Skip to main content

JEAP 5 - 防止駭客入侵,加強安全性。幫J老闆把 "嗶~" 藏起來吧。

因為年紀還小 XD 逃~所以接觸J老闆的時間還不多~
(大藍才是我的啓蒙老師阿~)
可是在這個短短的時間內,已經有幾處爆出J老闆被駭客侵犯的Case 了!

今天又有一個受災戶來報到~ (ㄟ~ 我這裡不是警察局!不用來報案!
為了不要讓災情再擴大我要站出來呼籲各位!關心一下你的J老闆吧~
不管它是 4.x的老古董,還是最新的 6.x ....

===================================================
以下為某位駭客的心聲
===================================================
要駭客JBoss 實在是太簡單了,
哇哈哈~而且還不用弄那些亂七八糟的工具~
直接用瀏覽器就可以辦到了!!哇哈哈哈!

A.先寫一個JSP 檔案,
   專門存取資料放資料抓MBean的程式 (為了不要助長犯罪,程式嗶~~帶過)
B.在網路上找個冤大頭~(為了不要助長犯罪,方法嗶~~帶過)
C.試試看JBoss 上 console default 的密碼有沒有改~沒有? 哈~ 你完蛋了!
D.開始駭客 @#$%^&*($%^&*

(為了不要助長不良風氣,方法我恕不提供。如果你真的想知道,請私下聯絡我吧!)


===================================================
保護J老闆! 簡單兩步驟!
===================================================



1. 把該藏的藏起來吧!
    JMX console 跟 Admin console 請不要暴露在Internet 上。
    這是管理用的功能,非必要不適合連接至外部網路。有些人在設定連接Apache 的時候
    會順便 (=_=)把這兩個設定上去。請不要醬做了!
    把uriworkermap.properties 上的設定拿掉吧!











2. 把預設的密碼改掉!這道理很簡單,如果今天開卡銀行給你的金融卡密碼預設是 0000,
    你會不會換? 不要跟我說你不會。。。OTZ 這樣撿到你錢包的人應該會感謝你吧!
    知道改密碼的地方吧?

    jboss-eap-5.1/jboss-as/server/$XXXNODE/conf/props/jmx-console-users.properties


除了最常被駭客的兩個點之外,應用程式的撰寫方式也會影響被安全的強度,
所以定時用一些弱點掃描軟體掃描一下,也是必需的噢!


Comments

Popular posts from this blog

Red Hat JBoss Fuse - Getting Started with Fuse Integration Service 2.0 Tech preview

I just realized that I did not do a getting started for Fuse Integration Service 2.0 Tech preview before I did the pipeline demo, thanks for those of you who reminded me! :)

To get started with FIS 2.0, for people who has just getting to know the technology, here is how I interpret it. Basically, it's divide into two aspect,

1. Integration development, FIS uses Apache Camel as the core technology that creates, orchestrate, compose microservices into a super lightweight thin integration layer, and become the API provider and service orchestrator through exposing RESTful or messaging service endpoints. And you can choose to either package and run it with Spring-Boot or Karaf.


2. Application Deployment and Management, FIS takes advantages of OpenShift platform, and allows you to separately deploy the micro-integration service among distributed environment, at the same time takes care of the failover, high availability, load balancing and service lookup problem for you.


So, now we know …

Red Hat JBoss Fuse/A-MQ - Fuse and A-MQ Version 6.3 GA is released!

Fuse and A-MQ 6.3 GA has just went out. Maybe, you would think this is just only a minor version release why should I care? Hold your thoughts on that! Because they have done a lot of improvements and also added many new features into this release.

Besides various bug fixes and making sure Fuse Fabric is much more stable. There are two major change in this version update:

New Tooling in JBoss Developer Studio (JBDS) 9.1 GA. Newer Apache Camel version – Camel v2.17. I was really impressed by the work put in to make developing Camel application much simpler. First is the installation of tooling itself. Now it has a all-in-one installer so you don't need to worry about which plugins you need to check. See the videos below to see the new "Getting Started" of Fuse 6.3.



And If you notice from the above video, the presentation of camel route in JBDS has also updated. It fixed some of the miss representation of logic and making it easier to read.

Old Camel Route
New Camel Route
On …

Fuse Integration Service - Setup JBDS and create first quickstart application

Before we go and start creating our first application, I want to show you how to setup your JBoss Developer Studio, create a small application from the quickstart example and then running it on Fuse Integration Service.

I am using JBoss Developer Studio version 9, you can find it here.
After download the

jboss-devstudio-9.0.0.GA-installer-eap.jar
double-click it, and start installing with default values.

After successful installation, we will need install the plugins for Fuse, on JBoss Central view, select software update, select enable early access.


And select JBoss Fuse Development for the plugin,


Click on install, and we are all set to go!

First thing first, we want to create a Fuse project to deploy on the base of Fuse Integration Service, which is OpenShift. If you have not installed it, please go back to my previous post for instructions. So on your JBDS, right click and start creating the project. Select new, maven project, if you have installed the plugin correctly, you should …