iptables prevent nmap scanning

Nmap You can complete the following tasks ：

         Host detection 
         Port scanning 
         Version checking 
         System detection 
         Support the writing of detection script 

Nmap In practice, the applications are as follows ：

         Audit the security of a device or firewall by detecting it 
         Detect the open port of the target host 
         Audit network security by identifying new servers 
         Detect hosts on the network 

stay Iptables Configuring these commands on can effectively prevent nmap scanning

[[email protected] goaccess-1.5.4]# iptables -t filter -I INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -j REJECT
[[email protected] goaccess-1.5.4]# iptables -t filter -I INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j REJECT
[[email protected] goaccess-1.5.4]# iptables -t filter -I INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j REJECT
[[email protected] goaccess-1.5.4]# iptables -t filter -I INPUT -p tcp --tcp-flags ALL SYN -j REJECT
[[email protected] goaccess-1.5.4]# iptables -t filter -R INPUT 1 -s 192.168.80.138 -p tcp --dport 1: --tcp-flags ALL ACK -j REJECT 

We use kali Tool execution nmap Function scan , Check whether effective defense is achieved


From the above phenomena, we can see that it can effectively prevent nmap Scan .

binlog

1、 Simple understanding binlog

MySQL Binary log binlog Can be said to be MySQL The most important log , It records everything DDL(create alter drop) and DML sentence （ In addition to data query statements select）, Record as an event , It also contains the time consumed by statement execution ,MySQL The binary log of is transaction safe .

DDL

  \- Data Definition Language  Database definition language 

The main orders are CREATE、ALTER、DROP etc. ,DDL Mainly used to define or change tables （TABLE） Structure , data type , The initialization of links and constraints between tables , Most of them use it when creating tables .

DML

  \- Data Manipulation Language  Data manipulation language 

The main order is SELECT、UPDATE、INSERT、DELETE, Just like its name , this 4 Command is the language used to operate the data in the database

mysqlbinlog The common options are as follows ：

--start-datetime： Reads the specified time equal to or later than the local server from the binary log 
--stop-datetime： Read the specified time from the binary log that is less than the timestamp or equal to the time of the local server   The value is the same as above 
--start-position： Read the specified... From the binary log position  The location of the event as the beginning .
--stop-position： Read the specified... From the binary log position  The location of an event as of 

Generally speaking, turn on binlog There will probably be 1% Loss of performance .

2、binlog Two of the most important usage scenarios of logs

1）MySQL Master slave copy ：MySQL Replication stay Master End open binlog,Master Pass its binary log to slaves In order to achieve master-slave Data consistent purpose .
2） Naturally, it's data recovery , By using mysqlbinlog Tools to recover data .

3、binlog The log includes two types of files

1） Binary log index file （ The file name suffix is .index） Used to record all binary files
2） Binary log file （ The file name suffix is .00000*） Record everything in the database DDL and DML( In addition to data query statements select) Statement event .

4、 Turn on binlog Log function

1） Edit open mysql The configuration file

The file location is /etc/mysql/mariadb.conf.d/50-server.cnf

[[email protected] ~]# vim /etc/mysql/mariadb.conf.d/50-server.cnf

stay [mysqld] Block add

log-bin=mysql-bin  Make sure it's on (mysql-bin  Is the base name or prefix name of the log )

Be careful ： Every time the server （ database ） restart , The server will call flush logs;, Create a new binlog journal ！

2） restart mysqld Service makes configuration effective

[[email protected] ~]# /etc/init.d/mysqld stop
[[email protected] ~]# /etc/init.d/mysqld restart
Stopping mysqld: [ OK ]
Starting mysqld: [ OK ]

3） see binlog Whether the log is on

mysql> show variables like 'log_%';
+---------------------------------+---------------------+
| Variable_name | Value |
+---------------------------------+---------------------+
| log_bin | ON |
| log_bin_trust_function_creators | OFF |
| log_bin_trust_routine_creators | OFF |
| log_error | /var/log/mysqld.log |
| log_output | FILE |
| log_queries_not_using_indexes | OFF |
| log_slave_updates | OFF |
| log_slow_queries | OFF |
| log_warnings | 1 |
+---------------------------------+---------------------+
9 rows in set (0.00 sec)

5、 frequently-used binlog Log operation command

1） View all binlog Log list

mysql> show master logs;
+------------------+-----------+
| Log_name | File_size |
+------------------+-----------+
| mysql-bin.000001 | 149 |
| mysql-bin.000002 | 4102 |
+------------------+-----------+
2 rows in set (0.00 sec)

2） see master state

In the end ( newest ) One binlog The number and name of the log , And the last operational event pos The end point (Position) value

mysql> show master status;
+------------------+----------+--------------+------------------+
| File | Position | Binlog_Do_DB | Binlog_Ignore_DB |
+------------------+----------+--------------+------------------+
| mysql-bin.000002 | 4102 | | |
+------------------+----------+--------------+------------------+
1 row in set (0.00 sec)

3）flush Refresh log journal

Since then, a new number of binlog Log files

mysql> flush logs;
Query OK, 0 rows affected (0.13 sec)

mysql> show master logs;
+------------------+-----------+
| Log_name | File_size |
+------------------+-----------+
| mysql-bin.000001 | 149 |
| mysql-bin.000002 | 4145 |
| mysql-bin.000003 | 106 |
+------------------+-----------+
3 rows in set (0.00 sec)

Be careful ：
whenever mysqld When the service is restarted , This command will be executed automatically , Refresh binlog journal ; stay mysqldump Add... When backing up data -F Options will also refresh binlog journal ;

4） Reset ( Empty ) all binlog journal

mysql> reset master;
Query OK, 0 rows affected (0.12 sec)

mysql> show master logs;
+------------------+-----------+
| Log_name | File_size |
+------------------+-----------+
| mysql-bin.000001 | 106 |
+------------------+-----------+
1 row in set (0.00 sec)

6、 see binlog Log contents ,

There are usually two ways

1） Use mysqlbinlog Check the command law with you

Be careful ：
–>binlog It's binary , Normal file viewer cat、more、vim Can't open it , You must use your own mysqlbinlog Command view .
–>binlog The log is in the same directory as the database file .
–> stay MySQL5.5 The following versions use mysqlbinlog If an error is reported in the order , Just add “–no-defaults” Options .

2） A more convenient query command

The first method is read out binlog The full-text content of the log is more , It's not easy to distinguish and see pos Some information
Here is a more convenient query command ：
Command format ：

mysql> show binlog events [IN 'log_name'] [FROM pos] [LIMIT [offset,] row_count];

Parameter interpretation ：
IN ‘log_name’ ： Specify the binlog file name ( No designation is the first binlog file )
FROM pos ： Specify from which pos Start from ( Do not specify is from the entire file first pos Start at )
LIMIT [offset,] ： Offset ( No designation is 0)
row_count ： Total number of queries ( Not specifying is all lines )

7、 utilize binlog Log recovery mysql data

The following for ops Library member Table operation

mysql> use ops;
mysql> CREATE TABLE IF NOT EXISTS `member` (
-> `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
-> `name` varchar(16) NOT NULL,
-> `sex` enum('m','w') NOT NULL DEFAULT 'm',
-> `age` tinyint(3) unsigned NOT NULL,
-> PRIMARY KEY (`id`)
-> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Query OK, 0 rows affected (0.10 sec)

mysql> show tables;
+---------------+
| Tables_in_ops |
+---------------+
| member |
+---------------+
1 row in set (0.00 sec)

mysql> desc member;
+---------+---------------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+---------+---------------------+------+-----+---------+----------------+
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
| name | varchar(16) | NO | | NULL | |
| sex | enum('m','w') | NO | | m | |
| age | tinyint(3) unsigned | NO | | NULL | |
| classid | char(6) | YES | | NULL | |
+---------+---------------------+------+-----+---------+----------------+
5 rows in set (0.00 sec)

Insert two pieces of data in advance

mysql> insert into member(`name`,`sex`,`age`,`classid`) values('wangshibo','m',27,'cls1'),('guohuihui','w',27,'cls2');
Query OK, 2 rows affected (0.08 sec)
Records: 2 Duplicates: 0 Warnings: 0
mysql> select * from member;
+----+-----------+-----+-----+---------+
| id | name | sex | age | classid |
+----+-----------+-----+-----+---------+
| 1 | wangshibo | m | 27 | cls1 |
| 2 | guohuihui | w | 27 | cls2 |
+----+-----------+-----+-----+---------+
2 rows in set (0.00 sec)

Parameter description ：
-B： Specify database
-F： Refresh the log
-R： Backup stored procedures, etc
-x： Lock table
–master-data： Add... To the backup statement CHANGE MASTER Statements and binlog File and location information

Wait until the database backup is complete , You don't have to worry about data loss , Because there's full backup data in ！！