易栈网-膘叔（Neatstudio.COM）

易栈网-膘叔

determine the MaxClient

disable “AllowOverride”

非官方winscp、putty、ssh secure等工具含有后门

查看/修改Linux时区和时间

一些基于xmpp的server列表

ubuntu下最简单的更改时区

转：apache一个优化小技巧

determine the MaxClient

disable “AllowOverride”

日志分类

热门标签

日志归档

搜索文章

最新评论

博客信息

友情链接

近期这样的新闻让人真头疼，现在都开始直接找源头了，不在象以前给普通人装装木马啥的就完了。
同时，我在想，上次的密码被爆，是否也是由于这个原因呢？
哎，网络是越来越不安全了，这样的汉化版被加了木马，那么，那么那些定制化的LINUX是否也被加入呢？毕竟以前蕃茄花园就曾曝光过类似的问题，估计以后一段时间，大家对这些汉化的东西又要开始小心奕奕了。

怪不得现在的下载站，都写着无木马认证，无XXX认证之类的。
----
非官方winscp和putty等软件内置后门相关媒体报道：
http://www.cnbeta.com/articles/170964.htm
http://it.sohu.com/20120131/n333327684.shtml
----
最后也可以google一下，关键字：番茄花园后门
URL：https://www.google.com/search?q=%E7%95%AA%E8%8C%84%E8%8A%B1%E5%9B%AD+%E5%90%8E%E9%97%A8&ie=utf-8&oe=utf-8&aq=t

原来我也写过一两篇，但真的不够详细，这一篇我复制过来的，比较详细，还是以这个为准吧：

原文地址是：http://tech.ddvip.com/2009-05/1242293722119123.html

　　一、时区

　　1. 查看当前时区

　　date -R

　　2. 修改设置时区

　　方法(1)

　　tzselect

　　方法(2) 仅限于RedHat Linux 和 CentOS

　　timeconfig

　　方法(3) 适用于Debian

　　dpkg-reconfigure tzdata

　　3. 复制相应的时区文件，替换系统时区文件；或者创建链接文件

　　cp /usr/share/zoneinfo/$主时区/$次时区 /etc/localtime

　　在中国可以使用：

　　cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

　　二、时间

　　1、查看时间和日期

　　date

　　2、设置时间和日期

　　将系统日期设定成1996年6月10日的命令

　　date -s 06/22/96

　　将系统时间设定成下午1点52分0秒的命令

　　date -s 13:52:00

　　3. 将当前时间和日期写入BIOS，避免重启后失效

　　hwclock -w

　　三、定时同步时间

　　* * * * * /usr/sbin/ntpdate 210.72.145.44 > /dev/null 2>&1

在xmpp的官网上，有一个基于xmpp协议的服务器的列表，其中有一些是开源的，当然也有商业的。所以，如果你需要自己架设xmpp服务器，可以考虑搞一款开源的（可以用来做内部聊天室，内部联络方式，也不用担心这些帐号会遗失之类的。）
官网的地址在这里：http://xmpp.org/xmpp-software/servers/
懒得移步的人，可以直接看下面的地址，当然要注意其中哪些是商业版的哪些是开源的。
嗯，大部分都是java的。如果你用win服务器就太轻松了。

Name	Platform(s)	License	Details
Apache Vysper	Windows / Linux	Apache License Version 2.0	mina.apache.org
Citidel	Linux	GPL3	citadel.org
CommuniGate Pro	Linux / Mac OS X / Windows	Commercial	communigate.com
djabberd	Linux	GPL3	danga.com
ejabberd	Linux / Mac OS X / Solaris / Windows	GPL2	process-one.net
IceWarp	Linux / Windows	Commercial	icewarp.com
iChat Server	Mac OS X	Commercial	apple.com
in.jabberd	Linux	GPL2	inetdxtra.sourceforge.net
Isode M-Link	Linux / Solaris / Windows	Commercial	isode.com
jabberd 1.x	Linux	GPL2	jabberd.org
jabberd 2.x	Linux / Solaris / Windows	GPL2	jabberd2.xiaoka.com
Jabber XCP	Linux / Solaris / Windows	Commercial	jabber.com
Jerry Messenger	Linux / Windows	Commercial	j-livesupport.com
Kwickserver	Windows	GPL	kwickserver.info
Openfire	Linux / Mac OS X / Solaris / Windows	GPL	igniterealtime.org
Open IM	Linux	BSD	openim.techlab.smk.fr
Prosody	Linux / Mac OS X / Windows	MIT/X11	prosody.im
psyced	Linux / Mac OS X / Windows	GPL2	psyced.org
SoapBox Server	Windows	Commercial	coversant.net
Oracle Communications Instant Messaging Server	Linux / Solaris / Windows	Commercial	oracle.com
Tigase	Linux / Solaris / Mac OS X / Windows	GPL3	tigase.org
Vines	Linux / Mac OS X	MIT	GetVines.com
Wokkel	Linux / Solaris / Mac OS X	MIT	wokkel.ik.nu

　一般情况下，我们刚装好的ubuntu时区都是US（默认语言为英文时），而且，它本身就是使用UTC格式作为标准时间格式，如果在Linux下运行程序，且在程序中指定了与系统不一样的时区的时候，可能会造成时间错误。如果是Ubuntu的桌面版，可以直接在图形模式下修改时区信息，如果是Server版呢，则需要通过tzconfig来修改时区信息了。只是这样的方式会相对比较麻烦，
使用方式 (如将时区设置成Asia/Chongqing)：
sudo tzconfig
然后按照提示选择 Asia对应的序号，选完后会显示一堆新的提示—输入城市名，如Shanghai或Chongqing，最后再用 sudo date -s “” 来修改本地时间。

但事实上，并不需要这么复杂的处理，一个偷懒的方法就是，直接：cp /usr/share/zoneinfo/Asia/ShangHai /etc/localtime，用shanghai的时区文件覆盖localtime。灰常方便，这时候看一下date，时间是不是正确了？

決定 web server 效能一個最重要的因素就是記憶體的量，而藉由調整 MaxClient，可以避免 Apache 產生過多無用的 child process。這個數字到底要調到多少，老實說也沒有一個標準答案，網路上大家比較建議的算法都是用機器有的記憶體和每個 child process 的 size 去做粗估。但事實上，要估計 apache child process 的 size 也不是一件容易的事，如果你用 ps aux 這個指令去看，出來的 VSZ or RSS value，其實都會把 shared memory 重覆記算（詳細內容請參考: Understanding memory usage on Linux , Memory usage determination with the ps command ），所以後來我採用的作法是：先將 MaxClent 設成一個比較小的值 (e.g. 30)，然後再定期去看 error log 是否有 run out of clients 的情形，如果有的話，就再幫 MaxClients 加個 5。

原文来自：http://brooky.cc/2011/06/30/practical-guide-on-setup-wordpress-on-amazon-ec2-free-tier/

理論上，AllowOverride 會造成 Apache 在路徑的每一層去找找看是否有 .htaccess 這個 file。
例如說：如果 virtual host 的設定是：

DocumentRoot /www/htdocs AllowOverride all

那任何一個 /index.html 的 request, Apache 都會試著去找 /.htaccess, /www/.htaccess, and /www/htdocs/.htaccess.
所以除非必要，是可以將 AllowOverride 設成 None.

但如果你用了 wordpress Pretty Permalinks”這個功能，那就會需要 rewrite rule 的功能。在這種情況下，可以考慮將 AllowOverride 的設定直接寫在 config 檔裡。

----------
上文中的链接：Memory usage determination with the ps command

The ps command can also be used to monitor memory usage of individual processes.

The ps v PID command provides the most comprehensive report on memory-related statistics for an individual process, such as:

Page faults
Size of working segment that has been touched
Size of working segment and code segment in memory
Size of text segment
Size of resident set
Percentage of real memory used by this process

The following is an example:

# ps v 
 PID    TTY STAT  TIME PGIN  SIZE   RSS   LIM  TSIZ   TRS %CPU %MEM COMMAND
 36626  pts/3 A     0:00    0   316   408 32768    51    60  0.0  0.0 ps v

The most important columns on the resulting ps report are described as follows:

PGIN: Number of page-ins caused by page faults. Since all I/O is classified as page faults, this is basically a measure of I/O volume.
SIZE: Virtual size (in paging space) in kilobytes of the data section of the process (displayed as SZ by other flags). This number is equal to the number of working segment pages of the process that have been touched times 4. If some working segment pages are currently paged out, this number is larger than the amount of real memory being used. SIZE includes pages in the private segment and the shared-library data segment of the process.
RSS: Real-memory (resident set) size in kilobytes of the process. This number is equal to the sum of the number of working segment and code segment pages in memory times 4. Remember that code segment pages are shared among all of the currently running instances of the program. If 26 ksh processes are running, only one copy of any given page of the ksh executable program would be in memory, but the ps command would report that code segment size as part of the RSS of each instance of the ksh program.
TSIZ: Size of text (shared-program) image. This is the size of the text section of the executable file. Pages of the text section of the executable program are only brought into memory when they are touched, that is, branched to or loaded from. This number represents only an upper bound on the amount of text that could be loaded. The TSIZ value does not reflect actual memory usage. This TSIZ value can also be seen by executing the dump -ov command against an executable program (for example, dump -ov /usr/bin/ls).
TRS: Size of the resident set (real memory) of text. This is the number of code segment pages times 4. This number exaggerates memory use for programs of which multiple instances are running. The TRS value can be higher than the TSIZ value because other pages may be included in the code segment such as the XCOFF header and the loader section.
%MEM: Calculated as the sum of the number of working segment and code segment pages in memory times 4 (that is, the RSS value), divided by the size of the real memory in use, in the machine in KB, times 100, rounded to the nearest full percentage point. This value attempts to convey the percentage of real memory being used by the process. Unfortunately, like RSS, it tends the exaggerate the cost of a process that is sharing program text with other processes. Further, the rounding to the nearest percentage point causes all of the processes in the system that have RSS values under 0.005 times real memory size to have a %MEM of 0.0.

Note: The ps command does not indicate memory consumed by shared memory segments or memory-mapped segments. Because many applications use shared memory or memory-mapped segments, the svmon command is a better tool to view the memory usage of these segments.
-----------
第二篇：http://virtualthreads.blogspot.com/2006/02/understanding-memory-usage-on-linux.html

这篇文章来自blogspot，一般情况下打不开，所幸我用Read it later，直接用广本模式，让他帮我打开了。HOHO,有点长，慢慢看：

This entry is for those people who have ever wondered, "Why the hell is a simple KDE text editor taking up 25 megabytes of memory?" Many people are led to believe that many Linux applications, especially KDE or Gnome programs, are "bloated" based solely upon what tools like ps report. While this may or may not be true, depending on the program, it is not generally true -- many programs are much more memory efficient than they seem.

What ps reports
The ps tool can output various pieces of information about a process, such as its process id, current running state, and resource utilization. Two of the possible outputs are VSZ and RSS, which stand for "virtual set size" and "resident set size", which are commonly used by geeks around the world to see how much memory processes are taking up.

For example, here is the output of ps aux for KEdit on my computer:


USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
dbunker   3468  0.0  2.7  25400 14452 ?        S    20:19   0:00 kdeinit: kedit

According to ps, KEdit has a virtual size of about 25 megabytes and a resident size of about 14 megabytes (both numbers above are reported in kilobytes). It seems that most people like to randomly choose to accept one number or the other as representing the real memory usage of a process. I'm not going to explain the difference between VSZ and RSS right now but, needless to say, this is the wrong approach; neither number is an accurate picture of what the memory cost of running KEdit is.

Why ps is "wrong"
Depending on how you look at it, ps is not reporting the real memory usage of processes. What it is really doing is showing how much real memory each process would take up if it were the only process running. Of course, a typical Linux machine has several dozen processes running at any given time, which means that the VSZ and RSS numbers reported by ps are almost definitely "wrong". In order to understand why, it is necessary to learn how Linux handles shared libraries in programs.

Most major programs on Linux use shared libraries to facilitate certain functionality. For example, a KDE text editing program will use several KDE shared libraries (to allow for interaction with other KDE components), several X libraries (to allow it to display images and copy and pasting), and several general system libraries (to allow it to perform basic operations). Many of these shared libraries, especially commonly used ones like libc, are used by many of the programs running on a Linux system. Due to this sharing, Linux is able to use a great trick: it will load a single copy of the shared libraries into memory and use that one copy for every program that references it.

For better or worse, many tools don't care very much about this very common trick; they simply report how much memory a process uses, regardless of whether that memory is shared with other processes as well. Two programs could therefore use a large shared library and yet have its size count towards both of their memory usage totals; the library is being double-counted, which can be very misleading if you don't know what is going on.

Unfortunately, a perfect representation of process memory usage isn't easy to obtain. Not only do you need to understand how the system really works, but you need to decide how you want to deal with some hard questions. Should a shared library that is only needed for one process be counted in that process's memory usage? If a shared library is used my multiple processes, should its memory usage be evenly distributed among the different processes, or just ignored? There isn't a hard and fast rule here; you might have different answers depending on the situation you're facing. It's easy to see why ps doesn't try harder to report "correct" memory usage totals, given the ambiguity.

Seeing a process's memory map
Enough talk; let's see what the situation is with that "huge" KEdit process. To see what KEdit's memory looks like, we'll use the pmap program (with the -d flag):


Address   Kbytes Mode  Offset           Device    Mapping
08048000      40 r-x-- 0000000000000000 0fe:00000 kdeinit
08052000       4 rw--- 0000000000009000 0fe:00000 kdeinit
08053000    1164 rw--- 0000000008053000 000:00000   [ anon ]
40000000      84 r-x-- 0000000000000000 0fe:00000 ld-2.3.5.so
40015000       8 rw--- 0000000000014000 0fe:00000 ld-2.3.5.so
40017000       4 rw--- 0000000040017000 000:00000   [ anon ]
40018000       4 r-x-- 0000000000000000 0fe:00000 kedit.so
40019000       4 rw--- 0000000000000000 0fe:00000 kedit.so
40027000     252 r-x-- 0000000000000000 0fe:00000 libkparts.so.2.1.0
40066000      20 rw--- 000000000003e000 0fe:00000 libkparts.so.2.1.0
4006b000    3108 r-x-- 0000000000000000 0fe:00000 libkio.so.4.2.0
40374000     116 rw--- 0000000000309000 0fe:00000 libkio.so.4.2.0
40391000       8 rw--- 0000000040391000 000:00000   [ anon ]
40393000    2644 r-x-- 0000000000000000 0fe:00000 libkdeui.so.4.2.0
40628000     164 rw--- 0000000000295000 0fe:00000 libkdeui.so.4.2.0
40651000       4 rw--- 0000000040651000 000:00000   [ anon ]
40652000     100 r-x-- 0000000000000000 0fe:00000 libkdesu.so.4.2.0
4066b000       4 rw--- 0000000000019000 0fe:00000 libkdesu.so.4.2.0
4066c000      68 r-x-- 0000000000000000 0fe:00000 libkwalletclient.so.1.0.0
4067d000       4 rw--- 0000000000011000 0fe:00000 libkwalletclient.so.1.0.0
4067e000       4 rw--- 000000004067e000 000:00000   [ anon ]
4067f000    2148 r-x-- 0000000000000000 0fe:00000 libkdecore.so.4.2.0
40898000      64 rw--- 0000000000219000 0fe:00000 libkdecore.so.4.2.0
408a8000       8 rw--- 00000000408a8000 000:00000   [ anon ]
... (trimmed) ...
mapped: 25404K    writeable/private: 2432K    shared: 0K

I cut out a lot of the output; the rest is similar to what is shown. Even without the complete output, we can see some very interesting things. One important thing to note about the output is that each shared library is listed twice; once for its code segment and once for its data segment. The code segments have a mode of "r-x--", while the data is set to "rw---". The Kbytes, Mode, and Mapping columns are the only ones we will care about, as the rest are unimportant to the discussion.

If you go through the output, you will find that the lines with the largest Kbytes number are usually the code segments of the included shared libraries (the ones that start with "lib" are the shared libraries). What is great about that is that they are the ones that can be shared between processes. If you factor out all of the parts that are shared between processes, you end up with the "writeable/private" total, which is shown at the bottom of the output. This is what can be considered the incremental cost of this process, factoring out the shared libraries. Therefore, the cost to run this instance of KEdit (assuming that all of the shared libraries were already loaded) is around 2 megabytes. That is quite a different story from the 14 or 25 megabytes that ps reported.

What does it all mean?
The moral of this story is that process memory usage on Linux is a complex matter; you can't just run ps and know what is going on. This is especially true when you deal with programs that create a lot of identical children processes, like Apache. ps might report that each Apache process uses 10 megabytes of memory, when the reality might be that the marginal cost of each Apache process is 1 megabyte of memory. This information becomes critial when tuning Apache's MaxClients setting, which determines how many simultaneous requests your server can handle (although see one of my past postings for another way of increasing Apache's performance).

It also shows that it pays to stick with one desktop's software as much as possible. If you run KDE for your desktop, but mostly use Gnome applications, then you are paying a large price for a lot of redundant (but different) shared libraries. By sticking to just KDE or just Gnome apps as much as possible, you reduce your overall memory usage due to the reduced marginal memory cost of running new KDE or Gnome applications, which allows Linux to use more memory for other interesting things (like the file cache, which speeds up file accesses immensely).

« 2026年01月 »