脚本来自:https://github.com/xiaojj/setup-simple-ipsec-l2tp-vpn

#!/bin/sh
#    Setup Simple IPSec/L2TP VPN server for Ubuntu and Debian
#
#    Copyright (C) 2014 Phil Plückthun <phil@plckthn.me>
#    Based on the work of Lin Song (Copyright 2014)
#    Based on the work of Viljo Viitanen (Setup Simple PPTP VPN server for Ubuntu and Debian)
#    Based on the work of Thomas Sarlandie (Copyright 2012)
#
#    This work is licensed under the Creative Commons Attribution-ShareAlike 3.0
#    Unported License: http://creativecommons.org/licenses/by-sa/3.0/

if [ `id -u` -ne 0 ]
then
  echo "Please start this script with root privileges!"
  echo "Try again with sudo."
  exit 0
fi

lsb_release -c | grep trusty > /dev/null
if [ "$?" = "1" ]
then
  echo "This script was designed to run on Ubuntu 14.04 Trusty!"
  echo "Do you wish to continue anyway?"
  while true; do
    read -p "" yn
    case $yn in
        [Yy]* ) break;;
        [Nn]* ) exit 0;;
        * ) echo "Please answer with Yes or No [y|n].";;
    esac
  done
  echo ""
fi

echo "This script will install an IPSec/L2TP VPN Server"
echo "Do you wish to continue?"

while true; do
  read -p "" yn
  case $yn in
      [Yy]* ) break;;
      [Nn]* ) exit 0;;
      * ) echo "Please answer with Yes or No [y|n].";;
  esac
done

echo ""

# Generate a random key
generateKey () {
  P1=`cat /dev/urandom | tr -cd abcdefghjkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789 | head -c 3`
  P2=`cat /dev/urandom | tr -cd abcdefghjkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789 | head -c 3`
  P3=`cat /dev/urandom | tr -cd abcdefghjkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789 | head -c 3`
  IPSEC_PSK="$P1$P2$P3"
}

echo "The VPN needs a private PSK key."
echo "Do you wish to set it yourself?"
echo "(Otherwise a random key is generated)"
while true; do
  read -p "" yn
  case $yn in
      [Yy]* ) echo ""; echo "Enter your preferred key:"; read -p "" IPSEC_PSK; break;;
      [Nn]* ) generateKey; break;;
      * ) echo "Please answer with Yes or No [y|n].";;
  esac
done

echo ""
echo "The key you chose is: '$IPSEC_PSK'."
echo "Please save it, because you'll need it to connect!"
echo ""

read -p "Please enter your preferred username [vpn]: " VPN_USER

if [ "$VPN_USER" = "" ]
then
  VPN_USER="vpn"
fi

echo ""

while true; do
  stty_orig=`stty -g`
  stty -echo
  read -p "Please enter your preferred password: " VPN_PASSWORD
  if [ "x$VPN_PASSWORD" = "x" ]
  then
    echo "Please enter a valid password!"
  else
    stty $stty_orig
    break
  fi
done

echo ""
echo ""

echo "Making sure that apt-get is updated and wget is installed..."

apt-get update > /dev/null

if [ `sudo dpkg-query -l | grep wget | wc -l` = 0 ] ; then
  apt-get install wget -y  > /dev/null
fi

PUBLICIP=`wget -q -O - http://wtfismyip.com/text`
if [ "x$PUBLICIP" = "x" ]
then
  echo "Your server's external IP address could not be detected!"
  echo "Please enter the IP yourself:"
  read -p "" PUBLICIP
else
  echo "Detected your server's external IP address: $PUBLICIP"
fi

PRIVATEIP=$(ip addr | awk '/inet/ && /eth0/{sub(/\/.*$/,"",$2); print $2}')
IPADDRESS=$PUBLICIP

echo ""
echo "Are you on Amazon EC2?"
echo "If you answer no to this and you are on EC2, clients will be unable to connect to your VPN."
echo "This is needed because EC2 puts your instance behind one-to-one NAT, and using the public IP in the config causes incoming connections to fail with auth failures."
while true; do
  read -p "" yn
  case $yn in
    [Yy]* ) IPADDRESS=$PRIVATEIP; break;;
    [Nn]* ) break;;
    * ) echo "Please answer with Yes or No [y|n].";;
  esac
done

echo "The IP address that will be used in the config is $IPADDRESS"

echo ""
echo "============================================================"
echo ""

echo "Installing necessary dependencies..."

apt-get install libnss3-dev libnspr4-dev pkg-config libpam0g-dev libcap-ng-dev libcap-ng-utils libselinux1-dev libcurl4-nss-dev libgmp3-dev flex bison gcc make libunbound-dev libnss3-tools -y  > /dev/null

if [ "$?" = "1" ]
then
  echo "An unexpected error occured!"
  exit 0
fi

echo "Installing XL2TPD..."
apt-get install xl2tpd -y > /dev/null

if [ "$?" = "1" ]
then
  echo "An unexpected error occured!"
  exit 0
fi

# Compile and install Libreswan
mkdir -p /opt/src
cd /opt/src
echo "Downloading LibreSwan's source..."
wget -qO- https://download.libreswan.org/libreswan-3.12.tar.gz | tar xvz > /dev/null
cd libreswan-3.12
echo "Compiling LibreSwan..."
make programs > /dev/null
echo "Installing LibreSwan..."
make install > /dev/null

if [ "$?" = "1" ]
then
  echo "An unexpected error occured!"
  exit 0
fi

echo "Preparing various configuration files..."

cat > /etc/ipsec.conf <<EOF
version 2.0
config setup
  dumpdir=/var/run/pluto/
  nat_traversal=yes
  virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!192.168.42.0/24
  oe=off
  protostack=netkey
  nhelpers=0
  interfaces=%defaultroute
conn vpnpsk
  connaddrfamily=ipv4
  auto=add
  left=$IPADDRESS
  leftid=$IPADDRESS
  leftsubnet=$IPADDRESS/32
  leftnexthop=%defaultroute
  leftprotoport=17/1701
  rightprotoport=17/%any
  right=%any
  rightsubnetwithin=0.0.0.0/0
  forceencaps=yes
  authby=secret
  pfs=no
  type=transport
  auth=esp
  ike=3des-sha1,aes-sha1
  phase2alg=3des-sha1,aes-sha1
  rekey=no
  keyingtries=5
  dpddelay=30
  dpdtimeout=120
  dpdaction=clear
EOF

cat > /etc/ipsec.secrets <<EOF
$IPADDRESS  %any  : PSK "$IPSEC_PSK"
EOF

cat > /etc/xl2tpd/xl2tpd.conf <<EOF
[global]
port = 1701
;debug avp = yes
;debug network = yes
;debug state = yes
;debug tunnel = yes
[lns default]
ip range = 192.168.42.10-192.168.42.250
local ip = 192.168.42.1
require chap = yes
refuse pap = yes
require authentication = yes
name = l2tpd
;ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
EOF

cat > /etc/ppp/options.xl2tpd <<EOF
ipcp-accept-local
ipcp-accept-remote
ms-dns 8.8.8.8
ms-dns 8.8.4.4
noccp
auth
crtscts
idle 1800
mtu 1280
mru 1280
lock
lcp-echo-failure 10
lcp-echo-interval 60
connect-delay 5000
EOF

cat > /etc/ppp/chap-secrets <<EOF
# Secrets for authentication using CHAP
# client  server  secret  IP addresses
$VPN_USER  l2tpd  $VPN_PASSWORD  *
EOF

/bin/cp -f /etc/rc.local /etc/rc.local.old
cat > /etc/rc.local <<EOF
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
iptables --table nat --append POSTROUTING --jump MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
for each in /proc/sys/net/ipv4/conf/*
do
  echo 0 > $each/accept_redirects
  echo 0 > $each/send_redirects
done
/usr/sbin/service ipsec restart
/usr/sbin/service xl2tpd restart
EOF

echo "Applying changes..."

iptables --table nat --append POSTROUTING --jump MASQUERADE > /dev/null
echo 1 > /proc/sys/net/ipv4/ip_forward
for each in /proc/sys/net/ipv4/conf/*
do
  echo 0 > $each/accept_redirects
  echo 0 > $each/send_redirects
done

if [ ! -f /etc/ipsec.d/cert8.db ] ; then
   echo > /var/tmp/libreswan-nss-pwd
   /usr/bin/certutil -N -f /var/tmp/libreswan-nss-pwd -d /etc/ipsec.d > /dev/null
   /bin/rm -f /var/tmp/libreswan-nss-pwd
fi

/sbin/sysctl -p > /dev/null

echo "Starting IPSec and XL2TP services..."

/usr/sbin/service ipsec restart > /dev/null
/usr/sbin/service xl2tpd restart > /dev/null

echo "Success!"
echo ""

clear

echo "============================================================"
echo "Host: $PUBLICIP (Or a domain pointing to your server)"
echo "IPSec PSK Key: $IPSEC_PSK"
echo "Username: $VPN_USER"
echo "Password: ********"
echo "============================================================"

echo "Your VPN server password is hidden. Would you like to reveal it?"
while true; do
  read -p "" yn
  case $yn in
      [Yy]* ) clear; break;;
      [Nn]* ) exit 0;;
      * ) echo "Please answer with Yes or No [y|n].";;
  esac
done

echo "============================================================"
echo "Host: $PUBLICIP (Or a domain pointing to your server)"
echo "IPSec PSK Key: $IPSEC_PSK"
echo "Username: $VPN_USER"
echo "Password: $VPN_PASSWORD"
echo "============================================================"

echo "If you plan to keep the VPN server generated with this script on the internet for a long time (a day or more), consider securing it to possible attacks!"

sleep 1
exit 0

所用脚本修改自  https://raw.githubusercontent.com/suyan/scripts/master/Setup/pptp.sh

 

#!/bin/sh
if [ `id -u` -ne 0 ] 
then
  echo "please run it by root"
  exit 0
fi

apt-get -y update

apt-get -y install pptpd || {
  echo "could not install pptpd" 
  exit 1
}

cat >/etc/ppp/options.pptpd <<END
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 8.8.8.8
ms-dns 8.8.4.4
proxyarp
lock
nobsdcomp 
novj
novjccomp
nologfd
END

cat >/etc/pptpd.conf <<END
option /etc/ppp/options.pptpd
logwtmp
localip 192.168.2.1
remoteip 192.168.2.10-100
END

cat >> /etc/sysctl.conf <<END
net.ipv4.ip_forward=1
END

sysctl -p

iptables-save > /etc/iptables.down.rules

iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -o eth0 -j MASQUERADE

iptables -I FORWARD -s 192.168.2.0/24 -p tcp --syn -i ppp+ -j TCPMSS --set-mss 1300

iptables-save > /etc/iptables.up.rules

cat >/etc/ppp/chap-secrets <<END
test pptpd test *
END

service pptpd restart

netstat -lntp

exit 0

如果要防止重启服务器后iptables丢失,修改/etc/network/interfaces 文件,在eth0 下面加入

pre-up iptables-restore < /etc/iptables.up.rules

1.在终端中执行

sudo a2enmod rewrite

指令后,即启用了 Mod_rewrite 模块

2.

另外,也可以通过将 /etc/apache2/mods-available/rewrite.load 连接到 /etc/apache2/mods-enabled/rewrite.load 来打开 Mod_rewrite 模块。用指令操作就是:

sudo ln -s /etc/apache2/mods-available/rewrite.load /etc/apache2/mods-enabled/rewrite.load

 

这里,还有一点需要注意的地方:

sudo vim /etc/apache2/sites-enabled/000-default

将其中的:

AllowOverride None

修改为:

AllowOverride All

上面的 /etc/apache2/sites-enabled/000-default 实则为 /etc/apache2/sites-available/default 的连接。而 AllowwOverride None 则会完全忽略 .htaccess 文件,自然其中所定义的 rewrite 规则也就不能生效了。

最后,别忘了使用下列指令来重启 Apache:

sudo /etc/init.d/apache2 restart.

 

  1. 2002年某天,摩托罗拉v998+。
  2. 2005.11.18 nokia 6030。
  3. 2008.12.2  i-mate PDAG。
  4. 2012.11.21 华为 D1。
  5. 2014.5.3 华为荣耀3X,媳妇用

服务器被挂马或被黑的朋友应该知道,黑客入侵web服务器的第一目标是往服务器上上传一个webshell,有了webshell黑客就可以干更多的事 情。网站被挂马后很多人会束手无策,无从查起,其实并不复杂,这里我将以php环境为例讲几个小技巧,希望对大家有帮助。
先讲一下思路,如果服务器上被上传了webshell那么我们肯定能够查到蛛丝马迹,比如php文件的时间,如果我们可以查找最后一次网站代码更新以后的所有php文件,方法如下。

假设最后更新是10天前,我们可以查找10天内生成的可以php文件:

find /var/www/ -name "*.php" -mtime -10

命令说明:
/var/www 为网站根目录
-name “*.php”为查找所有php文件
-time -10为截止到现在10天
如果文件更新时间不确定,我们可以通过查找关键字的方法来确定。要想查的准确需要熟悉webshell常用的关键字,我这里列出一些常用的,其他的大家可 以从网收集一些webshell,总结自己的关键字,括号里面我总结的一些关键字 (eval,shell_exec,passthru,popen,system)查找方法如下:

find /var/www -name "*.php" |xargs grep "eval" |more
find /var/www -name "*.php" |xargs grep "shell_exec" |more
find /var/www -name "*.php" |xargs grep "passthru" |more

当然你还可以导出到文件,下载下来慢慢分析:

find /home -name “*.php”|xargs grep “fsockopen”|more >test.log

这里我就不一一罗列了,如果有自己总结的关键字直接替换就可以。当然并不是所有的找出的文件都是webshell需要自己做一下判断,判断的方法也简单,直接从浏览器访问一下这个文件或者和自己找的一些webshell比较一下,看得多了,基本上一眼就可以判断是不是webshell文件​

#!/bin/sh
dirname=`date   +%Y%m%d`
delname=`date -d "-35 day" +%Y%m%d`
mkdir   $dirname
cd /home/xiao/backup/$dirname
mysqldump -uroot -pcceccs –hex-blob –complete-insert=true –default-character-set=utf8 jol>$dirname.sql
tar zcvf JudgeOnline.tar.gz  /var/www
tar zcvf data$dirname.tar.gz /home/judge/data
tar zcvf core.tar.gz /home/xiao/core
tar zcvf judge.tar.gz /var/tomcat/webapps/judge
tar zcvf stepbystep.tar.gz /var/stepbystep

mysqldump -uroot -p123456 –hex-blob –complete-insert=true –default-character-set=utf8 vhoj>vhoj36.sql

mysqldump -uroot -p123456 –hex-blob –complete-insert=true –default-character-set=utf8 stepbystep>stepbystep.sql

 

mysqldump -uroot -p123456 –hex-blob –complete-insert=true –default-character-set=utf8 blog>blog.sql
mysqldump -uroot -p123456 –hex-blob –complete-insert=true –default-character-set=utf8 rj>rj.sql

rm -rf /home/xiao/backup/$delname

/usr/bin/lftp –u *,*  *.*.*.*:8021 -e "mirror -R /home/xiao/backup/$dirname; exit"
/usr/bin/lftp –u *,*  *.*.*.*:8021 -e "rm -rf  $delname; exit"

/usr/bin/lftp –u *,* *.*.*.*:8021 -e "mirror -R /home/xiao/backup/$dirname; exit"
/usr/bin/lftp –u *,* *.*.*.*:8021 -e "rm -rf  $delname; exit"

问题:
如果你的网站目录下有一个xxx的文件夹,如果xxx文件夹下没有默认页面(index.*等),当用户使用URL:http://你的网址/a/ 访问你的网站的话,Apache会把xxx文件夹里的内容全列出来。
解决方法:

将/etc/apaches/sites-enables/000-default中

Options Indexs  FollowSymbols MultiViews //去掉Indexs
….

squid日志里面默认记录的时间都是根据标准时间计算后加上毫秒记录的,不便于查看。
网上搜了搜,仿佛有许多方法都可以进行转换,但是想想还是麻烦,其实squid可以直接改日志的记录格式的。
打开squid的配置文件/etc/squid/squid.conf
找到下面这句,并取消注释

#logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%S

再找到:

access_log /var/log/squid/access.log squid

修改成

access_log /var/log/squid/access.log combined

重启squid
得到的日志格式就跟apache日志格式相似了

1、爸爸指着妈妈说:“这是我媳妇”,兜兜说:“长大了,兜兜是妈妈的媳妇。”爸爸说:“兜兜是妈妈的女儿”兜兜说 "",兜兜不是妈妈的女儿,爸爸是奶奶的女儿!" ——————乱套了!!

2、有一天,兜兜很认真的跟我说"兜兜妹妹的积木和cangcang哥哥的积木一样,你明白不明白?",("明白"的首次秀)又一天,小妞光的腚,奶奶说,光腚不好,答"光腚文明!"(文明出场了)
3、兜兜小朋友说:“妈妈我长大了给你买肉肉吃,买鸡蛋吃,买钱吃。"
爸爸喊:"美女,,"兜兜仰起脸:“在这里,,”
4、给小妞拿水时,腿碰到凳子角了疼的我直哎呦,不太清晰的声音飘来,愣了几秒才反应过来:“走路小心点!”

5.去逛超市,看见油桃,兜兜问我这是什么,我说油桃,以为她只是问问,没给她买。结账的时候一直问我爸爸咱买完了吗.(2015.4.4)

6.今天兜兜中午睡觉前一直问爸爸妈妈明天上不上班,问了一会说奶奶也很年轻,我当时没听明白,问她说什么,她说奶奶不用拄拐杖。问她什么意思,她说让奶奶去上班,爸爸妈妈在家陪她。(2015.4.11)