April
24th
2009
24款别出心裁的马克杯
评分: 
Loading ...April, 2009的归档
LikeApril
23rd
2009
关闭Apache的目录浏览功能
评分:
Loading ...默认情况下,Apache是打开目录浏览功能的,其配置文件/etc/httpd/conf/httpd.conf中有如下参数:
Options Indexes FollowSymLinks
……
也就是说,在目录下没有默认首页面(如:index.html index.php等)时,可以让用户直接浏览web目录架构,这可能会导致一些重要的目录或配置文件被公开。
通常在Web应用上也会做一些安全考虑,一些目录下会有类似的文件:
# cat inc/index.php
<?php
die (’Access Denied’);
?>
这样,可以避免用户直接浏览该目录时,看到整个目录结构。但如果访问它下面的子目录就没什么作用了,所以,这还是不太安全。
安全起见,我建议还是把Indexes选项关闭比较好,方法有两种:
阅读全文 »
April
1st
2009
Take Steps to Avoid April 1st Virus
评分:
Loading ...The Conficker worm, a nasty computer infection that has poisoned millions of PCs, will start ramping up its efforts Wednesday to use those machines for cybercrimes. It’s unclear whether everyday PC users will even notice, but this is as good an excuse as any to make sure your computer is clean.
There are some easy ways to figure out whether a computer has the Conficker worm, and free tools available for getting rid of it.
One scary thing about Conficker is that it spreads without human involvement, moving from PC to PC by exploiting a security hole in Microsoft Corp.’s Windows operating system. The hole was fixed in October, but if your computer doesn’t get automatic updates from Microsoft, you could be vulnerable.
Lots of computer worms disable antivirus software outright, which can be a tip-off that something is wrong. But Conficker doesn’t do that. Instead, Conficker blocks infected PCs from accessing the antivirus vendors’ and Microsoft’s Web sites, so victims won’t get automatic updates and can’t download the Conficker removal tools that those companies have developed.
So see what Web sites you can visit. If you can navigate the Internet freely except for sites owned by Microsoft or antivirus vendors such as Symantec Corp., McAfee Inc. or F-Secure Corp., your PC might have Conficker or a similar bug.
Fixing the problem gets a little trickier.
阅读全文 »
