Skip to content

Commit 89a1f74

Browse files
runshellrunshell
committed
deploy: 5c91c9e 
1 parent 0ba69d6 commit 89a1f74

5 files changed

Lines changed: 153 additions & 153 deletions

File tree

categories/网络安全/index.xml

Lines changed: 34 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -1,34 +1,34 @@
1-
<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>网络安全 on runshell</title><link>https://runshell.github.io/categories/%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8/</link><description>Recent content in 网络安全 on runshell</description><generator>Hugo -- gohugo.io</generator><language>zh-CN</language><lastBuildDate>Mon, 15 Jul 2024 14:30:00 +0800</lastBuildDate><atom:link href="https://runshell.github.io/categories/%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8/index.xml" rel="self" type="application/rss+xml"/><item><title>Centos Stream9安装Arkime</title><link>https://runshell.github.io/post/%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8/centos-stream9%E5%AE%89%E8%A3%85arkime/</link><pubDate>Mon, 15 Jul 2024 14:30:00 +0800</pubDate><guid>https://runshell.github.io/post/%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8/centos-stream9%E5%AE%89%E8%A3%85arkime/</guid><description>&lt;img src="https://runshell.github.io/images/Arkime_Logo.png" alt="Featured image of post Centos Stream9安装Arkime" />&lt;h1 id="下载包">下载包
2-
&lt;/h1>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>wget https://mirror.ghproxy.com/https://github.com/arkime/arkime/releases/download/v4.3.0/arkime-4.3.0-1.el9.x86_64.rpm
3-
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h1 id="安装依赖">安装依赖
4-
&lt;/h1>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>yum install -y perl-libwww-perl perl-JSON perl-LWP-Protocol-https
5-
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h1 id="安装-arkime">安装 arkime
6-
&lt;/h1>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>rpm -i arkime-4.3.0-1.el9.x86_64.rpm
7-
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h1 id="阅读-readme">阅读 readme
8-
&lt;/h1>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>cat /opt/arkime/README.txt
9-
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h1 id="查看网卡清楚管理口网卡和用于接收镜像的网卡">查看网卡,清楚管理口网卡和用于接收镜像的网卡
10-
&lt;/h1>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>ifconfig
11-
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h1 id="执行配置脚本进行交互式配置">执行配置脚本进行交互式配置
12-
&lt;/h1>&lt;p>根据提示选择镜像网卡,输入密码等。配置过程会自动安装 elasticsearch,如果是内网机需手动安装,elasticsearch 可自行安装,本机部署建议监听 127.0.0.1&lt;/p>
1+
<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>网络安全 on runshell</title><link>https://runshell.github.io/categories/%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8/</link><description>Recent content in 网络安全 on runshell</description><generator>Hugo -- gohugo.io</generator><language>zh-CN</language><lastBuildDate>Mon, 15 Jul 2024 14:30:00 +0800</lastBuildDate><atom:link href="https://runshell.github.io/categories/%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8/index.xml" rel="self" type="application/rss+xml"/><item><title>Centos Stream9安装Arkime</title><link>https://runshell.github.io/post/%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8/centos-stream9%E5%AE%89%E8%A3%85arkime/</link><pubDate>Mon, 15 Jul 2024 14:30:00 +0800</pubDate><guid>https://runshell.github.io/post/%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8/centos-stream9%E5%AE%89%E8%A3%85arkime/</guid><description>&lt;img src="https://runshell.github.io/images/Arkime_Logo.png" alt="Featured image of post Centos Stream9安装Arkime" />&lt;h2 id="下载包">下载包
2+
&lt;/h2>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>wget https://mirror.ghproxy.com/https://github.com/arkime/arkime/releases/download/v4.3.0/arkime-4.3.0-1.el9.x86_64.rpm
3+
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="安装依赖">安装依赖
4+
&lt;/h2>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>yum install -y perl-libwww-perl perl-JSON perl-LWP-Protocol-https
5+
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="安装-arkime">安装 arkime
6+
&lt;/h2>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>rpm -i arkime-4.3.0-1.el9.x86_64.rpm
7+
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="阅读-readme">阅读 readme
8+
&lt;/h2>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>cat /opt/arkime/README.txt
9+
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="查看网卡清楚管理口网卡和用于接收镜像的网卡">查看网卡,清楚管理口网卡和用于接收镜像的网卡
10+
&lt;/h2>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>ifconfig
11+
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="执行配置脚本进行交互式配置">执行配置脚本进行交互式配置
12+
&lt;/h2>&lt;p>根据提示选择镜像网卡,输入密码等。配置过程会自动安装 elasticsearch,如果是内网机需手动安装,elasticsearch 可自行安装,本机部署建议监听 127.0.0.1&lt;/p>
1313
&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>/opt/arkime/bin/Configure
14-
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h1 id="启动服务">启动服务
15-
&lt;/h1>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>systemctl start elasticsearch.service
14+
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="启动服务">启动服务
15+
&lt;/h2>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>systemctl start elasticsearch.service
1616
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#75715e"># 开机自启&lt;/span>
1717
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>systemctl enable elasticsearch.service
1818
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>netstat -lnp | grep &lt;span style="color:#ae81ff">9200&lt;/span>
19-
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h1 id="初始化-elasticsearch">初始化 elasticsearch
20-
&lt;/h1>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>/opt/arkime/db/db.pl http://127.0.0.1:9200 init
21-
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h1 id="添加-web-管理员账号">添加 web 管理员账号
22-
&lt;/h1>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>/opt/arkime/bin/arkime_add_user.sh cbtdadmin &lt;span style="color:#e6db74">&amp;#34;Admin User&amp;#34;&lt;/span> fuzak0uling --admin
23-
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h1 id="启动服务-1">启动服务
24-
&lt;/h1>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>systemctl start arkimecapture.service
19+
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="初始化-elasticsearch">初始化 elasticsearch
20+
&lt;/h2>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>/opt/arkime/db/db.pl http://127.0.0.1:9200 init
21+
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="添加-web-管理员账号">添加 web 管理员账号
22+
&lt;/h2>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>/opt/arkime/bin/arkime_add_user.sh cbtdadmin &lt;span style="color:#e6db74">&amp;#34;Admin User&amp;#34;&lt;/span> fuzak0uling --admin
23+
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="启动服务-1">启动服务
24+
&lt;/h2>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>systemctl start arkimecapture.service
2525
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>systemctl start arkimeviewer.service
2626
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>systemctl enable arkimecapture.service
2727
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>systemctl enable arkimeviewer.service
2828
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>
2929
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>netstat -lnp | grep &lt;span style="color:#ae81ff">8005&lt;/span>
30-
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h1 id="出现-bug-查看日志">出现 bug 查看日志
31-
&lt;/h1>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>cat /opt/arkime/logs/viewer.log
30+
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="出现-bug-查看日志">出现 bug 查看日志
31+
&lt;/h2>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>cat /opt/arkime/logs/viewer.log
3232
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>cat /opt/arkime/logs/capture.log
3333
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>
3434
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#75715e"># 出现 bug 查看 seLinux 开关&lt;/span>
@@ -39,22 +39,22 @@
3939
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>
4040
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>firewall-cmd --add-rich-rule&lt;span style="color:#f92672">=&lt;/span>&lt;span style="color:#e6db74">&amp;#39;rule family=&amp;#34;ipv4&amp;#34; source address=&amp;#34;10.x.x.x&amp;#34; port port=8005 protocol=&amp;#34;tcp&amp;#34; accept&amp;#39;&lt;/span>
4141
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>firewall-cmd --runtime-to-permanent
42-
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h1 id="可能缺失的文件">可能缺失的文件
43-
&lt;/h1>&lt;h2 id="国内访问需要使用镜像站">国内访问需要使用镜像站
44-
&lt;/h2>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>wget &lt;span style="color:#e6db74">&amp;#34; https://mirror.ghproxy.com/https://raw.githubusercontent.com/wireshark/wireshark/master/manuf&amp;#34;&lt;/span>
42+
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="可能缺失的文件">可能缺失的文件
43+
&lt;/h2>&lt;h3 id="国内访问需要使用镜像站">国内访问需要使用镜像站
44+
&lt;/h3>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>wget &lt;span style="color:#e6db74">&amp;#34; https://mirror.ghproxy.com/https://raw.githubusercontent.com/wireshark/wireshark/master/manuf&amp;#34;&lt;/span>
4545
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>mv manuf /opt/arkime/etc/oui.txt
46-
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="通常无需访问镜像站">通常无需访问镜像站
47-
&lt;/h2>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>wget &lt;span style="color:#e6db74">&amp;#34;https://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.csv&amp;#34;&lt;/span>
46+
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h3 id="通常无需访问镜像站">通常无需访问镜像站
47+
&lt;/h3>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>wget &lt;span style="color:#e6db74">&amp;#34;https://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.csv&amp;#34;&lt;/span>
4848
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>vi /opt/arkime/bin/arkime_update_geo.sh
4949
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>mv ipv4-address-space.csv /opt/arkime/etc/
5050
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>
5151
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>systemctl restart arkimecapture.service
52-
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h1 id="优化配置">优化配置
53-
&lt;/h1>&lt;h2 id="清理-60-天以前的流量日志">清理 60 天以前的流量日志
54-
&lt;/h2>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>crontab -e
52+
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="优化配置">优化配置
53+
&lt;/h2>&lt;h3 id="清理-60-天以前的流量日志">清理 60 天以前的流量日志
54+
&lt;/h3>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>crontab -e
5555
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#ae81ff">0&lt;/span> &lt;span style="color:#ae81ff">0&lt;/span> * * * /opt/arkime/db/db.pl 127.0.0.1:9200 expire daily &lt;span style="color:#ae81ff">60&lt;/span>
56-
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="配置-elasticsearch-水位线">配置 elasticsearch 水位线
57-
&lt;/h2>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>curl -X PUT &lt;span style="color:#e6db74">&amp;#34;http://127.0.0.1:9200/_cluster/settings?pretty&amp;#34;&lt;/span> -H &lt;span style="color:#e6db74">&amp;#39;Content-Type: application/json&amp;#39;&lt;/span> -d&lt;span style="color:#e6db74">&amp;#39;
56+
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h3 id="配置-elasticsearch-水位线">配置 elasticsearch 水位线
57+
&lt;/h3>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>curl -X PUT &lt;span style="color:#e6db74">&amp;#34;http://127.0.0.1:9200/_cluster/settings?pretty&amp;#34;&lt;/span> -H &lt;span style="color:#e6db74">&amp;#39;Content-Type: application/json&amp;#39;&lt;/span> -d&lt;span style="color:#e6db74">&amp;#39;
5858
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#e6db74">{
5959
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#e6db74">&amp;#34;persistent&amp;#34;: {
6060
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#e6db74">&amp;#34;cluster.routing.allocation.disk.watermark.low&amp;#34;: &amp;#34;90gb&amp;#34;,
@@ -63,8 +63,8 @@
6363
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#e6db74">&amp;#34;cluster.info.update.interval&amp;#34;: &amp;#34;1m&amp;#34;
6464
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#e6db74">}
6565
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#e6db74">}&amp;#39;&lt;/span>
66-
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="配置删除-pcap-包保证空闲磁盘空间">配置删除 pcap 包保证空闲磁盘空间
67-
&lt;/h2>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>vi /opt/arkime/etc/config.ini
66+
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h3 id="配置删除-pcap-包保证空闲磁盘空间">配置删除 pcap 包保证空闲磁盘空间
67+
&lt;/h3>&lt;div class="highlight">&lt;pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-bash" data-lang="bash">&lt;span style="display:flex;">&lt;span>vi /opt/arkime/etc/config.ini
6868
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>freeSpaceG&lt;span style="color:#f92672">=&lt;/span>&lt;span style="color:#ae81ff">200&lt;/span>
6969
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div></description></item><item><title>Burp suite中的dnslog</title><link>https://runshell.github.io/post/%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8/burp-suite%E4%B8%AD%E7%9A%84dnslog/</link><pubDate>Sun, 15 Jul 2018 14:30:00 +0800</pubDate><guid>https://runshell.github.io/post/%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8/burp-suite%E4%B8%AD%E7%9A%84dnslog/</guid><description>&lt;img src="https://runshell.github.io/images/1536409490993.png" alt="Featured image of post Burp suite中的dnslog" />&lt;p>[注]本文提到的 burp 均为付费专业版,免费社区版不具有该功能。&lt;/p>
7070
&lt;h2 id="0x00-什么是-dnslog">0x00 什么是 dnslog

0 commit comments

Comments
 (0)