Vamos alterar de UTF-8 para ISO-8859-1, assim permitindo acentuação.
Adicionem no início do /etc/vimrc
set encoding=iso-8859-1 set fileencodings=iso-8859-1
Comentem todas as linhas antes dessa: set nocompatible
Créditos : http://www.htmlstaff.org/ver.php?id=22263
| The Worry-Free Business Security (WFBS) Agent’s antivirus and anti-spyware real-time scan scans files for malicious code as they are accessed or created. | |
| When some programs create or modify files rapidly, the Security Agent may use a lot of resource verifying the legitimacy of all file accesses. With the current default settings, the Security Agent will exclude the folders frequently modified by these programs: | |
| • | Worry-Free Business Security Server |
| • | Microsoft Exchange 2000/2003/2007/2010 |
| • | Active Directory Domain Services (Windows Server Role) |
| Note: These settings can be modified in the Security Server’s web console, under the Preferences > Global Settings > Desktop/Server section. | |
| Some programs or operating system features do not have default options in WFBS to exclude folders and files from real-time scan. If you encounter performance issues running one of these programs, you can modify the Security Settings in the Security Server’s web console. | |
| Important: These security settings will reduce the protection on your computer. For publicly available servers, please review these settings and the nature of the services before applying these settings. | |
| To resolve the issue, please do the following: | |||
| 1. | Log on to the WFBS console. | ||
| 2. | Go to Security Settings > Group > Configure. | ||
| 3. | Check if you have the following programs and then exclude the specified folders, files, or extensions: | ||
| • | Outlook: | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following extensions: | |||
| o | .PST | ||
| • | Windows Update Store: | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories: | |||
| o | C:\Windows\SoftwareDistribution\Datastore | ||
| • | Windows Software Update Services (WSUS) Server: | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories: | |||
| o | <WSUS storage driver letter>:\MSSQL$WSUS | ||
| o | <WSUS storage driver letter>:\WSUS | ||
| o | <WSUS storage driver letter>:\WsusDatabase | ||
| • | DHCP Server (Windows Server Role): | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories: | |||
| o | C:\Windows\system32\dhcp | ||
| • | DNS Server (Windows Server Role): | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories: | |||
| o | C:\Windows\system32\dns | ||
| • | WINS Server (Windows Server Role): | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories: | |||
| o | C:\Windows\system32\wins | ||
| • | Print and Document Services (Windows Server Role): | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories: | |||
| o | C:\Windows\system32\Spool\ | ||
| • | Remote Storage Service | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories: | |||
| o | C:\windows\system32\ntmsdata | ||
| • | POP3 Connector in Windows Small Business Server (SBS) 2003: | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directory: | |||
| o | C:\Program Files\Microsoft Windows Small Business Server\Networking\POP3\Failed Mail | ||
| o | C:\Program Files\Microsoft Windows Small Business Server\Networking\POP3\Incoming mail | ||
| • | Internet Information Services (IIS) 6.0 or Web Server role on Windows Server 2003: | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories: | |||
| o | C:\inetpub\wwwroot | ||
| Note: This may depend on your IIS configuration. You might need multiple folders when multiple websites are configured. | |||
| o | C:\Windows\system32 \LogFiles | ||
| Note: This may depend on your IIS configuration. You might need multiple folders when multiple websites are configured. | |||
| o | C:\windows\IIS Temporary Compressed Files | ||
| • | Internet Information Services (IIS) 7.0 or Web Server role on Windows Server 2008: | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories: | |||
| o | C:\inetpub\wwwroot\ | ||
| Note: This may depend on your IIS configuration. You might need multiple folders when multiple websites are configured. | |||
| o | C:\inetpub\logs\ | ||
| Note: This may depend on your IIS configuration. You might need multiple folders when multiple websites are configured. | |||
| o | C:\inetpub\temp\IIS Temporary Compressed Files | ||
| • | Microsoft SQL Server: | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories: | |||
| o | <SQL Server Installed folder>\*\OLAP\Data | ||
| o | <SQL Server Installed folder>\*\OLAP\Backup | ||
| o | <SQL Server Installed folder>\*\OLAP\Log | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following extensions: | |||
| o | .MDF | ||
| o | .LDF | ||
| o | .NDF | ||
| o | .BAK | ||
| o | .TRN | ||
| • | Microsoft SQL Server Failover Cluster: | ||
| Note: The < cluster service account> is the account that the specific account is running for cluster service. | |||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories: | |||
| o | <Quorum driver letter>:\ | ||
| o | C:\windows\cluster | ||
| o | For Windows 2003 only: C:\Documents and Settings\<cluster service account>\Local Settings\Temp\ | ||
| o | For Windows 2008 only: C:\Users\<cluster service account>\AppData\Local\Temp | ||
| • | SharePoint Portal Server: | ||
| Note: The<SharePoint service account> is the account that the specific account is running for SharePoint services | |||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories: | |||
| o | C:\Program Files\SharePoint Portal Server | ||
| o | C:\Program Files\Common Files\Microsoft Shared\Web Storage System | ||
| o | C:\Program Files\Common Files\Microsoft Shared\Web Service Extensions | ||
| o | C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions | ||
| o | C:\Program Files\Microsoft Office Servers | ||
| o | C:\Windows\Temp\Frontpagetempdir | ||
| o | C:\Windows\Temp\WebTempDir | ||
| For Windows 2003 only: | |||
| o | C:\Documents and Settings\All Users\Application Data\Microsoft\SharePoint\Config | ||
| o | C:\Documents and Settings\<SharePoint service account>\Local Settings\Application Data | ||
| o | C:\Documents and Settings\<SharePoint service account>\Local Settings\Temp\ | ||
| o | C:\Documents and Settings\Default User\Local Settings\Temp | ||
| For Windows 2008 only: | |||
| o | C:\Users\<SharePoint service account>\Local | ||
| o | For Windows 2008 only: C:\Users\<SharePoint service account>\Local\Temp | ||
| o | For Windows 2008 only: C:\Users\Default\AppData\Local\Temp | ||
| o | For Windows 2008 only: C: \ProgramData\Microsoft\SharePoint\Config | ||
| For 32-bit platforms: | |||
| o | C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files | ||
| o | C:\Windows\system32\LogFiles | ||
| For 64-bit platforms: | |||
| o | C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files | ||
| o | C:\Windows\Syswow64\LogFiles | ||
| • | Internet Security and Acceleration Server (ISA) Server: | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories: | |||
| o | C:\Program Files\Microsoft ISA Server\ISALogs | ||
| o | C:\Program Files\Microsoft SQL Server\MSSQL$MSFW\Data | ||
| • | Microsoft Operations Manager Server (MOM) 2005: | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories: | |||
| o | C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Operations Manager | ||
| o | C:\Program Files\Microsoft Operations Manager 2005 | ||
| Hyper-V: | |||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories: | |||
| o | C:\ProgramData\Microsoft\Windows\Hyper-V | ||
| o | C:\Users\Public\Documents\Hyper-V\Virtual Hard Disks | ||
| o | C:\ProgramData\ProgramData\Microsoft\Windows\Hyper-V\Snapshots | ||
| o | For Windows 2008 R2 only: C:\ClusterStorage | ||
| o | <Custom virtual machine configuration directories> | ||
| o | <Custom virtual hard disk drive directories> | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following extensions: | |||
| o | .AVHD | ||
| o | .ISO | ||
| o | .VFD | ||
| o | .VHD | ||
| o | .VSV | ||
| o | .XML | ||
| • | VMWare products: | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories: | |||
| o | <the folders that contain the virtual machines > | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following extensions: | |||
| o | .VMDK | ||
| o | .VMEM | ||
| • | Citrix products: | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following directories: | |||
| o | The roaming profiles folder on the file server> | ||
| Go to Antivirus/Anti-spyware > Target > Do not scan files with the following extensions: | |||
| o | .LOG | ||
| o | .DAT | ||
| o | .TMP | ||
| o | .POL | ||
| o | .PF | ||
| To enhance the performance on Windows Vista/2008/7, you can go to the Preferences > Global Settings >Desktop/Server in the WFBS console and check the Exclude Shadow Copy sections option. | |||
206.51.26.0/24
193.109.81.0/24
204.187.87.0/24
206.53.144.0/20
216.9.240.0/20
67.223.64.0/19
93.186.16.0/20
68.171.224.0/19
74.82.64.0/19
173.247.32.0/19
178.239.80.0/20
Achei interessante guardar …
… Assim como compartilhei a ferramenta, por acreditar que compartilhar o conhecimento é uma das melhores formas de se educar os profissionais e entusiastas de segurança, seguem algumas dicas, onde compartilho algumas idéias, de como se proteger destes tipos de ataque:
Créditos : http://fnstenv.blogspot.com.br/
Edit /etc/ssmtp/ssmtp.conf
I found it easiest to comment out all the existing lines in the config and then add the following. Replacing the capitalized text with your own information. This works for GMail and Google Apps accounts.
1 |
mailhub=smtp.gmail.com:587 |
2 |
hostname=USER@MYDOMAIN.com |
3 |
root=USER@MYDOMAIN.com |
4 |
AuthUser=USER@MYDOMAIN.com |
5 |
AuthPass=PASSWORD |
6 |
UseSTARTTLS=yes |
7 |
UseTLS=yes |
8 |
FromLineOverride=yes |
Edit /etc/ssmtp/revaliases
This file associates the computer’s local user accounts with email accounts that have been defined in the config. As an example, I’ve defined email for the following two local user accounts (but you’ll want to replace matt with something else):
1 |
root:USER@MYDOMAIN.com:smtp.gmail.com:587 |
2 |
matt:USER@MYDOMAIN.com:smtp.gmail.com:587 |
Send a Test Email
This is where the revaliases config comes into play. If you’ve only associated root with an email address then you’ll have to send a test email using the sudo command:
1 |
sudo ssmtp test@test.com |
2 |
To: Test Guy <test@test.com> |
3 |
From: Me <USER@MYDOMAIN.com> |
4 |
Subject: Hello World |
5 |
6 |
Hello world! |
Note the blank line between subject and body. Once the body is finished, hit return to advance to the next line and then press CTRL+D to send.
<?php
$redirect = “http://www.locaweb.com.br”;
header(“location:$redirect”);
?>
[root@firewall /]# /etc/init.d/mysqld stop
Stopping mysqld: [ OK ]
[root@firewall /]# mysqld_safe –skip-grant-tables &
[1] 3489
[root@firewall /]# 120525 16:11:52 mysqld_safe Logging to ‘/var/log/mysqld.log’.
120525 16:11:53 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
[root@firewall /]# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.1.61 Source distribution
Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.
mysql> use mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> update user set password = password(‘123456′) where user=’root’ and host=’localhost’;
Query OK, 0 rows affected (0.00 sec)
Rows matched: 1 Changed: 0 Warnings: 0
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> quit;
Bye
[root@firewall /]# /etc/init.d/mysqld restart
120525 16:12:34 mysqld_safe mysqld from pid file /var/run/mysqld/mysqld.pid ended
Stopping mysqld: [ OK ]
Starting mysqld: [ OK ]
[1]+ Done mysqld_safe –skip-grant-tables
[root@firewall /]#
Créditos : http://www.dicas-l.com.br/arquivo/bind-chroot_no_centos_5.3.php
——————————————————————————————————————-
If WScript.Arguments.Count > 1 Then
WScript.Echo
WScript.Echo “Usage: cscript “”Clear Event Logs.vbs”” [computer name]”
WScript.Echo
WScript.Quit
End If
Dim strComputer ‘ As String
If WScript.Arguments.Count > 0 Then
strComputer= WScript.Arguments(0)
Else
strComputer= “localhost”
End If
ClearEventLogs strComputer
WScript.Echo “Done”
Private Sub ClearEventLogs( _
strComputer)
WScript.Echo “Clearing event logs on ” & strComputer & “…”
Set objWMIService = GetObject( _
“winmgmts:” & “{impersonationLevel=impersonate,(Backup)}!\\” _
& strComputer & “\root\cimv2”)
Set colLogFiles = objWMIService.ExecQuery( _
“Select * from Win32_NTEventLogFile”)
For Each objLogfile in colLogFiles
ClearEventLog strComputer, objLogfile.LogfileName
Next
End Sub
Private Sub ClearEventLog( _
strComputer, _
strEventLogName)
WScript.Echo “Clearing ‘” & strEventLogName & “‘ event log on ” _
& strComputer & “…”
Set objWMIService = GetObject( _
“winmgmts:” & “{impersonationLevel=impersonate,(Backup)}!\\” _
& strComputer & “\root\cimv2”)
Set colLogFiles = objWMIService.ExecQuery( _
“Select * from Win32_NTEventLogFile where LogFileName='” _
& strEventLogName & “‘”)
For Each objLogfile in colLogFiles
Dim backupFilename
backupFilename= “C:\” & strEventLogName & “_” & GetFormattedTimestamp() _
& “.evt”
errBackupLog = objLogFile.BackupEventLog(backupFilename)
If errBackupLog <> 0 Then
WScript.Echo “The ” & strEventLogName & ” event log on ” _
& strComputer & ” could not be backed up.”
Else
objLogFile.ClearEventLog()
End If
Next
End Sub
Private Function GetFormattedTimestamp()
Dim timestamp
timestamp = Now
GetFormattedTimestamp = Year(timestamp) _
& LPad(Month(timestamp), 2, “0”) _
& LPad(Day(timestamp), 2, “0”) _
& “_” & Replace(FormatDateTime(timestamp, 4), “:”, “”)
End Function
Private Function LPad( _
strValue, _
nLength, _
strPadCharacter)
Dim strPaddedValue
strPaddedValue = strValue
While (Len(strPaddedValue) < nLength)
strPaddedValue = strPadCharacter & strPaddedValue
WEnd
LPad = strPaddedValue
End Function
——————————————————————————————————————-
Link Download : clean-event-viewer.txt
—————————————————————————————————-
C:
del /Q /F /S “F:\WindowsImageBackup.7z”
del /Q /F /S “F:\WindowsImageBackup”
rd /q /s “F:\WindowsImageBackup”
wbadmin start systemstatebackup -backupTarget:f: -quiet
F:\7ZIP\7za.exe a -t7z -y -mx3 “F:\WindowsImageBackup.7z” F:\WindowsImageBackup
del /Q /F /S “F:\WindowsImageBackup”
rd /q /s “F:\WindowsImageBackup”
exit
—————————————————————————————————-
There is a very nice script for Windows dealing with attaching XenServer USB disk to a guest. It can be found here.
This script has several problems, as I see it. The first – this is a Windows batch script, which is a very limited language, and it can handle only a single VDI disk in the SR group called “Removable Storage”.
As I am a *nix guy, and can hardly handle Windows batch scripts, I have rewritten this script to run from Linux CLI (focused on running from the XenServer Domain0), and allowed it to handle multiple USB disks. My assumption is that running this script will map/unmap *all* local USB disks to the VM.
Following downloading this script, you should make sure it is executable, and run it with the arguments “attach” or “detach”, per your needs.
And here it is:
Download usbmap-to-vm.txt
——————————————————————————————-
#!/bin/bash
# This script will map USB devices to a specific VM
# Written by Ez-Aton, http://run.tournament.org.il , with the concepts
# taken from http://jamesscanlonitkb.wordpress.com/2012/03/11/xenserver-mount-usb-from-host/
# and http://support.citrix.com/article/CTX118198
# Variables
# Need to change them to match your own!
REMOVABLE_SR_UUID=d03f247d-6fc6-a396-e62b-a4e702aabcf0
VM_UUID=b69e9788-8cd2-0074-5bc1-63cf7870fa0d
DEVICE_NAMES="hdc hde" # Local disk mapping for the VM
XE=/opt/xensource/bin/xe
function attach() {
# Here we attach the disks
# Check if storage is attached to VBD
VBDS=`$XE vdi-list sr-uuid=${REMOVABLE_SR_UUID} params=vbd-uuids --minimal | tr , ' '`
if [ `echo $VBDS | wc -w` -ne 0 ]
then
echo "Disks are allready attached. Check VBD $VBDS for details"
exit 1
fi
# Get devices!
VDIS=`$XE vdi-list sr-uuid=${REMOVABLE_SR_UUID} --minimal | tr , ' '`
INDEX=0
DEVICE_NAMES=( $DEVICE_NAMES )
for i in $VDIS
do
VBD=`$XE vbd-create vm-uuid=${VM_UUID} device=${DEVICE_NAMES[$INDEX]} vdi-uuid=${i}`
if [ $? -ne 0 ]
then
echo "Failed to connect $i to ${DEVICE_NAMES[$INDEX]}"
exit 2
fi
$XE vbd-plug uuid=$VBD
if [ $? -ne 0 ]
then
echo "Failed to plug $VBD"
exit 3
fi
let INDEX++
done
}
function detach() {
# Here we detach the disks
VBDS=`$XE vdi-list sr-uuid=${REMOVABLE_SR_UUID} params=vbd-uuids --minimal | tr , ' '`
for i in $VBDS
do
$XE vbd-unplug uuid=${i}
$XE vbd-destroy uuid=${i}
done
echo "Storage Detached from VM"
}
case "$1" in
attach) attach
;;
detach) detach
;;
*) echo "Usage: $0 [attach|detach]"
exit 1
esac
——————————————————————————————
Crédito : http://run.tournament.org.il/attach-usb-disks-to-xenserver-vm-guest/
