forked from jaywcjlove/reference
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
16 changed files
with
97 additions
and
947 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
phpbrew | ||
=== | ||
php 版本的 [Homebrew](https://brew.sh/) | ||
|
||
## 基础用法 | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
GIT | ||
=== | ||
不常见操作的备忘 | ||
|
||
## 更改git已提交的user.email信息 | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
SourceTree Keyboard Shortcuts | ||
=== | ||
简明手册 | ||
|
||
## 概览 | ||
<!--rehype:body-class=cols-1--> | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
mysql | ||
=== | ||
简明手册 | ||
|
||
# DDL -- 数据定义语言 | ||
|
||
|
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
redis | ||
=== | ||
简明手册 | ||
|
||
## 查询 | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
docker | ||
=== | ||
简明手册 | ||
|
||
## 从容器创建一个新的镜像 | ||
<!--rehype:body-class=cols-1--> | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
前端构建工具备忘 | ||
=== | ||
简明手册 | ||
|
||
# 缓存 | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
pm2 | ||
=== | ||
简明手册 | ||
|
||
## Fork mode | ||
|
||
|
1 change: 1 addition & 0 deletions
1
docs/software/backend/mitmproxy.md → docs/software/mitmproxy.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
mitmproxy | ||
=== | ||
简明手册 | ||
|
||
## MacOS 安装 | ||
```bash | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
audit 审计框架 | ||
=== | ||
auditd 是 Linux 的内核审计框架,能够记录与安全相关的系统事件。通过 auditd 可以获取更多关于删除事件的详细信息。 | ||
|
||
## 监控删除目录事件 | ||
<!--rehype:body-class=cols-1--> | ||
### 添加规则 | ||
```bash | ||
sudo auditctl -w /tmp/agentLog.20240801 -p w -k delete-file-20240801 | ||
|
||
# 在 auditctl 命令中,-p 选项用于指定监控的权限类型,wa 是由两种权限类型组合而成的标志: | ||
# w (write): 监控对文件的写操作。任何对文件内容的写入(包括追加)都会触发审计事件。 | ||
# a (attribute change): 监控文件属性的变化。例如,文件的所有者、权限、时间戳等发生变化时会触发审计事件。 | ||
|
||
``` | ||
|
||
### 按事件名称查询 | ||
```bash | ||
sudo ausearch -k delete-file-20240801 | ||
``` | ||
|
||
### 搜索 | ||
|
||
#### 命令 | ||
```bash | ||
sudo ausearch -f agent | ||
|
||
# -f agent: -f 选项指定搜索文件路径或文件名,agent 是你要匹配的字符串。 | ||
``` | ||
|
||
#### 示例输出 | ||
```log | ||
time->Tue Aug 9 12:34:56 2024 | ||
type=SYSCALL msg=audit(1628507696.123:4567): arch=c000003e syscall=87 success=yes exit=0 a0=ffffff9c a1=21b83e0 a2=0 a3=7ffdb42b5c10 items=1 ppid=12345 pid=6789 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=1 comm="rm" exe="/bin/rm" key="delete-file" | ||
type=CWD msg=audit(1628507696.123:4567): cwd="/home/user" | ||
type=PATH msg=audit(1628507696.123:4567): item=0 name="agentLog.20240801" inode=123456 dev=08:01 mode=0100644 ouid=1000 ogid=1000 rdev=00:00 nametype=DELETE | ||
type=PROCTITLE msg=audit(1628507696.123:4567): proctitle=726D002F7661722F6C6F672F6167656E744C6F672E3230323430383031 | ||
``` | ||
|
||
#### 解释 | ||
- time: 事件发生的时间。 | ||
- syscall: 系统调用编号和相关信息。 | ||
- comm="rm": 触发事件的命令(如 rm 命令)。 | ||
- exe="/bin/rm": 执行命令的路径。 | ||
- name="agentLog.20240801": 涉及的文件名。 | ||
- pid=6789: 触发事件的进程 ID。 | ||
- key="delete-file": 设置审计规则时使用的关键字。 | ||
|
||
|
||
### 删除事件 | ||
```bash | ||
sudo auditctl -d /tmp/agentLog.20240801 -p wa | ||
|
||
# -d:删除审计规则。 | ||
# /tmp/agentLog.20240801:你之前监控的文件或目录。 | ||
# -p wa:权限标志,表示删除对写操作和属性变化的监控。 | ||
``` | ||
|
||
## 删除全部审计 | ||
### 命令 | ||
```bash | ||
sudo auditctl -D | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,8 @@ | ||
linux - dd 命令 | ||
dd | ||
=== | ||
|
||
简明手册 | ||
|
||
## TEST Disk WRITE Speed | ||
|
||
<!--rehype:body-class=cols-1--> | ||
|
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
tcpdump | ||
=== | ||
tcpdump 简明手册 | ||
|
||
## tcpdump 使用 -- 选项类 | ||
|
||
|
File renamed without changes.