quack quack
最近我觉得网络江湖里的一件事挺引大家关注的,那就是小榕决定将乱刀与流光作为免费版本在一段时间后进行发放,同时停止对流光的开发以及与之相关各种问题的答复。 Network of rivers and lakes where I think the last one of the things we are concerned about lead quite that small knife Yung decided to mess with the passing of time as the free version after release and stop the development of the streamer and the various issues associated with reply.
是非自有人评说,我想说的只是:我并不开心。 Non-comment from someone, I just want to say: I am not happy. 诚然如小榕在流光的说明中写的'一个软件的商品价值取决于它的使用价值。 It is true that as a small note in the streamer Rong wrote 'the value of a software product depends on its use value. 您是否注册取决于您是否满意这个产品',在未注册的情况下仅能使用部份功能或者有时间限制,我觉得这无可厚非(当然只要有共享软件,就会有CRACKER,这一点我也觉得是很正常的,但我觉得不可想象的是在网上有人竟会以破解出流光里的一些'秘密'为乐并且有故意生事端的倾向--公布小榕邮件地址、说一些不负责任的话等等。说句实话,我对软件破解者是相当敬重的,但对另一些无聊看客或帮凶则觉得悲哀。 Registration depends on whether you are satisfied with the product you are ', in the case of unregistered or only use part of the function time constraints, I think this is nothing wrong (of course as long as shareware, there will be CRACKER, which I also think is normal, but I think it was inconceivable that the Internet could even break out with some of the streamer in the 'secret' for fun and have a tendency to deliberately fuss - e-mail address released a small fig, said some irresponsible remarks etc. To be honest, I crack the software is a very respected person, but others feel bored spectators or accomplice is sad.
呵呵,对不起大家了,又说题外话,只是有些话如骨哽在喉,不吐不快,又因为这次要讲的就是'流光',当然,从我的角度看,我觉得流光的定位是'安全工具'而非'黑客软件',因为安全工具这种东西本身就是一把双刃剑,如果网管兄弟们因为自己的站点密码太过简单而被攻破然后归罪于因特网上一些免费或共享软件的话,恐怕是有些目光短浅了--因为不管如何优秀的工具,都必须经由系统的漏洞才能夺取权限--如果你管辖的系统存在漏洞而不自知的话,就算没被人'干掉 ',也只是一种暂时的'虚假安全'。 Oh, I'm sorry everyone, and said the way, but there are some things such as bone stuck in throat, speak out, and because of this talk is 'streamer', of course, from my perspective, I think the positioning of streamer 'security tool' rather than 'hacking software', because the thing itself is a security tool that double-edged sword, if the brothers because of their network password is too simple and the site was broken and then blame the Internet for free or share some software, I am afraid that some short-sighted - because no matter how good the tools are to be captured by the system's vulnerability to access - if you are under the jurisdiction of the system is vulnerable without realizing it, even if was not 'kill', but also only a temporary 'false security'.
好了,言归正传。 Well, get down to business.
一、小榕流光使用的简单说明 A small fig brief description of the use of streamer
要谈流光还真找不着感觉——在小榕的帮助文件里已经把软件的使用方法详尽无比地描述过了(强烈建议使用者使用前将帮助文件多读两遍)——我就说三个方面吧——高手完全可以略过的…… Streamer to talk about feeling really could not find - in small Banyan help file has detailed the use of the software described incomparably the (highly recommended to users to read the help files before twice) - I said three aspect of it - experts can skip the ... ...
1、对某FTP主机一次完整的在线安全检测过程 1, on a FTP host a complete online security testing process
A、选定主机:右键单击FTP主机选项,从弹出菜单中选择添加——将目标的IP地址填入,如"210.142.192.13"…… A, the selected host: Right-click the FTP host option from the pop-up menu, select Add - Enter the IP address of the target, such as "210.142.192.13" ... ...
B、选定用户:右键单击该IP地址,可选添加(将想测试的用户名逐个加入)添加方案(可在方案中编辑希望测试的用户名列表)从列表添加(直接从字典文件中导入)及从SMTP主机导入(导入SMTP主机探测到的用户名),假设你想探测的用户名为quack,便直接在"添加"中填入quack。 B, selected users: Right-click the IP address, an optional add (user name will want to test one by one to join) to add the program (can be edited in the program you want to test the user name list) from a list (directly from the dictionary file imported) and imported from the SMTP host (the host to detect import SMTP user name), assuming you want to detect the user name quack, it directly in the "Add" fill quack.
C、选择字典: C, choose a dictionary:
a、简单模式探测:在选项菜单条中对字典及简单模式设置做适当修正以适应本次测试要求,当然你也可以在面板上的单词小写、简单后缀等按钮直接选定。 a, a simple pattern detection: In the Options menu bar set for a dictionary and a simple model to make the appropriate amendments to suit the requirements of this test, of course, you can also lower-case words on the panel, a simple button to directly select a suffix such as.
b、标准模式探测:在"解码字典或方案"中选定某一字典(方案)。 b, standard mode detection: In the "decoding dictionary or programs" in the selection of a dictionary (the program).
D、调整设置:检查选项菜单栏中的系统设置、连接选项和探测选项,将本次测试的各种选项调整至最优。 D, adjust the settings: Check the option in the menu bar system settings, connection options and detection options, this test will be adjusted to a variety of options for the best.
E、开始探测:在“探测”菜单中选定“简单模式”或“标准模式”,开始此次安全检测。 E, began to probe: the "detection" menu select "simple mode" or "standard mode", start the safety testing.
F、注意事项:由于流光的系统占用较高,最好不要再开其它应用程序;在在线检测时可能有时会出现假死机现象,这时你可以通过观察MODEM的RD与SD灯来判断程序是否正常运作。 F, Note: Due to high occupancy streamer system, it is best not to open other applications; in-line detection may sometimes leave the phenomenon of death, then you can observe the MODEM RD and SD lights to determine whether the procedures normal operation.
2、密码字典的选用:在线探测相当耗时,所以一个合适的字典会大大降低你的“检测成本”,流光里的工具菜单栏对生成适合自己使用的字典档是一个相当实用的工具 ——我个人觉得尤其值得使用的是“方案编辑工具”,它能够在你锁定特定用户检测时发挥较大的作用,具体使用帮助文件中写得非常详细,我就不再多说了——当然流光里附带的XKEY也是一个相当不错的字典生成程序。 2, the choice of password dictionary: online detection time-consuming, so a suitable dictionary will greatly reduce your "test cost" in the tool menu bar streamer generation for their own use of the dictionary file is a very useful tool - I personally feel that using a particular "program editor", it can detect when you target specific users play a larger role, the specific use of the help file was written in great detail, I will not repeat them - of course streamer in the accompanying XKEY is a very good dictionary generator.
3、流光其实不仅仅是一个在线安全检测工具——而是一个“工具包”,同时具有以下几个辅助功能 3, the streamer it is not only an online security test tool - but a "tool kit", but also has the following auxiliary function
A、探测主机端口 A, detection of the host port
B、探测主机类型 B, detection of host type
C、FINGER C, FINGER
D、扫描POP3、FTP主机 D, scanning POP3, FTP host
E、验证主机用户 E, verify that the host user
而其主要功能是对POP3、FTP、HTTP、PROXY主机进行在线密码安全检测。 And its main function is POP3, FTP, HTTP, PROXY Host password security for online testing. 所以——一句话,功能强大,试过便知。 So - in short, powerful, tried at a glance.
至于同样原理的在线密码破解软件国内流行的也并不少,如很早以前的emailcrack、wwwhack、网络刺客1以及现在流传很广网络刺客2、 Webcrack、Xavior等等,流光在很大程度上集成了这些软件的功能,但这些软件早期的产品也都缺乏IP隐藏或类似功能,而近期的 Webcrack以及Xavior则都具备从代理服务器端进行探测的功能,我认为这应该是在线探测的一个方向——安全第一嘛——基于此想法,我对流光在探测中会留下的记录进行试验: The same principle of online password cracking software and a lot of domestic popular, such as a long time ago emailcrack, wwwhack, an assassin, and now the network is widely spread network of assassins 2, Webcrack, Xavior, etc., to a large extent integrated streamer These software features, but the software products early to hide the lack of IP or similar function, but the recent Webcrack and Xavior are all available from the proxy server detection feature, I think this should be online detection of the direction - - Safety First Well - based on this idea, I will leave in the streamer in the detection of test records:
对一位网管朋友的WINDOWS2000 Beta3 SERVER Of a network of friends WINDOWS2000 Beta3 SERVER
英文版进行了一番测试,对其上已知的帐号进行密码强攻,经探测得知其FTP端口是开放的,在未预先通知的情况下对其进行攻击,事后打电话询问其记录情况,在EVENT In English carried out some tests, known on account of its password-storm, by detecting that the FTP port is open, without prior notice to its attack, and afterwards called to ask the record of, In the EVENT
VIEWER里有如下信息:WARNING:The server was unable to logon the Windows NT account VIEWER in the following information: WARNING: The server was unable to logon the Windows NT account
'houxiourong' due to the following error: Logon failure: unknown user name 'Houxiourong' due to the following error: Logon failure: unknown user name
or bad password. The data is the error code. or bad password. The data is the error code.
而甚至他告诉我,当我的攻击进行到一半时,他的主机上就弹出了The System log file is And even he told me, when I attack halfway through, his host on the pop-up The System log file is
full.的信息提示框——失败的登陆次数太多以至于其默认为512K的记录文件被撑饱了! full.'s message box - failed login too many times so that the default is 512K of log files are full of support!
所以我要奉劝某些心怀叵测的人们——别做坏事…… So I would advise some of the ulterior motives of the people - do not do bad things ... ...
二、密码设置的基本常识及工具 Second, the password is the basic knowledge and tools to set
1、有关口令的一些统计 1, some statistics about the password
A、数目:在UNIX系统里可以建立多于43,000,000,000,000,000个不同的口令,但如果仅仅组合10种主要语言的字典,加上这些字的反向、大写、简单后缀等一些微小变形,仅能产生不到5,000,000个字……加上一些俚语……也不会超出这个数量级。 A, number: In the UNIX system can create more than 43,000,000,000,000,000 different passwords, but if the only combination of 10 major languages dictionary, with these words of the reverse, uppercase, simple suffixes and some small deformation, can only produce to 5,000,000 plus some slang words ... ... ... ... will not exceed this magnitude.
B、国外某机构在对一个无约束环境的用户口令选择的调查中显示,只有1.4%的用户口令中含有控制符。 B, a foreign body in an unconstrained environment for the user password selection survey showed that only 1.4% of the user password contains control characters.
2、介绍几个工具 2, introduce a few tools
A、CrackLib 简介及应用举例 A, CrackLib Introduction and application example
by JeffreyDong by JeffreyDong
CrackLib 是什么? CrackLib that?
===================== =====================
CrackLib: A ProActive Password Sanity Library CrackLib: A ProActive Password Sanity Library
By: Alec Muffett By: Alec Muffett
Address: alecm@crypto.dircon.co.uk Address: alecm@crypto.dircon.co.uk
CrackLib是一个可用于类UNIX系统下的函数库, 一般来说, 通常只使用其中的一个函数. :-) 它可以用于编写和passwd有关的程序中, 其基本思想是很简单的, 就是防止用户使用过于简单, 容易被猜测出来或容易被一些工具搜索到的密码. CrackLib is a UNIX-like systems can be used for the library, in general, typically use only one function. :-) It can be used in the preparation and passwd for the program, the basic idea is very simple, is to prevent users too simple, easily guessed or easily search for some tools to password.
密码攻击是网络上最为常见的攻击手段. 随着国内计算机用户水平的提高, 有很多人学会了使用工具搜索密码的方法, 由于某些原因, 含有被加密密码的文件会被某些用户获取; 这时, 过于简单的密码就会成为攻击者的突破口. 网上有很多这方面的报道.(我的一个朋友告诉我他曾用一个星期的时间算出了BTA一个管理员的密码. wow! :-P) 通过限制用户使用不安全的密码, 可以提高你的系统的安全性. Password attacks are the most common network attacks. With a higher level of domestic computer users, many people learned to use the tool to search for password method, for some reason, the file containing the encrypted password will be some users to access; At this time, the password is too simple a breakthrough would be attacker. there are many online reports in this regard. (one of my friend told me he had a week to figure out the BTA an administrator password. wow!: - P) by restricting users to use secure password, you can improve your system's security.
CrackLib的特点 CrackLib features
================== ==================
CrackLib并不是一个可以直接运行使用的程序, 它是一个函数库, 你可以利用其中的函数写自己的程序, 或是加入其它程序中, 用来提高安全性. 比如, 你可以重写passwd, 使用户在选择密码时受到限制. CrackLib is not a program can be used directly to run, it is a library, you can use one function to write their own programs, or to join other programs, to improve security for example, you can rewrite passwd, 使the user is restricted in the choice of password.
CrackLib使用一个字典, 它查找字典以判断所选用密码是否是不安全的密码, 所以你也可以加入其它信息, 使用自己的字典.比如, 加入公司的名称, 实验室墙上的单词等等潜在的不安全密码. CrackLib use a dictionary to find the password selected for the dictionary to determine whether the password is not secure, so you can also add other information, use your own dictionary, for example, joined the company's name, word, and so the laboratory wall potential secure password.
CrackLib的使用非常简单, 它可以被应用于很多地方, 只需加入简单的几行源码, 就可以得到非常好的效果. CrackLib very simple to use, it can be used in many places, simply add a few lines of simple code, you can get very good results.
CrackLib的安装 CrackLib installation
================== ==================
CrackLib 可以很容易的在Internet上找到, 我现在使用的版本是2.7, 跑在我的i586/RedHat Linux和i386/Slackware Linux上. 如果你无法找到它的话, 赶紧去补一补如何在Internet上查找特定的软件吧, 因为这是一项非常重要的基本功. CrackLib can be easily found on the Internet, I am now using version 2.7, running on my i586/RedHat Linux and i386/Slackware Linux on if you can not find it, then rush to mend how to find on the Internet specific software it, because it is a very important basic skills.
CrackLib好象没有什么文档, 这也是GNU急需加强的地方. 但是它的安装非常简单, 只要按照README文件中所叙述的就可以了.如果你用的distribution中包含了这个包, 那它说不定已经安装在你的机器上了, 如RedHat 5.1等. :-) CrackLib if there is no document, which is the urgent need to strengthen the GNU place, but its installation is very simple, just follow the README file can be described in a, if you use the distribution includes this package, then it might have been installed on your machine, such as RedHat 5.1, etc. :-)
需要注意的是, 不同版本中一些文件所处的目录位置不同, 你要先确定它们所处的位置. 比如, 在RedHat 5.1中, 字典是在/usr/lib/中, 文件名为cracklib_dict.*, 而不是README中所举例的/usr/local/lib/pw_dict.* Note that different versions of the directory where some files in different positions, you must first determine their location for example, in RedHat 5.1, the dictionary is in / usr / lib /, the file name cracklib_dict .* , rather than the README in the example of the / usr / local / lib / pw_dict .*
应用举例 Application examples
============ ============
这里我举一个很简单的例子, 试图用很短的篇幅来说明用法. Here I give a very simple example, tried to explain a very short space usage.
char *FascistCheck(char *pw, char *dictpath); char * FascistCheck (char * pw, char * dictpath);
这是CrackLib中最常用的函数. pw是用户选择的密码, 你要去验证它是不是不安全的.dictpath是字典所在路径, 注意, 要把文件名中"."之前的部分加上. This is the most commonly used functions CrackLib. Pw is the user-selected password, you're going to verify that it is unsafe. Dictpath is the path dictionary, note that should the file name "." With the part before.
以RedHat 5.1为例, 假设你已正确的安装了CrackLib 2.7和FireBird BBS 2.66M. 让我们来看看如何把CrackLib加入BBS中去. :-) To RedHat 5.1 as an example, assume that you have correctly installed the CrackLib 2.7 and FireBird BBS 2.66M. Let us see how CrackLib to join the BBS :-)
首先, 改写bbs_src目录下的register.c: First, rewrite bbs_src directory register.c:
/* ----------- begin ---------- */ / * ----------- Begin ---------- * /
char *msg; char * msg;
/* ----------- end ---------- */ / * ----------- End ---------- * /
...... ......
while( 1 ) { while (1) {
getdata(0,0,"请设定您的密码(Setup Password): ",passbuf,PASSLEN,NOECHO,YEA) ; getdata (0,0, "Please set your password (Setup Password):", passbuf, PASSLEN, NOECHO, YEA);
if( strlen( passbuf ) < 4 || !strcmp( passbuf, newuser.userid ) ) { if (strlen (passbuf) <4 | |! strcmp (passbuf, newuser.userid)) {
prints("密码太短或与使用者代号相同, 请重新输入\n") ; prints ("password too short or the same user ID, please re-enter \ n");
continue; continue;
} }
/* ----------- begin ---------- */ / * ----------- Begin ---------- * /
if (msg = (char*) FascistCheck(passbuf, CRACKLIBPATH)) { if (msg = (char *) FascistCheck (passbuf, CRACKLIBPATH)) {
printf("请另选密码! (%s)\n",msg); printf ("Please choose another password! (% s) \ n", msg);
continue; continue;
} }
/* ----------- end ---------- */ / * ----------- End ---------- * /
strncpy( newuser.passwd, passbuf, PASSLEN ); strncpy (newuser.passwd, passbuf, PASSLEN);
getdata(0,0,"请再输入一次你的密码(Reconfirm Password): getdata (0,0, "Please enter your password again (Reconfirm Password):
",passbuf,PASSLEN,NOECHO,YEA); ", Passbuf, PASSLEN, NOECHO, YEA);
if( strncmp( passbuf, newuser.passwd, PASSLEN ) != 0 ) { if (strncmp (passbuf, newuser.passwd, PASSLEN)! = 0) {
prints("密码输入错误, 请重新输入密码.\n") ; prints ("password input error, please re-enter the password. \ n");
continue; continue;
} }
passbuf[8] = '\0' ; passbuf [8] = '\ 0';
strncpy( newuser.passwd, genpasswd( passbuf ), PASSLEN ); strncpy (newuser.passwd, genpasswd (passbuf), PASSLEN);
break; break;
} }
begin和end注释所夹部分为改动处, 下同. Note the clip begin and end at the part changes, the same below.
接着改写bbs_src目录下的userinfo.c: Then rewrite bbs_src directory userinfo.c:
/* ----------- begin ---------- */ / * ----------- Begin ---------- * /
char *msg; char * msg;
/* ----------- end ---------- */ / * ----------- End ---------- * /
...... ......
getdata(i++,0,"请设定新密码: ",buf,PASSLEN,NOECHO,YEA); getdata (i + +, 0, "Please set a new password:", buf, PASSLEN, NOECHO, YEA);
if( buf[0] == '\0' ) { if (buf [0] == '\ 0') {
prints("\n\n密码设定取消, 继续使用旧密码\n"); prints ("\ n \ n password is set to cancel, continue to use the old password \ n");
fail++; fail + +;
break; break;
} }
strncpy(genbuf,buf,PASSLEN) ; strncpy (genbuf, buf, PASSLEN);
/* ----------- begin ---------- */ / * ----------- Begin ---------- * /
if (msg = (char*) FascistCheck(buf, CRACKLIBPATH)) { if (msg = (char *) FascistCheck (buf, CRACKLIBPATH)) {
printf("\n请另选密码! (%s)\n", msg); printf ("\ n Please choose another password! (% s) \ n", msg);
prints("\n密码设定取消, 继续使用旧密码\n"); prints ("\ n password set to cancel, continue to use the old password \ n");
fail++; fail + +;
break; break;
} }
/* ----------- end ---------- */ / * ----------- End ---------- * /
getdata(i++,0,"请重新输入新密码: ",buf,PASSLEN,NOECHO,YEA); getdata (i + +, 0, "Please re-enter new password:", buf, PASSLEN, NOECHO, YEA);
if(strncmp(buf,genbuf,PASSLEN)) { if (strncmp (buf, genbuf, PASSLEN)) {
prints("\n\n新密码确认失败, 无法设定新密码。\n"); prints ("\ n \ n failed to confirm the new password, you can not set a new password. \ n");
fail++; fail + +;
break; break;
} }
接着在bbs.h中加入: Then add in bbs.h:
#ifndef CRACKLIBPATH # Ifndef CRACKLIBPATH
#define CRACKLIBPATH "/usr/lib/cracklib_dict" # Define CRACKLIBPATH "/ usr / lib / cracklib_dict"
#endif # Endif
注意这里是字典所处的位置. Note that this is the location of the dictionary.
最后改动bbs的Makefile: Finally, changes bbs's Makefile:
OS_DEF = -DLINUX -DTERMIOS OS_DEF =-DLINUX-DTERMIOS
CC = gcc CC = gcc
CFLAGS = -O2 CFLAGS =-O2
/* ----------- begin ---------- */ / * ----------- Begin ---------- * /
LIBS = -ltermcap -lbsd -lcrack LIBS =-ltermcap-lbsd-lcrack
/* ----------- end ---------- */ / * ----------- End ---------- * /
然后make, make install就可以了. :-) 很简单, 不是吗? Then make, make install on it. :-) Very simple, is not it?
注意:本段关于cracklib的说明转载于[网络工作室] Note: This paragraph of the note is reproduced on cracklib [Network Studios]
B、Proactive Checking B, Proactive Checking
这个程序能在输入口令时进行一系列的口令检查,这会对避免不安全口令出现于你的系统有帮助作用。 This program can enter a password when a password check, this will avoid unsafe passwords appear in your system helpful. 它与一般的shadow和NIS(也就是yellow page)口令系统共同工作。 With the general shadow and NIS (that is, yellow page) password systems work together.
C、Shadow C, Shadow
这个程序取代了原来系统的口令保护机制,它将/etc/passwd文件中的口令信息转移到文件/etc/shadow中,还有一些如口令到期机制、允许16字符口令等功能。 This program replaces the original system password protection mechanisms, it / etc / passwd file, the password information to a file / etc / shadow, there are some, such as password expiration mechanism that allows 16-character passwords and other functions.
D、Passwd+ D, Passwd +
这是一个典型的增强型口令系统。 This is a typical enhanced password system.
三、应有的措施及其基本知识 Third, should the measures and their basic knowledge
1、日志文件 1, the log file
大多数日志文件都是由系统一行接着一行写入的文本文件。 Most log files are written by the system line by line text file. 比如sulog会记录用户使用su命令试图进入系统的情况,在sulog文件尾部附加一条信息,以记录su命令是否被成功使用。 For example sulog will record the user attempts to enter the system using the su command to the situation, attach one end of the sulog file information, to record the su command is being used successfully.
不同版本的UNIX系统存放日志文件的目录不同,常见目录如下: Different versions of the UNIX system log files stored in different, common directories as follows:
/usr/adm 早期的UNIX系统 / Usr / adm early UNIX systems
/var/adm 较新版本的UNIX系统 / Var / adm newer version of the UNIX system
/var/log 用于Solaris\Linux\BSD等系统中 / Var / log for Solaris \ Linux \ BSD and other systems
在这些目录或其子目录下,你可以找到下列文件 In these directories or subdirectories, you can find the following files
acct 或pacct 记录每个用户使用过的命令 acct or pacct used to record each user's command
aculog 拨出“猫”的记录 aculog set aside the "cat" record
lastlog 记录用户最后一次成功登陆时间及最后一次失败登陆时间 lastlog record user last login time and last successful login time failed
loginlog 不良登陆记录 loginlog bad log record
messages 输出到主控台及由syslog系统服务程序产生的消息 messages output to the console and the syslog messages generated by the system service program
sulog su的使用情况 sulog su usage
utmp 记录当前登陆的每个有户 utmp records are current users of each landing
utmpx 扩展的utmp utmpx utmp expansion
wtmp 记录每一次用户登陆和注销的历史信息及系统开关信息 wtmp records every user login and logout of the historical information and information systems switch
wtmpx 扩展wtmp wtmpx expansion wtmp
vold.log 使用外部介质产生的错误 vold.log error generated using external media
xferlog FTP存取情况 xferlog FTP access situation
2、定期运行如crack之类的口令破解程序以检查系统中是否存在弱帐户。 2, such as crack and the like regularly run password cracking program to check whether there is a weak system account. (抱歉呀,懒劲又犯了,只想着如何早些结束这篇文章……就这样了吧……) (Sorry ah, lazy strength it again, just how early the end of this article ... ... it ... so ...)
3、安装如COPS(Computer Oracle and Password System)等系统安全检查软件包,它可以检查系统上的各种文件和软件的配置,以判断系统是否被入侵者攻破,并且能够检查文件的访问权限设置是否正确,以保证系统安全级别的一致性。 3, installation, such as COPS (Computer Oracle and Password System) software package such as system security checks, it can check all files on the system and software configurations to determine whether the system is compromised by an intruder, and can check the file access permissions are correct to ensure the security level of consistency. 当然还有普通用户的COPS包,它会针对某个用户的所有文件进行一致性检查,之后向用户发送相应的邮件以提示是否存在安全问题。 Of course there are regular users of the COPS package, it will be all the files for a user, a consistency check, and then to send the appropriate messages to prompt the existence of security problems.
这样一番描述,不知是否讲得清楚——无所谓了……我睡觉去 So some description, I do not know whether speak clearly - do not care ... I go to sleep
Tidak ada komentar:
Posting Komentar