Linux vulnerability mining
a new customer recently consulted with sine security company, saying that his server often fails to open the website of the card, and the remote connection to the server is extremely slow. Sometimes the Ping value reaches 300-500, and he often switches. After listening to the customer's words,
will generally judge that he has been attacked by CC + DDoS mixed traffic, It's strange to say that there is no traffic attack on the computer room. It's not a traffic attack, but it also causes the server card and website to fail to open. What kind of attack is this? In order to solve the problem of
client server card, we immediately arranged a security engineer to carry out security detection and deployment on his Linux server
{rrrrrrr}
Mining Trojan horse is also designed. If the mining process is forced to stop by customers, it will automatically start to continue mining to achieve uninterrupted mining.
careful inspection shows that it is through setting the hourly task plan, remotely downloading shell mining Trojan horse, and then executing, Check whether the current process exists or not. If not, start the Trojan horse to mine
a detailed security inspection was carried out on the client's Linux server. It was found that fortunately, there was no encrypted server data, and the worm was infected with the disease through the security detection and analysis of our security engineers, we found that the server uses Apache Tomcat environment, the open architecture of the platform is JSP + Oracle database, and Apache Tomcat uses the version of 2016, which leads to the serious remote command execution vulnerability of Apache, Through this vulnerability, the intruder can directly invade the server and get the administrator permission of the server,
virus. If the data was encrypted, the loss would be great. The client was a platform, and the client's data was very important. After finding out the mining Trojan horse,
do customers need to know how the server is attacked? Was the Trojan horse uploaded? It can prevent the attack
in the later stage
sine security engineer immediately repairs the Apache vulnerability and clears the Trojan horse. So far, the problem has been solved, the client server
runs stably, and the network station opens normally
Yes
please refer to the following tutorial:
Mining with idle Linux server
Mining tutorial of Ethereum Linux system
installation of zcash under Linux to start mining tutorial
Yes, why not. Moreover, it is easy to operate and has the following advantages:
< UL >it is more stable and easy to maintain
the cost of system resources is small (that is, the hardware requirements are not high), and the mining cost is saved
the installation and debugging are simple, and the technical threshold is lower
full open source system, free legal edition, more stable and further save mining cost? In fact, you only need two steps to mine under Linux system:
open the website, enter the mobile phone number, select how many CPUs you want to use to mine, the default is to use 50% of the CPU to mine, click to generate your exclusive command and
is such a simple operation
open the website, enter the mobile phone number, select how many CPU you want to use to mine, the default is to use 50% of the CPU for mining, click to generate your exclusive command and
enter the console paste command, and click Run
is such a simple operation.
uses the service of the Hauser miners, uses your mobile phone number to mine in Linux, and then presents them on the website via mobile phone, and directly presents to Alipay. The specific operation steps are as follows:
how to use Linux system to mine and use the service to the Harbin miners, only two steps can be used to mine the Linux system. p> < UL >
open the website, enter the mobile phone number, select how many CPUs you want to use to mine, the default is to use 50% CPU to mine, click to generate your exclusive command and
only two steps, you can mine on Linux system, the money you dig only needs to go to the website of hayu miner, enter your mobile phone number to withdraw
I don't quite understand why there are so few Linux vulnerabilities and so many windows vulnerabilities_ Tuladin_ Internet post bar:
Web link
for the system itself, the bugs are almost fixed, the local overflow is OK, and the remote attack is almost impossible
for example, only web services are open, and the external port is only 80. If there is no buffer vulnerability in the server software, I haven't thought of any way to break through the system, and DOS doesn't count
even if the buffer is successful, most of them are ordinary users. To get root, it depends on whether the system has local overflow vulnerabilities..