使用Web Based Shell进行登录管理操作

 未分类  No Responses »
4 月 202016
 

Web based AJAX terminal emulator

安装EPEL源

[root@localhost ~]# yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
[root@localhost ~]# yum makecache

查看软件包描述信息

shell-in-a-box-install-and-config-01

安装shellinabox软件包

[root@localhost ~]# yum install shellinabox

查看shellinabox软件包安装路径和文件

[root@localhost ~]# rpm -lq shellinabox
/etc/rc.d/init.d/shellinaboxd
/etc/sysconfig/shellinaboxd
/usr/sbin/shellinaboxd
/usr/share/doc/shellinabox-2.19
/usr/share/doc/shellinabox-2.19/AUTHORS
/usr/share/doc/shellinabox-2.19/COPYING
/usr/share/doc/shellinabox-2.19/GPL-2
/usr/share/doc/shellinabox-2.19/NEWS
/usr/share/doc/shellinabox-2.19/README
/usr/share/doc/shellinabox-2.19/README.Fedora
/usr/share/doc/shellinabox-2.19/print-styles.css
/usr/share/doc/shellinabox-2.19/shell_in_a_box.js
/usr/share/doc/shellinabox-2.19/styles.css
/usr/share/man/man1/shellinaboxd.1.gz
/usr/share/shellinabox
/usr/share/shellinabox/color.css
/usr/share/shellinabox/monochrome.css
/usr/share/shellinabox/white-on-black.css
/var/lib/shellinabox
[root@localhost ~]#

启动服务

[root@localhost ~]# service shellinaboxd start
Starting shellinaboxd: [ OK ]
[root@localhost ~]#

查看端口监听

[root@localhost ~]# netstat -ltn |grep 4200
tcp 0 0 0.0.0.0:4200 0.0.0.0:* LISTEN
[root@localhost ~]#

新建用户并设置密码

[root@localhost ~]# useradd harveymei
[root@localhost ~]# passwd harveymei
Changing password for user harveymei.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
[root@localhost ~]#

使用浏览器访问Shell In A Box服务,忽略证书安全提示并继续shell-in-a-box-install-and-config-02

出现登录提示符

shell-in-a-box-install-and-config-03

登录,并执行命令操作

shell-in-a-box-install-and-config-04

退出shell后,点击Connect可重新开始登录会话

shell-in-a-box-install-and-config-05

主配置文件

[root@localhost ~]# vi /etc/sysconfig/shellinaboxd

shell-in-a-box-install-and-config-06

DigitalOcean PPTP VPN防火墙配置

 未分类  No Responses »
4 月 152016
  
# Generated by iptables-save v1.4.7 on Fri Dec 25 01:45:04 2015
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [74:7304]
-A INPUT -p gre -j ACCEPT
-A INPUT -p tcp -m tcp --dport 1723 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Fri Dec 25 01:45:04 2015
# Generated by iptables-save v1.4.7 on Fri Dec 25 01:45:04 2015
*nat
:PREROUTING ACCEPT [16:1307]
:POSTROUTING ACCEPT [2:180]
:OUTPUT ACCEPT [2:180]
-A POSTROUTING -s 10.0.192.0/24 -o eth0 -j SNAT --to-source 198.199.110.213
COMMIT
# Completed on Fri Dec 25 01:45:04 2015

Windows Server禁用SSL3.0/RC4设置

 未分类  No Responses »
4 月 132016
 

SSL 3.0

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client]
 "DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server]
 "Enabled"=dword:00000000

RC4

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128/128]
 "Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128]
 "Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128]
 "Enabled"=dword:00000000