重置系统
服务器运维–>远程连接–>客户端–>设置密码
passwd
cat /etc/passwd
cat /etc/group
nano /etc/hostname
sed -i “s/alias mv=’mv -i’/alias mv=’mv -i’\nalias ll=’ls -l’\nalias la=’ls -A’\nalias lh=’ls -h’\nalias ls=’ls -A -B -F -l –human –color’\nalias df=’df -h’/g” /root/.bashrc
source ~/.bashrc
nano ~/.bashrc 和 nano ./.bashrc
alias ll=’ls -alF’
alias la=’ls -A’
alias l=’ls -CF’
alias ls=’ls -A -B -F -l –human –color’
alias dir=’dir -A -B -F -l –human –color’
alias lh=’ls -h’
alias rm=’rm -i’
alias mv=’mv -i’
alias df=’df -h’
alias cp=’cp -i’
alias free=’free -h’
apt update -y && apt upgrade -y && apt autoremove -y
ufw status
ufw enable
ufw allow 20
ufw allow 21
ufw allow 22
ufw allow 25
ufw allow 80
ufw allow 110
ufw allow 443
ufw allow 465
ufw allow 587
ufw allow 993
ufw allow 995
ufw allow 1080
ufw allow 1357
ufw allow 1688
ufw allow 2022
ufw allow 2122
ufw allow 2222
ufw allow 2322
ufw allow 2468
ufw allow 3080
ufw allow 3389
ufw allow 3680
ufw allow 5080
ufw allow 6443
ufw allow 8000
ufw allow 8080
ufw allow 8443
ufw allow 8888
ufw allow 9443
ufw allow 9527
ufw allow 9833
ufw allow 12345
ufw allow 18080
ufw allow 54167
ufw allow 54321
ufw default deny
ufw reload
ufw delete allow 21 #删除端口命令
#ufw allow 8001/tcp //指定开放8001的tcp协议
ufw allow from 192.168.1.100 允许此IP访问所有的本机端口
ufw allow proto udp 192.168.0.1 port 53 to 192.168.0.2 port 53
ufw deny smtp 禁止外部访问smtp服务
检查看是否生效
ss -unlpt | grep 2375
for i in seq 22 80 443 1080 1688 2022 2122 2222 8080 8443 8888 9833 12345; do
ufw allow $i
done
#以下CentOS防火墙设置
firewall-cmd –state
systemctl enable firewalld.service
systemctl stop firewalld
systemctl start firewalld
firewall-cmd –zone=public –add-port=22/tcp –permanent
firewall-cmd –zone=public –add-port=80/tcp –permanent
firewall-cmd –zone=public –add-port=443/tcp –permanent
firewall-cmd –zone=public –add-port=1080/tcp –permanent
firewall-cmd –zone=public –add-port=1688/tcp –permanent
firewall-cmd –zone=public –add-port=2222/tcp –permanent
firewall-cmd –zone=public –add-port=8080/tcp –permanent
firewall-cmd –zone=public –add-port=8888/tcp –permanent
firewall-cmd –zone=public –remove-port=8888/tcp –permanent
firewall-cmd –reload
firewall-cmd –list-port
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
date
date -R
hwclock –systohc
nano /etc/profile
export EDITOR=nano #修改默认编辑器为nano
source /etc/profile
apt install cron curl dstat glances htop hping3 iputils-ping lshw nano net-tools nmon screen sshpass telnet unzip wget -y
#以下包是CentOS系统安装
yum install wget curl -y
yum install dstat iptraf* htop -y
yum install glances
yum install axel
yum install mutiltail
yum install ppp ppp-devel pptp net-tools iptables nmon
yum install sysvinit-tools #docker镜像没有last命令,需要安装这个包
crontab -e 加入定时自动更新
0 */8 * * * apt-get update -y && apt-get upgrade -y && apt-get autoremove -y
sudo apt install apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository “deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable”
sudo apt-get -y install docker-ce
安装ip命令
Ubuntu/Debian: iproute2 ; apt install iproute2
Centos/Fedora: iproute2 ; yum install -y iproute2
安装ping
Ubuntu/Debian: iputils-ping ; apt install iputils-ping
Centos/Fedora: iputils ; yum install -y iputils
安装traceroute
Ubuntu/Debian: traceroute ; apt install traceroute -y
Centos/Fedora: traceroute ; yum install -y traceroute
安装hping3
Ubuntu/Debian: hping3 ; apt install hping3
Centos/Fedora: hping3 ; yum install epel-release && yum install -y hping3
hping3 [参数]
常用参数:
-c发送数据包的次数
-m设置TCP序列数
-v版本信息
-I网卡接口
参考实例
发送icmp ping
hping3 –icmp <目标>
对目标端口扫描:
[root@linux265 ~]# hping3 -I eth0 -S 192.168.10.1 -p 80
测试目标防火墙:
[root@linux265 ~]# hping3 -S -c 1000000 -a 10.10.10.10 -p 21 10.10.10.10
在发送端使用签名打包的ICMP包发送文件:
[root@linux265 ~]#hping3 192.168.1.108 –icmp -d 100 –sign signature –file /etc/passwd
很直观的看到TTL的变化:
[root@linux265 ~]# hping3 -z 192.168.0.107
使用随机地址伪装自己的地址:
[root@linux265 ~]# hping3 –rand-source 192.168.0.107