|
|
|
Á¦ ¸ñ :
inetd¿Í syslogd¸¦ ÀÌ¿ëÇØ¼¿ä. |
|
ÀÛ¼ºÀÚ : NOP_0x90
|
³¯Â¥ : 2003-07-30 |
|
ºÐ·ù : ¼³Ä¡/Ãʺ¸ |
Á¶È¸¼ö : 1604 |
|
|
¾Æ·¡ÀÇ Á¶°ÇÀ» ¸¸Á·ÇÏ°Ô Çߴµ¥µµ.. ÀÌ»óÇÏ°Ô ¾ÈµÇ³×¿ä..¤Ð¤Ð
Á¦°¡ ÀÛ¾÷°úÁ¤À» ¿Ã¸³´Ï´Ù. ¾îµð°¡ À߸øµÈ°ÍÀϱî¿ä??
¹ú½á ³ªÈê° ¿©·¯ºÐµéÀÇ Áö½ÄÀ» ÇÊ¿ä·Î Çϰí ÀÖ½À´Ï´Ù.^^*
»ç³»¿¡ ÀÖ´Â ÆÄÀϼ¹ö »ç¿ëÀÚµéÀÇ telnet, ftp µî Á¢¼Ó¿¡ ´ëÇÑ Á¤º¸¸¦ È®ÀÎÇϰíÀÚ ¼Ö¶ó¸®½º ¼¹ö ¼¼ÆÃ½Ã
¿ø°ÝÁö »ç¿ëÀڷκÎÅÍ ¿ä±¸µÇ´Â inetd ¼ºñ½º¿¡ ´ëÇÑ Á¢¼ÓÁ¤º¸¸¦ ÃßÀûÇÒ ¼ö ÀÖµµ·Ï ¼³Á¤À» ÇϽÿÀ.
(À̰ÍÀº ¿ø°ÝÁö Ŭ¶óÀ̾ðÆ®ÀÇ IPÁÖ¼Ò¿Í port¹øÈ£¸¦ ·Î±ëÇÔÀ¸·Î½á ÇàÇØÁö´Âµ¥, À̰ÍÀº inetd°¡
\\\'daemon\\\' facility¿Í \\\'notice\\\' messages level¿¡¼¸¸ /var/adm/inetdlogs ÆÄÀÏ¿¡ ·Î±ëÀ» Çϵµ·Ï ÇÑ´Ù.)
Á¶°Ç)
- ftp ¼ºñ½º¿¡ ´ëÇÑ ·Î±ë°ú µð¹ö±ë ±â´É¿¡ ´ëÇÑ ¿É¼Ç°ª ¼³Á¤
- ¿ø°ÝÁö Ŭ¶óÀ̾ðÆ®ÀÇ IPÁÖ¼Ò¿Í port¹øÈ£¿¡ ´ëÇØ ·Î±ëÀ» Çϵµ·Ï inetd ¼ºñ½º ¿É¼Ç°ª ¼³Á¤
- syslog ·Î±ë󸮸¦ À§ÇÑ ¼³Á¤Á¶°Ç
facility ==> daemon
messages level ==> notice
/var/adm/inetdlogs ÆÄÀÏ¿¡ ·Î±ë
-------------------------------------------------------------------------------
# vi /etc/syslog.conf
\\\"/etc/syslog.conf\\\" 35 Çà, 989 ¹®ÀÚ #ident \\\"@(#)syslog.conf1.5 99/02/03 SMI\\\" /* SunOS 5.0 */
#
# Copyright (c) 1991-1999 by Sun Microsystems, Inc.
# All rights reserved.
#
# syslog configuration file.
#
# This file is processed by m4 so be careful to quote (`\\\') names
# that match m4 reserved words. Also, within ifdef\\\'s, arguments
# containing commas must be quoted.
#
*.err;kern.notice;auth.notice/dev/sysmsg
*.err;kern.debug;mail.crit/var/adm/messages
*.alert;kern.err;daemon.erroperator
*.alertroot
*.emerg*
# if a non-loghost machine chooses to have authentication messages
# sent to the loghost machine, un-comment out the following line:
#auth.noticeifdef(`LOGHOST\\\', /var/log/authlog, @loghost)\\\"/etc/syslog.conf\\\"
mail.debugifdef(`LOGHOST\\\', /var/log/syslog, @loghost)
#
# non-loghost machines will use the following lines to cause \\\"user\\\"
# log messages to be logged locally.
#
ifdef(`LOGHOST\\\', ,
user.err/dev/sysmsg
user.err/var/adm/messages
user.alert`root, operator\\\'
user.emerg*
)
))
daemon.notice /var/adm/inetdlogs
:wq
\\\"/etc/syslog.conf\\\" 36 Çà, 1026 ¹®ÀÚ
# vi /etc/inetd.conf
\\\"/etc/inetd.conf\\\" 147 Çà, 5068 ¹®ÀÚ #
#ident \\\"@(#)inetd.conf 1.33 98/06/02 SMI\\\" /* SVr4.0 1.5 */
#
#
# Configuration file for inetd(1M). See inetd.conf(4).
#
# To re-configure the running inetd process, edit this file, then
# send the inetd process a SIGHUP.
#
# Syntax for socket-based Internet services:
# <service_name> <socket_type> <proto> <flags> <user> <server_pathname> <args>
#
# Syntax for TLI-based Internet services:
#
# <service_name> tli <proto> <flags> <user> <server_pathname> <args>
#
# Ftp and telnet are standard Internet services.
#
ftp stream tcp nowait root /usr/sbin/tcpd in.ftpd
telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd
#
# Tnamed serves the obsolete IEN-116 name server protocol.
#\\\"/etc/inetd.conf\\\" 147 Çà, 5068 ¹®ÀÚ
À§ÀÇ ftpµ¥¸óºÎºÐÀ» ÀÌ·¸°Ô ¹Ù²Þ
ftp stream tcp nowait root /usr/sbin/tcpd in.ftpd -L -d
:wq
\\\"/etc/inetd.conf\\\" 147 Çà, 5077 ¹®ÀÚ
# ps
PID TTY TIME CMD
14101 pts/6 0:00 ps
14083 pts/6 0:00 bash
14089 pts/6 0:00 syslogd
14085 pts/6 0:00 inetd
# kill 09 -9 14085
# kill -9 14089
# ps
PID TTY TIME CMD
14083 pts/6 0:00 bash
14104 pts/6 0:00 ps
# /usr/sbin/syslogd
# /usr/sbin/inetd -s -d -t
# finish
The inetd.conf file for ftp service logging is not configured properly now.
sorry : This problem is not solved.Try again
# ps
PID TTY TIME CMD
14128 pts/6 0:00 ps
14083 pts/6 0:00 bash
14112 pts/6 0:00 inetd
14108 pts/6 0:00 syslogd
#
|
|
 |