÛ ¼­ºñ½º ¸ñ·Ï°ú ·±·¹º§ 0~6¿¡¼­ ¼­ºñ½ºÀÇ ½ÃÀÛ ¶Ç´Â Á¤Áö ¿©ºÎ¸¦ º¼¼ö ÀÖ´Ù. [root@sak root]# chkconfig --list ¢Ñ listÈ®ÀÎ ============================================================================ kudzu 0:off 1:off 2:off 3:on 4:on 5:on 6:off syslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off network 0:off 1:off 2:on 3:on 4:on 5:on 6:off random 0:off 1:off 2:on 3:on 4:on 5:on 6:off rawdevices 0:off 1:off 2:off 3:on 4:on 5:on 6:off pcmcia 0:off 1:off 2:on 3:on 4:on 5:on 6:off saslauthd 0:off 1:off 2:off 3:off 4:off 5:off6:off keytable 0:off 1:on 2:on 3:on 4:on 5:on 6:off apmd 0:off 1:off 2:on 3:on 4:on 5:on 6:off atd 0:off 1:off 2:off 3:on 4:on 5:on 6:off gpm 0:off 1:off 2:on 3:on 4:on 5:on 6:off autofs 0:off 1:off 2:off 3:on 4:on 5:on 6:off iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off irda 0:off 1:off 2:off 3:off 4:off 5:off6:off isdn 0:off 1:off 2:on 3:on 4:on 5:on 6:off sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off portmap 0:off 1:off 2:off 3:on 4:on 5:on 6:off nfs 0:off 1:off 2:off 3:off 4:off 5:off6:off nfslock 0:off 1:off 2:off 3:on 4:on 5:on 6:off sendmail 0:off 1:off 2:on 3:on 4:on 5:on 6:off rhnsd 0:off 1:off 2:off 3:on 4:on 5:on 6:off crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off anacron 0:off 1:off 2:on 3:on 4:on 5:on 6:off xinetd 0:off 1:off 2:off 3:on 4:on 5:on 6:off xinetd based services: chargen-udp: off rsync: off chargen: off daytime-udp: off daytime: off echo-udp: off echo: off services: off servers: off time-udp: off time: off sgi_fam: on ============================================================================ [root@sak root]# chkconfig --list network ============================================================================ network 0:off 1:off 2:on 3:on 4:on 5:on 6:off ============================================================================ [root@sak root]# chkconfig --del portmap ¢Ñ portmap »èÁ¦ [root@sak root]# chkconfig --list portmap ============================================================================ service portmap supports chkconfig, but is not referenced in any runlevel (run 'chkconfig --add portmap') ============================================================================ [root@sak root]# chkconfig --add portmap ¢Ñ portmap Ãß°¡ [root@sak root]# chkconfig --list portmap ============================================================================ portmap 0:off 1:off 2:off 3:on 4:on 5:on 6:off ============================================================================ [root@sak root]# ls -al /etc/rc.d/* | grep portmap ========================================================================================= -rwxr-xr-x 1 root root 1898 Feb 25 2003 portmap lrwxrwxrwx 1 root root 17 Feb 10 11:11 K87portmap -> ../init.d/portmap lrwxrwxrwx 1 root root 17 Feb 10 11:11 K87portmap -> ../init.d/portmap lrwxrwxrwx 1 root root 17 Feb 10 11:11 K87portmap -> ../init.d/portmap lrwxrwxrwx 1 root root 17 Feb 10 11:11 S13portmap -> ../init.d/portmap lrwxrwxrwx 1 root root 17 Feb 10 11:11 S13portmap -> ../init.d/portmap lrwxrwxrwx 1 root root 17 Feb 10 11:11 S13portmap -> ../init.d/portmap lrwxrwxrwx 1 root root 17 Feb 10 11:11 K87portmap -> ../init.d/portmap ========================================================================================= [root@sak root]# chkconfig --del portmap [root@sak root]# ls -al /etc/rc.d/* | grep portmap ========================================================================================= -rwxr-xr-x 1 root root 1898 Feb 25 2003 portmap ========================================================================================= [root@sak root]# ls -al /etc/rc.d/* | grep gpm ========================================================================================= -rwxr-xr-x 1 root root 1541 Jan 30 2003 gpm lrwxrwxrwx 1 root root 13 Feb 9 06:47 K15gpm -> ../init.d/gpm lrwxrwxrwx 1 root root 13 Feb 9 06:47 K15gpm -> ../init.d/gpm lrwxrwxrwx 1 root root 13 Feb 9 06:47 S85gpm -> ../init.d/gpm lrwxrwxrwx 1 root root 13 Feb 9 06:47 S85gpm -> ../init.d/gpm lrwxrwxrwx 1 root root 13 Feb 9 06:47 S85gpm -> ../init.d/gpm lrwxrwxrwx 1 root root 13 Feb 9 06:47 S85gpm -> ../init.d/gpm lrwxrwxrwx 1 root root 13 Feb 9 06:47 K15gpm -> ../init.d/gpm ========================================================================================= [root@sak root]# chkconfig --del gpm [root@sak root]# ls -al /etc/rc.d/* | grep gpm ========================================================================================= -rwxr-xr-x 1 root root 1541 Jan 30 2003 gpm ========================================================================================= [root@sak root]# chkconfig --add gpm [root@sak root]# ls -al /etc/rc.d/* | grep gpm ========================================================================================= -rwxr-xr-x 1 root root 1541 Jan 30 2003 gpm lrwxrwxrwx 1 root root 13 Feb 10 11:17 K15gpm -> ../init.d/gpm lrwxrwxrwx 1 root root 13 Feb 10 11:17 K15gpm -> ../init.d/gpm lrwxrwxrwx 1 root root 13 Feb 10 11:17 S85gpm -> ../init.d/gpm lrwxrwxrwx 1 root root 13 Feb 10 11:17 S85gpm -> ../init.d/gpm lrwxrwxrwx 1 root root 13 Feb 10 11:17 S85gpm -> ../init.d/gpm lrwxrwxrwx 1 root root 13 Feb 10 11:17 S85gpm -> ../init.d/gpm lrwxrwxrwx 1 root root 13 Feb 10 11:17 K15gpm -> ../init.d/gpm ========================================================================================= [root@sak root]# chkconfig --level 3 iptables off [root@sak root]# chkconfig --list ========================================================================================= kudzu 0:off 1:off 2:off 3:on 4:on 5:on 6:off syslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off network 0:off 1:off 2:on 3:on 4:on 5:on 6:off random 0:off 1:off 2:on 3:on 4:on 5:on 6:off rawdevices 0:off 1:off 2:off 3:on 4:on 5:on 6:off pcmcia 0:off 1:off 2:on 3:on 4:on 5:on 6:off saslauthd 0:off 1:off 2:off 3:off 4:off 5:off6:off keytable 0:off 1:on 2:on 3:on 4:on 5:on 6:off apmd 0:off 1:off 2:on 3:on 4:on 5:on 6:off atd 0:off 1:off 2:off 3:on 4:on 5:on 6:off gpm 0:off 1:off 2:on 3:on 4:on 5:on 6:off autofs 0:off 1:off 2:off 3:on 4:on 5:on 6:off iptables 0:off 1:off 2:on 3:off 4:on 5:on 6:off irda 0:off 1:off 2:off 3:off 4:off 5:off6:off isdn 0:off 1:off 2:on 3:on 4:on 5:on 6:off sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off nfs 0:off 1:off 2:off 3:off 4:off 5:off6:off nfslock 0:off 1:off 2:off 3:on 4:on 5:on 6:off sendmail 0:off 1:off 2:on 3:on 4:on 5:on 6:off rhnsd 0:off 1:off 2:off 3:on 4:on 5:on 6:off crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off anacron 0:off 1:off 2:on 3:on 4:on 5:on 6:off xinetd 0:off 1:off 2:off 3:on 4:on 5:on 6:off xinetd based services: chargen-udp: off rsync: off chargen: off daytime-udp: off daytime: off echo-udp: off echo: off services: off servers: off time-udp: off time: off sgi_fam: on ========================================================================================= [root@sak root]# chkconfig --list iptables ========================================================================================= iptables 0:off 1:off 2:on 3:off 4:on 5:on 6:off ========================================================================================= [root@sak root]# chkconfig --level 3 iptables on [root@sak root]# chkconfig --list iptables ========================================================================================= iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off ========================================================================================= [root@sak root]# chkconfig --level 234 iptables off [root@sak root]# chkconfig --list iptables ========================================================================================= iptables 0:off 1:off 2:off 3:off 4:off 5:on 6:off ========================================================================================= [root@sak root]# chkconfig --level 234 iptables on [root@sak root]# chkconfig --list iptables ========================================================================================= iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off ========================================================================================= ------------------ ¡Ø Xinetd(p.172) ------------------ [root@sak root]# cat /etc/xinetd.conf ========================================================================================= # # Simple configuration file for xinetd # # Some defaults, and include /etc/xinetd.d/ defaults { instances = 60 ¢Ñ ½ÇÇàµÇ´Â Ƚ¼ö Á¦ÇÑ log_type = SYSLOG authpriv ¢Ñ ½Ã½ºÅÛ ÀÎÁõ¿¡´ëÇÑ ºÎºÐ¸¸ syslog ·Î ³²±â°Ú´Ù log_on_success = HOST PID log_on_failure = HOST cps = 25 30 25 ¢Ñ Á¢¼ÓȽ¼öÁ¦ÇÑ 30 - Á¢¼ÓȽ¼ö ÃÊ°ú½Ã 30ÃÊ µ¿¾È ¼­ºñ½º ºñÈ°¼ºÈ­ } includedir /etc/xinetd.d - /etc/xinted.d ¢Ñ µð·ºÅ丮ÀÇ ÆÄÀÏ¿¡µµ ȯ°æ¼³Á¤ Àû¿ë ========================================================================================= [root@sak root]# cat /etc/xinetd.d/rsync ========================================================================================= # default: off # description: The rsync server is a good addition to an ftp server, as it \ # allows crc checksumming etc. service rsync { disable = yes ¢Ñ »ç¿ëÇÏÁö ¾ÊÀ½ socket_type = stream ¢Ñ ½Ç½Ã°£ wait = no user = root server = /usr/bin/rsync server_args = --daemon log_on_failure += USERID } ========================================================================================= ************************************************************** ¦®¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¯ ¦­Account Management / Security(p.179)¦­ ¦±¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦° ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢½Ç½ÀÇϱ⦢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** ------------------------------------------------ ¡Ø John the ripper¸¦ ÀÌ¿ëÇÏ¿© Æнº¿öµå Å©·¢¹æ¹ý ------------------------------------------------ ¡Ø ÀÏ´Ü Æнº¿öµå¸¦ Å©·¢ÇÒ »ç¿ëÀÚ °èÁ¤À» Çϳª ¸¸µç´Ù [root@sak root]# more /etc/passwd ¢Ñ »ç¿ëÀÚ °èÁ¤È®ÀÎ ==================================================================== root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail:/sbin/nologin news:x:9:13:news:/etc/news: uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin operator:x:11:0:operator:/root:/sbin/nologin games:x:12:100:games:/usr/games:/sbin/nologin gopher:x:13:30:gopher:/var/gopher:/sbin/nologin ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin nobody:x:99:99:Nobody:/:/sbin/nologin rpm:x:37:37::/var/lib/rpm:/bin/bash vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin nscd:x:28:28:NSCD Daemon:/:/sbin/nologin sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nol ogin rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/ nologin mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin pcap:x:77:77::/var/arpwatch:/sbin/nologin kim:x:500:500::/home/kim:/bin/bash ==================================================================== [root@sak root]# more /etc/shadow ¢Ñ °èÁ¤¿¡ µû¸¥ Æнº¿öµå È®ÀÎ ==================================================================== root:$1$mpLesX6/$uYBxBI/IfcitBdVpZLfK90:14283:0:99999:7::: bin:*:14283:0:99999:7::: daemon:*:14283:0:99999:7::: adm:*:14283:0:99999:7::: lp:*:14283:0:99999:7::: sync:*:14283:0:99999:7::: shutdown:*:14283:0:99999:7::: halt:*:14283:0:99999:7::: mail:*:14283:0:99999:7::: news:*:14283:0:99999:7::: uucp:*:14283:0:99999:7::: operator:*:14283:0:99999:7::: games:*:14283:0:99999:7::: gopher:*:14283:0:99999:7::: ftp:*:14283:0:99999:7::: nobody:*:14283:0:99999:7::: rpm:!!:14283:0:99999:7::: vcsa:!!:14283:0:99999:7::: nscd:!!:14283:0:99999:7::: sshd:!!:14283:0:99999:7::: rpc:!!:14283:0:99999:7::: rpcuser:!!:14283:0:99999:7::: nfsnobody:!!:14283:0:99999:7::: mailnull:!!:14283:0:99999:7::: smmsp:!!:14283:0:99999:7::: pcap:!!:14283:0:99999:7::: kim:$1$PLhL0Nel$wUyeRKvVWvL3DzJJMkMRz0:14285:0:99999:7::: ==================================================================== [root@sak root]# useradd -D ¢Ñ »ç¿ëÀÚ °èÁ¤ »ý¼º ==================================================================== GROUP=100 HOME=/home INACTIVE=-1 EXPIRE= SHELL=/bin/bash SKEL=/etc/skel ==================================================================== [root@sak root]# useradd -u 501 -g 100 -G adm -d /var/sak -c "sak study" -f 0 -e 2009-02-11 -n sak [root@sak root]# tail /etc/passwd ==================================================================== nscd:x:28:28:NSCD Daemon:/:/sbin/nologin sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin pcap:x:77:77::/var/arpwatch:/sbin/nologin kim:x:500:500::/home/kim:/bin/bash sak:x:501:100:sak study:/var/sak:/bin/bash ==================================================================== [root@sak root]# grep sak /etc/passwd /etc/shadow ==================================================================== /etc/passwd:sak:x:501:100:sak study:/var/sak:/bin/bash /etc/shadow:sak:!!:14285:0:99999:7:0:14286: ==================================================================== [root@sak root]# lsattr /etc/passwd ==================================================================== ------------- /etc/passwd ==================================================================== [root@sak root]# grep sak /etc/passwd /etc/shadow ==================================================================== /etc/passwd:sak:x:501:100:sak study:/var/sak:/bin/bash /etc/shadow:sak:!!:14285:0:99999:7:0:14286: ==================================================================== [root@sak root]# useradd sak1 -p sak1 [root@sak root]# grep sak1 /etc/passwd /etc/shadow ==================================================================== /etc/passwd:sak1:x:502:502::/home/sak1:/bin/bash /etc/shadow:sak1:sak1:14285:0:99999:7::: ==================================================================== ¡Ø ¿©±â¼­ºÎÅÍ ½ÇÁ¦ ÆÄÀÏÀ» ´Ù¿î·Îµå ¹Þ¾Æ¼­ ¼³Ä¡ÇÏ´Â ºÎºÐ [root@sak root]# cd /usr/local/src [root@sak src]# wget http://www.openwall.com/john/f/john-1.7.0.2.tar.gz [root@sak src]# ls -l ==================================================================== total 788 -rw-r--r-- 1 root root 802354 Mar 23 2006 john-1.7.0.2.tar.gz ==================================================================== [root@sak src]# tar zxf john-1.7.0.2.tar.gz [root@sak src]# cd john-1.7.0.2 [root@sak john-1.7.0.2]# pwd /usr/local/src/john-1.7.0.2 [root@sak john-1.7.0.2]# cd src [root@sak src]# make linux-x86-any make[1]: Leaving directory `/usr/local/src/john-1.7.0.2/src' [root@sak src]# cd .. [root@sak john-1.7.0.2]# ls ==================================================================== doc README run src ==================================================================== [root@sak john-1.7.0.2]# cd run [root@sak run]# pwd /usr/local/src/john-1.7.0.2/run [root@sak run]# cp /etc/passwd ./passwd.1st [root@sak run]# cp /etc/shadow ./shadow.1st [root@sak run]# ./unshadow passwd.1st shadow.1st > passwd.1 [root@sak run]# cat passwd.1 ==================================================================== root:$1$mpLesX6/$uYBxBI/IfcitBdVpZLfK90:0:0:root:/root:/bin/bash bin:*:1:1:bin:/bin:/sbin/nologin daemon:*:2:2:daemon:/sbin:/sbin/nologin adm:*:3:4:adm:/var/adm:/sbin/nologin lp:*:4:7:lp:/var/spool/lpd:/sbin/nologin sync:*:5:0:sync:/sbin:/bin/sync shutdown:*:6:0:shutdown:/sbin:/sbin/shutdown halt:*:7:0:halt:/sbin:/sbin/halt mail:*:8:12:mail:/var/spool/mail:/sbin/nologin news:*:9:13:news:/etc/news: uucp:*:10:14:uucp:/var/spool/uucp:/sbin/nologin operator:*:11:0:operator:/root:/sbin/nologin games:*:12:100:games:/usr/games:/sbin/nologin gopher:*:13:30:gopher:/var/gopher:/sbin/nologin ftp:*:14:50:FTP User:/var/ftp:/sbin/nologin nobody:*:99:99:Nobody:/:/sbin/nologin rpm:!!:37:37::/var/lib/rpm:/bin/bash vcsa:!!:69:69:virtual console memory owner:/dev:/sbin/nologin nscd:!!:28:28:NSCD Daemon:/:/sbin/nologin sshd:!!:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin rpc:!!:32:32:Portmapper RPC user:/:/sbin/nologin rpcuser:!!:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin nfsnobody:!!:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin mailnull:!!:47:47::/var/spool/mqueue:/sbin/nologin smmsp:!!:51:51::/var/spool/mqueue:/sbin/nologin pcap:!!:77:77::/var/arpwatch:/sbin/nologin kim:$1$PLhL0Nel$wUyeRKvVWvL3DzJJMkMRz0:500:500::/home/kim:/bin/bash sak:!!:501:100:sak study:/var/sak:/bin/bash sak1:sak1:502:502::/home/sak1:/bin/bash ==================================================================== [root@sak run]# ls -l ==================================================================== total 1192 -rw------- 1 root root 341064 Dec 16 2005 all.chr -rw------- 1 root root 232158 Dec 16 2005 alnum.chr -rw------- 1 root root 131549 Dec 16 2005 alpha.chr -rw------- 1 root root 40391 Dec 16 2005 digits.chr -rwxr-xr-x 1 root root 171676 Feb 10 13:44 john -rw------- 1 root root 15087 Mar 2 2006 john.conf -rw------- 1 root root 215982 Dec 16 2005 lanman.chr -rwx------ 1 root root 785 Dec 2 1998 mailer -rw-r--r-- 1 root root 1354 Feb 10 13:47 passwd.1 -rw-r--r-- 1 root root 1274 Feb 10 13:46 passwd.1st -rw------- 1 root root 22346 Dec 16 2005 password.lst -r-------- 1 root root 859 Feb 10 13:46 shadow.1st lrwxrwxrwx 1 root root 4 Feb 10 13:44 unafs -> john lrwxrwxrwx 1 root root 4 Feb 10 13:44 unique -> john lrwxrwxrwx 1 root root 4 Feb 10 13:44 unshadow -> john ==================================================================== [root@sak run]# ./john passwd.1 ==================================================================== Loaded 2 password hashes with 2 different salts (FreeBSD MD5 [32/32]) 12345 (root) 12345 (kim) guesses: 2 time: 0:00:00:00 100% (2) c/s: 4008 trying: 12345 ==================================================================== ************************************************************** ¦®¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¯ ¦­PAM (Pluggable Authentication Module)(p.197)¦­ ¦±¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦° ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢°³³äÁ¤¸®¦¢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** --------------- ¡Ø PAMÀÇ °³³ä --------------- ƯÁ¤ °èÁ¤ ·Î±×ÀÎ Çã¿ë ¹× ºÒÇ㸦 Á¦¾îÇÔ. /etc/passwd ÆÄÀÏ¿¡¼­ ½© Á¾·ù¸¦ ¹Ù²ÙÁö ¾Ê°íµµ PAM ¸ðµâÀ» »ó¿ëÇÏ¿© ƯÁ¤ °èÁ¤ÀÇ ·Î±×ÀÎÀ» Á¦¾î ÇÒ ¼ö ÀÖ´Ù --------------- ¡Ø PAMÀÇ ÀåÁ¡ --------------- 1. °ü¸®ÀÚ°¡ ÀÎÁõ ¹æ½ÄÀ» ½±°Ô ±³Ã¼ °¡´ÉÇϵµ·Ï ÇÑ´Ù. 2. °¢°¢ÀÇ ÀÀ¿ëÇÁ·Î±×·¥ ¸¶´Ù »ç¿ëÀÚ ÀÎÁõ¹æ½Ä ¼³Á¤ÀÌ °¡´ÉÇÏ´Ù 3. ¿©·¯ °³ÀÇ ÀÎÁõ ¹æ½ÄÀ» µ¿½Ã¿¡ »ç¿ëÇÏ´õ¶óµµ »ç¿ëÀÚ´Â ¾ÏÈ£¸¦ Àç ÀÔ·ÂÇÒ ÇÊ¿ä°¡ ¾øµµ·Ï ÇÏ¿´´Ù 4. ±¸Á¶¸¦ 4°¡Áö(authentication, password, account, session)·Î ³ª´©¾î °¢°¢ÀÇ ºÎºÐÀ» ½±°Ô ±³Ã¼ÇÒ ¼ö ÀÖµµ·Ï ÇÏ°í À̸¦ ÅëÇؼ­ ü°èÀûÀ¸·Î °ü¸®°¡ °¡´ÉÇÏ´Ù. --------------- ¡Ø PAMÀÇ ±¸¼º --------------- 1. module type - auth : »ç¿ëÀÚ¿¡°Ô Æнº¿öµå¸¦ ¹°¾îº¸´Â ÇÁ·ÒÇÁÆ®¸¦ º¸À̵µ·Ï Áö½ÃÇÑ´Ù. ±×¸®°í »ç¿ëÀÚ¿Í ±×·ìÀÇ ±ÇÇÑÀ» Çã¿ëÇÑ´Ù - account : °èÁ¤°ü¸®¸¦ ¼öÇàÇÑ´Ù. - session : »ç¿ëÀÚ°¡ ·Î±×ÀÎ Çϱâ ÀÌÀüÀ̳ª ÀÌÈÄ¿¡ ¼öÇàµÇ¾î¾ß ÇÏ´Â ÀÏÀ» ÁöÁ¤ÇÒ ¼ö ÀÖ´Ù. - password : »ç¿ëÀÚ Æнº¿öµå¸¦ º¯°æÇÒ ¼ö ÀÖ´Â ¸ðµâÀ» ÁöÁ¤ 2. control-flag - Ư¼öÇÑ ÀÎÁõ ¸ðµâÀÇ ¼º°ø ¶Ç´Â ½ÇÆи¦ ¾î¶»°Ô ´Ù·ê °Í¿¡ ÁöÁ¤ÇÑ´Ù. - required : ÀÌ Ç÷¡±×°¡ ÁöÁ¤µÇ¸é, ¸ðµâÀÌ ¹Ýµå½Ã »ç¿ëÀÚÀÇ ÀÎÁõÀ» ¼º°øÇØ¾ß ÇÑ´Ù. ¸¸¾à ½ÇÆи¦ ÇÏ°Ô µÇ¸é ¹Ýȯ°ªÀº ½ÇÆÐÀÌ´Ù - requisite : required¿Í ºñ½ÁÇÏÁö¸¸, ½ÇÆи¦ ÇÏ°Ô µÇ¸é Á¦¾î°¡ ÀÀ¿ë ÇÁ·Î±×·¥À¸·Î ³Ñ¾î°£´Ù. - sufficient : ¸ðµâÀÌ ¼º°øÇÏ°í, ¼³Á¤ ÆÄÀÏ¿¡ ´õ ÀÌ»óÀÇ required, sufficient flag°¡ ¾ø´Ù¸é, PAMÀº È£Ãâ ÀÀ¿ëÇÁ·Î±×·¥¿¡°Ô ¼º°øÀ» ¹ÝȯÇÑ´Ù - optional : ÀÀ¿ëÇÁ·Î±×·¥ÀÇ ¼º°ø/½ÇÆп¡ Áß¿äÇÏÁö ¾Ê´Ù. Linux-PAMÀº ¸ðµâÀÇ ¼º°ø/½ÇÆи¦ ÆÇ´ÜÇÒ ¶§ ÀÌ·± ¸ðµâÀº ¹«½ÃÇÑ´Ù. ************************************************************** ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢»ìÆ캸±â¦¢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** ------------------------ ¡Ø /etc/pam.d/other(p.204) ------------------------ [root&sak root]# ls -al /etc/pam.d/ ========================================================================== total 116 drwxr-xr-x 2 root root 4096 Feb 9 06:48 . drwxr-xr-x 40 root root 4096 Feb 11 05:57 .. -rw-r--r-- 1 root root 245 Feb 19 2003 authconfig -rw-r--r-- 1 root root 260 Feb 25 2003 chfn -rw-r--r-- 1 root root 260 Feb 25 2003 chsh -rw-r--r-- 1 root root 169 Feb 25 2003 halt -rw-r--r-- 1 root root 276 Feb 22 2003 internet-druid -rw-r--r-- 1 root root 115 Jan 31 2003 kbdrate -rw-r--r-- 1 root root 329 Feb 25 2003 login -rw-r--r-- 1 root root 276 Feb 22 2003 neat -rw-r--r-- 1 root root 230 Feb 11 2003 other -rw-r--r-- 1 root root 169 Feb 14 2003 passwd -rw-r--r-- 1 root root 169 Feb 25 2003 poweroff -rw-r--r-- 1 root root 204 Jan 25 2003 ppp -rw-r--r-- 1 root root 169 Feb 25 2003 reboot -rw-r--r-- 1 root root 276 Feb 19 2003 redhat-config-mouse -rw-r--r-- 1 root root 276 Feb 22 2003 redhat-config-network -rw-r--r-- 1 root root 276 Feb 22 2003 redhat-config-network-cmd -rw-r--r-- 1 root root 276 Feb 22 2003 redhat-config-network-druid -rw-r--r-- 1 root root 282 Nov 12 2002 rhn_register -rw-r--r-- 1 root root 167 Feb 19 2003 setup -rw-r--r-- 1 root root 116 Feb 25 2003 smtp -rw------- 1 root root 354 Feb 15 2003 sshd -rw-r--r-- 1 root root 699 Feb 19 2003 su -rw-r--r-- 1 root root 222 Jan 25 2003 sudo -rw-r--r-- 1 root root 688 Feb 9 06:51 system-auth -rw-r--r-- 1 root root 282 Nov 12 2002 up2date -rw-r--r-- 1 root root 282 Nov 12 2002 up2date-config -rw-r--r-- 1 root root 282 Nov 12 2002 up2date-nox ========================================================================== [root&sak root]# cat /etc/pam.d/login ========================================================================== #%PAM-1.0 auth required pam_securetty.so auth required pam_stack.so service=system-auth auth required pam_nologin.so account required pam_stack.so service=system-auth password required pam_stack.so service=system-auth session required pam_stack.so service=system-auth session optional pam_console.so ========================================================================== [root&sak root]# cat /etc/pam.d/system-auth ========================================================================== #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth required /lib/security/$ISA/pam_deny.so account required /lib/security/$ISA/pam_unix.so password required /lib/security/$ISA/pam_cracklib.so retry=3 type= password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow password required /lib/security/$ISA/pam_deny.so session required /lib/security/$ISA/pam_limits.so session required /lib/security/$ISA/pam_unix.so ========================================================================== [root&sak root]# cat /etc/pam.d/system-auth ========================================================================== #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth required /lib/security/$ISA/pam_deny.so account required /lib/security/$ISA/pam_unix.so password required /lib/security/$ISA/pam_cracklib.so retry=3 minlen=12 type= ¢Ñ Æнº¿öµåÀÇ ÃÖ¼Ò±æÀ̸¦ 12ÀÚ·Î ÇÏ°Ú´Ù. password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow password required /lib/security/$ISA/pam_deny.so session required /lib/security/$ISA/pam_limits.so session required /lib/security/$ISA/pam_unix.so ========================================================================== ************************************************************** ¦®¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¯ ¦­Kernel Security / Optimizing (p.215)¦­ ¦±¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦° ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢°³³äÁ¤¸®¦¢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** -------------------- ¡Ø grsecurity(p.216) -------------------- grsecurity´Â ¸®´ª½º ½Ã½ºÅÛÀ» Á¦¾îÇÏ´Â ÇÁ·Î±×·¥ÀÎ Ä¿³Î¿¡ º¸¾È»ó Ãë¾àÁ¡ÀÌ ¹ß»ýÀÌ µÇ¾úÀ» ¶§ Áï°¢ÀûÀÎ Ä¿³ÎÀÇ ¾÷µ¥ÀÌÆ®°¡ ¾î·Æ±â ¶§¹®¿¡ À̶§ grsecurity¸¦ ÅëÇØ ¸®´ª½º ½Ã½ºÅÛÀÇ º¸¾ÈÀ» °­È­½ÃÄÑÁÖ´Â Ä¿³Î ÆÐÄ¡ ÆÄÀÏÀÓ -------------------- ¡Ø Ä¿³Î ÄÄÆÄÀÏ(p.217) -------------------- KernelÀº ¸®´ª½º¿¡¼­ ½Ã½ºÅÛÀ» Á¦¾îÇÏ´Â ÇÁ·Î±×·¥À¸·Î Kernel CompileÀ» ÇÏ´Â ÀÌÀ¯´Â - Ä¿³ÎÀÇ ¹öÀüÀÌ ¿Ã¶ó°¥¼ö·Ï ½Ã½ºÅÛ¿¡¼­ Áö¿ø°¡´É Çϵå¿þ¾î Á¾·ùÀÇ Áõ°¡ - ±â´ÉÀÇ Ãß°¡ / Á¦°Å - KernelÀÇ º¸¾È»ó ¹®Á¦Á¡À» ÁÙ¿©ÁÜ - KernelÀ» È¿À²ÀûÀ¸·Î ¸¸µé¾î¼­ ½Ã½ºÅÛÀ» ¾ÈÁ¤¼ºÀÖ°Ô ¿î¿µµÉ¼ö ÀÖµµ·Ï ÇÑ´Ù. ************************************************************** ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢½Ç½ÀÇϱ⦢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** ---------------------- ¡Ø Ä¿³Î ÄÄÆÄÀÏ(p.217) ---------------------- # cd /usr/local/src # wget http://www.grsecurity.com/grsecurity-2.1.12-2.4.37-200812271449.patch.gz # wget http://www.kernel.org/pub/linux/kernel/v2.4/linux-2.4.37.tar.bz2 ============================================================== TIP. ¾ÐÃà·ü : tar < gzip < bzip < bzip2 TIP. ¾ÐÃàÇØÁ¦ : xxx.tar.gz --> tar zxvf xxx.tar.gz xxx.tar.bz2 --> tar jxvf xxx.tar.bz2 ============================================================== # gunzip grsecurity-2.1.12-2.4.37-200812271449.patch.gz # tar jxvf linux-2.4.37.tar.bz2 # cd linux-2.4.37/ # patch -p1 < ../grsecurity-2.1.12-2.4.37-200812271449.patch # cp /boot/config-2.4.20-8 /root/2.4.37 # make mrproper ¢Ñ ÃʱâÈ­ # make menuconfig ¢Ñ Ä¿³Î ÄÄÆÄÀÏ ¿É¼ÇÀ» º¸°í ½Ã½ºÅÛ¿¡ ¸Â´Â °É ¼±Åà ============================================================================================== --> °¡Àå ¾Æ·¡ÂÊ¿¡¼­ Load Alternate Configuration FileŬ¸¯ÇÏ°í (p.218 Âü°í) /root/2.4.37 Telephony, Amateur Radio, IrDA, ISDN, Sound, Bluetooth ¼±Åû©°í.. (Space Bar ·Î ³ª°¥´ë´Â Esc 2¹ø) Save Alternate configuration file /root/2.4.37 ¢Ñ »õ·Î¿î À̸§À¸·Î º¯°æ ============================================================================================== # pwd /usr/local/src/linux-2.4.37 # make dep && make clean && make bzImage && make modules && make modules_install && make install # vi /etc/grub.conf kernel-2.4.37-grsec # shutdown -r now # uname -a 2.4.37-grsec ¢Ñ Ä¿³ÎÀÌ ÄÄÆÄÀÏ µÈ°ÍÀ» È®ÀÎÇÒ¼ö°¡ ÀÖ´Ù. ---------------------------- ¡Ø /proc File System(p.224) ---------------------------- ¸Þ¸ð¸® »ó¿¡ Á¸ÀçÇÏ´Â ÆÄÀÏ ½Ã½ºÅÛ ---------------------------- ¡Ø sysctl (p.236) ---------------------------- kernel parameter °ªµéÀ» Á¶ÀýÇϱâ À§ÇÑ ÇÁ·Î±×·¥À¸·Î ¿µ±¸ÀûÀ¸·Î ¼³Á¤ °¡´É # sysctl -w net.ipv4.icmp_echo_ignore_all = 0 ¢Ñ ICMP request ÆÐŶ¿¡ ´ëÇÑ reply¸¦ ÇÏÁö ¾Ê´Â´Ù vi /etc/sysctl.conf ===================================== net.ipv4.icmp_echo_ignore_all = 1 net.ipv4.icmp_echo_ignore_broadcasts = 1 net.ipv4.icmp_ignore_bogus_error_responses = 1 net.ipv4.tcp_fin_timeout = 30 net.ipv4.tcp_max_syn_backlog = 1024 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_keepalive_time = 1800 net.ipv4.conf.all.accept_source_route = 0 net.ipv4.conf.all.send_redirects = 0 net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.all.rp_filter = 1 ===================================== --> À§¿Í °°ÀÌ ¼öÁ¤ÇÑ´Ù --> ¼³Á¤Àû¿ëÀ» À§ÇØ ½Ã½ºÅÛÀ» ÀçºÎÆÃÇÑ´Ù. ************************************************************** ¦®¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¯ ¦­Log Management / Security (p.239) ¦­ ¦±¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦° ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢°³³äÁ¤¸®¦¢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** --------------------- ¡Ø Log Files(p.240) --------------------- ¿ì¸®°¡ ³×Æ®¿öÅ©¸¦ ÅëÇØ ¼­¹ö¿¡ Á¢¼ÓÇÏ°Ô µÇ´Â ¼ø°£ºÎÅÍ Á¢¼ÓÀ» ²÷´Â ¼ø°£±îÁöÀÇ ¸ðµç ÇൿµéÀÌ ·Î±× ÆÄÀÏÀ̳ª ·Î±× ¼­¹ö¿¡ ÀúÀåµÇ°Ô µÈ´Ù. ·Î±×´Â ħÀÔÀÚ°¡ ¾îµð¼­, ¾î¶»°Ô µé¾î¿Ô´ÂÁö Àû³ª¶óÇÏ°Ô ¾Ë ¼ö ÀÖ°í µé¾î¿Í¼­ ¾î¶²ÁþÀ» Çß´ÂÁöµµ ¾Ë ¼ö ÀÖ¾î Ãß ÈÄ ¹®Á¦°¡ ¹ß»ýÇßÀ» °æ¿ì ·Î±× Á¤º¸¸¦ ÀÌ¿ëÇؼ­ ħÀÔÀÚ¸¦ ã¾Æ³»´Â Áß¿äÇÑ ´Ü¼­°¡ µÈ´Ù. £ª /var/log - ¸®´ª½º ½Ã½ºÅÛ¿¡¼­´Â /var/log¿¡ ±âº» ·Î±× ÆÄÀϵéÀÌ À§Ä¡ÇÏ°Ô µÈ´Ù. £ª lastlog - lastlog´Â »ç¿ëÀÚÀÇ ÃÖ±Ù ·Î±×ÀÎ ½Ã°£À» »ç¿ëÀÚ À̸§, Å͹̳Î, ¸¶Áö¸· ·Î±×ÀÎ ½Ã°£À¸·Î Ãâ·ÂÇÑ´Ù. £ª wtmp - wtmp·Î±×´Â ÆÄÀÏÀÌ »ý¼ºµÇ´Â ¼ø°£ºÎÅÍ »ç¿ëÀÚÀÇ ·Î±×Àΰú ·Î±×¾Æ¿ô ÇÑ Á¤º¸µéÀ» º¸¿©ÁØ´Ù. £ª btmp - btmpÆÄÀÏÀº ·Î±×ÀÎÀÌ ½ÇÆÐµÉ °æ¿ì ÀÌ ÆÄÀÏ¿¡ ÀúÀåµÇ°Ô µÈ´Ù. £ª messages (/var/log/messages) ¡Ú Áß¿äÇÔ.. - ·Î±× ÆÄÀÏ Áß °¡Àå Áß¿äÇÑ ºÎºÐÀ¸·Î¼­ ·Î±×ÀÎ ±â·ÏºÎÅÍ µð¹ÙÀ̽º Á¤º¸, ½Ã½ºÅÛ ¼³Á¤¿À·ù, ÆÄÀÏ ½Ã½ºÅÛ, ³×Æ®¿öÅ© ¼¼¼Ç±â·Ï µî ´Ù¾çÇÑ Á¤º¸¸¦ °¡Áö°í ÀÖ´Â ÆÄÀÏÀÌ messages ÆÄÀÏÀÌ´Ù. £ª secure (/var/log/secure) - ÅÚ³ÝÀ̳ª FTP, ¿ø°Ý Á¢¼Ó µî ÀÎÁõ°úÁ¤À» °ÅÄ¡´Â ¸ðµç ·Î±×¸¦ secure·Î±×¿¡ ÀúÀåÇÑ´Ù. - secure·Î±×´Â syslog µ¥¸ó¿¡ ÀÇÇØ ¼³Á¤ µÇ¾î Áö´Âµ¥ µ¥¸ó ¼³Á¤¿¡ µû¶ó¼­ ±â·Ï À¯¹«°¡ ¹Ù²ð ¼öµµ ÀÖ´Ù. £ª httpd log (/var/log/httpd) - À¥¼­¹ö¸¦ ¿î¿µÇÏ°í ÀÖ´Ù¸é access_log¿Í error_log ÆÄÀÏÀÌ /var/log/httpd¿¡ »ý±â°Ô µÈ´Ù. £ª history (Ȩµð·ºÅ丮/.bash_history) - ÀÌÀü ¸í·É¾îµéÀ» ã±â ½±°í »ç¿ëÇϱ⠺¸´Ù ÆíÇϱâ À§ÇØ ¸¸µé¾îÁø ¸í·É¾î ±â¾ï°ø°£À̶ó°í º¼¼öÀÖ´Ù. - history ÆÄÀÏ »èÁ¦½Ã ¹æ¹ý 2°¡Áö ¡æ # rm /root/.bash_history ¡æ # ln -s dev/null .bash_history (¸®´ª½ºÀÇ ºí·¢È¦À̶ó ºÎ¸£´Â °÷À¸·Î ¸µÅ©¸¦ °É¾î¹ö¸°´Ù.) --------------------- ¡Ø syslogd(p.252) --------------------- syslogd´Â ½Ã½ºÅÛ ·Î±× µ¥¸óÀÌ´Ù. ½Ã½ºÅÛ¿¡ ¹ß»ýÇÏ´Â ¸ðµç ·Î±×¸¦ °ü¸®ÇÏ°í ÀÖ´Ù. ½Ã½ºÅÛÀÌ ºÎÆõǰí syslogd°¡ ½ÇÇàµÇ¸é ÀÌ µ¥¸óÀº /etc/syslog.conf ÆÄÀÏÀ» Àаí syslog.pid¸¦ ±â·ÏÇÑ ´ÙÀ½ syslog.conf¿¡ ¸í½ÃµÇ¾î ÀÖ´Â ·Î±× ÆÄÀϵ鿡 ·Î±× ±â·ÏÀ» ½ÃÀÛÇÑ´Ù. --------------------- ¡Ø logrotate(p.256) --------------------- ·Î±×ÆÄÀϵéÀ» Àû´çÇÑ Å©±â·Î ÀÚ¸£°í(rotate), ¾ÐÃàÇÏ¿©, º¸°üÇϰųª, »èÁ¦ÇÏ´Â µîÀÇ ÀÛ¾÷ /usr/sbin/logrotate /etc/logrotate.conf /etc/logrotate.d /var/lib/logrotate.status /etc/cron.daily/logrotate ************************************************************** ¦®¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¯ ¦­Monitoring / Integrity (p.261)¦­ ¦±¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦° ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢°³³äÁ¤¸®¦¢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** -------------------- ¡Ø Tripwire(p.262) -------------------- - ½Ã½ºÅÛ ÆÄÀϵéÀÇ ¹«°á¼º °Ë»ç - MD5, SHA, CRC-32 Hash Function - ½Ã½ºÅÛ ÆÄÀÏ¿¡ ´ëÇÑ µ¥ÀÌÅͺ£À̽º »ý¼º ÈÄ ºñ±³ °Ë»ç -------------------- ¡Ø COPS(p.273) -------------------- - ÆÄÀÏ, µð·ºÅ丮 ¹× ÀåÄ¡ÆÄÀÏ¿¡ ´ëÇÑ ÆÛ¹Ì¼Ç Á¡°Ë - /etc/passwd, /etc/group ÆÄÀÏ ³»¿ë Á¡°Ë - /etc/hosts.equiv, [»ç¿ëÀÚ È¨µð·ºÅ丮]/.rhosts ÆÄÀÏ ³»¿ë Á¡°Ë - suid ÆÄÀÏ ³»¿ë Á¡°Ë - anonymous ftp Á¡°Ë - /etc/rc*, /etc/rc*.d/*, cron ÆÄÀÏ Á¡°Ë - ½Ã½ºÅÛÀÇ ÆÄÀÏ, µð·ºÅ丮 ¼ÒÀ¯±Ç°ú ÆÛ¹Ì¼Ç º¯È­ Á¡°Ë µî ************************************************************** ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢½Ç½ÀÇϱ⦢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** -------------------- ¡Ø Tripwire(p.262) - ¹«°á¼º °Ë»ç -------------------- [root&sak src]# mount /dev/cdrom /mnt/cdrom/ ======================================================================== mount: block device /dev/cdrom is write-protected, mounting read-only ======================================================================== [root&sak src]# find /mnt/cdrom/* -type f -name "tripwire*" ======================================================================== /mnt/cdrom/RedHat/RPMS/tripwire-2.3.1-17.i386.rpm ======================================================================== [root&sak src]# cp /mnt/cdrom/RedHat/RPMS/tripwire-2.3.1-17.i386.rpm /usr/local/src/ [root&sak src]# rpm -Uvh tripwire-2.3.1-17.i386.rpm ================================================================================== warning: tripwire-2.3.1-17.i386.rpm: V3 DSA signature: NOKEY, key ID db42a60e Preparing... ########################################### [100%] 1:tripwire ########################################### [100%] ================================================================================== [root&sak root]# ls -al /etc/tripwire/ ========================================================================= total 80 drwxr-xr-x 2 root root 4096 Feb 11 20:33 . drwxr-xr-x 41 root root 4096 Feb 11 20:33 .. -rw-r--r-- 1 root root 603 Jan 25 2003 twcfg.txt -rwxr-xr-x 1 root root 10100 Jan 25 2003 twinstall.sh -rw-r--r-- 1 root root 51817 Jan 25 2003 twpol.txt ========================================================================= [root&sak root]# cd /etc/tripwire/ [root&sak tripwire]# pwd /etc/tripwire [root&sak tripwire]# ./twinstall.sh ========================================================================= ---------------------------------------------- The Tripwire site and local passphrases are used to sign a variety of files, such as the configuration, policy, and database files. Passphrases should be at least 8 characters in length and contain both letters and numbers. See the Tripwire manual for more information. ---------------------------------------------- Creating key files... (When selecting a passphrase, keep in mind that good passphrases typically have upper and lower case letters, digits and punctuation marks, and are at least 8 characters in length.) Enter the site keyfile passphrase: Verify the site keyfile passphrase: Generating key (this may take several minutes)...Key generation complete. (When selecting a passphrase, keep in mind that good passphrases typically have upper and lower case letters, digits and punctuation marks, and are at least 8 characters in length.) Enter the local keyfile passphrase: Verify the local keyfile passphrase: Generating key (this may take several minutes)...Key generation complete. ---------------------------------------------- Signing configuration file... Please enter your site passphrase: Wrote configuration file: /etc/tripwire/tw.cfg A clear-text version of the Tripwire configuration file /etc/tripwire/twcfg.txt has been preserved for your inspection. It is recommended that you delete this file manually after you have examined it. ---------------------------------------------- Signing policy file... Please enter your site passphrase: Incorrect site passphrase. Please enter your site passphrase: Wrote policy file: /etc/tripwire/tw.pol A clear-text version of the Tripwire policy file /etc/tripwire/twpol.txt has been preserved for your inspection. This implements a minimal policy, intended only to test essential Tripwire functionality. You should edit the policy file to describe your system, and then use twadmin to generate a new signed copy of the Tripwire policy. ========================================================================= [root&sak tripwire]# ls -al ========================================================================= total 108 drwxr-xr-x 2 root root 4096 Feb 11 20:50 . drwxr-xr-x 41 root root 4096 Feb 11 20:33 .. -rw-r----- 1 root root 931 Feb 11 20:48 sak-local.key -rw-r----- 1 root root 931 Feb 11 20:48 site.key -rw-r----- 1 root root 4586 Feb 11 20:49 tw.cfg -rw-r--r-- 1 root root 603 Jan 25 2003 twcfg.txt -rwxr-xr-x 1 root root 10100 Jan 25 2003 twinstall.sh -rw-r----- 1 root root 8287 Feb 11 20:50 tw.pol -rw-r--r-- 1 root root 51817 Jan 25 2003 twpol.txt ========================================================================= [root&sak tripwire]# tripwire --init ========================================================================= Please enter your local passphrase: Parsing policy file: /etc/tripwire/tw.pol Generating the database... *** Processing Unix File System *** ### Warning: File system error. ### Filename: /usr/sbin/fixrmtab ### No such file or directory ### Continuing... ### Warning: File system error. ### Filename: /sbin/accton ### No such file or directory ### Continuing... ### Warning: File system error. ### Filename: /sbin/busybox ### No such file or directory ### Continuing... ### Warning: File system error. ### Filename: /sbin/busybox.anaconda ### No such file or directory ### Continuing... ### Warning: File system error. ### Filename: /sbin/fsck.minix ### No such file or directory ### Continuing... ### Warning: File system error. ### Filename: /sbin/mkfs.bfs ### No such file or directory ### Continuing... ### Warning: File system error. ### Filename: /sbin/mkfs.minix ### No such file or directory ### Continuing... ### Warning: File system error. ### Filename: /sbin/update ### No such file or directory ### Continuing... ### No such file or directory ### Continuing... Wrote database file: /var/lib/tripwire/sak.twd The database was successfully generated. ========================================================================= --> ¹«°á¼º °Ë»ç [root&sak tripwire]# tripwire --check ========================================================================= Parsing policy file: /etc/tripwire/tw.pol *** Processing Unix File System *** Performing integrity check... ### Warning: File system error. ### Filename: /root/.esd_auth ### No such file or directory ### Continuing... ### Warning: File system error. ### Filename: /root/.gnome_private ### No such file or directory ### Continuing... ### Warning: File system error. ### Filename: /root/.gnome-desktop ### No such file or directory ### Continuing... ### Warning: File system error. ### Filename: /bin/ksh ### No such file or directory ### Continuing... Wrote report file: /var/lib/tripwire/report/sak-20090211-205716.twr Tripwire(R) 2.3.0 Integrity Check Report Report generated by: root Report created on: Wed 11 Feb 2009 08:57:16 PM KST Database last updated on: Never =============================================================================== Report Summary: =============================================================================== Host name: sak Host IP address: 127.0.0.1 Host ID: None Policy file used: /etc/tripwire/tw.pol Configuration file used: /etc/tripwire/tw.cfg Database file used: /var/lib/tripwire/sak.twd Command line used: tripwire --check =============================================================================== Rule Summary: =============================================================================== ------------------------------------------------------------------------------- Section: Unix File System ------------------------------------------------------------------------------- Rule Name Severity Level Added Removed Modified --------- -------------- ----- ------- -------- Invariant Directories 66 0 0 0 Critical devices 100 0 0 0 Temporary directories 33 0 0 0 * Tripwire Data Files 100 1 0 0 Root config files 100 0 0 0 User binaries 66 0 0 0 Tripwire Binaries 100 0 0 0 Critical configuration files 100 0 0 0 Libraries 66 0 0 0 Operating System Utilities 100 0 0 0 Critical system boot files 100 0 0 0 File System and Disk Administraton Programs 100 0 0 0 Kernel Administration Programs 100 0 0 0 Networking Programs 100 0 0 0 System Administration Programs 100 0 0 0 Hardware and Device Control Programs 100 0 0 0 System Information Programs 100 0 0 0 Application Information Programs 100 0 0 0 Shell Related Programs 100 0 0 0 Critical Utility Sym-Links 100 0 0 0 Shell Binaries 100 0 0 0 System boot changes 100 0 0 0 OS executables and libraries 100 0 0 0 Security Control 100 0 0 0 Login Scripts 100 0 0 0 Total objects scanned: 17213 Total violations found: 1 =============================================================================== Object Summary: =============================================================================== ------------------------------------------------------------------------------- # Section: Unix File System ------------------------------------------------------------------------------- ------------------------------------------------------------------------------- Rule Name: Tripwire Data Files (/var/lib/tripwire) Severity Level: 100 ------------------------------------------------------------------------------- Added: "/var/lib/tripwire/sak.twd" =============================================================================== Error Report: =============================================================================== ------------------------------------------------------------------------------- Section: Unix File System ------------------------------------------------------------------------------- 1. File system error. Filename: /root/.esd_auth No such file or directory 2. File system error. Filename: /root/.gnome_private No such file or directory 3. File system error. Filename: /root/.gnome-desktop No such file or directory 119. File system error. Filename: /bin/ksh No such file or directory ------------------------------------------------------------------------------- *** End of report *** Tripwire 2.3 Portions copyright 2000 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. This software comes with ABSOLUTELY NO WARRANTY; for details use --version. This is free software which may be redistributed or modified only under certain conditions; see COPYING for details. All rights reserved. Integrity check complete. ========================================================================= --> µ¥ÀÌÅͺ£À̽º °»½Å - Á¤»óÀûÀÎ º¯È­¶ó¸é ±âÁ¸¿¡ ÀÖ´ø µ¥ÀÌÅͺ£À̽º¸¦ °»½ÅÇÑ´Ù [root&sak tripwire]# tripwire -m u -a -r /var/lib/tripwire/report/sak-20090211-205716.twr ========================================================================= Please enter your local passphrase: Wrote database file: /var/lib/tripwire/sak.twd ========================================================================= --> Á¤Ã¥ÆÄÀÏ °»½Å - µ¥ÀÌÅͺ£À̽º ÆÄÀÏÀ» °»½ÅÇÔ¿¡ µû¶ó Á¤Ã¥ÆÄÀÏ ¶ÇÇÑ °»½ÅÀ» ÇÑ´Ù [root&sak tripwire]# twadmin -m P twpol.txt ========================================================================= Please enter your site passphrase: Wrote policy file: /etc/tripwire/tw.pol ========================================================================= --> tripwire °á°ú ÆÄÀÏ ÇÁ¸°Æà [root&sak tripwire]# twprint -m r -r /var/lib/tripwire/report/sak-20090211-205716.twr > tripwire.txt ************************************************************** ¦®¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¯ ¦­Backup and Update (p.277) ¦­ ¦±¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦° ¦£¦¡¦¡¦¡¦¡¦¤ ¦¢°³³äÁ¤¸®¦¢ ¦¦¦¡¦¡¦¡¦¡¦¥ ************************************************************** ---------------------- ¡Ø ¹é¾÷ÀÇ Á߿伺(p.278) ---------------------- £ª µ¥ÀÌÅÍÀÇ ¼Õ½Ç - Çϵå¿þ¾î ¼Õ»ó - ¼ÒÇÁÆ®¿þ¾î ¹ö±× - Àΰ£ÀÇ ½Ç¼ö - ÀÚ¿¬ÀçÇØ £ª ¹é¾÷(Backup) - µ¥ÀÌÅÍ°¡ Áö´Ñ °¡Ä¡¸¦ º¸Á¸ÇÏ´Â ÀÛ¾÷ - ¹é¾÷ ¸Åü ¼±Åà - ¹é¾÷ Åø ¼±Åà - ´Ü¼ø ¹é¾÷ - ´Ù´Ü°è ¹é¾÷ - ¾ÐÃàÀ» »ç¿ëÇÑ ¹é¾÷ ---------------------- ¡Ø tar (p.281) ---------------------- £ª gzip : gz¾ÐÃà £ª gunzip : gz¾ÐÃàÀ» ÇØÁ¦ £ª bzip2 : bz2¾ÐÃà £ª bunzip2 : bz2 ¾ÐÃàÀ» ÇØÁ¦ £ª tar ÆÄÀÏ µ¿½Ã¿¡ ¿©·¯°³ Ç®±â - && ¹­´Â ¹æ¹ý - find . -name "*.tar" -exec tar xvf {} \; £ª tarÀÇ Áß¿ä¿É¼Ç »ìÆ캸±â(p.282 Âü°í) -e : µð·ºÅ丮¸¦ Æ÷ÇÔÇÏ¿© ¿©·¯°³ÀÇ ÆÄÀϵéÀ» ¹­À» ¶§ »ç¿ëÇÑ´Ù. (Create) -x : µð·ºÅ丮¸¦ Æ÷ÇÔÇÏ¿© ¹­ÀÎ ÆÄÀÏÀÇ ¾ÐÃàÀ» Ç®°Ú´Ù´Â °ÍÀ» tar¿¡°Ô ¾Ë¸°´Ù. (eXtract) -t : tar ÆÄÀϾȿ¡ ÀÖ´Â ÆÄÀÏÀ̳ª µð·ºÅ丮 ¸ñ·ÏÀ» º¼ ¶§ »ç¿ëÇÏ´Â ¿É¼ÇÀÌ´Ù. (lisT) -f : ÆÄÀÏÀ» ¹­À»¶§´Â Ãâ·Â ÆÄÀÏ, ÆÄÀÏÀÇ ¾ÐÃàÀ» Ç®¶§´Â ÀÔ·Â ÆÄÀÏÀ» ÀÌ ¿É¼Ç µÚ¿¡ ½áÁØ´Ù. (File) -v : ÀÛ¾÷ ÁøÇà »óȲÀ» È­¸é¿¡ Ç¥½ÃÇÑ´Ù. (Verbose). -z : .gz¶ó´Â ÆÄÀÏÀÇ ¾ÐÃàÀ̳ª ÇØÁ¦ -j : .bz2¶ó´Â ÆÄÀÏÀÇ ¾ÐÃàÀ̳ª ÇØÁ¦ ---------------------- ¡Ø crontab (p.296) ---------------------- - ½Ã½ºÅÛÀÇ ÁÖ±âÀûÀÎ cron ÀÛ¾÷ÀÇ ¼³Á¤, ¼öÁ¤µîÀ» ÇÏ´Â ¸í·É¾î - ½Ã½ºÅÛ¿¡¼­ °¡Àå Áß¿äÇÑ µ¥¸óÁßÀÇ ÇϳªÀÎ crond¿Í Á÷Á¢ÀûÀÎ °ü·ÃÀÌ ÀÖ´Â ¸í·É¾î - crondµ¥¸óÀº /etc/rc.d/init.d/crond ÀÇ ½ºÅ©¸³Æ®¿¡ ÀÇÇØ ½ÃÀÛ, Á¾·á, ½ÃÀÛ µÉ¼ö ÀÖÀ½ - crond µ¥¸ó - /etc/crontab ÆÄÀÏ - /etc/rc.dinit.d/crond ½ºÅ©¸³Æ® - /var/spool/cron µð·ºÅ丮³»ÀÇ Å©·Ð ¼³Á¤ ÆÄÀϵé - cron ¼³Á¤ÇÏ´Â ¹æ¹ý ============================================================================ 40 3 * * * root /home/mysql/mysql_backup.sh ============================================================================ - ¸Ç ¾ÕÀÇ 40Àº 40ºÐÀ» ÀǹÌÇÔ(ºÐÀ» ÀÇ¹Ì : 0~59) - ±× µÚÀÇ 3Àº 03½Ã¸¦ ÀǹÌÇÔ(½Ã¸¦ ÀÇ¹Ì : 0~23) - ±× µÚÀÇ *Àº ¸ÅÀÏÀ» ÀǹÌÇÔ(ÀÏÀ» ÀÇ¹Ì : 1~31) - ±× µÚÀÇ *Àº ¸Å¿ùÀ» ÀǹÌÇÔ(¿ùÀ» ÀÇ¹Ì : 1~12) - ±× µÚÀÇ *Àº ¸ÅÁÖ¸¦ ÀǹÌÇÔ(¿äÀÏÀ» ÀÇ¹Ì 1:¿ù¿äÀÏ~7:ÀÏ¿äÀÏ) - ±× µÚÀÇ root ÀÌÇÏ´Â root °èÁ¤À¸·Î mysql_backup.shÀ» ½ÇÇàÇ϶ó´Â ÀÇ¹Ì ---------------------- ¡Ø yum (p.300) ---------------------- yumÀº rpm ±â¹Ý ½Ã½ºÅÛ¿¡¼­ ÀÚµ¿À¸·Î ÆÐÅ°Áö¸¦ ¾÷µ¥ÀÌÆ®, ¼³Ä¡, »èÁ¦¸¦ ÇØÁÖ´Â À¯Æ¿¸®Æ¼ - ÃֽŠÆÐÅ°Áö·Î ¾÷µ¥ÀÌÆ® : # yum update - ÆÐÅ°Áö ¼³Ä¡ : # yum install ÆÐÅ°Áö¸í - ÆÐÅ°Áö ¾÷µ¥ÀÌÆ® : # yum update ÆÐÅ°Áö¸í - ÆÐÅ°Áö »èÁ¦ : # yum remove ÆÐÅ°Áö¸í - ÆÐÅ°Áö °Ë»ö : # yum search ÆÐÅ°Áö¸í ************************************************************** ¦®¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¯ ¦­¸®´ª½º ½Ã½ºÅÛ Áß°£Å×½ºÆ® ¹®Á¦ ¦­ ¦±¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦° ************************************************************** -------------------------------------------------- 1. ¸®´ª½ºÀÇ Æ¯Â¡ ¹× Àå, ´ÜÁ¡¿¡ ´ëÇÏ¿© ¼³¸íÇϽÿÀ -------------------------------------------------- ÀåÁ¡ : ¹«·á¼ÒÇÁÆ®¿þ¾î, ÀÚÀ¯·Î¿î º¯Çü°¡´É(ÄÄÆÄÀÏÀÌ °¡´É) ´ÜÁ¡ : ¹®Á¦ ¹ß»ý½Ã Áö¿ø¹Þ±â ¾î·Á¿ò ---------------------------------------------------------------- 2. ¸®´ª½º ¸í·É¾î Áß »ý°¢³ª´Â ¸í·É¾î¸¦ ¾²°í ÀÌ¿¡ ´ëÇÑ ¼³¸íÇϽÿÀ ---------------------------------------------------------------- ls µð·ºÅ丮, ÆÄÀÏÀÇ ¸ñ·ÏÀ» Ç¥½Ã cp ÆÄÀÏ º¹»ç mv ÆÄÀÏ À̵¿, À̸§ ¹Ù²Ù±â rm µð·ºÅ丮, ÆÄÀÏÀÇ »èÁ¦ mkdir µð·ºÅ丮 »ý¼º rmdir ºñ¾îÀÖ´Â µð·ºÅ丮»èÁ¦ cd µð·ºÅ丮°£ÀÇ À̵¿ touch ÆÄÀÏ¿¡¼­ÀÇ Å¸ÀӺκÐÀ» º¯°æÇϰųª Å©±â°¡ 0ÀÎ ÆÄÀÏÀ» »ý¼º cat ÆÄÀÏÀÇ ³»¿ëÀ» È®ÀÎ, > °ú °°ÀÌ »ç¿ë½Ã ³»¿ëÀ» Ãß°¡ find µð·ºÅ丮, ÆÄÀÏÀÇ Ã£±â grep ƯÁ¤ ¹®ÀÚ¿­ÀÌ Æ÷ÇÔµÈ ³»¿ëÀ» ã´Âµ¥ »ç¿ë pwd µð·ºÅ丮ÀÇ Àý´ë°æ·Î È®ÀÎ -------------------------------- 3. ¾Æ·¡ÀÇ ¹®Á¦¸¦ ÀÐ°í ´äÇϽÿÀ -------------------------------- lab1) ¸®´ª½º ¸í·É¾î¸¦ ÅëÇØ ÇöÀç À§Ä¡°¡ /root µð·ºÅ丮¸¦ È®ÀÎÇضó. # pwd lab2) /etc/passwd ÆÄÀÏÀÇ ³»¿ëÀ» È®ÀÎÇÏ°íÀÚ ÇÑ´Ù ¾î¶² ¸í·É¾î¸¦ »ç¿ëÇÏ¿©¾ß ÇÏ´ÂÁö ¼³¸íÇضó. # cat /etc/passwd, # vi /etc/passwd, # more /etc/passwd lab3) /root µð·ºÅ丮¿¡¼­ ÆÄÀÏ Å©±â°¡ 0ÀÎ aa.txt ÆÄÀÏÀ» »ý¼ºÇؼ­ aa.txt ÆÄÀÏÀ» bb.txt ÆÄÀÏ·Î º¹»çÇضó. # touch aa.txt # cp aa.txt bb.txt lab4) /root/123 ÆÄÀÏÀÇ ¼Ó¼ºÀ» ÆÄÀÏ ³»¿ëÀÇ Ãß°¡,»èÁ¦´Â °¡´ÉÇϳª ÆÄÀÏ¿¡ ´ëÇÏ¿© »èÁ¦´Â ºÒ°¡´ÉÇϵµ·Ï º¯°æÇضó # chattr +a /root/123 -------------------------------------------------------------------------------------- 4. Grub ºÎÆ®·Î´õ¿¡ º¸¾È ¼³Á¤À» ÇÏ°íÀÚ ÇÑ´Ù. ¾î¶² ¸í·É¾î¸¦ »ç¿ëÇØ¾ß ÇÏ´ÂÁö ¼³¸íÇϽÿÀ -------------------------------------------------------------------------------------- 1. # grub-md-crypt 2. Æнº¿öµå ÀÔ·Â 3. Æнº¿öµå ÀÔ·Â ÈÄ ³ª¿Â md5°ªÀ» º¹»çÇÏ¿© vi /boot/grub/grub.conf ¸¦ ¿¬´Ù 4. password --md5 md5°ªÀ» ÀÔ·ÂÇÏ°í ÀúÀå -------------------------------------------------- 5. /etc/inittab ³»¿ë Áß ¾Æ·¡ÀÇ ³»¿ëÀ» ¼³¸íÇϽÿÀ -------------------------------------------------- ca::ctrlaltdel:/sbin/shutdown -a -t3 -r now ½Ã½ºÅÛÀÇ ÀçºÎÆðú °ü·ÃµÈ ºÎºÐÀ¸·Î ÀçºÎÆÃÀ» Çϳª ¸í·É¾î°¡ ½ÇÇà µÇ°í 3ÃÊÈÄ¿¡ ÀçºÎÆÃÀÌ µÇ¸ç /etc/shutdown.allow ÆÄÀÏ ¾È¿¡ µî·ÏµÈ »ç¿ëÀÚ¸¸ ctrl+alt+delÀ» ÀÌ¿ëÇÏ¿© ÀçºÎÆÃÀÌ °¡´ÉÇÏ°Ô µÈ´Ù. ----------------------------------------- 6. Æ۹̼Ç(Permission)¿¡ ´ëÇÏ¿© ¼³¸íÇϽÿÀ ----------------------------------------- ÆÄÀÏ¿¡ ´ëÇÑ Á¢±Ù±ÇÇÑÀ» ºÎ¿©ÇÏ´Â °ÍÀ¸·Î µð·ºÅ丮´Â 755, ÆÄÀÏÀº 644·Î ºÎ¿©°¡ µÈ´Ù --------------------------------------------------- 7. Setuid, Setgid, Sticky bit¿¡ ´ëÇÏ¿© ¼³¸íÇϽÿÀ --------------------------------------------------- Setuid : µð·ºÅ丮, ÆÄÀÏÀ» ½ÇÇàÀ» ÇÒ¶§ µð·ºÅ丮, ÆÄÀÏÀ» ¸¸µé¾ú´ø À¯ÀúÀÇ ±ÇÇÑÀ» °¡Áö°Ô µÈ´Ù Setgid : Setuid¿Í ºñ½ÁÇÏÁö¸¸ ´ÜÁö À¯Àú°¡ ¾Æ´Ñ ±×·ì¿¡ ´ëÇÑ ±ÇÇÑÀ» °¡Áö°Ô µÈ´Ù Sticky bit : ¿¹¸¦ µé¸é /tmp À̸ç À̶§´Â ÀÚ½ÅÀÌ ¸¸µç µð·ºÅ丮, ÆÄÀÏ ÀÌ¿Ü¿¡´Â ´Ù¸¥ À¯Àú°¡ ¸¸µç µð·ºÅ丮, ÆÄÀÏ µîÀ» »èÁ¦Çϰųª ¼öÁ¤ ÇÒ ¼ö ¾ø°Ô µÈ´Ù. ----------------------------- 8. RunLevel¿¡ ´ëÇØ ¼³¸íÇϽÿÀ ----------------------------- Level0 : Halt (½Ã½ºÅÛÀÇ Á¾·áºÎºÐÀ¸·Î ½Ã½ºÅÛ¿¡¼­´Â ±âº»ÀûÀ¸·Î »ç¿ëÇÏÁö ¾Ê´Â´Ù) Level1 : Single mode (ÀϹÝÀûÀ¸·Î ¸»ÇÏ´Â ºÎÆ®·Î´õ¸¦ ÅëÇØ µé¾î °¥ ¼ö ÀÖ´Â ½Ì±Û ¸ðµå¿Í µ¿ÀÏ) Level2 : Multiuser Mode (´ÙÁß»ç¿ëÀÚ ¸ðµå ÀÌÁö¸¸ ³×Æ®¿öÅ·±â´ÉÀÌ ºüÁ®ÀÖ´Ù) Level3 : Full Multiuser Mode (ÀϹÝÀûÀ¸·Î »ç¿ëÇÏ´Â ¸ðµå·Î Level2¿¡ ³×Æ®¿öÅ·±â´ÉÀÌ Ãß°¡µÈ ºÎºÐ¿¡¼­ Â÷ÀÌ°¡ ÀÖ´Ù) Level4 : Unused (»ç¿ëÇÏÁö ¾Ê´Â´Ù) Level5 : X-11 (X-windows, Áï ±×·¡ÇÈÀ¯Àúȯ°æ ºÎºÐ) Level6 : Reboot (½Ã½ºÅÛÀ» ÀçºÎÆÃÇÏ´Â ºÎºÐÀ¸·Î Level0°ú °°ÀÌ ±âº»ÀûÀ¸·Î »ç¿ëµÇÁö ¾Ê´Â´Ù) ------------------------------------- 9. ·Î±×ÀÎ °úÁ¤À» °£´ÜÇÏ°Ô ¼³¸íÇϽÿÀ ------------------------------------- PID 1¹ø init ÇÁ·Î¼¼½º°¡ È£Ãâ ¡æ PID 500¹ø child init ÇÁ·Î¼¼½º ¡æ /sbin/mingetty ¶Ç´Â /sbin/getty ½ÇÇà ¡æ /etc/passwd ÆÄÀÏ°ú usernameÈ®ÀÎ ¡æ /etc/shadow ÆÄÀÏ°ú password È®ÀÎ ¡æ ÀÏÄ¡ÇÏ¸é ·Î±×ÀÎ, ºÒÀÏÄ¡Çϸé PID 1¹ø init ÇÁ·Î¼¼½º·Î À̵¿ ------------------------------------------------------- 10. RC ScriptÁß /etc/rc.d/rc3.d¸¦ ¿¹·Î µé¾î ¼³¸íÇϽÿÀ ------------------------------------------------------- RunLevel3¿¡ ´ëÇÑ ºÎºÐÀ¸·Î Full Multiuser Mode ³×Æ®¿öÅ·ÀÌ Áö¿øµÇ´Â ºÎºÐÀ¸·Î ÀÌ¿¡ ÇØ´çÇÏ´Â ½ºÅ©¸³Æ®¸¸À» ±¸µ¿½ÃÅ°°í Killall, Shutdown°ú °°Àº ¸í·É¾î´Â KillÀ» ½ÃŲ´Ù. À̶§ S·Î ½ÃÀÛÇÏ¸é ±¸µ¿ÇÏ´Â °ÍÀÌ°í K·Î ½ÃÀÛÇϸé ÇØ´ç ¸í·É¾î Á×ÀδÙ. ÁÖÀÇ»çÇ×Àº S³ª K´Â ´ë¹®ÀÚ·Î ½ÃÀÛÇØ¾ß ÇÑ´Ù ------------------------------------------------ 11. ext2, ext3 ÆÄÀÏ ½Ã½ºÅÛ¿¡ ´ëÇÏ¿© ¼³¸íÇϽÿÀ ------------------------------------------------ ext2 ÆÄÀÏ°ú ¸ÞŸ µ¥ÀÌÅÍ°¡ ºñµ¿±â·Î ±â·ÏÀÌ µÈ´Ù. ÀÌ·Î ÀÎÇØ ½Ã½ºÅÛÀÌ °­Á¦·Î Á¾·á°¡ µÇ°Ô µÇ¸é ÆÄÀϽýºÅÛÀ» º¹±¸Çϴµ¥ ¿À·£½Ã°£ÀÌ ¼Ò¿äµÇ¸ç ºÒ¾ÈÁ¤ÇÏ°Ô µÉ ¼ö ÀÖ´Ù ext3 ext2 ¹æ½Ä°ú ´Þ¸® Àú³Î¸µ±â¹ýÀÌ Àû¿ëµÈ ÆÄÀÏ ½Ã½ºÅÛÀ¸·Î ·Î±×ŸÀÔÀ¸·Î ±â·ÏÀÌ µÈ´Ù. À̸¦ ÅëÇØ ½Ã½ºÅÛÀÌ °­Á¦·Î Á¾·á°¡ µÇ´õ¶óµµ ÆÄÀϽýºÅÛÀ» º¹±¸Çϴµ¥ ºñ±³Àû ÀûÀº ½Ã°£ÀÌ ¼Ò¿äµÇ°í ºÒ¾ÈÁ¤ ÆÄÀÏ ½Ã½ºÅÛÀÌ ÀÖ´Ù¸é ÀÌ´Â º¹±¸¸¦ Æ÷±âÇÑ´Ù ----------------------------------------------------------- 12. µð·ºÅ丮 ±¸Á¶ Áß /proc ÆÄÀÏ ½Ã½ºÅÛ¿¡ ´ëÇÏ¿© ¼³¸íÇϽÿÀ ----------------------------------------------------------- /proc ÆÄÀÏ ½Ã½ºÅÛÀº ½ÇÁ¦·Î µð½ºÅ©¿¡ Á¸ÀçÇÏ´Â ºÎºÐÀÌ ¾Æ´Ï°í ¸Þ¸ð¸®»ó¿¡ Á¸ÀçÇÏ´Â ºÎºÐÀ¸·Î Ä¿³Î Áï ½Ã½ºÅÛ¿¡ ´ëÇÑ Á¤º¸¸¦ °¡Áö°í ÀÖ´Â ÆÄÀÏ ½Ã½ºÅÛÀÌ´Ù ------------------------------- 13. ÆÄƼ¼Ç¿¡ ´ëÇÏ¿© ¼³¸íÇϽÿÀ ------------------------------- ÆÄƼ¼ÇÀº µð½ºÅ©¸¦ »ç¿ëÇϱ⠽±µµ·Ï ³ª´©´Â °ÍÀÌ´Ù. ¹°¸®ÀûÀ¸·Î´Â Æ®·¢À¸·Î ³ª´©°í ³í¸®ÀûÀ¸·Î ¼½ÅÍ·Î ³ª´©¾î I/O ½Ã½ºÅÛ¿¡¼­ º¸´Ù ºü¸¥ ¼º´ÉÀ» Á¦°øÇÑ´Ù ---------------------------------------------------------------------------------------------------------------------------- 14. mount¿¡ ´ëÇÏ¿© ¼³¸íÇÏ°í /etc/fstabÆÄÀÏÀÇ ³»¿ë Áß¿¡¼­ /tmp µð·ºÅ丮¿¡ setuid, setgid¸¦ ±ÝÁöÇÏ°í ½ÇÇà±ÇÇÑÀ» ¾ø¾Ö°íÀÚ ÇÑ´Ù. ¾î¶»°Ô ÇÏ¿©¾ß ÇÏ´ÂÁö ¼³¸íÇϽÿÀ ---------------------------------------------------------------------------------------------------------------------------- LABEL=/ / ext3 defaults 1 1 LABEL=/boot /boot ext3 defaults 1 2 none /dev/pts devpts gid=5,mode=620 0 0 LABEL=/home /home ext3 defaults 1 2 none /proc proc defaults 0 0 none /dev/shm tmpfs defaults 0 0 LABEL=/tmp /tmp ext3 defaults 1 2 LABEL=/usr /usr ext3 defaults 1 2 LABEL=/var /var ext3 defaults 1 2 /dev/sda6 swap swap defaults 0 0 /dev/cdrom /mnt/cdrom udf,iso9660 noauto,owner,kudzu,ro 0 0 /dev/fd0 /mnt/floppy auto noauto,owner,kudzu 0 0 mount - ÆÄÀϽýºÅÛ ±¸Á¶ ³»¿¡ ÀÖ´Â ÀÏ·ÃÀÇ ÆÄÀϵéÀ» »ç¿ëÀÚ³ª »ç¿ëÀÚ ±×·ìµéÀÌ ÀÌ¿ëÇÒ ¼ö ÀÖµµ·Ï ¸¸µå´Â °Í LABEL=/tmp /tmp ext3 defaults 1 2 LABEL=/tmp /tmp ext3 defaults,nosuid,noexec 1 2 À§¿Í °°Àº ÇüÅ·Πº¯°æÇÑ´Ù # mount -o remount /tmp - /tmp µð·ºÅ丮¸¦ ´Ù½Ã ¸¶¿îÆ® ½ÃŲ´Ù ************************************************************** ¦®¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¯ ¦­¸®´ª½º ½Ã½ºÅÛ ÃÖÁ¾Å×½ºÆ® ¹®Á¦ ¦­ ¦±¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦¬¦° ************************************************************** ------------------------------------------------------------------------- 1. ¸®´ª½º ¸í·É¾î Áß ³×Æ®¿öÅ©¿Í °ü·ÃµÈ ¸ðµç ¸í·É¾î¿Í ±×¿¡ ´ëÇØ ¼³¸íÇϽÿÀ ------------------------------------------------------------------------- netstat, dig, arp, nslookup, traceroute, route --------------------------------------------------------- 2. ³×Æ®¿öÅ© ¼³Á¤ Áß °¡»ó ÀÎÅÍÆäÀ̽º¿¡ ´ëÇÏ¿© ¼³¸íÇϽÿÀ. --------------------------------------------------------- ÇϳªÀÇ ¹°¸®Àû ³×Æ®¿öÅ© ÀÎÅÍÆäÀ̽º¿¡ ¿©·¯°³ÀÇ IP¸¦ ºÎ¿©ÇÏ¿© ³×Æ®¿öÅ© »ç¿ëÈ¿À²À» ±Ø´ëÈ­ÇÒ ¼ö ÀÖ´Ù ÁÖ·Î À¥È£½ºÆþ÷ü¿¡¼­ ¸¹ÀÌ »ç¿ëÇÑ´Ù ÁÖÀÇ»çÇ×. ³×Æ®¿öÅ© ´ë¿ªÆø º¸´Ù ¸¹Àº µ¥ÀÌÅÍ°¡ ¼Û¼ö½ÅµÇ¸é À̶§ ¼­¹ö´Â ´Ù¿îÀÌ µÇ´Â Çö»óÀÌ ¹ß»ýÇÑ´Ù. ------------------------------------------------------------------------------------------------------------ 3. ³×Æ®¿öÅ© ¼³Á¤ IP¸¦ 192.168.100.10, netmask 255.255.255.0, °ÔÀÌÆ®¿þÀ̸¦ 192.168.100.1 ·Î ¹Ù²Ù°íÀÚ ÇÑ´Ù. ¾î¶² ÆÄÀÏÀ» ¼öÁ¤ÇÏ°í ¼­ºñ½º¸¦ Àç½ÇÇà½ÃÄÑ¾ß ÇÏ´ÂÁö ¼³¸íÇϽÿÀ. ------------------------------------------------------------------------------------------------------------ # vi /etc/sysconfig/network-scripts/ifcfg-eth0 # /etc/rc.d/init.d/network restart ȤÀº # netconfig # service network restart -------------------------------------- 4. Ä¿³Î ÄÄÆÄÀÏÀ» ¿Ö ÇÏ´ÂÁö ¼³¸íÇϽÿÀ -------------------------------------- Ä¿³ÎÀÇ º¸¾È»ó Ãë¾àÁ¡À» ÇØ°áÇÏ°í Áö¿ø°¡´ÉÇÑ Çϵå¿þ¾î Á¾·ù°¡ Áõ°¡ÇÏ°í ½Ã½ºÅÛ¿¡¼­ ºÒÇÊ¿äÇÑ Çϵå¿þ¾î µîÀ» »èÁ¦ °¡´ÉÇϱ⠶§¹®¿¡ ÄÄÆÄÀÏÀ» ÇÑ´Ù -------------------------------------------------------------------------------------------------- 5. /etc/passwd ¶ó´Â ÆÄÀÏÀÇ Æ۹̼ÇÀ» ¼ÒÀ¯ÀÚ´Â Àаí, ¾²±â °¡´ÉÇÏ°í ±×·ìÀº Àб⸸ °¡´ÉÇÏ°í ±× ¿ÜÀÇ »ç¿ëÀÚµéÀº ¾Æ¹«±ÇÇÑÀ» ÁÖÁö ¾Ê°íÀÚ ÇÑ´Ù. ¾î¶² ¸í·É¾î·Î ¾î¶»°Ô ¼³Á¤ÇØ¾ß ÇÏ´ÂÁö ¼³¸íÇϽÿÀ. -------------------------------------------------------------------------------------------------- # chmod 640 /etc/passwd ------------------------------------------------- 6. Setuid, Setgid, Sticky bit¿¡ ´ëÇÏ¿© ¼³¸íÇϽÿÀ ------------------------------------------------- Setuid : µð·ºÅ丮, ÆÄÀÏÀ» ½ÇÇàÀ» ÇÒ¶§ µð·ºÅ丮, ÆÄÀÏÀ» ¸¸µé¾ú´ø À¯ÀúÀÇ ±ÇÇÑÀ» °¡Áö°Ô µÈ´Ù Setgid : Setuid¿Í ºñ½ÁÇÏÁö¸¸ ´ÜÁö À¯Àú°¡ ¾Æ´Ñ ±×·ì¿¡ ´ëÇÑ ±ÇÇÑÀ» °¡Áö°Ô µÈ´Ù Sticky bit : ¿¹¸¦ µé¸é /tmp À̸ç À̶§´Â ÀÚ½ÅÀÌ ¸¸µç µð·ºÅ丮, ÆÄÀÏ ÀÌ¿Ü¿¡´Â ´Ù¸¥ À¯Àú°¡ ¸¸µç µð·ºÅ丮, ÆÄÀÏ µîÀ» »èÁ¦Çϰųª ¼öÁ¤ ÇÒ ¼ö ¾ø°ÔµÈ´Ù. ------------------------------------ 7. quota¸¦ ¿Ö »ç¿ëÇÏ´ÂÁö ¼³¸íÇϽÿÀ ------------------------------------ »ç¿ëÀÚº°·Î µð½ºÅ© »ç¿ë·®À» Á¦ÇÑ ÀÖÀ¸¸ç È¿À²ÀûÀ¸·Î µð½ºÅ©¸¦ °ü¸® ÇÒ ¼ö ÀÖ°Ô²û ÇÑ´Ù. ------------------------------------------------- 8. tripwire¿Í COPS¿¡ ´ëÇÏ¿© °£´ÜÇÏ°Ô ¼³¸íÇϽÿÀ ------------------------------------------------- tripwire ½Ã½ºÅÛ ÆÄÀÏÀÇ ¹«°á¼ºÀ» °Ë»çÇÑ´Ù. À̶§ µ¥ÀÌÅͺ£À̽º¸¦ ±âÃÊ·Î ÇÏ¿© ¹«°á¼º °Ë»ç¸¦ ÇÑ´Ù. COPS Computer Oracle Password System ½Ã½ºÅÛ º¸¾È °¨½ÃÈ°µ¿À» ÀÚµ¿È­ÇØÁÖ´Â ÇÁ·Î±×·¥ÀÇ ÁýÇÕÀÌ´Ù. ´Ü ¹®Á¦¹ß»ý½Ã ÀÚµ¿ÀûÀ¸·Î º¹±¸´Â Áö¿øÇÏÁö ¾Ê°í »ç¿ëÀÚ°¡ ÀÌ¿¡ ´ëÇÏ¿© Á¶Ä¡¸¦ ÇØ¾ß ÇÑ´Ù -------------------------------------------------------------------------- 9. ·Î±× Áß /var/log/lastlog¿Í /var/log/messages¿¡ ´ëÇÏ¿© °¢°¢ ¼³¸íÇϽÿÀ. -------------------------------------------------------------------------- /var/log/lastlog °¢ °èÁ¤µéÀÇ °¡Àå ÃÖ±Ù ·Î±×Àαâ·ÏÀ» ÇÏ´Â ÆÄÀÏ ¹ÙÀ̳ʸ®ÆÄÀϷμ­ last¶ó´Â ¸í·É¾î·Î È®ÀÎ °¡´É /var/log/messages ½Ã½ºÅÛ ·Î±×ÆÄÀÏ·Î Àü¹ÝÀûÀÎ ·Î±×µéÀÌ ³²°í ÀÏ¹Ý ÅؽºÆ® ±â¹ÝÀÌ¶ó º°µµÀÇ ¸í·É¾î°¡ ¾Æ´Ñ vi, cat, moreµîÀ¸·Î º¼ ¼ö ÀÖ´Ù -------------------------------------------------------------------------- 10. °ø°ÝÀÚ°¡ ½Ã½ºÅÛ¿¡ µé¾î¿Í¼­ root¿¡ ÀÖ´Â history ³»¿ëÀ» Áö¿ì°íÀÚ ÇÑ´Ù. ¾î¶»°Ô Çϸé root¿¡ ÀÖ´Â history ³»¿ëÀ» Áö¿ï ¼ö ÀÖ´ÂÁö ¼³¸íÇϽÿÀ. -------------------------------------------------------------------------- # rm -rf /.bash_history # ln -s /dev/null /.bash_history ------------------------------------------------------------------------------- 11. µ¥¸ó¿¡ ´ëÇØ ¼³¸íÇÏ°í, Xinetd ¹æ½Ä°ú Standalone ¹æ½ÄÀÇ Â÷ÀÌÁ¡À» ¼³¸íÇϽÿÀ ------------------------------------------------------------------------------- xinetd=inetd=superdaemon¹æ½Ä - ¼­ºñ½º°¡ ¿äûÀÌ µÇ¸é ÇÊ¿äÇÑ ÇÁ·Î¼¼½º¸¦ ±ú¿ö¼­ ¼­ºñ½º¸¦ Á¦°ø, ¼Óµµ´Â ´À¸®°í, ÀÚ¿øÀÇ ³¶ºñ°¡ Àû´Ù ftp µî°ú °°Àº ÇÁ·Î¼¼½º µéÀÌ ÀÌ¿¡ ÇØ´ç Standalone¹æ½Ä - Ç×»ó ÀÀ´ä´ë±â »óÅ·Π¼Óµµ´Â ºü¸£³ª, ÀÚ¿øÀÇ ³¶ºñ°¡ ¸¹´Ù httpd, dns µî°ú °°Àº ÇÁ·Î¼¼½º µéÀÌ ÀÌ¿¡ ÇØ´ç -------------------------------- 12. ¾Æ·¡ÀÇ ¹®Á¦¸¦ ÀÐ°í ´äÇϽÿÀ. -------------------------------- lab1) # tar zxvf filename.tar.gz ¿¡ ´ëÇÏ¿© ¼³¸íÇϽÿÀ filename.tar.gzÆÄÀÏÀ» ¾ÐÃàÀ» ÇØÁ¦ÇÑ´Ù ÁøÇà°úÁ¤µµ º¸¿©ÁÖ°Ú´Ù lab2) # tar jcvf filename.tar.bz2 file1 file2 /dir1 ¿¡ ´ëÇÏ¿© ¼³¸íÇϽÿÀ file1, file2, dir1µð·ºÅ丮¸¦ filename.tar.bz2·Î ÆÄÀÏÀ» ¹­¾î¼­ ¾ÐÃàÀ» ÇÏ°Ú´Ù ÁøÇà°úÁ¤µµ º¸¿©ÁÖ°Ú´Ù -------------------------------------------------------------------------------------------------------------------- 13. /etc/rc.d/init.d/sagentd¶ó´Â µ¥¸óÀÌ Á¸ÀçÇÑ´Ù. runlevel3·Î ºÎÆýà À§ÀÇ µ¥¸óÀÌ ½ÇÇàµÇ°Ô ÇÏ¿©¾ß ÇÑ´Ù. /etc/rc.d/rc3.d µð·ºÅ丮¿¡ ¾î¶»°Ô ¼³Á¤À» ÇÏ¿©¾ß runlevel3·Î ½ÇÇàÀÌ µÇ´ÂÁö ¼³¸íÇϽÿÀ. (ÀÌ ¶§ ln ¸í·ÉÀ» ÀÌ¿ëÇÏ¿©ÇÔ) -------------------------------------------------------------------------------------------------------------------- # ln -s /etc/init.d/sagentd /etc/rc.d/rc3.d/S90sagentd # ln -s /etc/init.d/sagentd /etc/rc.d/rc3.d/Ssagentd **************************************************************