美文网首页
Zookeeper 四字白名单防止信息泄露

Zookeeper 四字白名单防止信息泄露

作者: IT_小白 | 来源:发表于2020-09-14 12:27 被阅读0次

    四字白名单默认是开启的

    #默认
4lw.commands.whitelist=*

    测试获取服务信息

    [root@localhost zookeeper-3.4.10]# echo stat |ncat 127.0.0.1 2181
Zookeeper version: 3.4.10-39d3a4f269333c922ed3db283be479f9deacaa0f, built on 03/23/2017 10:13 GMT
Clients:
 /127.0.0.1:34004[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0/0
Received: 5
Sent: 4
Connections: 1
Outstanding: 0
Zxid: 0x0
Mode: standalone
Node count: 4

[root@localhost zookeeper-3.4.10]# echo envi |ncat 127.0.0.1 2181
Environment:
zookeeper.version=3.4.10-39d3a4f269333c922ed3db283be479f9deacaa0f, built on 03/23/2017 10:13 GMT
host.name=localhost
java.version=1.8.0_05
java.vendor=Oracle Corporation
java.home=/zywa/jdk/jre
java.class.path=/zywa/zookeeper-3.4.10/bin/../build/classes:/zywa/zookeeper-3.4.10/bin/../build/lib/*.jar:/zywa/zookeeper-3.4.10/bin/../lib/slf4j-log4j12-1.6.1.jar:/zywa/zookeeper-3.4.10/bin/../lib/slf4j-api-1.6.1.jar:/zywa/zookeeper-3.4.10/bin/../lib/netty-3.10.5.Final.jar:/zywa/zookeeper-3.4.10/bin/../lib/log4j-1.2.16.jar:/zywa/zookeeper-3.4.10/bin/../lib/jline-0.9.94.jar:/zywa/zookeeper-3.4.10/bin/../zookeeper-3.4.10.jar:/zywa/zookeeper-3.4.10/bin/../src/java/lib/*.jar:/zywa/zookeeper-3.4.10/bin/../conf:
java.library.path=/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib
java.io.tmpdir=/tmp
java.compiler=<NA>
os.name=Linux
os.arch=amd64
os.version=3.10.0-229.el7.x86_64
user.name=root
user.home=/root
user.dir=/zywa/zookeeper-3.4.10

    关闭四字白名单

    4lw.commands.whitelist=

    测试获取服务信息

    [root@localhost zookeeper-3.4.10]# echo stat |ncat 127.0.0.1 2181
stat is not executed because it is not in the whitelist.
[root@localhost zookeeper-3.4.10]# echo envi |ncat 127.0.0.1 2181
envi is not executed because it is not in the whitelist.

    开启部分四字命令

    4lw.commands.whitelist=envi

    测试获取服务信息

    [root@localhost zookeeper-3.4.10]# echo stat |ncat 127.0.0.1 2181
stat is not executed because it is not in the whitelist.
[root@localhost zookeeper-3.4.10]# echo envi |ncat 127.0.0.1 2181
Environment:
zookeeper.version=3.4.10-39d3a4f269333c922ed3db283be479f9deacaa0f, built on 03/23/2017 10:13 GMT
host.name=localhost
java.version=1.8.0_05
java.vendor=Oracle Corporation
java.home=/zywa/jdk/jre
java.class.path=/zywa/zookeeper-3.4.10/bin/../build/classes:/zywa/zookeeper-3.4.10/bin/../build/lib/*.jar:/zywa/zookeeper-3.4.10/bin/../lib/slf4j-log4j12-1.6.1.jar:/zywa/zookeeper-3.4.10/bin/../lib/slf4j-api-1.6.1.jar:/zywa/zookeeper-3.4.10/bin/../lib/netty-3.10.5.Final.jar:/zywa/zookeeper-3.4.10/bin/../lib/log4j-1.2.16.jar:/zywa/zookeeper-3.4.10/bin/../lib/jline-0.9.94.jar:/zywa/zookeeper-3.4.10/bin/../zookeeper-3.4.10.jar:/zywa/zookeeper-3.4.10/bin/../src/java/lib/*.jar:/zywa/zookeeper-3.4.10/bin/../conf:
java.library.path=/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib
java.io.tmpdir=/tmp
java.compiler=<NA>
os.name=Linux
os.arch=amd64
os.version=3.10.0-229.el7.x86_64
user.name=root
user.home=/root
user.dir=/zywa/zookeeper-3.4.10

    所有的四字命令

    4lw.commands.whitelist=conf, cons, crst, dirs, dump, envi, gtmk, ruok, stmk, srst, srvr, stat, wchc, wchp, wchs, mntr, isro, telnet close

    相关文章

      网友评论

          本文标题:Zookeeper 四字白名单防止信息泄露

          本文链接:https://www.haomeiwen.com/subject/xtyisktx.html

          延伸阅读

          深度阅读

          • 您也可以注册成为美文阅读网的作者,发表您的原创作品、分享您的心情!

          栏目导航

          热点阅读

          关于我们|服务条款|联系我们|Zookeeper 四字白名单防止信息泄露|投稿指南|网站地图|RSS订阅|排版工具|手机版

          提供经典美文摘抄,优美散文欣赏,现代诗歌精选,短篇小说,心情随笔,表白情书范文,故事会在线阅读欣赏

          Copyright © 2014-2023 Haomeiwen.com All Rights Reserved. 好美文阅读网 版权所有

          备案信息:桂公网安备 45052102000051号 · 桂ICP备13007215号-3

          本站所收录作品、热点评论等信息部分来源互联网,目的只是为了系统归纳学习和传递资讯

          所有作品版权归原创作者所有,与本站立场无关,如不慎侵犯了你的权益,请联系我们告知,我们将做删除处理!