Mark: Acunetix,一个安全工具,被有些人用来做垃圾表单提交机器

有时会被垃圾表单提交机器狂发垃圾,甚至造成邮件拥堵。今天注意到其表单提交里有一项填写的是 Acunetix ,本以为是下什么组织还是什么,随手google了一下,原来是一个安全工具,其官方网站,http://www.acunetix.com/ 上有如下的说明,先mark一下,研究研究

Website security is possibly today's most overlooked aspect of securing the enterprise and should be a priority in any organization. Hackers are concentrating their efforts on web-based applications - shopping carts, forms, login pages, dynamic content, etc. Web applications are accessible 24 hours a day, 7 days a week and control valuable data since they often have direct access to back-end data such as customer databases.

Firewalls, SSL and Locked-Down Servers are Futile Against Web Application Hacking

Any defence at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications are often tailor-made therefore tested less than off-the-shelf software and are more likely to have undiscovered vulnerabilities. Acunetix Web Vulnerability Scanner automatically checks your web applications for SQL Injection, XSS & other web vulnerabilities.

yum依赖错误处理:清理重复的rpm包

使用fedora/redhat/centos系列的linux发行版,有时会因为某些非正常原因(异常断电居多)造成yum/rpm错误,表现是在运行yum时出现依赖包错误,仔细查看其相关包,会发现这些包是矛盾的版本号依赖。这种情况下,通常就是本机rpm数据库里记录了某个rpm包多个版本(可能事实上只装了一个版本),通过rpm -q {包名} 会查出来多个版本,例如

[root@fscfedora feng]# rpm -q audit
audit-2.3.2-1.fc20.x86_64
audit-2.3.3-1.fc20.x86_64

我们需要删除其中一个包,通常删除旧版本的包,命令: rpm -e {带版本号的完整包名}。

但这时通过yum或rpm -e移除该包时,有时仍旧出现依赖错误。

这是可以通过rpm 的 --noscript参数,硬性移除该包(指定完整的版本号),例如

[root@fscfedora feng]# rpm -e --noscripts audit-2.3.2-1.fc20.x86_64

然后再检查该包,会发现少了已删除的那个。然后继续yum吧,如果还有类似情况,同法处理之。

tips,我们还可以运行 yum check 检查是否有类似的错误包。

------------------------

参考脚本:

[root@fscfedora feng]# rpm -q audit
audit-2.3.2-1.fc20.x86_64
audit-2.3.3-1.fc20.x86_64
[root@fscfedora feng]# rpm -e --noscripts audit-2.3.2-1.fc20.x86_64
[root@fscfedora feng]# rpm -q audit
audit-2.3.3-1.fc20.x86_64
[root@fscfedora feng]#

典型错误示例:

--> 解决依赖关系完成
错误:软件包:glibc-devel-2.18-11.fc20.x86_64 (@anaconda)
需要:glibc-headers = 2.18-11.fc20
正在删除: glibc-headers-2.18-11.fc20.x86_64 (@anaconda)
glibc-headers = 2.18-11.fc20
更新,由: glibc-headers-2.18-12.fc20.x86_64 (updates)
glibc-headers = 2.18-12.fc20
 您可以尝试添加 --skip-broken 选项来解决该问题
** 发现 19 个已存在的 RPM 数据库问题, 'yum check' 输出如下:
1:NetworkManager-0.9.9.0-24.git20131003.fc20.x86_64 有缺少的需求 NetworkManager-glib(x86-64) = ('1', '0.9.9.0', '24.git20131003.fc20')
1:NetworkManager-0.9.9.0-28.git20131003.fc20.x86_64 是 1:NetworkManager-0.9.9.0-24.git20131003.fc20.x86_64 的副本
audit-2.3.2-1.fc20.x86_64 有缺少的需求 audit-libs = ('0', '2.3.2', '1.fc20')