Discuz!官方免费开源建站系统

 找回密码
 立即注册

QQ登录

只需一步,快速开始

搜索

我用SCAN扫出漏洞来了,不知道怎么补上?

[复制链接]
reqerwryre 发表于 2007-10-27 12:21:49 | 显示全部楼层 |阅读模式
类型 端口/服务 安全漏洞及解决方案
提示 www (80/tcp) 开放服务

"WEB"服务运行于该端口
BANNER信息 :

HTTP/1.1 200 OK
Date: Fri, 26 Oct 2007 15:31:32 GMT
Server: Apache/2.2.6 (Win32) PHP/5.2.0
X-Powered-By: PHP/5.2.0
Connection: close
Content-Type: text/html
charset=gbk

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html
charset=gbk" />
<title>论坛 - 维修技术交流 - Powered By SupeSite</
NESSUS_ID : 10330

提示 www (80/tcp) http TRACE 跨站攻击

你的webserver支持TRACE 和/或 TRACK 方式。 TRACE和TRACK是用来调试web服务器连接的HTTP方式。

支持该方式的服务器存在跨站脚本漏洞,通常在描述各种浏览器缺陷的时候,把"Cross-Site-Tracing"简称为XST。

攻击者可以利用此漏洞欺骗合法用户并得到他们的私人信息。

解决方案: 禁用这些方式。


如果你使用的是Apache, 在各虚拟主机的配置文件里添加如下语句:

RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]

如果你使用的是Microsoft IIS, 使用URLScan工具禁用HTTP TRACE请求,或者只开放满足站点需求和策略的方式。

如果你使用的是Sun ONE Web Server releases 6.0 SP2 或者更高的版本, 在obj.conf文件的默认object section里添加下面的语句:
<Client method="TRACE">
AuthTrans fn="set-variable"
remove-headers="transfer-encoding"
set-headers="content-length: -1"
error="501"
</Client>

如果你使用的是Sun ONE Web Server releases 6.0 SP2 或者更低的版本, 编译如下地址的NSAPI插件:
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F50603


参见http://www.whitehatsec.com/press_releases/WH-PR-20030120.pdf
http://archives.neohapsis.com/ar ... h/2003-q1/0035.html
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F50603
http://www.kb.cert.org/vuls/id/867593

风险等级: 中
___________________________________________________________________


The remote webserver supports the TRACE and/or TRACK methods. TRACE and TRACK
are HTTP methods which are used to debug web server connections.

It has been shown that servers supporting this method are subject
to cross-site-scripting attacks, dubbed XST for
"Cross-Site-Tracing", when used in conjunction with
various weaknesses in browsers.

An attacker may use this flaw to trick your legitimate web users to
give him their credentials.


Solution :
Add the following lines for each virtual host in your configuration file :

RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]


See also http://www.kb.cert.org/vuls/id/867593
Risk factor : Medium
BUGTRAQ_ID : 9506, 9561, 11604
NESSUS_ID : 11213

提示 www (80/tcp) 目录扫描器

该插件试图确认远程主机上存在的各普通目录
___________________________________________________________________

The following directories were discovered:
/Install, /Log, /Templates, /admin, /cgi-bin, /class, /css, /data, /html, /images, /include, /install, /log, /styles, /templates, /user

While this is not, in and of itself, a bug, you should manually inspect
these directories to ensure that they are in compliance with company
security standards

NESSUS_ID : 11032
Other references : OWASP:OWASP-CM-006

提示 www (80/tcp) HTTP 服务器类型及版本

发现 HTTP 服务器的类型及版本号.

解决方案: 配置服务器经常更改名称,如:'Wintendo httpD w/Dotmatrix display'
确保移除类似 apache_pb.gif 带有 Apache 的通用标志, 可以设定 'ServerTokens Prod' 为受限
该信息来源于服务器本身的响应首部.

风险等级 : 低
___________________________________________________________________

The remote web server type is :

Apache/2.2.6 (Win32) PHP/5.2.0


Solution : You can set the directive 'ServerTokens Prod' to limit
the information emanating from the server in its response headers.
NESSUS_ID : 10107

提示 ftp (21/tcp) 开放服务

"ftp"服务可能运行于该端口.

NESSUS_ID : 10330

提示 HTTP proxy server (8080/tcp) 开放服务

"HTTP proxy server"服务可能运行于该端口.

NESSUS_ID : 10330

我是说如何隐藏服务器名称,谢谢了!我的是apache2.2.6

加什么代码?

SetEnvIfNoCase Request_Method ^(TRACE|TRACK) IS_TRACE
<Directory /docroot>
Order Allow,Deny
Allow from all
Deny from env=IS_TRACE
</Directory>

这个也没有作用啊!
ServerSignature Off
ServerTokens Prod

真想知道怎么做 大哥们
it1988.com 发表于 2007-10-27 16:37:09 | 显示全部楼层
:) :)
回复

使用道具 举报

 楼主| reqerwryre 发表于 2007-10-27 17:05:34 | 显示全部楼层
怎么没有人来帮帮啊`` `
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

手机版|小黑屋|Discuz! 官方站 ( 皖ICP备16010102号 )star

GMT+8, 2024-11-20 09:44 , Processed in 0.040614 second(s), 3 queries , Gzip On, Redis On.

Powered by Discuz! X3.4

Copyright © 2001-2023, Tencent Cloud.

快速回复 返回顶部 返回列表