There are 10 tools that operation and maintenance engineers frequently use in their daily work, and the functions, applicable scenarios and excellence of each tool are explained in detail.
1. Shell script:
Function: Mainly used for automated tasks and batch jobs.
Applicable scenarios: Frequently used for file processing, system management, simple network management and other operations.
Advantages: Flexible and powerful, able to interact directly with the system.
Example: Operation and maintenance engineers often use Shell scripts to batch modify configuration files on the server.
#!/bin/bash
# 配置文件的路径
config_path="/path/to/config/file"
# 要修改的内容和新内容
old_content="old_value"
new_content="new_value"
# 遍历服务器上的配置文件
for file in $(find $config_path -name "*.conf"); do
# 判断文件是否包含要修改的内容
if grep -q "$old_content" "$file"; then
# 修改文件内容
sed -i "s/$old_content/$new_content/g" "$file"
echo "已修改文件: $file"
else
echo "文件 $file 不包含要修改的内容."
fi
done
2. Git:
Features: Focus on version control features.
Applicable scenarios: Version management of code and configuration files.
Advantages: Including branch management, code rollback and team collaboration functions.
Example: Operation and maintenance engineers often use Git to manage Puppet or Ansible code.
3. Ansible:
Function: Provide automated configuration, deployment and management solutions.
Applicable scenarios: Suitable for automated server configuration, application deployment and monitoring.
Advantages: easy to learn and master, agent-independent, and powerful module support. Search the public account on WeChat: Architect Guide, reply: Architect receives information.
Example: Operation and maintenance engineers usually use Ansible to configure server firewall rules in batches.
Use Ansible to configure the server's firewall rules:
安装Ansible: 首先,需要在你的本地机器上安装Ansible。你可以通过pip进行安装:pip install ansible。
配置Inventory: 在Ansible中,你需要定义一个inventory文件,这个文件列出了你想要配置的所有服务器。例如,你可以创建一个文件,叫做hosts.ini,然后在文件中列出所有的服务器IP或主机名。
编写Playbook: 接下来,你需要创建一个Playbook,定义你想要执行的防火墙规则。例如:
---
- hosts: all
become: yes
tasks:
- name: Install firewalld
apt: name=firewalld state=present
- name: Enable firewalld
service: name=firewalld enabled=yes state=started
- name: Open port 80/tcp
firewalld: port=80/tcp permanent=true state=enabled
- name: Open port 22/tcp
firewalld: port=22/tcp permanent=true state=enabled
在这个Playbook中,我们首先安装firewalld,然后启动它,接着打开80和22端口。
运行Playbook: 最后,你可以运行这个Playbook,应用到你的服务器上。你可以使用下面的命令:ansible-playbook -i hosts.ini playbook.yml。
4. Prometheus:
Function: Specializes in monitoring and alarm functions.
Applicable scenarios: Suitable for system performance monitoring, service status monitoring and other needs.
Advantages: open source, flexible data model and powerful query language.
Example: Operation and maintenance engineers often use Prometheus to monitor the CPU and memory usage of the server.
5. Grafana:
Features: Focus on data visualization and dashboard functionality.
Applicable scenarios: Suitable for displaying various types of data such as Prometheus and MySQL.
Advantages: Beautiful and elegant, supports multiple data sources, and has flexible dashboard definition capabilities.
Example: Operation and maintenance engineers often use Grafana to display the real-time CPU usage of the server.
6. Docker:
Function: Provide containerization technology solutions.
Applicable scenarios: Suitable for application deployment, environment isolation and rapid expansion requirements.
Advantages: lightweight, rapid deployment, and ensuring a consistent operating environment.
Example: Operation and maintenance engineers usually use Docker to deploy web applications.
7. Kubernetes (K8s):
Function: Specializes in container orchestration and management functions.
Applicable scenarios: Suitable for expansion, rolling update and high availability features of containerized applications.
Advantages: Automatic container orchestration, elastic scaling, self-healing and other functions.
Example: Operations and maintenance engineers will use Kubernetes to manage Docker container clusters.
8. Nginx:
Function: Provides web server and reverse proxy functions.
Applicable scenarios: Suitable for static resource services and load balancing operations.
Advantages: high performance, stability, and easy configuration process.
Example: Operation and maintenance engineers often use Nginx as the front-end proxy and load balancer for web applications.
9. ELK Stack (Elasticsearch, Logstash, Kibana):
Function: Focus on log collection and analysis functions.
Applicable scenarios: Suitable for centralized management and analysis of system logs and application logs.
Advantages: real-time search function, powerful data analysis capabilities, and intuitive dashboard display capabilities.
Example: By using ELK Stack, you can effectively analyze the server's access logs and find out the most visited web pages.
10. Zabbix:
Function: Good at comprehensive network monitoring functions.
Applicable scenarios: Suitable for server performance monitoring, network monitoring and service monitoring operations.
Advantages: open source, comprehensive functions, and good alarm mechanism.
Example: Using Zabbix, you can monitor the network bandwidth usage of the server and trigger an alarm signal when the threshold is exceeded.
Interactive session: Which of the tools listed above do you use most often? What aspects of these tools do you think work best in practice? Or are there any other operation and maintenance tools that you think are worth recommending? Looking forward to sharing your message!
来源于:小明随身杂谈
` How to learn hacking & network security
As long as you like my article today, my private network security learning materials will be shared with you for free. Come and see what is available.
1. Learning roadmap
There are a lot of things to learn about attack and defense. I have written down the specific things you need to learn in the road map above. If you can complete them, you will have no problem getting a job or taking on a private job.
2. Video tutorial
Although there are many learning resources on the Internet, they are basically incomplete. This is an Internet security video tutorial I recorded myself. I have accompanying video explanations for every knowledge point in the roadmap above.
The content covers the study of network security laws, network security operations and other security assessments, penetration testing basics, detailed explanations of vulnerabilities, basic computer knowledge, etc. They are all must-know learning contents for getting started with network security.
(They are all packaged into one piece and cannot be expanded one by one. There are more than 300 episodes in total)
Due to limited space, only part of the information is displayed. You need to click on the link below to obtain it.
3. Technical documents and e-books
I also compiled the technical documents myself, including my experience and technical points in participating in large-scale network security operations, CTF, and digging SRC vulnerabilities. There are more than 200 e-books. Due to the sensitivity of the content, I will not display them one by one.
Due to limited space, only part of the information is displayed. You need to click on the link below to obtain it.
4. Toolkit, interview questions and source code
"If you want to do your job well, you must first sharpen your tools." I have summarized dozens of the most popular hacking tools for everyone. The scope of coverage mainly focuses on information collection, Android hacking tools, automation tools, phishing, etc. Interested students should not miss it.
There is also the case source code and corresponding toolkit mentioned in my video, which you can take away if needed.
Due to limited space, only part of the information is displayed. You need to click on the link below to obtain it.
Finally, here are the interview questions about network security that I have compiled over the past few years. If you are looking for a job in network security, they will definitely help you a lot.
These questions are often encountered when interviewing Sangfor, Qi Anxin, Tencent or other major companies. If you have good questions or good insights, please share them.
Reference analysis: Sangfor official website, Qi’anxin official website, Freebuf, csdn, etc.
Content features: Clear organization and graphical representation to make it easier to understand.
Summary of content: Including intranet, operating system, protocol, penetration testing, security service, vulnerability, injection, XSS, CSRF, SSRF, file upload, file download, file inclusion, XXE, logical vulnerability, tools, SQLmap, NMAP, BP, MSF…
Due to limited space, only part of the information is displayed. You need to click on the link below to obtain it.