且不谈黑客、Rocky窃以为、nmap 用来侦测自己服务器的安全性是很不错的一个选择
倘若嗅探别人的主机、或许会被 TCP_Wrappers 记录曾经侦测过该 port 的 IP、那么这样做可是会吃官司的
另外、nmap 学问很深、有兴趣的朋友可作深入理解、这里简列几点
㈠ 使用默认参数扫描本机所启用的端口
[root@Rocky ~]# nmap localhost Starting Nmap 6.25 ( http://nmap.org ) at 2013-04-02 15:04 CST Nmap scan report for localhost (127.0.0.1) Host is up (0.000025s latency). rDNS record for 127.0.0.1: localhost.localdomain Not shown: 994 closed ports PORT STATE SERVICE 22/tcp open ssh 25/tcp open smtp 111/tcp open rpcbind 631/tcp open ipp 3306/tcp open mysql 5989/tcp open wbem-https Nmap done: 1 IP address (1 host up) scanned in 0.39 seconds
STATE 状态有 6 种:
① open:端口是开放的
② closed:端口是关闭的
③ filtered:端口被防火墙IDS/IPS屏蔽,无法确定其状态
④ unfiltered:端口没有被屏蔽,但是否开放需要进一步确定
⑤ open|filtered:端口是开放的或被屏蔽
⑥ closed|filtered :端口是关闭的或被屏蔽
㈡ 同时分析 TCP/UDP 协议
nmap -sTU localhost
㈢ 获取工作环境中存活的主机
nmap -sP 192.168.1.*
最近游戏服务器硬盘爆满。
奇怪的是用 du /opt/
看只有25g
但是df看
却是
檔案系統 容量 已用 可用 已用% 掛載點
/dev/sda5 195G 23G 163G 13% /
/dev/sda2 68G 65G 0 100% /opt
/dev/sda1 99M 12M 82M 13% /boot
tmpfs 16G 0 16G 0% /dev/shm
搞不明白为什么会是65g
在/opt/目录下执行 du --max-depth=1 -h
也只是20多G
后来无意间发现
lsof |grep delete命令可以查看已经删除的但是系统仍然在用的文件这些文件不会释放磁盘空间
才看到 有很多这样的资源 导致硬盘爆满
mysqld 1859 mysql 4u REG 8,5 0 45645829 /tmp/ibWdlI73 (deleted)
mysqld 1859 mysql 5u REG 8,5 0 45645830 /tmp/ib7hOICX (deleted)
mysqld 1859 mysql 6u REG 8,5 0 45645831 /tmp/ib2DrJ7Q (deleted)
mysqld 1859 mysql 7u REG 8,5 0 45645832 /tmp/ibP15b4K (deleted)
mysqld 1859 mysql 34u REG 8,5 0 45645833 /tmp/ibGnNBCG (deleted)
nginx 5135 root 2w REG 8,2 8201036 16564486 /opt/nginx/logs/error.log (deleted)
nginx 5135 root 4w REG 8,2 40241299485 16564444 /opt/nginx/logs/access.log (deleted)
nginx 5135 root 5w REG 8,2 8201036 16564486 /opt/nginx/logs/error.log (deleted)
nginx 5136 nobody 2w REG 8,2 8201036 16564486 /opt/nginx/logs/error.log (deleted)
nginx 5136 nobody 4w REG 8,2 40241299485 16564444 /opt/nginx/logs/access.log (deleted)
nginx 5136 nobody 5w REG 8,2 8201036 16564486 /opt/nginx/logs/error.log (deleted)
nginx 5137 nobody 2w REG 8,2 8201036 16564486 /opt/nginx/logs/error.log (deleted)
nginx 5137 nobody 4w REG 8,2 40241299485 16564444 /opt/nginx/logs/access.log (deleted)
nginx 5137 nobody 5w REG 8,2 8201036 16564486 /opt/nginx/logs/error.log (deleted)
nginx 5138 nobody 2w REG 8,2 8201036 16564486 /opt/nginx/logs/error.log (deleted)
nginx 5138 nobody 4w REG 8,2 40241299485 16564444 /opt/nginx/logs/access.log (deleted)
nginx 5138 nobody 5w REG 8,2 8201036 16564486 /opt/nginx/logs/error.log (deleted)
nginx 5139 nobody 2w REG 8,2 8201036 16564486 /opt/nginx/logs/error.log (deleted)
nginx 5139 nobody 4w REG 8,2 40241299485 16564444 /opt/nginx/logs/access.log (deleted)
nginx 5139 nobody 5w REG 8,2 8201036 16564486 /opt/nginx/logs/error.log (deleted)
java 15027 root 11w REG 8,2 3911 15518134 /opt/tomcat.wgame/logs/logs.20130328/catalina.2013-03-28.log (deleted)
java 15027 root 12w REG 8,2 2058 15518161 /opt/tomcat.wgame/logs/logs.20130328/localhost.2013-03-28.log (deleted)
java 15027 root 13w REG 8,2 0 15518172 /opt/tomcat.wgame/logs/logs.20130328/manager.2013-03-28.log (deleted)
java 15027 root 14w REG 8,2 0 15518184 /opt/tomcat.wgame/logs/logs.20130328/admin.2013-03-28.log (deleted)
java 15027 root 15w REG 8,2 0 15518185 /opt/tomcat.wgame/logs/logs.20130328/host-manager.2013-03-28.log (deleted)
java 15027 root 63w REG 8,2 165413 15518332 /opt/tomcat.wgame/logs/wgame_s1_s2-deleteItemJob.log
java 15027 root 97w REG 8,2 10436 15518319 /opt/tomcat.wgame/logs/wgame_s3-deleteBattlefieldJob.log
java 15027 root 103w REG 8,2 10437 15518322 /opt/tomcat.wgame/logs/wgame_s1_s2-deleteBattlefieldJob.log
java 15027 root 104w REG 8,2 9850 15518323 /opt/tomcat.wgame/logs/wgame-deleteBattlefieldJob.log
java 15027 root 111w REG 8,2 272 15518331 /opt/tomcat.wgame/logs/wgame-deleteItemJob.log
java 15027 root 113w REG 8,2 172381 15518334 /opt/tomcat.wgame/logs/wgame_s3-deleteItemJob.log
mysqld_sa 23075 root 0u CHR 136,1 3 /dev/pts/1 (deleted)
mysqld_sa 23075 root 1u CHR 136,1 3 /dev/pts/1 (deleted)
mysqld_sa 23075 root 2u CHR 136,1 3 /dev/pts/1 (deleted)
实验二十 SCVMM中Server APP-v应用程序序列化
对于传统的服务器程序,管理员可以使用 Server App-V 进行序列化,同时部署服务器和程序。
说明:环境基于实验十九,另外准备一台windows Server 2012服务器名为Sequence不用加入域,用于安装Server App-v Sequencer 服务
1首先登陆我们的FS库服务器,创建两个个共享文件夹分别为ApplicationFrameworks和App-v
2登陆SCVMM1服务器打开VMM控制台,在库中添加ApplicationFramworks文件夹和App-v文件夹,然后把ServerApp-v Sequence工具包导入到库的ApplicationFramworks文件夹中(注意:这些工具包如果是独立的vmm服务器在安装完成后会在默认的库中,如果是VMM群集那么就需要自己导入)
2登陆Sequence服务器,从库中下载ServerApp-v Sequence工具包然后安装
3安装完Server App-vSequencer服务后,打开Sequence应用程序,然后创建Adobe readerd的虚拟应用程序包,创建完成后把虚拟应用程序包上传到SCVMM1服务器
4在SCVMM1服务器把虚拟应用程序包导入库中的App-v文件夹,然后创建VM的模版并配置应用程序(注意:脚本中的配置和超时时间应该设置长一点)
5创建服务的模版,然后配置部署,最后部署服务(测试环境比较慢)
6测试验证
安装过程视频分享http://pan.baidu.com/share/link?shareid=368239&uk=1025659618