三.mail空壳 apache

所向无敌

　　一.####mail 空壳邮件####
配置文件 (maillinux.linux.com)
---------------------------------
19 zone "localhost" IN {
20         type master;
21         file "named.localhost";
22         allow-update { none; };
23 };
24
25 zone "westos.org" IN {
26         type master;
27         file "westos.org.zone";
28         allow-update { none; };
29 };
---------------------------------
cp -p named.localhost westos.org.zone
vim /etc/named/westos.org.zone
--------------------------------------------------------
  1 $TTL 1D
  2 @       IN SOA  dns.westos.com. root.westos.org. (
  3                                         0       ; serial
  4                                         1D      ; refresh
  5                                         1H      ; retry
  6                                         1W      ; expire
  7                                         3H )    ; minimum
  8                 NS      dns.westos.org.
  9 dns             A       172.25.254.100
10 westos.org.     MX 1    172.25.254.100.
--------------------------------------------------------                                             
rm -fr /etc/postfix/main.cf
yum reinstall postfix.x86_64 -y
vim /etc/postfix/main.cf
----------------------------------------------
75 myhostname = maillinux.linux.com
83 mydomain = linux.com
98 myorigin = westos.org
113 inet_interfaces = all
116 #inet_interfaces = localhost
164 mydestination =
313 relayhost = 172.25.254.100  ##间接发送 ip为接受地址
140 local_transport = error:local delivery disabled
----------------------------------------------
systemctl restart postfix.service
systemctl start named


在(mailwestos.westos.com)
vim /etc/postfix/main.cf
264 mynetworks = 172.25.254.0/24
systemctl restart postfix.service

www.extmail.org 邮件系统
lamp=linux apache mysql php   lnmp=linux nginx mysql php




二. curl 查看网站信息
curl -I  www.baidu.com
yum install nmap   著名***软件（侵入系统）

server: tengine


三.#### apache ####
1.httpd
yum install httpd -y
cd /var/www/html/
vim index.html
page 123
rpm -qc httpd
/etc/httpd/conf.d/autoindex.conf
/etc/httpd/conf.d/userdir.conf
/etc/httpd/conf.d/welcome.conf
/etc/httpd/conf.modules.d/00-base.conf
/etc/httpd/conf.modules.d/00-dav.conf
/etc/httpd/conf.modules.d/00-lua.conf
/etc/httpd/conf.modules.d/00-mpm.conf
/etc/httpd/conf.modules.d/00-proxy.conf
/etc/httpd/conf.modules.d/00-systemd.conf
/etc/httpd/conf.modules.d/01-cgi.conf
/etc/httpd/conf/httpd.conf
/etc/httpd/conf/magic
/etc/logrotate.d/httpd
/etc/sysconfig/htcacheclean
/etc/sysconfig/httpd

vim /etc/httpd/conf/httpd.conf
----------------------------------
163
164     DirectoryIndex index.html
165
----------------------------------
##不用修改
用firefox测试  172.25.254.100/index.html



###修改firefox的默认目录###
[root@mailwestos html]# yum install httpd-manual -y
[root@mailwestos html]# ls -Zd .    ##表示列出文件的安全信息内容
drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 .
[root@mailwestos html]# mkdir /www/westos -p
[root@mailwestos html]# semanage fcontext -a -t httpd_sys_content_t '/www/westos(/.*)?'  
[root@mailwestos html]# restorecon -RvvF /www/
restorecon reset /www context unconfined_u:object_r:default_t:s0->system_u:object_r:default_t:s0
restorecon reset /www/westos context unconfined_u:object_r:default_t:s0->system_u:object_r:httpd_sys_content_t:s0
[root@mailwestos html]# cd /www/westos/
[root@mailwestos westos]# ls
[root@mailwestos westos]# vim index.html
------------------
网站内容……
------------------
[root@mailwestos westos]# ls -Z
-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 index.html
[root@mailwestos westos]# semanage fcontext -a -t httpd_sys_content_t '/www/westos(/.*)?'

vim /etc/httpd/conf/httpd.conf
--------------------------------
119 #DocumentRoot "/var/www/html"
120 DocumentRoot "/www/westos"
121
122         require all granted
123
42 Listen 80   ##监听端口 默认为80
-------------------------------
systemctl restart httpd
systemctl reload httpd


####网站登陆ip限制####
vim /etc/httpd/conf/httpd.conf
------------------------------
119 #DocumentRoot "/var/www/html"
120 DocumentRoot "/www/westos"
121
122         require all granted
123         Order Allow,Deny          ##注意读取的顺序
124         Deny from ALL
125         Allow from 172.25.254.250 172.25.254.1
---------------------------------------------


####用户认证登录####
cd /etc/httpd/
ls
conf  conf.d  conf.modules.d logs  modules  run

htpasswd -cm htpasswdfile westos  ##创建登录web的用户 首次加上"-c"
htpasswd -m htpasswdfile admin    ##创建其他登录用户  不用加"-c",否则覆盖第一次创建的用户

ls
conf  conf.d  conf.modules.d  htpasswdfile  logs  modules  run
cat /etc/httpd/htpasswdfile
westos:$apr1$N2tH2dYs$KF7NFjH/OPn.lt.axBc4d.
admin:$apr1$VKKy4N9E$wDUCX1F.fpOfOMVQ6VOPh.

vim /etc/httpd/conf/httpd.conf
-----------------------------------------------------------
120 DocumentRoot "/www/westos"
121
122         #require all granted
123         AllowOverride All
124         Authuserfile /etc/httpd/htpasswdfile
125         Authname "Please input username and password"
126         Authtype basic
127         Require valid-user
128
-----------------------------------------------------------

vim /etc/hosts
6 172.25.254.100 mailwestos.westos.com   ##域名解析
mkdir /var/www/virtual/news.westos.com/html -p
mkdir /var/www/virtual/music.westos.com/html -p
在测试主机上 修改/etc/hosts
172.25.254.100 www.westos.com westos.com news.westos.com music.westos.com

vim /etc/httpd/conf.d/default
  1
  2         Documentroot //var/www/html
  3         Customlog "logs/default.log" combined
  4
  5
  6         Require all granted
  7

vim /etc/httpd/conf.d/music.conf
  1
  2         Servername music.westos.com
  3         Documentroot /var/www/virtual/music.westos.com/html
  4         Customlog "logs/music.log" combined
  5
  6
  7         Require all granted
  8

vim /etc/httpd/conf.d/news.conf
同上


2.配置https
yum install mod_ssl -y
yum search util
yum install crypto-utils
genkey www.westos.com
进入选项模式

　　

　　
最终出现：
-------------------------------------------------------------------------------
/usr/bin/keyutil -c makecert -g 1024 -s "CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN" -v 1 -a -z /etc/pki/tls/.rand.4813 -o /etc/pki/tls/certs/www.westos.com.crt -k /etc/pki/tls/private/www.westos.com.key
cmdstr: makecert

cmd_CreateNewCert
command:  makecert
keysize = 1024 bits
subject = CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN
valid for 1 months
random seed from /etc/pki/tls/.rand.4813
output will be written to /etc/pki/tls/certs/www.westos.com.crt  ##证书
output key written to /etc/pki/tls/private/www.westos.com.key    ##公钥


Generating key. This may take a few moments...

Made a key
Opened tmprequest for writing
/usr/bin/keyutil Copying the cert pointer
Created a certificate
Wrote 882 bytes of encoded data to /etc/pki/tls/private/www.westos.com.key
Wrote the key to:
/etc/pki/tls/private/www.westos.com.key
------------------------------------------------------------------------------

vim /etc/httpd/conf.d/ssl.conf
------------------------------------------------------------------------------
100 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt       ##证书
101
102 #   Server Private Key:
103 #   If the key is not combined with the certificate, use this
104 #   directive to point at the key file.  Keep in mind that if
105 #   you've both a RSA and a DSA private key you can configure
106 #   both in parallel (to also allow the use of DSA ciphers, etc.)
107 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key  ##公钥
------------------------------------------------------------------