shell shock漏洞打补丁

砂拉豆

　　主要针对Linux, Mac机器，
　　先按如下步骤检查是否已经被“***”：
　　http://www.linuxbrigade.com/bash ... -find-youve-tested/
　　First, ssh into your server and find your http access logs. Some common places are:
　　cPanel: /usr/local/apache/domlogs/
　　Debian/Apache: ar/log/apache2/
　　CentOS: ar/logtpd/
　　Once you find them, you can cat them, grepping for this pattern:
　　cat access_log |grep "{ :;};"
　　复制代码
　　如果发现已经被***了，赶紧打补丁吧：
　　http://www.linuxnews.pro/patch-bash-shell-shock-centos-ubuntu/
　　For CentOS, Fedora, Red Hat (and the like) users, just type this to update it (yes, there’s already a patch, and you’ll be patched up in about 10 seconds)
　　yum -y update bash
　　复制代码
　　For Debian, Ubuntu (and the like) users, type this to update bash:
　　sudo apt-get update && sudo apt-get install --only-upgrade bash
　　复制代码
　　最后检查是不是补丁打好了：
　　env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
　　复制代码
　　If you see “vulnerable” afterwards, you haven’t patched it.
　　If you see “this is a test”, you’re patched.