Network&Server&OS

Installation File/木马安装程序是exe文件:

winrar self-extracting exe file with few parameter to make it less noticeable.

支持服务器证书客户端证书双向验证的网络连接手段是VPN。Window2008R2自带VPN功能

，但是添加VPN功能后，远程连接功能不可用。所以测试采用第三方VPN工具openVPN。

部署结构

# 1. Delete all existing rules
iptables -F

# 2. Set default chain policies
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

# 3. Only Allow 2 SSH Connections per user

iptables -A INPUT -p tcp --syn --dport 23235 -m connlimit --connlimit-above 2 -j ACCEPT

1、备份

mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup

2、下载新的CentOS-Base.repo 到/etc/yum.repos.d/

CentOS 5

wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-5.repo

CentOS 6

wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo

[root@localhost ~]# grep ^[^#] /etc/ppp/options.pptpd

name pptpd

refuse-pap

refuse-chap

refuse-mschap

require-mschap-v2

require-mppe-128

ms-dns 8.8.8.8

proxyarp

lock

nobsdcomp

novj

novjccomp

nologfd

[root@localhost ~]# grep ^[^#] /etc/ppp/chap-secrets

1编译安装msmtp，可能需要依赖库autoconf ,openssh-devel,gettext等

$ cd msmtp

$ autoreconf -i

$ ./configure; make; make install

配置文件

[root@Drupal ~]# cat /usr/local/etc/msmtprc

defaults

port 25

auth      login

mysql setup:

CREATE USER drupalDBuser@localhost
alter user 'drupalDBuser'@'localhost' identified with mysql_native_password by 'password'

need  mysql_native_password  plugin because php didn't know new mysql_native_password method.

drupal 8: see refer page here. need manually modify the source code.