📄 1089.html
字号:
<HTML><HEAD><TITLE>
linux知识宝库/网络安全/用LIDS增强Linux系统安全</TITLE>
<META http-equiv=content-type content="text/html; charset=gb2312">
<META content=linuxtips,linux,php,mysql,apache name=keywords>
<STYLE type=text/css>A:link {
COLOR: #666666; TEXT-DECORATION: underline
}
A:active {
COLOR: #666666; TEXT-DECORATION: underline
}
A:visited {
COLOR: #666666; TEXT-DECORATION: underline
}
A:hover {
COLOR: #708090; TEXT-DECORATION: none
}
.articletitle {
FONT-WEIGHT: bold; FONT-SIZE: 18px; COLOR: #335588; LINE-HEIGHT: 26px; FONT-FAMILY: trebuchet ms, arial, verdana, helvetica, sans-serif; TEXT-DECORATION: none
}
INPUT {
FONT-WEIGHT: normal; FONT-SIZE: 11px; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋体
}
TEXTAREA {
FONT-WEIGHT: normal; FONT-SIZE: 11px; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋体
}
.bginput {
BORDER-RIGHT: #999999 1px solid; BORDER-TOP: #999999 1px solid; FONT-SIZE: 8pt; BORDER-LEFT: #999999 1px solid; BORDER-BOTTOM: #999999 1px solid; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; BACKGROUND-COLOR: #f9f9f9
}
.text {
BORDER-RIGHT: #cccccc 1px solid; BORDER-TOP: #666666 1px solid; BORDER-LEFT: #666666 1px solid; BORDER-BOTTOM: #cccccc 1px solid
}
SELECT {
FONT-WEIGHT: normal; FONT-SIZE: 12px; COLOR: #000000; FONT-FAMILY: 宋体; BACKGROUND-COLOR: #ffffff
}
.firstalt {
BACKGROUND-COLOR: #eeeeee
}
.secondalt {
BACKGROUND-COLOR: #ffffff
}
.bigfont {
FONT-SIZE: 45px; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋体
}
.normalfont {
FONT-SIZE: 12px; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋体
}
.middlefont {
FONT-SIZE: 11px; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋体
}
.smallfont {
FONT-SIZE: 9px; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋体
}
.smallbold {
FONT-WEIGHT: bold; COLOR: #000000
}
.articletitle {
FONT-WEIGHT: bold; FONT-SIZE: 18px; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋体
}
.subhead {
FONT-WEIGHT: bold; FONT-SIZE: 13px; COLOR: #006699; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋体
}
#content A:link {
COLOR: #3366cc; TEXT-DECORATION: underline
}
#content A:active {
COLOR: #3366cc; TEXT-DECORATION: underline
}
#content A:visited {
COLOR: #3366cc; TEXT-DECORATION: underline
}
#content A:hover {
COLOR: #9966cc; TEXT-DECORATION: none
}
.content {
FONT-SIZE: 14px; LINE-HEIGHT: 130%; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋体
}
.titlefont {
FONT-SIZE: 12px; COLOR: #ffffff; FONT-FAMILY: verdana, arial, helvetica, sans-serif,宋体
}
.bodyline {
BORDER-RIGHT: #aebdc4 1px solid; BORDER-TOP: #aebdc4 1px solid; BORDER-LEFT: #aebdc4 1px solid; BORDER-BOTTOM: #aebdc4 1px solid; BACKGROUND-COLOR: #ffffff
}
.cattitle {
FONT-WEIGHT: bold; FONT-SIZE: 12px; COLOR: #000000; LETTER-SPACING: 1px
}
.tableoutline {
BORDER-RIGHT: #c4c4c4 1px solid; BORDER-TOP: #c4c4c4 1px solid; BORDER-LEFT: #c4c4c4 1px solid; BORDER-BOTTOM: #c4c4c4 1px solid
}
.root_td {
PADDING-LEFT: 5px; FONT-WEIGHT: bold; FONT-SIZE: 12px; FONT-FAMILY: Verdana; HEIGHT: 22px; BACKGROUND-COLOR: #ffffff; font-color: #000000
}
.child_td {
PADDING-RIGHT: 10px; PADDING-LEFT: 10px; FONT-SIZE: 12px; PADDING-BOTTOM: 3px; COLOR: #000000; FONT-FAMILY: Verdana; HEIGHT: 22px; BACKGROUND-COLOR: #f5f5f5; TEXT-DECORATION: underline
}
#cattitle A:link {
COLOR: #000000; TEXT-DECORATION: none
}
#cattitle A:visited {
COLOR: #000000; TEXT-DECORATION: none
}
#cattitle A:active {
COLOR: #000000; TEXT-DECORATION: none
}
#cattitle A:hover {
COLOR: #000000; TEXT-DECORATION: none
}
</STYLE>
<SCRIPT language=JavaScript type=text/javascript>
<!--
if (parent.frames.length > 0) {
parent.location.href = self.document.location
}
function ToggleNode(nodeObject, imgObject){
if(nodeObject.style.display == '' || nodeObject.style.display == 'inline'){
nodeObject.style.display = 'none';
imgObject.src = 'images/plus.gif'/*tpa=http://www.linuxhero.com/docs/images/plus.gif*/;
}else{
nodeObject.style.display = 'inline';
imgObject.src = 'images/minus.gif'/*tpa=http://www.linuxhero.com/docs/images/minus.gif*/;
}
}
-->
</SCRIPT>
<BODY text=#000000 bgColor=#ffffff leftMargin=0 topMargin=0 marginwidth="0"
marginheight="0">
<CENTER>
<TABLE cellSpacing=0 cellPadding=0 width="100%" border=0>
<TR>
<TD vAlign=top>
<TABLE cellSpacing=0 cellPadding=0 width="100%" border=0>
<TBODY>
<TR>
<TD><IMG height=1 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=296
border=0></TD>
<TD><IMG height=1 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=76
border=0></TD>
<TD><IMG height=1 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=100
border=0></TD>
<TD><IMG height=1 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=98
border=0></TD>
<TD><IMG height=1 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=79
border=0></TD>
<TD><IMG height=1 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=103
border=0></TD>
<TD><IMG height=1 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=26
border=0></TD>
<TD><IMG height=1 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=1
border=0></TD></TR>
<TR>
<TD colSpan=3><A title=linux知识宝库
href="index.html" tppabs="http://www.linuxhero.com/docs/index.html"><IMG height=83
src="images/header_r1_c1.gif" tppabs="http://www.linuxhero.com/docs/images/header_r1_c1.gif" width=472 border=0
name=header_r1_c1></A></TD>
<TD colSpan=3>
<form action="http://www.linuxhero.com/docs/search.html" method=get>
<table
style="BORDER-RIGHT: #c4c4c4 1px solid; BORDER-TOP: #c4c4c4 1px solid; BORDER-LEFT: #c4c4c4 1px solid; BORDER-BOTTOM: #c4c4c4 1px solid"
cellspacing=0 cellpadding=3 width="95%" border=0 align="center">
<tbody>
<tr>
<td noWrap background="images/bgline.gif" tppabs="http://www.linuxhero.com/docs/images/bgline.gif">
<div align=center><font class=normalfont>搜索文章:
<input type=hidden value=result name=action2>
<input type=radio checked value=title name=type>标题
<input type=radio value=content name=type>内容
<input type=image src="images/button_go.gif" tppabs="http://www.linuxhero.com/docs/images/button_go.gif" border=0 name=image2>
</font></div>
</td>
</tr>
<tr>
<td noWrap>
<div align="center">
<input maxlength=100 size=30 name=keyword2>
</div>
</td>
</tr></tbody>
</table>
</form>
</TD>
<TD rowSpan=2><IMG src="images/header_r1_c7.gif" tppabs="http://www.linuxhero.com/docs/images/header_r1_c7.gif" width=26 border=0 name=header_r1_c7></TD>
<TD><IMG height=83 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=1 border=0></TD></TR>
<TR>
<TD background="images/bgline.gif" tppabs="http://www.linuxhero.com/docs/images/bgline.gif"><IMG height=22
src="images/header_r2_c1.gif" tppabs="http://www.linuxhero.com/docs/images/header_r2_c1.gif" width=296 border=0
name=header_r2_c1></TD>
<TD background="images/bgline.gif" tppabs="http://www.linuxhero.com/docs/images/bgline.gif" colSpan=5>
<DIV align=right><FONT class=normalfont>当前位置:
<A href="index.html" tppabs="http://www.linuxhero.com/docs/index.html">本站首页</A>
<font color="#FF6699">>></font>
<A href="type15.html" tppabs="http://www.linuxhero.com/docs/type15.html">网络安全</A> | <A href="copyright.html" tppabs="http://www.linuxhero.com/docs/copyright.html">版权说明</A></font></DIV>
</TD>
<TD><IMG height=22 src="images/spacer.gif" tppabs="http://www.linuxhero.com/docs/images/spacer.gif" width=1
border=0></TD></TR></TBODY></TABLE>
<TABLE cellSpacing=10 cellPadding=0 width="100%" bgColor=#ffffff
border=0>
<TR>
<TD>
<TABLE cellSpacing=0 cellPadding=3 width="100%" border=0>
<TR>
<TD vAlign=top align=middle width="60%">
<TABLE cellSpacing=0 cellPadding=0 width="100%"
background="images/back.gif" tppabs="http://www.linuxhero.com/docs/images/back.gif" border=0>
<TBODY>
<TR>
<TD vAlign=top width="80%">
<DIV align=center>
<FORM action="search.html" tppabs="http://www.linuxhero.com/docs/search.html" method=get>
</FORM>
<TABLE cellSpacing=0 cellPadding=0 width="95%"
border=0><TBODY>
<TR>
<TD background="images/bgi.gif" tppabs="http://www.linuxhero.com/docs/images/bgi.gif"
height=30></TD></TR></TBODY></TABLE>
<TABLE cellSpacing=0 cellPadding=3 width="95%"
align=center border=0>
<TBODY>
<TR>
<TD>
<TABLE cellSpacing=0 cellPadding=3 width="100%"
border=0>
<TBODY>
<TR>
<TD vAlign=top>
<p><FONT class=normalfont><B><font color=blue>用LIDS增强Linux系统安全</font></B></FONT><BR><FONT class=smallfont color=#ff9900>2004-04-23 15:18 pm</FONT><BR><FONT class=normalfont>作者:作者<br>来自:Linux知识宝库<br>联系方式:无名<br><br>LIDS( Linux入侵侦察系统)是Linux内核补丁和系统管理员工具(lidsadm),它加强了Linus内核。 它在内核中实现了一种安全模式 -- 参考模式以及内核中的Mandatory Access Contro l(命令进入控制)模式。本文将阐述LIDS的功能和如何使用它来建立一个安全的Linux系统。<br>
<br>
1. 为什么选择LIDS<br>
<br>
随着互连网上Linux越来越受欢迎 ,越来越多现有GNU/LINUX系统上的应用软件中的安全漏洞被发现。很多程序利用了程序员的粗心,例如缓存溢出、格式化代码攻击。当系统安全受到程序的危及,黑客获得ROOT权限以后,整个系统将被入侵者控制。<br>
<br>
由于代码的开放性,我们可以获得很多所希望Linux应用程序的原代码,并且根据我们的需要来修改。所以bug能很容易地被找到,并很快修补。但是当漏洞被揭示后,而系统管理员疏于给漏洞打补丁,从而造成很容易地就被入侵,更糟的是黑客能获得ROOT SHELL。利用现有的GNU/Linux系统,他为所欲为。这正是LIDS想要解决的问题。<br>
<br>
首先看看现有的GNU/Linux系统存在哪些问题。<br>
<br>
文件系统未受到保护<br>
<br>
系统中的很多重要的文件,例如 /bin/login,一旦黑客入侵后,他可以上传修改过的l<br>
ogin文件来代替/bin/login ,然后他就可以不需要任何登陆名和密码就登陆系统。这常被称<br>
为Trojan house。<br>
<br>
进程未受到保护<br>
<br>
系统上运行的进程是为某些系统功能所服务的,例如HTTPD是一个web服务器来满足远程客户端对于web的需求。作为web服务器系统,保护其进程不被非法终止是很重要的。但是当入侵者获得了ROOT权限后,我们却无能为力。<br>
<br>
系统管理未受保护<br>
<br>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -