Notice (8): Undefined variable: dhList [APP/View/IE/chan_l.ctp, line 9]Code Context <div class="z_rbst_gsjj_dei_de">
<ul>
<?php foreach ($dhList as $i => $v): ?>
$viewFile = '/www/web/wx2014/wx/public_html/rbst/public_html/app/View/IE/chan_l.ctp'
$dataForView = array(
'newsList' => array(
(int) 0 => array(
'contents_infos' => array(
[maximum depth reached]
),
'dhclass_infos' => array(
[maximum depth reached]
)
),
(int) 1 => array(
'contents_infos' => array(
[maximum depth reached]
),
'dhclass_infos' => array(
[maximum depth reached]
)
),
(int) 2 => array(
'contents_infos' => array(
[maximum depth reached]
),
'dhclass_infos' => array(
[maximum depth reached]
)
),
(int) 3 => array(
'contents_infos' => array(
[maximum depth reached]
),
'dhclass_infos' => array(
[maximum depth reached]
)
),
(int) 4 => array(
'contents_infos' => array(
[maximum depth reached]
),
'dhclass_infos' => array(
[maximum depth reached]
)
),
(int) 5 => array(
'contents_infos' => array(
[maximum depth reached]
),
'dhclass_infos' => array(
[maximum depth reached]
)
)
),
'pageHtml' => '<span><a class="disabled" href='/Chan/index?&currpage=16'> < </a></span><a h href='/Chan/index?&currpage=12'>12</a><a h href='/Chan/index?&currpage=13'>13</a><a h href='/Chan/index?&currpage=14'>14</a><a h href='/Chan/index?&currpage=15'>15</a><a h href='/Chan/index?&currpage=16'>16</a><span class="current">17</span><a h href='/Chan/index?&currpage=18'>18</a><a h href='/Chan/index?&currpage=19'>19</a><a h href='/Chan/index?&currpage=20'>20</a><a h href='/Chan/index?&currpage=21'>21</a><a class="disabled" href='/Chan/index?&currpage=18'> > </a>',
'nids' => '',
'tid' => '',
'nid' => '',
'Lpic7' => array(
(int) 0 => array(
'nry_infos' => array(
[maximum depth reached]
)
)
),
'Lpic6' => array(
(int) 0 => array(
'nry_infos' => array(
[maximum depth reached]
)
)
),
'Lpic5' => array(
(int) 0 => array(
'nry_infos' => array(
[maximum depth reached]
)
)
),
'Lpic4' => array(
(int) 0 => array(
'nry_infos' => array(
[maximum depth reached]
)
)
),
'Lpic3' => array(
(int) 0 => array(
'nry_infos' => array(
[maximum depth reached]
)
)
),
'Lpic2' => array(
(int) 0 => array(
'nry_infos' => array(
[maximum depth reached]
)
)
),
'Lpic1' => array(
(int) 0 => array(
'nry_infos' => array(
[maximum depth reached]
)
)
),
'ZBannerList' => array(
(int) 0 => array(
'contents_infos' => array(
[maximum depth reached]
),
'dhclass_infos' => array(
[maximum depth reached]
)
),
(int) 1 => array(
'contents_infos' => array(
[maximum depth reached]
),
'dhclass_infos' => array(
[maximum depth reached]
)
),
(int) 2 => array(
'contents_infos' => array(
[maximum depth reached]
),
'dhclass_infos' => array(
[maximum depth reached]
)
)
),
'LxwmInfo' => array(
(int) 0 => array(
'nry_infos' => array(
[maximum depth reached]
)
)
),
'FangALm' => array(
(int) 0 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 1 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 2 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 3 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 4 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 5 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 6 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 7 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
)
),
'CanPLm' => array(
(int) 0 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 1 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 2 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 3 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 4 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 5 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 6 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 7 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 8 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
)
),
'SeoInfo' => array(
(int) 0 => array(
'nry_infos' => array(
[maximum depth reached]
)
)
)
)
$newsList = array(
(int) 0 => array(
'contents_infos' => array(
'ids' => '105',
'idss' => '8',
'idsss' => '3',
'title' => 'MX480',
'zuozhe' => '26',
'laiyuan' => '',
'addtime' => '2018-08-30 17:55:40',
'neirong' => '',
'liandizhi' => '',
'pic' => '',
'shenhe' => '�',
'zhiding' => '',
'xid' => '99999',
'llcishu' => '2734',
'pics' => '/img/upload/1535623542570.jpg'
),
'dhclass_infos' => array(
'dhclass' => 'Juniper'
)
),
(int) 1 => array(
'contents_infos' => array(
'ids' => '104',
'idss' => '8',
'idsss' => '3',
'title' => 'MX240',
'zuozhe' => '26',
'laiyuan' => '',
'addtime' => '2018-08-30 17:54:16',
'neirong' => '',
'liandizhi' => '',
'pic' => '',
'shenhe' => '�',
'zhiding' => '',
'xid' => '99999',
'llcishu' => '2611',
'pics' => '/img/upload/1535623492673.jpg'
),
'dhclass_infos' => array(
'dhclass' => 'Juniper'
)
),
(int) 2 => array(
'contents_infos' => array(
'ids' => '103',
'idss' => '8',
'idsss' => '3',
'title' => 'MX104',
'zuozhe' => '26',
'laiyuan' => '',
'addtime' => '2018-08-30 17:54:01',
'neirong' => '<strong>产品概述</strong><br />
瞻博网络MX104 3D通用边缘路由器 为移动、企业广域网、商业和住宅接 入服务而优化。MX104采用了为中 央局(CO)而优化的MX系列机箱,通 过支持一个冗余的控制平面来实现高 可用性,它为适应环境温度改进了设 计,可以部署在配线间以外和远程终 端环境。它还提供带内服务,将服务 边缘扩展到汇聚层。MX104采用了 业内领先的定时和同步技术,能够改 善移动宽带用户的体验(QoE),它通 过Junos Space网络管理平台进行管 理,支持快速进行服务设计并降低总 体拥有成本。<br />
<p>
<p>
<strong>产品说明 </strong>
</p>
<p>
瞻博网络MX104 3D通用边缘路由器的推出,旨在响应向城域网架构的迁移,在这种架 构中,汇聚层负责为电信运营商边缘提供支持。MX104能够简化城域网架构,消除不必 要的层,并显著降低购置成本和运行成本。通过简化架构和降低成本,电信运营商和企 业就能够基于MX104,实施新的“Edge Anywhere”(处处是边缘)的模式。
</p>
瞻博网络MX104 3D通用边缘路由器为移动、企业广域网、商业和住宅接入服务而优 化。MX104采用一种设计紧凑的3.5U ETSI机箱,它支持80Gbps的吞吐率,为同类产 品确立了一种新的端口密度标准。MX104提供:<br />
• 4个模块化接口卡(MIC)插槽,支持多种接口类型,从而提供灵活的配置选项 • 支持所有的MX系列Type 1和双宽MIC,为客户提供投资保护 • 冗余的控制平面和电源,提供高可用性支持 • 为适应环境温度改进了设计,降低了功耗,可以部署在极端温度环境中,如配线间以 外和远程POP • 瞻博网络屡获殊荣的Trio ASIC和Junos操作系统,支持城域网汇聚层成为“新的分布 式边缘” • 提供与MX系列路由器一样的带内服务,如网络地址转换(NAT)和流量监控 • 高度可扩展和可靠的、基于硬件的定时技术,能够满足频率和相位同步方面最严格的 LTE要求,从而改善移动带宽用户的体验(QoE) • Junos Space Service Activation Director,能够最大程度地降低配置和端到端解决 方案管理的成本<br />
<div>
<br />
</div>
</p>',
'liandizhi' => '',
'pic' => '',
'shenhe' => '�',
'zhiding' => '',
'xid' => '99999',
'llcishu' => '3024',
'pics' => '/img/upload/1535623448199.jpg'
),
'dhclass_infos' => array(
'dhclass' => 'Juniper'
)
),
(int) 3 => array(
'contents_infos' => array(
'ids' => '102',
'idss' => '18',
'idsss' => '2',
'title' => '比WannaCry更厉害的勒索软件来袭,目标瞄准Linux和Windows服务器',
'zuozhe' => '',
'laiyuan' => '',
'addtime' => '2018-08-30 17:51:41',
'neirong' => '<p style="text-indent:2em;">
<br />
</p>
<p style="text-indent:2em;">
转载 (原创: 折腰的五斗米 黑客视界 1周前)
</p>
<p style="text-indent:2em;">
来自Palo Alto Networks公司旗下Unit 42威胁研究团队的安全研究员Claud Xiao、Cong Zheng和Xingyu Jin在本周一(9月17日)发布的一篇博文中指出,他们发现了一个针对Linux和Windows服务器的新型恶意软件家族,并将其命名为“Xbash”。
</p>
<p style="text-indent:2em;">
根据Unit 42研究人员的说法,Xbash是一个僵尸网络和勒索软件的结合体,具有自我传播的功能,类似于WannaCry或Petya/NotPetya所展现的蠕虫特性。另外,它还具有一些尚未启用的功能,这些功能在启用之后将允许Xbash能够在目标网络中快速传播,而这一点同样类似于WannaCry或Petya/NotPetya。
</p>
<p style="text-indent:2em;">
值得注意的是,与其说Xbash是一款勒索软件,倒不如说它是一个数据擦除器。在这一点上,它与NotPetya非常类似。也就是说,它会对受害者数据造成永久性的破坏,即使是受害者支付赎金,这些数据也不可能得到恢复。
</p>
<p style="text-indent:2em;">
由Iron黑客组织开发,利用已知漏洞感染服务器
</p>
<p style="text-indent:2em;">
Unit 42的研究人员表示,他们在经过分析后发现,Xbash是由长期以来一直保持活跃的黑客组织Iron(又名Rocke)在今年开发的。根据恶意代码主模块的名称,他们将该恶意软件家族命名为了“Xbash”。
</p>
<p style="text-indent:2em;">
在此之前,Iron组织曾开发并传播了大量的加密货币矿工和加密货币交易劫持木马,主要针对的是Windows,只有少数针对Linux。因此,Xbash可以说是该组织一个升级后的工具,目标是找出那些使用弱密码或存在漏洞的服务器,清空受害者的MySQL、PostgreSQL和MongoDB数据库,并要求受害者以比特币支付赎金。
</p>
<p style="text-indent:2em;">
根据Unit 42研究人员的说法,Xbash主要利用了Hadoop(一个由Apache基金会所开发的分布式系统基础架构)、Redis(一个开源的使用ANSI C语言编写、支持网络、可基于内存亦可持久化的日志型、Key-Value数据库,并提供多种语言的API)和ActiveMQ(Apache出品的开源消息总线)中的三个已知漏洞来实现自我传播或感染目标服务器。这包括:
</p>
<p style="text-indent:2em;">
Hadoop YARN ResourceManager无需身份验证的命令执行漏洞,于2016年10月首次被公开披露,未分配CVE编号。
</p>
<p style="text-indent:2em;">
Redis任意文件写入和远程命令执行漏洞,于2015年10月首次被公开披露,未分配CVE编号。
</p>
<p style="text-indent:2em;">
ActiveMQ任意文件写入漏洞,CVE-2016-3088。
</p>
<p style="text-indent:2em;">
采用Python编写,目前已有四种不同版本被发现
</p>
<p style="text-indent:2em;">
到目前为止,Unit 42的研究人员表示他们已经发现了四种不同版本的Xbash。从这些版本之间代码和时间戳的差异可以看出,该勒索软件家族仍在被积极地开发。
</p>
<p style="text-indent:2em;">
Xbash是采用Python编写的,并且通过PyInstaller转换成PE可执行文件。根据Unit 42研究人员的说法,这种技术也曾被其他恶意软件开发者所使用,它具有如下几个优点:
</p>
<p style="text-indent:2em;">
开发更快、更容易:使用Python开发恶意软件比使用C、C ++或Go更快、更容易,从而使得恶意软件能够在短时间内快速发展;
</p>
<p style="text-indent:2em;">
安装简单且可靠:通过PyInstaller创建的可执行文件,其中包含了所有必需的依赖项,包括Python运行时、库、用户库和第三方库。鉴于Linux安装和环境的多样性,攻击者往往无法确定基于Python的恶意软件是否能够成功安装和运行。但通过PyInstaller转换成PE可执行文件之后,攻击者就可以确保恶意软件能够成功地安装在目标系统上。
</p>
<p style="text-indent:2em;">
反检测功能:PyInstaller的代码编译、代码压缩/转换以及加密功能,有助于恶意软件绕过防病毒/反恶意软件引擎或静态分析的检测。在Claud Xiao、Cong Zheng和Xingyu Jin编写他们的博文时,Xbash在VirusTotal上的检出率仅为1/57,如下图所示。
</p>
<p style="text-indent:2em;">
跨平台恶意软件:PyInstaller可以将同一段Python代码转换成Windows、Apple macOS和Linux的二进制文件,这使恶意软件真正能够实现跨平台。
</p>
<p style="text-indent:2em;">
通过扫描TCP或UDP端口寻找目标,已收获六千美元
</p>
<p style="text-indent:2em;">
根据Unit 42研究人员的说法,Xbash会基于域名和IP地址来进行扫描。如果扫描的是IP地址,那么它将尝试扫描众多TCP或UDP端口,以下是其中一部分:
</p>
<p style="text-indent:2em;">
HTTP: 80, 8080, 8888, 8000, 8001, 8088
</p>
<p style="text-indent:2em;">
VNC: 5900, 5901, 5902, 5903
</p>
<p style="text-indent:2em;">
MySQL: 3306
</p>
<p style="text-indent:2em;">
Mmcached: 11211
</p>
<p style="text-indent:2em;">
MySQL/MariaDB: 3309, 3308,3360 3306, 3307, 9806, 1433
</p>
<p style="text-indent:2em;">
FTP: 21
</p>
<p style="text-indent:2em;">
Telnet: 23, 2323
</p>
<p style="text-indent:2em;">
PostgreSQL: 5432
</p>
<p style="text-indent:2em;">
Redis: 6379, 2379
</p>
<p style="text-indent:2em;">
ElasticSearch: 9200
</p>
<p style="text-indent:2em;">
MongoDB: 27017
</p>
<p style="text-indent:2em;">
RDP: 3389
</p>
<p style="text-indent:2em;">
UPnP/SSDP: 1900
</p>
<p style="text-indent:2em;">
NTP: 123
</p>
<p style="text-indent:2em;">
DNS: 53
</p>
<p style="text-indent:2em;">
SNMP: 161
</p>
<p style="text-indent:2em;">
LDAP: 389
</p>
<p style="text-indent:2em;">
Rexec: 512
</p>
<p style="text-indent:2em;">
Rlogin: 513
</p>
<p style="text-indent:2em;">
Rsh: 514
</p>
<p style="text-indent:2em;">
Rsync: 873
</p>
<p style="text-indent:2em;">
Oracle database: 1521
</p>
<p style="text-indent:2em;">
CouchDB: 5984
</p>
<p style="text-indent:2em;">
对于某些服务,如VNC、Rsync、MySQL、MariaDB、Memcached、PostgreSQL、MongoDB和phpMyAdmin,如果相关端口是打开的,那么Xbash将使用内置的弱用户名/密码字典来尝试登录这些服务,如下图所示。值得注意的是,字典还包含Telnet、FTP和Redis等服务的通用或默认密码。
</p>
<p style="text-indent:2em;">
如果Xbash成功登录到了包括MySQL、MongoDB和PostgreSQL在内的服务,它将清空服务器中几乎所有现有数据库(除了存储用户登录信息的一些数据库),然后创建一个名为“PLEASE_READ_ME_XYZ”的新数据库,并插入一个名为“WARNING”的新表,用于显示勒索信息.
</p>
<p style="text-indent:2em;">
从勒索信息来看,攻击者的赎金需求金额为0.02枚比特币,并威胁受害者“如果我们没有收到你的付款,我们将泄露你的数据库”。自2018年5月以来,攻击者的钱包有48笔交易,总收入约为0.964枚比特币(约价值6000美元)。
</p>
<p style="text-indent:2em;">
总结和安全建议
</p>
<p style="text-indent:2em;">
Xbash是一种相对较新且较复杂的恶意软件,也是一个活跃的网络犯罪组织的最新作品。它目前能够针对Linux和Windows系统实施攻击,但鉴于PyInstaller的使用,我们并不排除未来会有针对其他系统的版本出现。
</p>
<p style="text-indent:2em;">
想要避免或减轻Xbash所带来的危害,我们可以采取以下措施:
</p>
<p style="text-indent:2em;">
使用相对复杂的密码,并经常更新(切记不要使用默认密码);
</p>
<p style="text-indent:2em;">
及时了解系统安全更新;
</p>
<p style="text-indent:2em;">
在操作系统上实施端点保护;
</p>
<p style="text-indent:2em;">
严格限制某些服务的联网访问权限;
</p>
<p style="text-indent:2em;">
对关键数据进行备份。
</p>
<p style="text-indent:2em;">
<br />
</p>',
'liandizhi' => '',
'pic' => '/img/upload/15381907966497.jpg',
'shenhe' => '�',
'zhiding' => '',
'xid' => '99999',
'llcishu' => '2486',
'pics' => ''
),
'dhclass_infos' => array(
'dhclass' => '行业资讯'
)
),
(int) 4 => array(
'contents_infos' => array(
'ids' => '96',
'idss' => '4',
'idsss' => '1',
'title' => '2018年',
'zuozhe' => '',
'laiyuan' => '',
'addtime' => '2018-09-26 17:00:14',
'neirong' => '<p style="text-indent:2em;">
上海办事处成立,服务体系完善
</p>',
'liandizhi' => '',
'pic' => '/images/nopic.jpg',
'shenhe' => '�',
'zhiding' => '',
'xid' => '99999',
'llcishu' => '249',
'pics' => ''
),
'dhclass_infos' => array(
'dhclass' => '发展历程'
)
),
(int) 5 => array(
'contents_infos' => array(
'ids' => '95',
'idss' => '4',
'idsss' => '1',
'title' => '2017年',
'zuozhe' => '',
'laiyuan' => '',
'addtime' => '2018-09-26 17:00:01',
'neirong' => '<p style="text-indent:2em;">
确立公司发展方向:安全、服务
</p>',
'liandizhi' => '',
'pic' => '/images/nopic.jpg',
'shenhe' => '�',
'zhiding' => '',
'xid' => '99999',
'llcishu' => '245',
'pics' => ''
),
'dhclass_infos' => array(
'dhclass' => '发展历程'
)
)
)
$pageHtml = '<span><a class="disabled" href='/Chan/index?&currpage=16'> < </a></span><a h href='/Chan/index?&currpage=12'>12</a><a h href='/Chan/index?&currpage=13'>13</a><a h href='/Chan/index?&currpage=14'>14</a><a h href='/Chan/index?&currpage=15'>15</a><a h href='/Chan/index?&currpage=16'>16</a><span class="current">17</span><a h href='/Chan/index?&currpage=18'>18</a><a h href='/Chan/index?&currpage=19'>19</a><a h href='/Chan/index?&currpage=20'>20</a><a h href='/Chan/index?&currpage=21'>21</a><a class="disabled" href='/Chan/index?&currpage=18'> > </a>'
$nids = ''
$tid = ''
$nid = ''
$Lpic7 = array(
(int) 0 => array(
'nry_infos' => array(
'ids' => '8',
'idss' => '100',
'idsss' => '7',
'title' => '',
'zuozhe' => '',
'laiyuan' => '',
'liandizhi' => '',
'pic' => '/img/upload/15355366666269.jpg',
'neirong' => '',
'addtime' => '2018-08-29 00:00:00'
)
)
)
$Lpic6 = array(
(int) 0 => array(
'nry_infos' => array(
'ids' => '9',
'idss' => '100',
'idsss' => '6',
'title' => '',
'zuozhe' => '',
'laiyuan' => '',
'liandizhi' => '',
'pic' => '/img/upload/15355378829148.jpg',
'neirong' => '',
'addtime' => '2018-08-29 00:00:00'
)
)
)
$Lpic5 = array(
(int) 0 => array(
'nry_infos' => array(
'ids' => '10',
'idss' => '100',
'idsss' => '5',
'title' => '',
'zuozhe' => '',
'laiyuan' => '',
'liandizhi' => '',
'pic' => '/img/upload/15355380273789.jpg',
'neirong' => '',
'addtime' => '2018-08-29 00:00:00'
)
)
)
$Lpic4 = array(
(int) 0 => array(
'nry_infos' => array(
'ids' => '11',
'idss' => '100',
'idsss' => '4',
'title' => '',
'zuozhe' => '',
'laiyuan' => '',
'liandizhi' => '',
'pic' => '/img/upload/15355381043509.jpg',
'neirong' => '',
'addtime' => '2018-08-29 00:00:00'
)
)
)
$Lpic3 = array(
(int) 0 => array(
'nry_infos' => array(
'ids' => '13',
'idss' => '100',
'idsss' => '3',
'title' => '',
'zuozhe' => '',
'laiyuan' => '',
'liandizhi' => '',
'pic' => '/img/upload/15355383912478.jpg',
'neirong' => '',
'addtime' => '2018-08-29 00:00:00'
)
)
)
$Lpic2 = array(
(int) 0 => array(
'nry_infos' => array(
'ids' => '12',
'idss' => '100',
'idsss' => '2',
'title' => '',
'zuozhe' => '',
'laiyuan' => '',
'liandizhi' => '',
'pic' => '/img/upload/15355385418313.jpg',
'neirong' => '',
'addtime' => '2018-08-29 00:00:00'
)
)
)
$Lpic1 = array(
(int) 0 => array(
'nry_infos' => array(
'ids' => '7',
'idss' => '100',
'idsss' => '1',
'title' => '',
'zuozhe' => '',
'laiyuan' => '',
'liandizhi' => '',
'pic' => '/img/upload/15355361994471.jpg',
'neirong' => '',
'addtime' => '2018-08-06 00:00:00'
)
)
)
$ZBannerList = array(
(int) 0 => array(
'contents_infos' => array(
'ids' => '133',
'idss' => '17',
'idsss' => '8',
'title' => '瑞博思特',
'zuozhe' => '',
'laiyuan' => '',
'addtime' => '2018-09-04 17:43:36',
'neirong' => '',
'liandizhi' => '',
'pic' => '/img/upload/15360542314880.jpg',
'shenhe' => '�',
'zhiding' => '',
'xid' => '99999',
'llcishu' => '264'
),
'dhclass_infos' => array(
'dhclass' => '子页图'
)
),
(int) 1 => array(
'contents_infos' => array(
'ids' => '132',
'idss' => '17',
'idsss' => '8',
'title' => '瑞博思特',
'zuozhe' => '',
'laiyuan' => '',
'addtime' => '2018-09-04 16:51:30',
'neirong' => '',
'liandizhi' => '',
'pic' => '/img/upload/15371636995303.jpg',
'shenhe' => '�',
'zhiding' => '',
'xid' => '99999',
'llcishu' => '235'
),
'dhclass_infos' => array(
'dhclass' => '子页图'
)
),
(int) 2 => array(
'contents_infos' => array(
'ids' => '122',
'idss' => '17',
'idsss' => '8',
'title' => '瑞博思特',
'zuozhe' => '',
'laiyuan' => '',
'addtime' => '2018-08-30 18:38:38',
'neirong' => '',
'liandizhi' => '',
'pic' => '/img/upload/15356851931086.jpg',
'shenhe' => '�',
'zhiding' => '',
'xid' => '99999',
'llcishu' => '276'
),
'dhclass_infos' => array(
'dhclass' => '子页图'
)
)
)
$LxwmInfo = array(
(int) 0 => array(
'nry_infos' => array(
'ids' => '5',
'idss' => '15',
'idsss' => '7',
'title' => '瑞博思特(北京)科技有限公司 ',
'zuozhe' => '010-57489683',
'laiyuan' => 'sales@r-best.cn',
'liandizhi' => '010-57489683/18500300283',
'pic' => 'www.r-best.cn',
'neirong' => '北京市海淀区安宁庄26号315室',
'addtime' => '2018-08-03 00:00:00'
)
)
)
$FangALm = array(
(int) 0 => array(
'dhclass_infos' => array(
'ids' => '29',
'idss' => '4',
'dhclass' => 'SmartX 解决方案',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '解决方案'
)
),
(int) 1 => array(
'dhclass_infos' => array(
'ids' => '30',
'idss' => '4',
'dhclass' => 'Paloalto 解决方案',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '解决方案'
)
),
(int) 2 => array(
'dhclass_infos' => array(
'ids' => '31',
'idss' => '4',
'dhclass' => 'ForeScout 解决方案',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '解决方案'
)
),
(int) 3 => array(
'dhclass_infos' => array(
'ids' => '32',
'idss' => '4',
'dhclass' => 'SolarWinds解决方案',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '解决方案'
)
),
(int) 4 => array(
'dhclass_infos' => array(
'ids' => '33',
'idss' => '4',
'dhclass' => 'Juniper 解决方案',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '解决方案'
)
),
(int) 5 => array(
'dhclass_infos' => array(
'ids' => '34',
'idss' => '4',
'dhclass' => 'BlackBerry解决方案',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '解决方案'
)
),
(int) 6 => array(
'dhclass_infos' => array(
'ids' => '36',
'idss' => '4',
'dhclass' => 'Silver Peak解决方案',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '解决方案'
)
),
(int) 7 => array(
'dhclass_infos' => array(
'ids' => '37',
'idss' => '4',
'dhclass' => 'CISCO解决方案',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '解决方案'
)
)
)
$CanPLm = array(
(int) 0 => array(
'dhclass_infos' => array(
'ids' => '7',
'idss' => '3',
'dhclass' => 'CISCO',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '产品中心'
)
),
(int) 1 => array(
'dhclass_infos' => array(
'ids' => '8',
'idss' => '3',
'dhclass' => 'Juniper',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '产品中心'
)
),
(int) 2 => array(
'dhclass_infos' => array(
'ids' => '21',
'idss' => '3',
'dhclass' => 'Palo Alto',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '产品中心'
)
),
(int) 3 => array(
'dhclass_infos' => array(
'ids' => '22',
'idss' => '3',
'dhclass' => 'SolarWinds',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '产品中心'
)
),
(int) 4 => array(
'dhclass_infos' => array(
'ids' => '23',
'idss' => '3',
'dhclass' => ' Imperva',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '产品中心'
)
),
(int) 5 => array(
'dhclass_infos' => array(
'ids' => '24',
'idss' => '3',
'dhclass' => 'ForeScout',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '产品中心'
)
),
(int) 6 => array(
'dhclass_infos' => array(
'ids' => '25',
'idss' => '3',
'dhclass' => 'BlackBerry',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '产品中心'
)
),
(int) 7 => array(
'dhclass_infos' => array(
'ids' => '26',
'idss' => '3',
'dhclass' => 'SmartX超融合',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '产品中心'
)
),
(int) 8 => array(
'dhclass_infos' => array(
'ids' => '35',
'idss' => '3',
'dhclass' => 'Silver Peak',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '产品中心'
)
)
)
$SeoInfo = array(
(int) 0 => array(
'nry_infos' => array(
'ids' => '6',
'idss' => '100',
'idsss' => '100',
'title' => '瑞博思特',
'zuozhe' => '上海思科|上海 Juniper|上海PaloAlto|上海无线租赁|上海思科工业交换机|上海Imperva|上海SD-WAN|上海BlackBerry|上海SolarWinds',
'laiyuan' => '',
'liandizhi' => '上海思科,上海 Juniper,上海PaloAlto,上海无线租赁,上海思科工业交换机,上海Imperva,上海SD-WAN,上海BlackBerry,上海SolarWinds',
'pic' => '',
'neirong' => '上海思科,上海 Juniper,上海PaloAlto,上海无线租赁,上海思科工业交换机,上海Imperva,上海SD-WAN,上海BlackBerry,上海SolarWinds,瑞博思特',
'addtime' => '2018-08-04 00:00:00'
)
)
)
include - APP/View/IE/chan_l.ctp, line 9
View::_evaluate() - CORE/Cake/View/View.php, line 947
View::_render() - CORE/Cake/View/View.php, line 909
View::render() - CORE/Cake/View/View.php, line 471
Controller::render() - CORE/Cake/Controller/Controller.php, line 948
ChanController::Index() - APP/Controller/ChanController.php, line 79
ReflectionMethod::invokeArgs() - [internal], line ??
Controller::invokeAction() - CORE/Cake/Controller/Controller.php, line 486
Dispatcher::_invoke() - CORE/Cake/Routing/Dispatcher.php, line 187
Dispatcher::dispatch() - CORE/Cake/Routing/Dispatcher.php, line 162
[main] - APP/webroot/index.php, line 110
Warning (2): Invalid argument supplied for foreach() [APP/View/IE/chan_l.ctp, line 9]Code Context <div class="z_rbst_gsjj_dei_de">
<ul>
<?php foreach ($dhList as $i => $v): ?>
$viewFile = '/www/web/wx2014/wx/public_html/rbst/public_html/app/View/IE/chan_l.ctp'
$dataForView = array(
'newsList' => array(
(int) 0 => array(
'contents_infos' => array(
[maximum depth reached]
),
'dhclass_infos' => array(
[maximum depth reached]
)
),
(int) 1 => array(
'contents_infos' => array(
[maximum depth reached]
),
'dhclass_infos' => array(
[maximum depth reached]
)
),
(int) 2 => array(
'contents_infos' => array(
[maximum depth reached]
),
'dhclass_infos' => array(
[maximum depth reached]
)
),
(int) 3 => array(
'contents_infos' => array(
[maximum depth reached]
),
'dhclass_infos' => array(
[maximum depth reached]
)
),
(int) 4 => array(
'contents_infos' => array(
[maximum depth reached]
),
'dhclass_infos' => array(
[maximum depth reached]
)
),
(int) 5 => array(
'contents_infos' => array(
[maximum depth reached]
),
'dhclass_infos' => array(
[maximum depth reached]
)
)
),
'pageHtml' => '<span><a class="disabled" href='/Chan/index?&currpage=16'> < </a></span><a h href='/Chan/index?&currpage=12'>12</a><a h href='/Chan/index?&currpage=13'>13</a><a h href='/Chan/index?&currpage=14'>14</a><a h href='/Chan/index?&currpage=15'>15</a><a h href='/Chan/index?&currpage=16'>16</a><span class="current">17</span><a h href='/Chan/index?&currpage=18'>18</a><a h href='/Chan/index?&currpage=19'>19</a><a h href='/Chan/index?&currpage=20'>20</a><a h href='/Chan/index?&currpage=21'>21</a><a class="disabled" href='/Chan/index?&currpage=18'> > </a>',
'nids' => '',
'tid' => '',
'nid' => '',
'Lpic7' => array(
(int) 0 => array(
'nry_infos' => array(
[maximum depth reached]
)
)
),
'Lpic6' => array(
(int) 0 => array(
'nry_infos' => array(
[maximum depth reached]
)
)
),
'Lpic5' => array(
(int) 0 => array(
'nry_infos' => array(
[maximum depth reached]
)
)
),
'Lpic4' => array(
(int) 0 => array(
'nry_infos' => array(
[maximum depth reached]
)
)
),
'Lpic3' => array(
(int) 0 => array(
'nry_infos' => array(
[maximum depth reached]
)
)
),
'Lpic2' => array(
(int) 0 => array(
'nry_infos' => array(
[maximum depth reached]
)
)
),
'Lpic1' => array(
(int) 0 => array(
'nry_infos' => array(
[maximum depth reached]
)
)
),
'ZBannerList' => array(
(int) 0 => array(
'contents_infos' => array(
[maximum depth reached]
),
'dhclass_infos' => array(
[maximum depth reached]
)
),
(int) 1 => array(
'contents_infos' => array(
[maximum depth reached]
),
'dhclass_infos' => array(
[maximum depth reached]
)
),
(int) 2 => array(
'contents_infos' => array(
[maximum depth reached]
),
'dhclass_infos' => array(
[maximum depth reached]
)
)
),
'LxwmInfo' => array(
(int) 0 => array(
'nry_infos' => array(
[maximum depth reached]
)
)
),
'FangALm' => array(
(int) 0 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 1 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 2 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 3 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 4 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 5 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 6 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 7 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
)
),
'CanPLm' => array(
(int) 0 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 1 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 2 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 3 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 4 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 5 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 6 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 7 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
),
(int) 8 => array(
'dhclass_infos' => array(
[maximum depth reached]
),
'dh_infos' => array(
[maximum depth reached]
)
)
),
'SeoInfo' => array(
(int) 0 => array(
'nry_infos' => array(
[maximum depth reached]
)
)
)
)
$newsList = array(
(int) 0 => array(
'contents_infos' => array(
'ids' => '105',
'idss' => '8',
'idsss' => '3',
'title' => 'MX480',
'zuozhe' => '26',
'laiyuan' => '',
'addtime' => '2018-08-30 17:55:40',
'neirong' => '',
'liandizhi' => '',
'pic' => '',
'shenhe' => '�',
'zhiding' => '',
'xid' => '99999',
'llcishu' => '2734',
'pics' => '/img/upload/1535623542570.jpg'
),
'dhclass_infos' => array(
'dhclass' => 'Juniper'
)
),
(int) 1 => array(
'contents_infos' => array(
'ids' => '104',
'idss' => '8',
'idsss' => '3',
'title' => 'MX240',
'zuozhe' => '26',
'laiyuan' => '',
'addtime' => '2018-08-30 17:54:16',
'neirong' => '',
'liandizhi' => '',
'pic' => '',
'shenhe' => '�',
'zhiding' => '',
'xid' => '99999',
'llcishu' => '2611',
'pics' => '/img/upload/1535623492673.jpg'
),
'dhclass_infos' => array(
'dhclass' => 'Juniper'
)
),
(int) 2 => array(
'contents_infos' => array(
'ids' => '103',
'idss' => '8',
'idsss' => '3',
'title' => 'MX104',
'zuozhe' => '26',
'laiyuan' => '',
'addtime' => '2018-08-30 17:54:01',
'neirong' => '<strong>产品概述</strong><br />
瞻博网络MX104 3D通用边缘路由器 为移动、企业广域网、商业和住宅接 入服务而优化。MX104采用了为中 央局(CO)而优化的MX系列机箱,通 过支持一个冗余的控制平面来实现高 可用性,它为适应环境温度改进了设 计,可以部署在配线间以外和远程终 端环境。它还提供带内服务,将服务 边缘扩展到汇聚层。MX104采用了 业内领先的定时和同步技术,能够改 善移动宽带用户的体验(QoE),它通 过Junos Space网络管理平台进行管 理,支持快速进行服务设计并降低总 体拥有成本。<br />
<p>
<p>
<strong>产品说明 </strong>
</p>
<p>
瞻博网络MX104 3D通用边缘路由器的推出,旨在响应向城域网架构的迁移,在这种架 构中,汇聚层负责为电信运营商边缘提供支持。MX104能够简化城域网架构,消除不必 要的层,并显著降低购置成本和运行成本。通过简化架构和降低成本,电信运营商和企 业就能够基于MX104,实施新的“Edge Anywhere”(处处是边缘)的模式。
</p>
瞻博网络MX104 3D通用边缘路由器为移动、企业广域网、商业和住宅接入服务而优 化。MX104采用一种设计紧凑的3.5U ETSI机箱,它支持80Gbps的吞吐率,为同类产 品确立了一种新的端口密度标准。MX104提供:<br />
• 4个模块化接口卡(MIC)插槽,支持多种接口类型,从而提供灵活的配置选项 • 支持所有的MX系列Type 1和双宽MIC,为客户提供投资保护 • 冗余的控制平面和电源,提供高可用性支持 • 为适应环境温度改进了设计,降低了功耗,可以部署在极端温度环境中,如配线间以 外和远程POP • 瞻博网络屡获殊荣的Trio ASIC和Junos操作系统,支持城域网汇聚层成为“新的分布 式边缘” • 提供与MX系列路由器一样的带内服务,如网络地址转换(NAT)和流量监控 • 高度可扩展和可靠的、基于硬件的定时技术,能够满足频率和相位同步方面最严格的 LTE要求,从而改善移动带宽用户的体验(QoE) • Junos Space Service Activation Director,能够最大程度地降低配置和端到端解决 方案管理的成本<br />
<div>
<br />
</div>
</p>',
'liandizhi' => '',
'pic' => '',
'shenhe' => '�',
'zhiding' => '',
'xid' => '99999',
'llcishu' => '3024',
'pics' => '/img/upload/1535623448199.jpg'
),
'dhclass_infos' => array(
'dhclass' => 'Juniper'
)
),
(int) 3 => array(
'contents_infos' => array(
'ids' => '102',
'idss' => '18',
'idsss' => '2',
'title' => '比WannaCry更厉害的勒索软件来袭,目标瞄准Linux和Windows服务器',
'zuozhe' => '',
'laiyuan' => '',
'addtime' => '2018-08-30 17:51:41',
'neirong' => '<p style="text-indent:2em;">
<br />
</p>
<p style="text-indent:2em;">
转载 (原创: 折腰的五斗米 黑客视界 1周前)
</p>
<p style="text-indent:2em;">
来自Palo Alto Networks公司旗下Unit 42威胁研究团队的安全研究员Claud Xiao、Cong Zheng和Xingyu Jin在本周一(9月17日)发布的一篇博文中指出,他们发现了一个针对Linux和Windows服务器的新型恶意软件家族,并将其命名为“Xbash”。
</p>
<p style="text-indent:2em;">
根据Unit 42研究人员的说法,Xbash是一个僵尸网络和勒索软件的结合体,具有自我传播的功能,类似于WannaCry或Petya/NotPetya所展现的蠕虫特性。另外,它还具有一些尚未启用的功能,这些功能在启用之后将允许Xbash能够在目标网络中快速传播,而这一点同样类似于WannaCry或Petya/NotPetya。
</p>
<p style="text-indent:2em;">
值得注意的是,与其说Xbash是一款勒索软件,倒不如说它是一个数据擦除器。在这一点上,它与NotPetya非常类似。也就是说,它会对受害者数据造成永久性的破坏,即使是受害者支付赎金,这些数据也不可能得到恢复。
</p>
<p style="text-indent:2em;">
由Iron黑客组织开发,利用已知漏洞感染服务器
</p>
<p style="text-indent:2em;">
Unit 42的研究人员表示,他们在经过分析后发现,Xbash是由长期以来一直保持活跃的黑客组织Iron(又名Rocke)在今年开发的。根据恶意代码主模块的名称,他们将该恶意软件家族命名为了“Xbash”。
</p>
<p style="text-indent:2em;">
在此之前,Iron组织曾开发并传播了大量的加密货币矿工和加密货币交易劫持木马,主要针对的是Windows,只有少数针对Linux。因此,Xbash可以说是该组织一个升级后的工具,目标是找出那些使用弱密码或存在漏洞的服务器,清空受害者的MySQL、PostgreSQL和MongoDB数据库,并要求受害者以比特币支付赎金。
</p>
<p style="text-indent:2em;">
根据Unit 42研究人员的说法,Xbash主要利用了Hadoop(一个由Apache基金会所开发的分布式系统基础架构)、Redis(一个开源的使用ANSI C语言编写、支持网络、可基于内存亦可持久化的日志型、Key-Value数据库,并提供多种语言的API)和ActiveMQ(Apache出品的开源消息总线)中的三个已知漏洞来实现自我传播或感染目标服务器。这包括:
</p>
<p style="text-indent:2em;">
Hadoop YARN ResourceManager无需身份验证的命令执行漏洞,于2016年10月首次被公开披露,未分配CVE编号。
</p>
<p style="text-indent:2em;">
Redis任意文件写入和远程命令执行漏洞,于2015年10月首次被公开披露,未分配CVE编号。
</p>
<p style="text-indent:2em;">
ActiveMQ任意文件写入漏洞,CVE-2016-3088。
</p>
<p style="text-indent:2em;">
采用Python编写,目前已有四种不同版本被发现
</p>
<p style="text-indent:2em;">
到目前为止,Unit 42的研究人员表示他们已经发现了四种不同版本的Xbash。从这些版本之间代码和时间戳的差异可以看出,该勒索软件家族仍在被积极地开发。
</p>
<p style="text-indent:2em;">
Xbash是采用Python编写的,并且通过PyInstaller转换成PE可执行文件。根据Unit 42研究人员的说法,这种技术也曾被其他恶意软件开发者所使用,它具有如下几个优点:
</p>
<p style="text-indent:2em;">
开发更快、更容易:使用Python开发恶意软件比使用C、C ++或Go更快、更容易,从而使得恶意软件能够在短时间内快速发展;
</p>
<p style="text-indent:2em;">
安装简单且可靠:通过PyInstaller创建的可执行文件,其中包含了所有必需的依赖项,包括Python运行时、库、用户库和第三方库。鉴于Linux安装和环境的多样性,攻击者往往无法确定基于Python的恶意软件是否能够成功安装和运行。但通过PyInstaller转换成PE可执行文件之后,攻击者就可以确保恶意软件能够成功地安装在目标系统上。
</p>
<p style="text-indent:2em;">
反检测功能:PyInstaller的代码编译、代码压缩/转换以及加密功能,有助于恶意软件绕过防病毒/反恶意软件引擎或静态分析的检测。在Claud Xiao、Cong Zheng和Xingyu Jin编写他们的博文时,Xbash在VirusTotal上的检出率仅为1/57,如下图所示。
</p>
<p style="text-indent:2em;">
跨平台恶意软件:PyInstaller可以将同一段Python代码转换成Windows、Apple macOS和Linux的二进制文件,这使恶意软件真正能够实现跨平台。
</p>
<p style="text-indent:2em;">
通过扫描TCP或UDP端口寻找目标,已收获六千美元
</p>
<p style="text-indent:2em;">
根据Unit 42研究人员的说法,Xbash会基于域名和IP地址来进行扫描。如果扫描的是IP地址,那么它将尝试扫描众多TCP或UDP端口,以下是其中一部分:
</p>
<p style="text-indent:2em;">
HTTP: 80, 8080, 8888, 8000, 8001, 8088
</p>
<p style="text-indent:2em;">
VNC: 5900, 5901, 5902, 5903
</p>
<p style="text-indent:2em;">
MySQL: 3306
</p>
<p style="text-indent:2em;">
Mmcached: 11211
</p>
<p style="text-indent:2em;">
MySQL/MariaDB: 3309, 3308,3360 3306, 3307, 9806, 1433
</p>
<p style="text-indent:2em;">
FTP: 21
</p>
<p style="text-indent:2em;">
Telnet: 23, 2323
</p>
<p style="text-indent:2em;">
PostgreSQL: 5432
</p>
<p style="text-indent:2em;">
Redis: 6379, 2379
</p>
<p style="text-indent:2em;">
ElasticSearch: 9200
</p>
<p style="text-indent:2em;">
MongoDB: 27017
</p>
<p style="text-indent:2em;">
RDP: 3389
</p>
<p style="text-indent:2em;">
UPnP/SSDP: 1900
</p>
<p style="text-indent:2em;">
NTP: 123
</p>
<p style="text-indent:2em;">
DNS: 53
</p>
<p style="text-indent:2em;">
SNMP: 161
</p>
<p style="text-indent:2em;">
LDAP: 389
</p>
<p style="text-indent:2em;">
Rexec: 512
</p>
<p style="text-indent:2em;">
Rlogin: 513
</p>
<p style="text-indent:2em;">
Rsh: 514
</p>
<p style="text-indent:2em;">
Rsync: 873
</p>
<p style="text-indent:2em;">
Oracle database: 1521
</p>
<p style="text-indent:2em;">
CouchDB: 5984
</p>
<p style="text-indent:2em;">
对于某些服务,如VNC、Rsync、MySQL、MariaDB、Memcached、PostgreSQL、MongoDB和phpMyAdmin,如果相关端口是打开的,那么Xbash将使用内置的弱用户名/密码字典来尝试登录这些服务,如下图所示。值得注意的是,字典还包含Telnet、FTP和Redis等服务的通用或默认密码。
</p>
<p style="text-indent:2em;">
如果Xbash成功登录到了包括MySQL、MongoDB和PostgreSQL在内的服务,它将清空服务器中几乎所有现有数据库(除了存储用户登录信息的一些数据库),然后创建一个名为“PLEASE_READ_ME_XYZ”的新数据库,并插入一个名为“WARNING”的新表,用于显示勒索信息.
</p>
<p style="text-indent:2em;">
从勒索信息来看,攻击者的赎金需求金额为0.02枚比特币,并威胁受害者“如果我们没有收到你的付款,我们将泄露你的数据库”。自2018年5月以来,攻击者的钱包有48笔交易,总收入约为0.964枚比特币(约价值6000美元)。
</p>
<p style="text-indent:2em;">
总结和安全建议
</p>
<p style="text-indent:2em;">
Xbash是一种相对较新且较复杂的恶意软件,也是一个活跃的网络犯罪组织的最新作品。它目前能够针对Linux和Windows系统实施攻击,但鉴于PyInstaller的使用,我们并不排除未来会有针对其他系统的版本出现。
</p>
<p style="text-indent:2em;">
想要避免或减轻Xbash所带来的危害,我们可以采取以下措施:
</p>
<p style="text-indent:2em;">
使用相对复杂的密码,并经常更新(切记不要使用默认密码);
</p>
<p style="text-indent:2em;">
及时了解系统安全更新;
</p>
<p style="text-indent:2em;">
在操作系统上实施端点保护;
</p>
<p style="text-indent:2em;">
严格限制某些服务的联网访问权限;
</p>
<p style="text-indent:2em;">
对关键数据进行备份。
</p>
<p style="text-indent:2em;">
<br />
</p>',
'liandizhi' => '',
'pic' => '/img/upload/15381907966497.jpg',
'shenhe' => '�',
'zhiding' => '',
'xid' => '99999',
'llcishu' => '2486',
'pics' => ''
),
'dhclass_infos' => array(
'dhclass' => '行业资讯'
)
),
(int) 4 => array(
'contents_infos' => array(
'ids' => '96',
'idss' => '4',
'idsss' => '1',
'title' => '2018年',
'zuozhe' => '',
'laiyuan' => '',
'addtime' => '2018-09-26 17:00:14',
'neirong' => '<p style="text-indent:2em;">
上海办事处成立,服务体系完善
</p>',
'liandizhi' => '',
'pic' => '/images/nopic.jpg',
'shenhe' => '�',
'zhiding' => '',
'xid' => '99999',
'llcishu' => '249',
'pics' => ''
),
'dhclass_infos' => array(
'dhclass' => '发展历程'
)
),
(int) 5 => array(
'contents_infos' => array(
'ids' => '95',
'idss' => '4',
'idsss' => '1',
'title' => '2017年',
'zuozhe' => '',
'laiyuan' => '',
'addtime' => '2018-09-26 17:00:01',
'neirong' => '<p style="text-indent:2em;">
确立公司发展方向:安全、服务
</p>',
'liandizhi' => '',
'pic' => '/images/nopic.jpg',
'shenhe' => '�',
'zhiding' => '',
'xid' => '99999',
'llcishu' => '245',
'pics' => ''
),
'dhclass_infos' => array(
'dhclass' => '发展历程'
)
)
)
$pageHtml = '<span><a class="disabled" href='/Chan/index?&currpage=16'> < </a></span><a h href='/Chan/index?&currpage=12'>12</a><a h href='/Chan/index?&currpage=13'>13</a><a h href='/Chan/index?&currpage=14'>14</a><a h href='/Chan/index?&currpage=15'>15</a><a h href='/Chan/index?&currpage=16'>16</a><span class="current">17</span><a h href='/Chan/index?&currpage=18'>18</a><a h href='/Chan/index?&currpage=19'>19</a><a h href='/Chan/index?&currpage=20'>20</a><a h href='/Chan/index?&currpage=21'>21</a><a class="disabled" href='/Chan/index?&currpage=18'> > </a>'
$nids = ''
$tid = ''
$nid = ''
$Lpic7 = array(
(int) 0 => array(
'nry_infos' => array(
'ids' => '8',
'idss' => '100',
'idsss' => '7',
'title' => '',
'zuozhe' => '',
'laiyuan' => '',
'liandizhi' => '',
'pic' => '/img/upload/15355366666269.jpg',
'neirong' => '',
'addtime' => '2018-08-29 00:00:00'
)
)
)
$Lpic6 = array(
(int) 0 => array(
'nry_infos' => array(
'ids' => '9',
'idss' => '100',
'idsss' => '6',
'title' => '',
'zuozhe' => '',
'laiyuan' => '',
'liandizhi' => '',
'pic' => '/img/upload/15355378829148.jpg',
'neirong' => '',
'addtime' => '2018-08-29 00:00:00'
)
)
)
$Lpic5 = array(
(int) 0 => array(
'nry_infos' => array(
'ids' => '10',
'idss' => '100',
'idsss' => '5',
'title' => '',
'zuozhe' => '',
'laiyuan' => '',
'liandizhi' => '',
'pic' => '/img/upload/15355380273789.jpg',
'neirong' => '',
'addtime' => '2018-08-29 00:00:00'
)
)
)
$Lpic4 = array(
(int) 0 => array(
'nry_infos' => array(
'ids' => '11',
'idss' => '100',
'idsss' => '4',
'title' => '',
'zuozhe' => '',
'laiyuan' => '',
'liandizhi' => '',
'pic' => '/img/upload/15355381043509.jpg',
'neirong' => '',
'addtime' => '2018-08-29 00:00:00'
)
)
)
$Lpic3 = array(
(int) 0 => array(
'nry_infos' => array(
'ids' => '13',
'idss' => '100',
'idsss' => '3',
'title' => '',
'zuozhe' => '',
'laiyuan' => '',
'liandizhi' => '',
'pic' => '/img/upload/15355383912478.jpg',
'neirong' => '',
'addtime' => '2018-08-29 00:00:00'
)
)
)
$Lpic2 = array(
(int) 0 => array(
'nry_infos' => array(
'ids' => '12',
'idss' => '100',
'idsss' => '2',
'title' => '',
'zuozhe' => '',
'laiyuan' => '',
'liandizhi' => '',
'pic' => '/img/upload/15355385418313.jpg',
'neirong' => '',
'addtime' => '2018-08-29 00:00:00'
)
)
)
$Lpic1 = array(
(int) 0 => array(
'nry_infos' => array(
'ids' => '7',
'idss' => '100',
'idsss' => '1',
'title' => '',
'zuozhe' => '',
'laiyuan' => '',
'liandizhi' => '',
'pic' => '/img/upload/15355361994471.jpg',
'neirong' => '',
'addtime' => '2018-08-06 00:00:00'
)
)
)
$ZBannerList = array(
(int) 0 => array(
'contents_infos' => array(
'ids' => '133',
'idss' => '17',
'idsss' => '8',
'title' => '瑞博思特',
'zuozhe' => '',
'laiyuan' => '',
'addtime' => '2018-09-04 17:43:36',
'neirong' => '',
'liandizhi' => '',
'pic' => '/img/upload/15360542314880.jpg',
'shenhe' => '�',
'zhiding' => '',
'xid' => '99999',
'llcishu' => '264'
),
'dhclass_infos' => array(
'dhclass' => '子页图'
)
),
(int) 1 => array(
'contents_infos' => array(
'ids' => '132',
'idss' => '17',
'idsss' => '8',
'title' => '瑞博思特',
'zuozhe' => '',
'laiyuan' => '',
'addtime' => '2018-09-04 16:51:30',
'neirong' => '',
'liandizhi' => '',
'pic' => '/img/upload/15371636995303.jpg',
'shenhe' => '�',
'zhiding' => '',
'xid' => '99999',
'llcishu' => '235'
),
'dhclass_infos' => array(
'dhclass' => '子页图'
)
),
(int) 2 => array(
'contents_infos' => array(
'ids' => '122',
'idss' => '17',
'idsss' => '8',
'title' => '瑞博思特',
'zuozhe' => '',
'laiyuan' => '',
'addtime' => '2018-08-30 18:38:38',
'neirong' => '',
'liandizhi' => '',
'pic' => '/img/upload/15356851931086.jpg',
'shenhe' => '�',
'zhiding' => '',
'xid' => '99999',
'llcishu' => '276'
),
'dhclass_infos' => array(
'dhclass' => '子页图'
)
)
)
$LxwmInfo = array(
(int) 0 => array(
'nry_infos' => array(
'ids' => '5',
'idss' => '15',
'idsss' => '7',
'title' => '瑞博思特(北京)科技有限公司 ',
'zuozhe' => '010-57489683',
'laiyuan' => 'sales@r-best.cn',
'liandizhi' => '010-57489683/18500300283',
'pic' => 'www.r-best.cn',
'neirong' => '北京市海淀区安宁庄26号315室',
'addtime' => '2018-08-03 00:00:00'
)
)
)
$FangALm = array(
(int) 0 => array(
'dhclass_infos' => array(
'ids' => '29',
'idss' => '4',
'dhclass' => 'SmartX 解决方案',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '解决方案'
)
),
(int) 1 => array(
'dhclass_infos' => array(
'ids' => '30',
'idss' => '4',
'dhclass' => 'Paloalto 解决方案',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '解决方案'
)
),
(int) 2 => array(
'dhclass_infos' => array(
'ids' => '31',
'idss' => '4',
'dhclass' => 'ForeScout 解决方案',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '解决方案'
)
),
(int) 3 => array(
'dhclass_infos' => array(
'ids' => '32',
'idss' => '4',
'dhclass' => 'SolarWinds解决方案',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '解决方案'
)
),
(int) 4 => array(
'dhclass_infos' => array(
'ids' => '33',
'idss' => '4',
'dhclass' => 'Juniper 解决方案',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '解决方案'
)
),
(int) 5 => array(
'dhclass_infos' => array(
'ids' => '34',
'idss' => '4',
'dhclass' => 'BlackBerry解决方案',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '解决方案'
)
),
(int) 6 => array(
'dhclass_infos' => array(
'ids' => '36',
'idss' => '4',
'dhclass' => 'Silver Peak解决方案',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '解决方案'
)
),
(int) 7 => array(
'dhclass_infos' => array(
'ids' => '37',
'idss' => '4',
'dhclass' => 'CISCO解决方案',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '解决方案'
)
)
)
$CanPLm = array(
(int) 0 => array(
'dhclass_infos' => array(
'ids' => '7',
'idss' => '3',
'dhclass' => 'CISCO',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '产品中心'
)
),
(int) 1 => array(
'dhclass_infos' => array(
'ids' => '8',
'idss' => '3',
'dhclass' => 'Juniper',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '产品中心'
)
),
(int) 2 => array(
'dhclass_infos' => array(
'ids' => '21',
'idss' => '3',
'dhclass' => 'Palo Alto',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '产品中心'
)
),
(int) 3 => array(
'dhclass_infos' => array(
'ids' => '22',
'idss' => '3',
'dhclass' => 'SolarWinds',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '产品中心'
)
),
(int) 4 => array(
'dhclass_infos' => array(
'ids' => '23',
'idss' => '3',
'dhclass' => ' Imperva',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '产品中心'
)
),
(int) 5 => array(
'dhclass_infos' => array(
'ids' => '24',
'idss' => '3',
'dhclass' => 'ForeScout',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '产品中心'
)
),
(int) 6 => array(
'dhclass_infos' => array(
'ids' => '25',
'idss' => '3',
'dhclass' => 'BlackBerry',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '产品中心'
)
),
(int) 7 => array(
'dhclass_infos' => array(
'ids' => '26',
'idss' => '3',
'dhclass' => 'SmartX超融合',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '产品中心'
)
),
(int) 8 => array(
'dhclass_infos' => array(
'ids' => '35',
'idss' => '3',
'dhclass' => 'Silver Peak',
'ym' => '',
'pic' => '',
'xid' => '99999',
'shenhe' => '�'
),
'dh_infos' => array(
'dh' => '产品中心'
)
)
)
$SeoInfo = array(
(int) 0 => array(
'nry_infos' => array(
'ids' => '6',
'idss' => '100',
'idsss' => '100',
'title' => '瑞博思特',
'zuozhe' => '上海思科|上海 Juniper|上海PaloAlto|上海无线租赁|上海思科工业交换机|上海Imperva|上海SD-WAN|上海BlackBerry|上海SolarWinds',
'laiyuan' => '',
'liandizhi' => '上海思科,上海 Juniper,上海PaloAlto,上海无线租赁,上海思科工业交换机,上海Imperva,上海SD-WAN,上海BlackBerry,上海SolarWinds',
'pic' => '',
'neirong' => '上海思科,上海 Juniper,上海PaloAlto,上海无线租赁,上海思科工业交换机,上海Imperva,上海SD-WAN,上海BlackBerry,上海SolarWinds,瑞博思特',
'addtime' => '2018-08-04 00:00:00'
)
)
)
include - APP/View/IE/chan_l.ctp, line 9
View::_evaluate() - CORE/Cake/View/View.php, line 947
View::_render() - CORE/Cake/View/View.php, line 909
View::render() - CORE/Cake/View/View.php, line 471
Controller::render() - CORE/Cake/Controller/Controller.php, line 948
ChanController::Index() - APP/Controller/ChanController.php, line 79
ReflectionMethod::invokeArgs() - [internal], line ??
Controller::invokeAction() - CORE/Cake/Controller/Controller.php, line 486
Dispatcher::_invoke() - CORE/Cake/Routing/Dispatcher.php, line 187
Dispatcher::dispatch() - CORE/Cake/Routing/Dispatcher.php, line 162
[main] - APP/webroot/index.php, line 110
