同事反應沒有辦法上傳檔案到某一台Windows 2000的主機
(天曉得那台是哪台,我根本沒管過呀)
連上去一看,C:\InetPub\wwwrooot之下多了好多個奇怪的檔名和目錄
那些名稱有的是一個空白,二個空白,com、lpt...反正一看就知道事情大條了
利用朋友提供的偏方,unlocker, killbox, cview for dos, 4nt, deltree for nt,取得擁有權...
通通沒有用
在資安論壇上看到一篇請問如何刪除 FTP Server 被入侵後建立的奇怪目錄名稱 ?
學到了幾招
其中用 dir /x 找到 8.3檔名,配合 rd /s /q 刪除,可以解決部份檔案、目錄的問題
再配合 DirectoryFix把那些保留字的檔案、目錄做改名的動作,再去刪除
雖然是治標而已,但是好過重灌
後來看到另一招,使用FlashFXP連上去
當做 PubDownloader 去反向操作,刪去這些檔案、目錄
希望不要有機會試用這招
2007/11/28
2007/11/24
How to flush dns cache in linux
好久沒有認真的做學習了#^_^#
在 Windows裡練習 DNS的架設與實做,常會用 ipconfig/flushdns 來輔助操作
但是在 Linux的環境就一直沒有去查詢
之前都是在ifconfig裡去看 man page,但始終沒有發現類似的參數、選項
原來 linux裡有獨立的服務在負責 cache的部份 Name Service Cache Daemon
#rcnscd restart 即可
在 Windows裡練習 DNS的架設與實做,常會用 ipconfig/flushdns 來輔助操作
但是在 Linux的環境就一直沒有去查詢
之前都是在ifconfig裡去看 man page,但始終沒有發現類似的參數、選項
原來 linux裡有獨立的服務在負責 cache的部份 Name Service Cache Daemon
#rcnscd restart 即可
真的不能跑Virutal Host with SSL ?
文章來源 http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html
Why can't I use SSL with name-based/non-IP-based virtual hosts?
The reason is very technical, and a somewhat "chicken and egg" problem. The SSL protocol layer stays below the HTTP protocol layer and encapsulates HTTP. When an SSL connection (HTTPS) is established Apache/mod_ssl has to negotiate the SSL protocol parameters with the client. For this, mod_ssl has to consult the configuration of the virtual server (for instance it has to look for the cipher suite, the server certificate, etc.). But in order to go to the correct virtual server Apache has to know the Host HTTP header field. To do this, the HTTP request header has to be read. This cannot be done before the SSL handshake is finished, but the information is needed in order to complete the SSL handshake phase. Bingo!
Why is it not possible to use Name-Based Virtual Hosting to identify different SSL virtual hosts?
Name-Based Virtual Hosting is a very popular method of identifying different virtual hosts. It allows you to use the same IP address and the same port number for many different sites. When people move on to SSL, it seems natural to assume that the same method can be used to have lots of different SSL virtual hosts on the same server.
It comes as rather a shock to learn that it is impossible.
The reason is that the SSL protocol is a separate layer which encapsulates the HTTP protocol. So the SSL session is a separate transaction, that takes place before the HTTP session has begun. The server receives an SSL request on IP address X and port Y (usually 443). Since the SSL request does not contain any Host: field, the server has no way to decide which SSL virtual host to use. Usually, it will just use the first one it finds, which matches the port and IP address specified.
You can, of course, use Name-Based Virtual Hosting to identify many non-SSL virtual hosts (all on port 80, for example) and then have a single SSL virtual host (on port 443). But if you do this, you must make sure to put the non-SSL port number on the NameVirtualHost directive, e.g.
NameVirtualHost 192.168.1.1:80
Other workaround solutions include:
Using separate IP addresses for different SSL hosts. Using different port numbers for different SSL hosts.
所以,在 3073的LAB題組可能要留意一下了...
Why can't I use SSL with name-based/non-IP-based virtual hosts?
The reason is very technical, and a somewhat "chicken and egg" problem. The SSL protocol layer stays below the HTTP protocol layer and encapsulates HTTP. When an SSL connection (HTTPS) is established Apache/mod_ssl has to negotiate the SSL protocol parameters with the client. For this, mod_ssl has to consult the configuration of the virtual server (for instance it has to look for the cipher suite, the server certificate, etc.). But in order to go to the correct virtual server Apache has to know the Host HTTP header field. To do this, the HTTP request header has to be read. This cannot be done before the SSL handshake is finished, but the information is needed in order to complete the SSL handshake phase. Bingo!
Why is it not possible to use Name-Based Virtual Hosting to identify different SSL virtual hosts?
Name-Based Virtual Hosting is a very popular method of identifying different virtual hosts. It allows you to use the same IP address and the same port number for many different sites. When people move on to SSL, it seems natural to assume that the same method can be used to have lots of different SSL virtual hosts on the same server.
It comes as rather a shock to learn that it is impossible.
The reason is that the SSL protocol is a separate layer which encapsulates the HTTP protocol. So the SSL session is a separate transaction, that takes place before the HTTP session has begun. The server receives an SSL request on IP address X and port Y (usually 443). Since the SSL request does not contain any Host: field, the server has no way to decide which SSL virtual host to use. Usually, it will just use the first one it finds, which matches the port and IP address specified.
You can, of course, use Name-Based Virtual Hosting to identify many non-SSL virtual hosts (all on port 80, for example) and then have a single SSL virtual host (on port 443). But if you do this, you must make sure to put the non-SSL port number on the NameVirtualHost directive, e.g.
NameVirtualHost 192.168.1.1:80
Other workaround solutions include:
Using separate IP addresses for different SSL hosts. Using different port numbers for different SSL hosts.
所以,在 3073的LAB題組可能要留意一下了...
2007/11/15
蘇永康 SoNice
上星期跑去聽蘇永康的演唱會
這好像是第一次花錢去聽演唱會吧
其實我也不是蘇永康的歌迷,不過在學生時期還蠻常聽他的歌的
我的座位旁是一個從台南上來的(真.歌迷)
還沒開始前,他就在問捷運最晚是幾點的,從台北國際會議中心到車站大概要多久時間...
他很擔心趕不上火車,又怕沒辦法聽完安可曲
然而,預訂開場時間是19:30,卻一直到19:50才開始
而且一直到節目開始,都還是有人陸續進場
就像看電影一樣,人影走來走去的
與星期天去苗栗參加喜宴的感覺相比
不禁覺得,台北人都這麼習慣不守時嗎?
這好像是第一次花錢去聽演唱會吧
其實我也不是蘇永康的歌迷,不過在學生時期還蠻常聽他的歌的
我的座位旁是一個從台南上來的(真.歌迷)
還沒開始前,他就在問捷運最晚是幾點的,從台北國際會議中心到車站大概要多久時間...
他很擔心趕不上火車,又怕沒辦法聽完安可曲
然而,預訂開場時間是19:30,卻一直到19:50才開始
而且一直到節目開始,都還是有人陸續進場
就像看電影一樣,人影走來走去的
與星期天去苗栗參加喜宴的感覺相比
不禁覺得,台北人都這麼習慣不守時嗎?
2007/11/06
無法為 Script "XXX.VBS"找到Script引擎 "VBScript"
同事的電腦出現的怪訊息
會造成所有VBScript 或 JavaScript的程式沒有反應
利用Google查到的解決方法:
首先檢查 c:\windows\system32\wscript.exe 是否存在,如果不存在,請到 Mcirosoft 下載 WSH
如果存在,就進行下列二項元件的註冊:
regsvr32 VBScript
regsvr32 JScript
應該可以修正問題
不過很可惜的,造成這種現象的原因不明...
(同事表示,沒有做什麼特別的事啊)
會造成所有VBScript 或 JavaScript的程式沒有反應
利用Google查到的解決方法:
首先檢查 c:\windows\system32\wscript.exe 是否存在,如果不存在,請到 Mcirosoft 下載 WSH
如果存在,就進行下列二項元件的註冊:
regsvr32 VBScript
regsvr32 JScript
應該可以修正問題
不過很可惜的,造成這種現象的原因不明...
(同事表示,沒有做什麼特別的事啊)
訂閱:
文章 (Atom)