1

8(69) 2008 20780 www.samag.ru

1- ? ||

ISSN 1813-5579

9 771813 5 5 70051

||

Windows Installer : QMS + Spampal + MS Outlook ComixWall ISG Wi-Fi Linux PKI Windows Server 2008: TLS/SASL- SendmailLinux JJcenter - sibbora. readme.txt

1

. .

i

41

4 2008 5 6 1- IT- ?

1 52 .

53 .

13 . ! .

54 PKI . 1 Public Key Infrastructure.

14 windows installer Windows Installer Resource Kit - orca.exe.

19 Diskeeper - .

60 OpenBSD: - , - ! .

20 : 0MS + Spampal + MS Outlook .

64 TLS/SASL- Sendmail .

23 MDaemon Email Server.

67 68 Java: jar MANIFEST.MF jar-.

24 Windows 2008: , TxF.

26 ComixWall ISG .

72 YAML YAML .

30 Linux Linux , , Wi-Fi- . .

78 GNU Screen GNU Screen.

82 : , XX GUI, UNIX.

34 Jabberd2 - -. 1 , jabberd2.

42 .

92 94 47, 63, 7 1 , 77 BUGTRftQ

WEB 48 .

. . 2.

2008

I I I !

.

:

Microsoft - Apache Software Foundation

MID , , , , , O S C O N , . Linux Microsoft Open Source- . , , Apache Software . Linux- MID Foundation (ASF), Google Yahoo!. ABI LiMo (Linux Mobile) Foundation, , Nokia Maemo - , Intel Moblin MID- , Web- Atom. Apache. , Microsoft ACCESS, . , Linux- ALP (ACCESS Apache, Linux Platform) ASF. . ALP Apache POI, Apache Axis2, Jakarta . , PalmOS. Linux - . Lenovo , . Web- IIS, , Lenovo: IIS 8. IdeaPad S9 Linux IdeaPad S10 Windows . Linux- S9, Linux 3 % , , Windows , , GNU/Linux www.nixp.ru ( ). Context , 2007 ( Microsoft Vista) Linux 28 ( 0,1% 2,8%). 9 3 % Microsoft. Context, Linux Vista. , 2- , Ubuntu Linux. , Canonical, Ubuntu, , 11 Ubuntu Linux. , , Ubuntu / - , , , , .

Z s e r v e r

Linux - ABI Research , GNU/Linux - (MID) 2 0 1 3 . ABI , 5 MID- Linux 50 , . ABI, ,

S u i t e

, . . - . ! www.securit.ru +7 4 9 5 2 2 1 2 1 6 0

IT . , , , . , IT- .- IT- , | . , , . , . , , , 1- ( IT-, IT , IT ). IT-, , , IT -, , . , IT- , , . , : , ( -), , , . IT- , . , , . , , , - - SLA - . IT ( , )

: , IT- . , , , . - ,

, , , . , , - . , , IT- : , . , . IT- , . - ( ), ( , ). IT- , . , ( ).

. 0 IT ( I n f o r m a t i o n T e c h n o l o g y ) . 0 S L A (Service Level Agreement) - . . , SLA IT . , , , . 0 (Total C o s t of O w n e r s h i p ) - . , Z 0 Z .

. NPV (Net Present Value) - . , . ( NPV). IRR - . , . . Gartner - .

- . . 0 MIT (Massachusetts Institute of

( ) , . , 6 % 2 0 % -. 0 KPI (Key Performance Indicator) - . 0 - . KPI . KPI - . 0 ROI (Return O n Investment) - . , ,

Technology) - . , , . MOF (Microsoft Operations Framework) , , Microsoft. , IT I n f r a s t r u c t u r e L i b r a r y (ITIL), Central Computer and Telecommunications Agency - .

: IT- - , , IT . , IT- , IT- . IT- . IT- , . : , - -. , ,

. , - , . . , . , IT- , , 1 (, ). , IT-

( + ), , Excel Access. IT- , , . , IT- . IT,

; ;

, ; i i

1 . I T - M i c r o s o f t

/ , IT-, . , , .

IT- , . , IT , , . IT-, . : (HelpDesk), IT- , - ( ). , - , - - , , . , ; . -, IT- ; ? -, , ? . ? , , IT , IT- , , . -, -. - IT- . . IT

IT- -, . . , 80-90% , . , ( ) . IT- . , , .

, . 1-: . IT- : , , , . , SLA. , . KPI, . IT : ROI, , IT , , N P V , IRR-. . IT- . - , . IT, . , . , . . , , IT -. - , . , , , . , ,

! ? : 1- ( ); 1 ; 1-.

. , Gartner , Survival () Business Partner (-). Microsoft, Gartner, MIT, MOF, : . . () IT. , , . , , , (, , . , , -). . IT . .

. - , . ? - , . -, - - - . . , , . , . , . , . ,

-

-

www.softkey.ru

:

+7 (495) 661-3243

5S 55

SOA -

3S

VQ. X

X .0 : S -

IS S 01 5 S-

X S

-

.

, . IT-, , IT. IT- , . , . Zero touch ( , ) , . (images) , . - , , . , , - . , IT-, . , , - - . ^ - , , , ^>

2 .

, . , , , , .

... , Microsoft IT (. . 1 ) . IT- , , , ( ) , , , IT. , . - . . , , , IT . / .

, , Active Directory, . , , . / ( - ). - , . , . : , ; S , , ( : , ); IT-, .

3. -

| f Crai

(

\

1

(. . 3 ) . , ( -), -, , ( , - , .). - , , , [- (. . 4 ) . , , , .

, 4.

. , , , , , , . IT-, . . , , 1- , . . ,

IT- : , - , . .

, ( , ). http://www.microsoftio.com. , . . , , 1-, IT- . -, ! , IT- ? 6 0 % . , 20-30%. . , . - . , 1- - ! ,

- , IT- (. . 2 ) . , ERP, , . - - , , ,

http://www.microsoftio.com.

. , , , . IT- , , .

. ? , , . , , OEM- , . OEM- . . OEM- - , . , , - . , , . , . - . Office, Office Professional, . . ,

, Softway . Softway - . Microsoft Autodesk. Gold Certified Partner Microsoft - , 1- , , . . , Autodesk, - - , Softway: Autodesk , . Softway, . , , Softway . . : http://www. softway.ru. . Softway. > , , , . .

. , .

(495) 987

. s o

50f t i u a y . r u

Windows Installer

Windows Installer . Windows Installer Resource Kit - orca.exe. .

Windows Installer. , ,

, , .

, msi-.

1 . m s i e x e c . e x e /f[ploleldlclalulmlslv] . , /fpecsm: - ; - ; - ; d - ; - , CRC ( ) CRC ; - ; - , HCKU, HCU; m - , HCLM; s - ; - ; m - ; g - ( ) : - ; b - ( ); - ; f -

Windows Installer , . . W i n d o w s Installer 4.5, Microsoft (hotfix) 8 4 2 2 8 8 - http://download.microsoft. com/download/2/6/1/261fca42-22c04f91-9451-0e0f2e08356d/WindowsXPKB942288-v3-x86.exe. Windows Installer, , , : / n o r e s t a r t - ; / q u e i t - ; / h e l p - , .

/ /X /j[ulm[/g]]

/q[nlblrlf]

- http://download.microsoft. com/download/7/c/4/7c426dfc-46e24ded-bab4-3b33600ad7d1/msi45sdk.msi, MSI-. W i n d o w s Installer S D K %ProgramFiles%\Windows Installer 4.5 SDK. , ORC, Tools.

, . orca.exe %:ProgramFiles%\Orca orca.msi.

Orca.exe -> -> orca.exe (. . 1 ) . m s i - , . AcdSeelO - ACDSee 10 Photo Manager.msi, c:\ACDSee. : ACDSee 10 *.- - , msi- C:\Documents

msiexec.exe *.msi :%SystemRoot%\System32\msiexec.exe / i *.msi J

Orca.msi orca.exe, %ProgramFiles%\ Windows Installer 4.5 SDKYTools, ".msi-. ,

1 , . :%SystemRoot%\System32\msiexec.exe / f a /qn /jm *.msi J

File ErJt Tables Transform Tools View Help II Value [l] No {861CF740-088D-45S3- A362-24CF49252351} 1 #0 1 1 AllUsers Full 0 No 0 Change . J

*.msi - MSI, :: \Windows\system32\msiexec.exe / f a / q n / j m "acdseelO.msi" J

Windows Installer SDK , Microsoft,

1 ables MsiAssembly M Assembly N m s ae MsiDigitalCertificate M Fi eHash s . MsiPatchCertificate MsiSFCBvpass 1 Property RadioButton RegLocator Registry RemoveFile Shortcut Signature Ss s G n omponents xMm e C TextStyle UIText Tables: 65

Property[

Registration UpgradeCode AILUSERS PORT.DWQRD LU C P O RM A N HR G A Y AHOO_TOOL6 A _IN 5 T A L R L ApplicationUsers LC M E M D L I E 5_ O E Fil e I nil se Process AgreeToLicense L1 ED I AL 0 GC M A N Y _ _O P JsMaintenance RestartManager Option I _ Q5 R E _ 5 R A E SS LE V RUE N M Property -129 rows

* -

i No column is selected,

M

^

1 . o r c a . e x e

File Edit Tables TransForm Tools View Help d|G^1 1 Tables Binary CheckBox ComboBox Component Condition Control Control Condition ControlEvent CreateF older CustomAction Dialog Directory Dr Locator Error Even [Mapping Feature FeatureComponents File HelpFile HelpFileToNamespace Tables: 65 H E l N Feature Media Effects Welcome IrnageEncodingDecodingPluglns ACDSee AlbumGenerator BuyNowACDSeeTrial DevDetect VCDWizard ACDSeelnTouch ACDSeeLicenseMarager ACDSeeMFC71 ACDSeeShowroom ACD5ee5td CommonVideoComponents AD CV ArchivePluglns ACE ARJ Adobe d Feature - 72 rows Feature Parent ImageEncodingDecodingPluglns VCDWizard VCDWizard | Title ID_Media Plug-in New Feature 1 NewFeaturel Image Plug-ins ACDSee 10 Photo Manager Description ID_Media Plug-in

ACDSee ACDSee MedaSupport ACDSee ACDSee ACDSee ACDSee ACDSee VCDWizard nVideoConiponenfcs ArchivePluglns ArchivePluglns ImageEncodingDecodingPluglns Dis... 28 0 0 Plug-ins for decoding and encodin...20 The easy way to organize, enhan...2 0 0 ACDSee Device Detector USB Camera/Device Detector 10 f ID* NewFeaturel 0 0 0 ACDSee 10 Showroom ACDSee 10 Showroom 5 0 NewFeaturel 0 NewFeaturel 0 Archive Plug-ins Plug-ins for encoding and decodin... 12 ACE Archive Extract or Plug-in ACE Decoder 2 ARJ Archive Extractor Plug-in ARJ Decoder 4 Adobe Photoshop File Export Plug-In Abs... Adobe Photoshop File Export Plu,..21

^JOJXJ

Level 1 1 1 1 1 1 1 1 1 1 1

Directory IN5TALLDIR INSTALLDIR INSTALLDIR INSTALLDIR INSTALLDIR INSTALLDIR INSTALLDIR INSTALLDIR INSTALLDIR INSTALLDIR INSTALLDIR INSTALLDIR INSTALLDIR

Attribu... | 8 24 24 8 24 e 8 24 24 24 24 8 24 24 24 8 3 88

A

i|

Feature - StringT.381 Key

2 .

and Settings\%username%\Local Settings\Application Data\ Downloaded lnstallations\{0051E50E-CECD-4E04-A71AB8C49733542A}\ACDSee 10 Photo Manager.msi. orca.exe. Orca.exe msi- SQL- , msi- - , (. . 2 ) , . - .

, . 4 .

msi- , msi-, , 1 . , . . 1 . msi- Set obj = CreateObject ( " W i n d o w s l n s t a l l e r . I n s t a l l e r " ) S e t b a s e = o b j . O p e n D a t a b a s e (MSI,Mode) base.OpenView(SQL-query).Execute base.Commit

msi- , , : ; ; .

, , . 11 , 2 .

-, . OpenDatabase, . - , Installer

2 . MSI

, . File. Directory , , . 3 .

Feature Condition FeatureComponents Component Directory PublishComponent Assembly AssemblyName Complus

, , , , .NET Framework CLR Win32 .NET Framework CLR Win32 , COM+ , Component_Application ( .), , ComponenLShared ( .dll)

-

IsolatedComponent Upgrade

msi. - : 0 - ; 1 - /. - . SQL- OpenView, Execute. , SQL- . Commit.

3. MSI I n s t a l l e r File

, . Directory, Component, , RemoveFiles , . Installer - DLL , , , , . 128- -

RemoveFile Font SelfReg Media Bindlmage MoveFile DuplicateFile Environment Icon MsiFileHash

orca.exe , msi-. - - SQL-, . : ; ; ; .

4. Property Binary Error Shortcut ReserveCost

, . . . Installer ,

(. 2 ) , 1 . , , , , . 1 . 3 4 2 . OpenView Execute. . , SELECT . * . (Record.StringData(l)), (1). 2 (Property, Value) Property ACDSee 10 Photo Manager.msi: 2. Set obj = C r e a t e O b j e c t ( " W i n d o w s l n s t a l l e r . I n s t a l l e r " ) Set ob = obj.OpenDatabase ("C:\ACDSee\ACDSee 10 Photo J Manager.msi",0) set View=ob.OpenView("SELECT Property, Value FROM J Property") View.Execute Do Set Record = View.Fetch I f Record I s Nothing Then E x i t Do

Wscript.Echo Record.StringData(1) + J vbTab+vbTab+Record.StringData(2) Loop Set View = Nothing

, , . Property PIDKEY , . , (. . 3 ) , , Add Row . . . (. 3 ) . Windowslnstaller.Installer. , 1 , 3 . OpenDatabase 1, . . INSERT INFO , , , . -

; - , , . 3 . Set = C r e a t e O b j e c t ( " W i n d o w s l n s t a l l e r . I n s t a l l e r " ) S e t = a.OpenDatabase ( " C : \ a c d s e e \ A C D S e e 10 P h o t o J Manager.msi",1) b.OpenView("INSERT INTO P r o p e r t y J (Property.Property, Property.Value) J VALUES ( ' P I D K E Y ' , 1234567890')").Execute b.Commit1

S e t b = .OpenDatabase ( " C : \ a c d s e e \ A C D S e e 10 P h o t o J Manager.msi",1) b.OpenView("DELETE FROM P r o p e r t y WHERE J PIDKEY'='1234567890')").Execute b.Commit1

(. . 3 ) . . , . 5 Device Detector. 5 . Set = C r e a t e O b j e c t ( " W i n d o w s l n s t a l l e r . I n s t a l l e r " ) S e t b = a.OpenDatabase ( " C : \ a c d s e e \ A C D S e e 10 P h o t o J Manager.msi",1) b.OpenView("UPDATE F e a t u r e SET L e v e l = ' 0 ' WHERE J Feature='DevDetect'").Execute b.Commit

- : , ; ; , - DELETE; . (. 4), 1. OpenDatabase (1). 4 . Set = CreateObject("Windowslnstaller.Installer")

, VBScript, orca.exe , . }-Jal * l

* A C D S E E 1 0 PHOTO M A N A G E R . M S I - ORCA FILE EDIT TABLES TRANSFORM TOOLS VIEW HELP

Tables

Niels PropertyDISKPROMPT REGISTRATION UPGRADECODE ALLU5ER5 PORT_DWORD IAUNCHPROGRAM VAHOOJOOLBARJN5T APPLICATIONUSERS LICEN5E__MODEL FILELNUSEPROCESS AGREETOLICENSE LIE_DIALOG_COMPANY JSMAJNTENANCE RESTARTMANAGEROPTION I5_SQL5ERVER_USERNAME I5_5QL5ERVER_AUTHENTICATION SETUPTYPE JSSETUPTYPEMIN SHELL J N T E G R A T I O N J . E V E L DISPLAYJSBITRNAPDLG I; FLOATING LICENSE IS_LAUNCHAPP_CMD SHELLINTJDLL_PATH5 YAHOO_TOOLBARSHOW PRODUCTCODE PRODUCTNAME URL ACDFOTOSLATEPRODUCTID ACDPHOTOEDITORLNVENTORYVERSION ACDPHOTOEDITORPRODUCTID ACDPHOTOEDITORREGROOT ACDSEEAPPREVISION ACDSEEBUYMOW ACDSEEBUYNOW PROPERTY - 1 2 9 rawY

HELPFILTERTCNAMESPACE HELPNAMESPACE HELPPLUGIN I5COMPONENTEXTENDED ISCUSTOMACTIONREFERENCE ISDFLINFO ISSETUPFILE ICON INLFLLE INSTALLEXECUTESEQUENCE INSTAILUISEQUENCE LAUNCHCONDITION LISTBOX USTVLEW MEDIA MODULECOMPONENTS MODULEDEPENDENCY MODULEEXCLUSION MODULE5IGNATURE MSIASSEMBLY MSIASSEMBLYNAME HSIDIGITALCERTIFICATE MSIFILEHASH MSIPATCHCERTIFICATE MSISFCBYPASS RADLOBUTTON REGLOCATOR REGISTRY REMOVEFILE SHORTCUT SIGNATURE SXSMSMGENCOMPONENTS TEXTSTYLE

HKEY_LOCAL_MACHLNE\SOFTWARE\ACD 100219

SYSTENS\ACDPHOTOEDITOR\31

AHOOPRIVACYURLS E

.COM/PRLVACY/US/YAHOO/TOOLBAR/DSTA S

I R |EASEFLAGS PRODUCTLANGUAGE

3 .

, , . , ( , ). , , . - . Diskeeper Diskeeper Corporation. , . Diskeeper , . , . , . Diskeeper Corporation. InvisiTasking ( ), Intelligent Defragmentation ( ). Diskeeper . VSS (Volume S h a d o w C o p y Service) 6 4 - , , 1 % ,

Diskeeper - , - . .( ), , . . Diskeeper , . . / I-FAAST . Diskeeper . - , . , Diskeeper Administrator. ( ), . , , Diskeeper , , . . #;>

1

,

, . . 18-20%. , , .. . Diskeeper . . , , , . , , Diskeeper - , #

, Windows . , , . !, - , . .

[1], Office Mail Server, , . - , . OMS . , . , , , . , 100 , . . - O M S

- . - , , , , . , . , , MS Outlook, MS Office. SpamPal. .

IP-, , . , . , , . - OMS . . Office Mail Server OMS, [1]. . , S M T P , , , . SMTP : SMTP- , -, SMTP- -- , , , .

SpamPal , O M S , . SpamPal . 1.594 , -. SpamPal D N S B L (DNS blacklists, DNS), , . , SpamPal, , IP- DNSBL, , . RegEx ( regular expressions ), . , , (spamtest.ru) . , . , SpamPal , , , . SpamPal , . , . , , . SpamPal. , . , OMS - - - - -. . SpamPal

PST- MaxLargeFileSize WarnLargeFileSize MaxFileSize WarnFileSize

REG DWORD REG.DWORD REG.DWORD REG DWORD

0x00000001-0x00005000 0x00000000-0x00005000 0x001 F4400-0X7C004400 0x00042400-0x70004400

0x00005000 20480 (20 ) 0x00004000 19456 (19 ) 0x7BB04400 2075149312 (1,933 ) 0x7 1950368768 (1,816 )

, , , . . , ( ) . , , . WinService Manager [2]. SpamPal , spampal.exe . - . SpamPal , . , . , , [3]. SpamPal , .

. . - PST- Outlook, . , 3 WinRAR . P S T - , . - A N S I Unicode. Unicode MS Outlook 2003. 2 ( ANSI) 20 ( Unicode). PST-. MS Outlook . , .

Microsoft Outlook . , , , , MS Office. . , . MS Outlook PST- ( ). , -

Unicode. MaxLargeFileSize PST. . WarnLargeFileSize PST. PST , - . A N S I . MaxFileSize, WarnFileSize - , MaxLargeFileSize WarnLargeFileSize . -

SpamPal0 , . ,

SpamPal . , , -

, SpamPal. 0 , , . : . , , , . - OMS) , . - 127.0.0.1, 110, ... 110 OMS, , 11010. . SpamPal. ( , - O M S , ). ( 11010). , - OMS, SpamPal , , , . , , SpamPal, , , **SPAM**, X-SpamPal:, , - .

Unicode (), ANSI - (). : Outlook 2003: HKEY_CURRENT_USER\Software\ Policies\Microsoft\Office\11.0\Outlook\ PST; HKEY_CURRENT_USER\Software\ Microsoft\Office\11.0\Outlook\PST. Outlook 2007 HKEY_CURRENT_USER\Software\ Policies\Microsoft\Office\12.0\ Outlook\PST; HKEY_CURRENT_USER\Software\ Microsoft\Office\12.0\Outlook\PST.

. . , , MS Outlook PST-, . , , , . PST-, . , 1- , 2- . . , , . PST . , .

? , , OMS, , - . . PST-. . , , OMS : . , 1. . Windows. // , 1 2 . 2 0 0 6 . - . 4 0 - 4 3 - h t t p : / / www.samag.ru/cgi-bin/go.pl?q=articles; n=12.2006;a=02. 2. 3. http://winservice.ucoz.ru. http://www.spampal.org/manual-rus.

, .

, , . O M S , . - : IP- - , (110 ), MS Outlook, , - , . , , - . , O M S , , , . SpamPal , . , [3]. , SpamPal ( - .eml-

, , , Microsoft Exchange Lotus Notes. , , , , . , . , MDaemon Email Server Alt-N Technologies. , MDaemon Email Server - , : SMTP, POP IMAP. DomainPOP. . ( X-Deliver-To). , M D a e m o n Email Server, . , -. , . , . M D a e m o n Email Server , Microsoft Exchange, . - , , O D B C Active Directory, , , . . -

- - . . , . MDaemon Email Server , . , Alt-N Technologies. MDaemon Email Server : Standard Pro. . . , . , . )

. , , . , Outlook Connector , for MDaemon, , Mdaemon 10 SecurePlus 4. Microsoft Outlook. , 40 . , , : , World Client , . . - SecurityPlus for IPhone. M D a e m o n . Outlook 2007. . Kaspersky Antivirus Engine ( . , . ), 50%. Recurrent Pattern Detection . . , . MDaemon Free 5 . #}

f

Windows Server 2008 . , TxF.

Windows Server 2008 , . , , . Windows Server 2008 . (TxF) - NTFS, NTFS . , ,

. . , , , , . , , , . , , . , TxF

, . TxF , .

, , , . , . TxF , . , .

, TxF . , . TxF ( CIFS/SMB), . TxF , NTFS ( FAT32 !). TxF (Encrypted File System, EFS) ( , ReadEncryptedFileRaw).

- .

, TxF. , . TxF , . . , : ERROR_TRANSACTIONAL_CONFLICT, . TxF . , . .

, . CreateTransaction Kernel Transaction Manager G e t K T M H a n d l e DTC. , , CloseHandle, CreateFilemapping, FindNextFile . : :I n t P t r t x = CreateTransaction J (IntPtr.Zero, J IntPtr.Zero,0,0,0,0, null);

, . , TxF , , , - Kernel Transaction Manager (). , Microsoft Distributed Transaction Coordinator (DTC), . TxF. C o m m o n Log File System (CLFS), Microsoft Windows Server 2003 R2.

:If (IDeleteFileTransactedW (filel, tx)) J

, , , , . , , , TxF. TxF. CopyFileTransacted; CreateDirectoryTransacted; , TxF CreateFileTransacted; CreateHardLinkTransacted; MS Distributed Transaction Coordinator, CreateSymbolicLinkTransacted; DeleteFileTransacted; , FindFirstFileNameTransactedW; , FindFirstFileTransacted; Kernel Transaction Manager, FindFirstStreamTransactedW; , GetCompressedFileSizeTransacted; DTC. GetFileAttributesTransacted; , GetFullPathNameTransacted; GetLongPathNameTransacted; , MoveFileTransacted; RemoveDirectoryTransacted; . SetFileAttributesTransacted.

:CommitTransaction(tx);

:RollBackTransaction(tx);

:CloseHandle(tx);

Transactional NTFS. , , , , )1. " M i c r o s o f t W i n d o w s Server 2008. . 2. http://msdn.microsoft.com/en-us/library/ bb968806(VS.85).aspx - MSDN, Transactional NTFS.

- . . ComixWall ISG.

, . , Linux BSD-, - , . , . , Linux, , . , UNIX-, . ,

ComixWall ISG (Internet Security Gateway), 2006 , . ComixWall [1] OpenBSD, , . ComixWall OpenBSD, , 3.9. Comix COMmunication unlX. , ComixWall , , , , . UTM-pe (. ),

, SOHO- . ComixWall BSD-, . , , G N U GPL-.

ComixWall 4.2 2007 , 2008 (ComixWall 4.2_20080109). , (Proof of Concept), ,

26

cut:

. , , , . , : pf, OpenBSD; ClamAV freshclam; Snort oinkmaster; - Dans Guardian ClamAV; - SpamAssassin spamd; P3scan smtp-gated - ; Dante (SOCKS), Squid (HTTP), ftp-proxy, IMSpector (IM- Jabber/XMPP, M S N , IRC, Yahoo ); : Apache, DNS, DHCP OpenSSH. , . . 4.0 - , . gettext . , , . , , , . - man- . (VPN, VLAN, CARP, SNMP) . - . ,

PACKAGES A E l a b e l l e d '. R TX3 SPAIIFLSSASSIN S FM S A N R -> (P5-MAI1-SPANFLSSASSIN-3.2.2.TGZ) PI C N E EX]FTRJdecoMpressor -> (UNARJ-2.43.TGZ) [X] RT decoMpressor -> CUNRAR-3.76.TGZ) FR [X] C A R VIRUS S A N R -> (I-8.92P8,TGZ) LMU CNE [X] P3SCAN P0P3 P O Y -> (P3SCAN-2.3.2.TGZ) RX [X] SUTP-GATED S T P O Y -> (SMtP-GATED-1.4.15.1.TGZ) MP R X S O T IDS -> (SNORT-2.8.8.IPL.TGZ) NR 1 S O T IPS -> (SNORTips-4.2.TGZ) NR IX J 0INKR-tast ER S O T R LE base U D T ER -> (OInkriaster -2. Q. TGZ) NR U PA 1X1 SQUID HTTP P O Y -> (SQU id-2, 6. STHBLF.13~T RANSPARENT. TGZ) RX I XI DANSGUARDi an UEB F IIT ER -> ( A S U R IAN~2.9-9.2- LAND.TGZ) DNGAD 1X1 IHSPECTOR IM P O Y > (LHSPECTOR-8.3,287113.TGZ) RX [XI D N E SOCKS P O Y -> CDANTE-1.1.19.TGZ) AT RX 1 PHP -> (PHP5-CORE-5.2.3.TGZ) 1X1 SyMon systeM Monitoring S F W R -> (syMon~2.76.TGZ) OT A E [XI UEBALIZER W B SERVER L G ANALYZER -> (WEBALIZER-2.81.18P3.tgz) E OS 1X1 P -A C N T O K A A LYZER - > (pMacct-8.11.4.TGZ) RI C T E W R N [X] COMIXUALL W B INTERFACE -> (coMixwa1142_WEBIF.TAR.GZ) E CXI COMIXUALL CONFIGURATION FILES -> (coMixwa1142_CONFIG.TAR.GZ) [X] CLANFIU SIGNATURE DATABASE -> (ClaMavdb.Tar.GZ) [X3 CATEGORIZED LISTS F R W B FILTER -> (BIGBLACKLIST_COIIIXWA11.TAR.GZ) O E [XI S O T IDS RULES -> (SNORTRULES-SNAPSBOT-CURRENT,TAR.gz) NR PACKAGE ? ( o r 'DONE') [done! _ 1 . C M W L O I AL X : FTP- IM-, IMAP- . [1] Google Code [2], ComixWall . amd64, , 64- 32- . i386. , System Administration Guide (SAG), . , , . , ComixWall : is the usual OpenBSD installation", OpenBSD. -

ComixWall i386 amd64. BitTorrent. 140 , 650 . , 4.2 ComixWall Administration Interface - MoziHa Firefox

https:/192.168.1.223/syemATfo.php COMIXWALL ADMI\ISTRATIO\ INTERFACE ComixWall 4.2 mix wail.test OpenBSD 4.2 1386 1 minute average: 0.47, average; 1.03, 5 minute average: 0.18 Tue Jul 29 15:15:25 E S 2006 ET Service Status: Web Filter D C Server HP D S Server N H T Pro TP Web Server Intrusion Detection Intrusion Prevention SOCKS Proxy S A Scanner PM ^Incoming S A Scanner PM yOpenSSH ClamAV Virus D Update B P P Scanner OS S T Scanner MP Proxy FP Proxy T

Language: English

CPUs Motherboard Serial Number

1 @ 2010 M z H VMware Virtual Platform by VMware, Inc. 564d3ec8-639b-62d0-cf47-da343567e3ab info.php.v 1.36 2007/12/14 23:49:20

Copyright () 2004-2D0B Soner Tari, All rights reserved.

2. C M W L ADMINISTRATION INTERFACE O I AL X

WELCOME

T O T H E COMIXWALL

INSTALL

PROGRAM.

Unified Threat Management Unified Threat Management (UTM, ) (Charles Kolodgy) I D C (International D a t a Corporation) Worldwide Threat Management Security Appliances 2004-2008 Forecast and 2 0 0 3 Vendor Shares: The Rise of t h e U n i f i e d T h r e a t M a n a g e m e n t S e c u r i t y , 2004 . -

: , . UTM , . , UTM , / , . .

PROCEED WITH

INSTALL?

[NO]

NTP-:DO Y O UWANT A TIME TO SYNC DATETIME [NO] WITH SERVER?

:L E T ' S INSTALL T H E PACKAGES! LOCATION (CD DISK O F PACKAGES? F T P HTTP CD-RCMS N F S O R 'DONE') A R E : CDO. MEDIA? [CD]

. [3, 4], . , ComixWall, SOHO, , . , pfSense [5] , , Next. ComixWall Administration Interface - Mozila Firefox at J [ i i https://192.16a. 1,223/pfm/stats.phpS

4.1 4.2. 5 : / - 1 8 1 , /home - 2 , /tmp - 10 , (, ) /usr /var 230 . . ( ) , . ComixWall - install.site upgrade.site, . .

AVAILABLE

WHICH O N ECONTAINS (OR 'DONE') [CDO]

T H E INSTALL

PATHNAME (OR

TO T H E PACKAGES? [PACKAGES]

'DONE')

, . . (. . 1), - , . :READY TO INSTALL PACKAGES? [YES]

5

* -

t

fLANGUAGE; ENGLISH

E3coMix*29.07.2008 (SYSTEM [PACKET FILTER WEB FILTER HTTP PROXY IDS/IPS VIRUS FILTER SPAM FILTERWARMING A ! \

COMIXWALL ADMINISTRATION INTERFACEI ^ Daily Hourly LiveIMPORTANT: Analysis of statistical data may take a long ti -ie to crccesr. if yon refresh this page frequently, CPU load may increase

fi'ease ii :-s-'.;er t. Also M te that

C H O O S E T H E LOG ARCHIVE JUL 29 01:40:38 - PFLOG

n choose the log archive used for stabsbcs.

The

| APPLY | DAILY v- J A P P L Y I L O G S START AT JUL 2 9 0 1 : 4 0 : 3 8

POP3 P R O X YSMTP P R O X Y IM DHCP DNS SSH FTP P R O X Y SOCKS PROXY WEB SERVER INFORMATION

General Statistics ^Total number of rcqu GJEJS packets HEjj}Pss*d packet? Top requests by dates il 29 Top source IPs ||Nf%ft| 192.16S. 1.88 192,168.1.58 192,168,1,194 G|G{gj192.1 L77 l92.168.1.2B , 0 , : K E D

, , . , , . , . , LAN WAN:WHICH I S L A N INTERFACE?

Total number of requests TOTAL=1925192, 1S2mm mm

1862

18833192,168.1.200

192.168.1.158 H B | 192.168.1.198 192.168.1.115 192,168,1.1

192, 192 |J|| 192. ' KB 0192.

Torj destination IPs 3192.168.1.255 192.168,1.223 G G G E I 255.255. 255. 55 2 224.0.0,221 224.0. 0.251 239,233.255.250

OPTIONS: 1) 2) PCNO PCNL 'DONE' T O E X I T [1]

TYPE

SELECTION?

(#/DONE)

192.168.1.71 [email protected],152 192.168.1.74

192. 192.

192.168.1,9 192,168.1.160 192,168.1.106 192.168.1.250 192.168.1.146 192.168.1.1951 9 2

Top destination ports5678 35353 31900

WAN. , :CONFIGURATION YOU COMPLETE! 'DONE' TO EXIT. CAN RESTART O R TYPE CONFIGURATION

192.168.1.207 192.168.1.5

'

1

6

8

' "!

3

1

7

192,168,1.52 192.168.1.108 192.168.1.33 HHJ|l92.168.1.169 192.168.1.253 192,169.1.66 192,168,1.62 192,169,1.145

53 27 02 :Passed packetsTOTAL" 3 9

CHOOSE

METHOD:

OPTIONS: 1) 2) TYPE AUTOMATIC INTERACTIVE 'DONE' T O E X I T (t/DONE) [1] DONE

192,168.1.178192,168.1.991 9 2

192.16 8.1.128 192.168,0.101 0192.168.1.12 3. P F

-

1

6

8

' '

1

1

7

0

Top source IPs passed 192.168,1,58

192.168.0.101

Top destination IPs passed 2192.168.1.223 010.0.0.2

SELECTION?

done. , -

. , .

ComixWall Administration Interface - Mozila Firefox https://192,168.1.I;c-;: iter.-te: .ph;i COMIXWALL ADMINISTRATION INTERFACEJ U L:;

vritiraiz i n i t r d = i n i t r d . i n g

edd-skipnbr_

fedora 2.

-

-

Wireless Module : Atheros ARBXB63

FCC ID PPD-ARBXB63 1 : 4 1 0 4 A - A R B X B 6 3 ()CCAE06LP1300T1

:

. 2.4.x , , , rhgb . , - , . PCI-. -v -vv . , - ? , - (, ISO/OSI-RM) [3, .66], , , - ? , , ( ) ? ? , , . , , , . Ispci , , . , :

3. , W i - F i -

2.6.26.0-107.fc8, , , . , , , , Rpmfind.Net Server [5]. R P M - , :#rpm - F h v k e r n e l - 2 . 6 rpm

, USB Isusb. , , , , , ? . , , , . . . . , , . , . dmesg , :

madwifi yum, , , . udev ( Ispci), , , - - /dev, dmesg . dmesg, Ispci. ,

wifi%d: unable to attach hardware: 'Hardware revision not support ed' (HAL status 13) , , . , 100% , ? , , Linux , , . , , , , . MadWifi [2] Fedora [10],

02:00.0 Ethernet controller: Atheros Conmunications Inc. AR242x 802.11abg Wireless PCI Express Adapter (rev 01)

1

'

' ' 1111 ^ ^ ^ ^ ^.j J j j

Hp- 1 1

1 4 . , , W i - F i - 5 . , W i - F i -

Atheros AR5005, AR5006, AR5007. : 1 madwifi; patch ath5k; NDISwrappers. , , Windows- NDISwrappers, , 6 4 - , 32- . , , , , , . [4]. , madwifi-hal0.10.5.6-3698-20080604. ( , AR5006EG ASUS PC m a d w i f i ng-r2756+ar5007.) , , :# make # make i n s t a l l

, ...

Wi-Fi, , , . ( asus-laptop, . dmesg) :echo " l " > / s y s / d e v i c e s / p l a t f o r m / J asus-laptop/wlan

:echo " 0 " > / s y s / d e v i c e s / p l a t f o r m / J asus-laptop/wlan

6. PCI E x p r e s s M i n i C a r d AzureWave AW-GE780 (AR5BXB63) 2. M a d W i f i . Linux http://madwifi.org. 3. . , , . / . , .. - : , 2 0 0 1 . 4. M a d W i f i A r c h i v e of s p e c i a l - p u r p o s e snapshots - http://snapshots.madwifi.org/ special. 5. , R P M - http://rpmfind.net. 6. L a p s u s - L i n u x o n l a p t o p s - h t t p : / / l a p s u s . berlios.de. 7. L i n u x o n L a p t o p s - h t t p : / / w w w . l i n u x - l a p t o p . net. 8. A c e r H o t k e y d r i v e r f o r L i n u x - h t t p : / / w w w . cakey.de/acerhk. 9. A R 5 0 0 7 E G AR5007EGBulletin.pdf. 10. AR5007EG/AR5BXB63 php?t=174186. 11. N D I S w r a p p e r ndiswrapper.sourceforge.net. http:// Atheros http:// (AR2425)-

, , . , , Lapsus - Linux on laptops" [6] Asus. , . , KDE. . , Acer [8].

, Linux . , [7]. ACPI, , . Linux . , , , ! ? - , Linux . @:1. Bugzilla B u g 2 3 9 5 8 5 : F8 C D / DVD hangs with message Ready - https://bugzi.la. redhat.com/show_bug. cgi?id=239585.

http://www.atheros.com/pt/bulletins/

. :# depmod -

forums.fedoraforum.org/showthread.

- , wlanO, iwconfig. . , , , , . , ,

7 . A t h e r o s AR2425 Wi-Fi-

Jabberd2 - -

, jabberd2.

Athena, 80- , , . , , , . , talk, , . Zephyr, - . , ( I R C Internet Relay Chat) (Instant Messaging/IM), , Jabber ( - extensible Message Passing and Presence Protocol). Zephyr , ICQ, ,

Jabber ( MIT, ) 90- . (Jeremie Miller), , Zephyr, ICQ. , ICQ Jabber Athena, - , - . Kerberos. Zephyr ( ), JABBER, ( , , / ), , , Kerberos, , - , J A B B E R . , , XML- single-sign-on, , . , , . 2003 , Zephyr SASL (Simple Authentication Security Layer), , Kerberos4, , Kerberos. , RFC 3 9 2 0 - 3 9 2 1 , (Core), . (, , ( Extension Protocols), Zephyr Kerberos5, . .) Jabber, , , . - , ejabber, , erlang Zephyr, Jabber/XMPP.

- , -, Java OpenFire, jabberd - 1.4.x 2.x, . , jabberd 1.4.x jabberd2 - , (reference implementation) jabberd, .

jabberd2 G N U S A S L - gsasl[5]. (Tomasz Sterna) . , . , (Simon Wilkinson), jabberd2

, , SASL security layers. , security layer , SASL. gsasl, cyrus-sasl, , .

GSSAPI,

jabber- , jabberd2, Heimdal, , 1.1, , SASL, SASL, jabber . , jabberd2 , . : , , , 2005 ./configure prefix=/usr - - s y s c o n f d i r = / e t c / j a b b e r d J , ---db with-sasl=cyrus enable-debug . . BerkeleyDB, cyrus, sasl . , , , make maker install, , , cyrus-sasl, . : .

, Jabber, . , Kerberos, , Kerberos, , , ( BerkeleyDB). , jabberd2 .

sed - i r ' s / # d e f i n e f n m a t c h / \ / \ / # d e f i n e f n m a t c h / ' config.h sed - i r ' s / # e r r o r Cyrus S A S L / \ / \ / # e r r o r Cyrus SASL/' J sx/cyrus_sasl. A

A

jabberd2, [1], , cyrus-sasl [2] Kerberos, , Heimdal Kerberos [3]. , , [4], . jabberd2 glibc 2.3.6, - fnmatch . -

. , , jabberd2 (Multi User/MU-confernce), . [6], , make mu-conference , jabberd2 ( /usr/bin). , , JCR, jabberd2 , mu-conference (0.7) . , jabberd2, , , jabberd2.

jabberd? jabberd2 , -

j abberd

mod active mod deliver mod echo mod iq-ping mod iq-vcard

mod amp mod disco-publish mod help mod iq-private mod iq-version

mod announce mod disco mod iq-last mod iq-time mod offline mad roster-publish

(id), mod presence mod privacy P r o c e s s ID mod roster mod session mod status (pidfile) \ mod template-roster mod validate mod vacation syslog (log). , 1 . j a b b e r d 2 (extensible) . . . ip port local jabberd2 , ( , router . ) , jabberd2 5347 , , , MU-Conference, jabberd2. -0030. router , , - ( , , , , ). [7]. jabberd2 , jabberd2, user, ( . MU-Conference) , secret. . , XML, , , . jabberd2 , . , xml.dist, acl aci. jabberd2, , ( ) jabberd. . resolver , SRV-, , , , s2s jabber . . SRV- _xmpp-server.Jcp J a b b e r . J c p /etc/jabberd , , - , .. , xml. (JID) , router, jabber- ( ), , . . router.xml DNS, : resolver.xml: router /var/ j abberd/pid/router. pid jabberd/router local3 127.0.0.K/ip> 5347 jabberd change-me change-me-too resolver /var/j abberd/pid/resolver.pid jabberd/resolver local3 127.0.0. K / i p > 5347 jabberd change-me _xmpp-server._tcp

_jabber._tcp

router , router, , ( , local router.xml). - , , : , . s2s. : s2s /var/jabberd/pid/s2s.pid *

PROGRAMS DOCUMENTS SETTINGS SEARCH H E L P and S U

RealVNC . , , , . , , Windows Vista, . Vista . , , UltraVNC.

5I]

SHUT D O W N -

:

. Windows Vista . .:

) PHONEBOOK " PHONEBOOK

QUICK COR

IONS

- HISTAJI *," HELP REQUEST RECORDINGS /

:

SCRIPT

- J INVENTORY

DESCNPTION

192, :.:

NAME

PHONE NUMBER

COMMUNICATION PROFILE COMMENT

. . , Windows. : http://www.realvnc.com.

Remote Office Manager , 2006 . - 3.3. , . - .: NetOp

.:

http://aledensoft.ru.

, , , , .

, . Windows Vista. . , , MSI. , . . .:

, , . , , .

, .. .VNC Viewer : Connection Details Saver: 192.168.0.1 J^JjJJJ, Encryption: jAi About... RealVNC Options... j ]Jj Cancel~ 3

DameWare pcAnywhere , , , , , , , , . DameWare ( ), . . VNC , , (, Remote Administrator, , ). . Windows Vista RDP Remote Office , Manager, . , Radmin, Netop, Remote Office . Manager , - , , - , Radmin -

* X

' ! g '

J

I MANUAL j LOGON |

I ^OFFLINE j ^] : L^=| LOGC ^! ] (

localhost {jfjfl

:j ^ / // W A K E O N IAN (33 $3 : 192.168.1.3 : 5650 ... DEL

Remote Office Manager

. , , Citrix, Remotely Anywhere , , , - ( VNC ). , , , , , , . , , , , , .

, - . Remote Office Manager - , , , , . Windows Vista,

Aero , , , . , , , . , . . , ,

, , ! 1. . :

. // , 5, 2007 . - . 18-33.

RDP Vista (Windows 2008 Server) ( ) Telnet 64- ( ) + DameWare + + + + + + + pcAnywhere + Radmin 3 + Netop + RealVNC + Remote Office Manager + + + +

+

+ +

+

+

+

+

+ + +

+ +

+ + +

+ + +

+

+

+ + + +

-

+ +

+ +

+

+

+ + +

-

+ +

0

+ +

$289 ( )

$199

+ + $49

+ + + $20

0 - $50

bugtrajM

Bea Weblogic Apache Connector: Bea Weblogic Server. : . : - Apache-. POST- . URL : www.bea.com/framework.jsp?CNT= index. htm&FP=/content/products/weblogic/server. : , .

Webex Meeting Manager WebexUCFObjeci ActiveX-: Webex Meeting Manager 20.2008.2601.4928, , . : . : - WebexUCFObject ActiveX- (atucfobj.dll) , NewObject(). - . URL : www.webex.com/downloads_webex.html. : 20.2008.2606.4919 .

IB Trend Micro OfficeScan: Trend Micro OfficeScan 7.3 build 1343(Patch 4), , , Trend Micro OfficeScan Corporate Edition 8.x. : . : - O f f i c e S c a n Corp Edition W e b Deployment ObjRemoveCtrl Class ActiveX- (OfficeScanRemoveCtrl.dll) OfficeScan- . - . URL : www.trendmicro.com/en/products/ desktop/osce/evaluate/overview.htm. : .

Microsoft Visual Studio: Microsoft Visual Studio 6.0, , . : . : - Masked Edit ActiveX- (Msmask32.ocx 6.0.81.69). - Mask, . URL : msdn2.microsoft.com/en-us/library/ ms950417,aspx. : Msmask32.ocx 6.0.84.18 .

xine-lib: xine-lib 1.1.15. : . : 1. - src/ demuxers/id3.c. - . 2. - demux_real_send_chunk() src/demuxers/demux_real.c. Real Media- . 3. - open_video_capture_device() src/input/input_v4l.c. 41_- . URL : xinehq.de. : 1.1.15 .

Joomla: Joomla 1.5.6. : . : - components/com_user/ models/reset.php. ( , ). : 1. : http://[host]/index.php?option= com_user&view=reset&layout=confirm. 2. 3. admin. 4. : http://[host]/administrator. 5. . URL : www.joomla.org. : 1.5.6 .

8, 2008

, , . ( . 2 2008 .)

, . , , - . , , . , , , , .

, . , , HTTP 304. HTTP 304, .

mod_accel [2]. nginx, .

, HTTP . - : , . , , . , If-Modified-Since , - , . , .

CentOS Redhat, . EAPI, mod_accel. [3]. .t a r - x z v f mod s s l - 2 . 8 . 4 - 1 3 . 2 0 . t a r . g z cd mod_ssl-2.8.4-1.3.20 ./configure -with-apache=. /apache-1.3.20 make

Apache 1.3.20 [4] :tar -xzvf apache_l.3.20.tar.gz

, [5]. t a r zxf mm-1.2.1.tar.gz cd mm-1.2.1 . / configure make make i n s t a l l

case " $ 1 " i n start) echo - n " S t a r t i n g : a p a c h e " /usr/local/apache/bin/apachectl echo " . "

start

mod_accel Apache:tar -xzvf mod_accel-l.0.34.tar.gz cd ./configure \ with-apache=../apache_l.3.20 \ with-eapi=../mode_ssl-2.8.4-1.3.20/pkg.eapi make #

stop) echo - n " S t o p p i n g s e r v i c e : a p a c h e " k i l l a l l httpd echo " . "

restart) $0 s t o p sleep 2 $0 s t a r t

*) echo "Osage: / e t c / i n i t . d / a p a c h e J { s t a r t | s t o p | r e s t a r t } " >S2 exit 1 \ esac exit 0

Apache :cd apache_1.3.20 EAPI_MM=../mm-1.2.1 ./configure - e n a b l e - r u l e = E A P I activate-module=src/modules/accel/libaccel.a make make i n s t a l l

:/etc/init.d/apache start

Apache Apache . Apache:# , . # - 1 AccelCacheRoot /home/dcache 1 # AccelNoCache off # URL AccelPass / http://10.10.10.11:80/ # AccelOnlinkNoCached off # X - H o s t H o s t , # . A c c e l S e t X H o s t on # I P - # X - R e a l - I P A c c e l S e t X R e a l l P on # URL # X-URL AccelSetXURL o n

. -

VPS . . .. -,

Apache , apache :m k d i r /home/dcache chown - R a p a c h e . a p a c h e / h o m e / d c a c h e

apache , chown. Apache /etc/init.d/ apache :#!/bin/sh # c h k c o n f i g : 2345 55 25

4 - 5 , M y S Q L 5 , M S S Q L , . N E T , FTP, Mail-, root-.

, . , , . - , if-modified-since , HTTP, 200, 304. , . , , . , , , : 1 .

# h e a d e r ( " L a s t - M o d i f i e d : T u e , 16 O c t 2007 1 2 : 4 5 : 2 6 GMT"); # . # # if($cache>0) f # , # header("Pragma: cache"); header("Cache-Control: cache") ;)

else{ # # header("Pragma: n o - c a c h e " ) ; header("Cache-Control: no-cache"); } # , $dt=time() ; $dt+=l; header("Expires: " . J gmdate("D, d M Y H : i : s " , $ d t ) . " GMT"); # echo $ c o n t e n t ; exit;)

: $cache 1. if-modified-since . $cached 0 1. $cached. 1, , - . 0, . , , $cache 0. ( ).

. , - memcached. #1. . . / / , 2 , 2 0 0 8 . - . 6 4 - 6 8 . http://www.samag.ru/cgi-bin/go.pl?q=articles;n=02.2008;a=01. 2. 4. 5. 5. 6. http://sysoev.ru/mod_accel. http://apache.org. http://www.engelschall.com/sw/mm. http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html. http://www.danga.com/memcached.

. " GMT");

3. h t t p : / / w w w . m o d s s l . o r g .

Softline 1993 Symantec, , Microsoft, Oracle, SAP, . Citrix, A d o b e

I

Softline, IT-,

,

IT- .

Softline Solutions CD

.

somine . .

I

119991 , . , . 8. . / : + 7 (495) 232-00-23. E-mail: i n f o @ s o f t l i n e . r u , h t t p : / / w w w . s o f t l i n e . r u M I , -, , , , , , , , , , , , , , , , --, , , , , , , , H I , ^" 3 ^ I -SBSB

, ? 1: 8 . 1: , , v8i. , . , 1: (. . 1). , (. . 2). v8i 1: -13 1: - ' . 1.5.17.3 i sql {[ J ;-: | h i J ,.: 7.7 .. . () ir.. ! File='\\greenpeaceMcv8\PDM\PDM Demo";1

. :[ s q l ] Connect=Srvr="Proliant7";Ref="ZP"; ID=c27al42e-5a9c-477c-a69f-12914al2b347 OrderInList=466944 Folder=/3apnnaia OrderInTree=32768 External=0

, , , , : - _] : [ 4 [ * ! ^ : ^Program FilesM cv81 \tmplts : I \U c\v81 \ . v8i i\\1c\lc\v81\PDMDemo.v8i

. 1: (. . 3). , v8i , 1: ^ 1: - 1.5.17.3 i sql .

1 .

I,:

1:

1

... ... ...

.. i ! ~~ ] 1 j F2 \ ~ , >L . I ~ 4 - I i 1 - ~ 1 7 IRTprrnRag I Sivr="Pfoliant7";Ref='ZP"; 3.

... .. ..

2 .

1: , , , . - .

- , . , . ( ) - , , , , . . , : ; ;

. , , , 2.5.9.2. , , , . , , . , , . 1: 8 http://v8.1c.ru/overview/ dcs_sample_report.htm - () 8.1 . . , ., 8.1. ; ; ; ; ; /; ; , ; ; ; .

, , IPSec. -, - . . - . , , PKI .

(Public Key I n f r a s t r u c t u r e ) . . , , PKI,

. PKI - . (Certificate Authority - ) - .

Microsoft Windows , (Certificate Services). , Windows 2003 Server. Microsoft PKI, -

. , , ( ) , VerySign. , . : (enterprise ) (stand-alone ). : (root) (subordinate). , ( Active Directory), ( ) . . , (issuing) , .

. , , . Microsoft 2 4: . (. . 1): : ; : ( , (intermediate), policy ); : , . . : (RootCA) . (SubCA)

, -, , , , , . . Microsoft , , - , . - VMware Virtual Server , . , (EntCA) , Active Directory , (). , .

RootCA

1 0

SubCA

0

EntCA

1 . . , ( ). (Certificate Revocation L i s t - C R L ) . . , , . , CRL CRL . CRL, , , CRL, - . CRL. 1 , - 3 , - . .

, , . : . ( ) ( ). 20 , - 10 , - 5 - 1 .

(11, Information Access - AIA). AIA , . .

. , . , . Dedicated.Root , Res.Dom - (). EntCA - Dedicated.Root.

, . capolicy.inf , , , . , , , . , , . [Certsrv_Server] , , . , , . [CRLDistributionPoint] [Authority InformationAccess] . capolicy.inf:[Version] S i g n a t u r e = "$Windows NT$" [Certsrv_Server] RenewalKeyLength=4096 RenewalValidityPeriod=Years RenewalValidityPeriodUnits=20 [CRLDistributionPoint] [AuthoritylnformationAccess]

. , enterprise ( - ) . Stand-Alone root , Use custom setting to generate the key pair and CA certificate . (Cryptographic Service Provider - CSP) ( Microsoft), - . 4096 , ( Allow this CSP to interact with the desktop , , -). (distinguished name). Active Directory, . , RootCA, DC=dedicated,DC=root. Validity Period . , 20 . , . , , ( C:\CAConfig). , , , .

, , , , RootCA. capolicy.inf, %Systemroot%. , . , .2J*iGeneral j Derate j Certification Path ]

J Certificate Information This certificate is intended for the following purpose(s): All issuance policies All application policies

Issued to: RootCA

Issued by: RootCA

Valid from 05.08.2008 to 05.08.2028

2 .

Internet Information Services ASRNET. , , , - , . - - Windows Certificate Services ( ). , .

RootCA , . , , , (. . 2). , C:\CAConfig. < _ >_.1 RootCA_RootCA.crt.

: General: , Issued by Issued to , . -, CRL ( RootCA). , , , CRL. -, , ; Details: . -, CRL Distribution CDP - P o i n t s A u t h o r i t y I n f o r m a t i o n , Access; C e r t i f i c a t i o n P a t h : . CDP This certificate is . , . - Certification Authority, , Administrative , CDP : Active Directory, Tools . , UNC http-. , . , , http . Properties CRL General, . Active View Certificate. Directory , , , AD CRL - CRL , , . , AD . , CDP CRL AIA. : CRL . CRL (CRL Distribution Points - CDP) Extensions () . : CRL AIA. CRL , CRL. - -, CRL . , ,

SLOIAGE GENERAL | SELECT EXTENSION:

POLICY MODULE

AUDITING | MODULE

SECURITY EXTENSIONS

1

[ C R L DISTRIBUTION POINT (CDP| SPECIFY LOCATIONS FROM WHICH USERS CAN OBTAIN A CERTIFICATE (EVOCATION LIST (CRL). CAWIND0WS\SYSTEM32\CERTSRV\CERTENRCILL\.CN= CRL. certutil - C R L ValidityPeriodUnits, 10. Certificate Authority. , , ValidityPeriod Years. CRL, . Certificate Authority , , - . $>

4. A I A

5. CRL

Revoked Certificates. Properties CRL Publishing Parameters. , CRL delta-CRL. , - , 6 . , CRL . , , , . , .

I

*% L

10 - $500, ANYTHING ELSE?

.

, ! . , 2 / 3 , . 2 9 1 - 6 1 - 3 2 , 2 0 2 - 6 1 - 4 3 ( ) e-mail: [email protected]

, , . , . , , .

OpenBSD (), , , ,

, , .

(http://www.openbsd.org/errata.html) , , : , errata43.html , 4.3. , (-

) (), . 4.3 5 . , , 3 : (-release), (-stable) (-current). , - , 6 CD, . , , . , , , OpenBSD . , , . . . . - , - () , . , , , , . , , , , ( ).

() (userland) - , ( ) . . , () . ftp (ftp://ftp.openbsd.Org/pub/OpenBSD/4.3) CD ( CD ). , ftp- , : src.tar.gz - ; sys.tar.gz - ; xenocara.tar.gz - X-Window X.org Xenocara, OpenBSD).

4.3/ccmmon/003_xorg . p a t c h 4.3/conmon/004_bind.patch 4.3/common/005_pcb. p a t c h

, 5 . common, . , head.$ cd /usr/src/patches/4.3/common $ h e a d - n 11 0 0 1 _ o p e n s s h . p a t c h Apply by doing: cd / u s r / s r c p a t c h -pO < 0 0 l _ o p e n s s h . p a t c h

And t h e n r e b u i l d and i n s t a l l f i l e : cd u s r . b i n / s s h stake o b j make c l e a n d i r make depend make make i n s t a l l

, ( O p e n S S H ) . - src.tar.gz sys.tar.gz ( ) /usr/src, a xenocara.tar.gz ( ). -/usr.$ # # $ # cd tar tar cd tar /usr/src -xvzf /usr/sys.tar.gz -xvzf /usr/src.tar.gz /usr -xvzf /usr/xenocara.tar.gz $ head 0 0 3 _ x o r g . p a t c h Apply by doing: cd /usr/xenocara #Assuming Xenocara i s i n / u s r / x e n o c a r a p a t c h -pO < 0 0 3 _ x o r g . p a t c h And t h e n r e b u i l d and i n s t a l l t h e X s e r v e r : cd xserver make - f Makefile. bsd-wrapper b u i l d

. .

(001_openssh.patch . .), (4.3.tar.gz). errata43.html ftp (ftp://ftp.openbsd.org/pub/ OpenBSD/4.3). , - , /usr/src/patches.# mkdir /usr/src/patches $ cd / u s r / s r c / p a t c h e s # tar -xvzf /usr/4.3.tar.gz 4.3/conmon/001_openssh. p a t c h 4.3/ccranon/002_openssh2 . p a t c h

Index:

xserver/Xext/security.

Xenocara, .$ head 005_pcb.patch Apply by doing: cd / u s r / s r c p a t c h -pO < 005_pcb.patch Then b u i l d and i n s t a l l a new k e r n e l .

Then build and install a new kernel , (. ).

, , . ( , head, -), , , ( patch) .

:$ # # # # cd / u s r / s r c / s y s / a r c h / i 3 8 6 / c o n f config GENERIC cd ../compile/GENERI make clean ss make depend ss make make i n s t a l l

() OpenBSD CVS, , /usr/src. CVS (AnonCVS) . http://www.openbsd.org/anoncvs.html . .$ cd / u s r / s r c # export [email protected]:/cvs # cvs -d$CVSROOT up -rOPENBSD_4_3 -Pd

, , : 30-40 ( OpenBSD). . - , : boot>. , .boot> b s d . o l d

CVS-cep anoncvs.de.openbsd.org. up cvs . - () . -Pd cvs ( ). cvs , checkout , (src, xenokara, ports). .$ cd / u s r # export [email protected]:/cvs # cvs -d$CVSROOT checkout -r0PENBSD_4_3 -P src

, . rm -rf root, ( /usr/obj/*), , - .# $ # # # # rm - r f / u s r / o b j / * cd / u s r / s r c make obj cd / u s r / s r c / e t c S S env DESTDIR=/ make d i s t r i b - d i r s cd / u s r / s r c make b u i l d

( ). .

, ( ) , (userland).

OpenBSD . . , , , , , . #>1. OpenBSD 4.3 release errata & patch list - http://www.openbsd.org/ errata43.html. 2. Documentation and Frequently Asked Questions - http://www. openbsd.org/faq. 3. Anonymous CVS - http://www.openbsd.org/anoncvs.html. 4. Following -stable (the Patch branch) - http://www.openbsd.org/ stable.html. 5. Patching and Kernel Building - h t t p : / / w w w . o p e n b s d 1 0 1 . c o m / patching.html.

, . conf /5///// conf. , , GENERIC. OpenBSD , , , , , . :# /bsd / b s d . o l d

IBM WebSphere Portal Server: IBM WebSphere Portal Server 5.1.0.0, 5.1.0.1, 5.1.0.2, 5.1.0.3, 5.1.0.4, 5.1.0.5, 6.0.0.0, 6.0.0.1, 6.0.1.0, [ 6.0.1.1, 6.0.1.3 6.1.0.0. : . : - , . HTTP- . URL : www-306.ibm.com/software/genservers/ portal. : 6.0.1.4 .

: Host-Based Intrusion Prevention System ( HIPS) 8.x; Internet Security Suite 2007; CA Internet Security Suite Plus 2008; CA Personal Firewall 2007; CA Personal Firewall 2008. : . : 1. - IOCTL- kmxfw.sys. IOCTL- SYSTEM. 2. - kmxfw.sys. : DoS-. i URL : www.ca.com. | : .

Ruby

: Ruby 1.8.5 ; Ruby 1.8.6286 ; Ruby 1.8.7-71 Python . : Python 2.4.x, 2.5.x. : . : . : 1. : 1. (safe level stringobject, u n i c o d e o b j e c t , restrictions). bufferobject, longobject, tupleobject, stropmodule, gcmodule untrace_var(), syslog mmapmodule. $ P R O G R A M _ N A M E 4 2. hashlib 1-3. , 2. - . WEBrick::HTTPUtils.split_header_value(). 3. Unicode-. HTTP- 32- . . 4. 3. - DL, PyOS_vsnprintf() , vsnprintf(). 5. . PyOS_vsnprintf() . 4. - , resolv.rb . DNS-. URL : python.org. DNS- 1 : SVN- URL : www.ruby-lang.org/en. ^>. : .

Symantec Veritas Storage Foundation: Symantec Veritas Storage Foundation j 5.0, 5 . 0 R P 1 a n 5 . 1 . : . : - , -\ NULL NTLMSSP--] . , . URL : www.symantec.com/enterprise/products/ overview.jsp?pcid=1020&pvid=203_1. : .

Sun Solaris

I : Sun Solaris 8, 9, 10. ! : . | : - snoop(1M), \ SMB-. , - i , | i snoop nobody. [ , -. URL : www.sun.com : .

STARTTLS Sendmail. TLS , , ().

S

TARTTLS (RFC 2487) SMTP. STARTTLS TLS- . , . Sendmail Red Hat Enterprise Linux 5.1. - Sendmail , Solaris. , , - sendmail. Red Hat Enterprise Linux/Fedora. , . OpenSSL, , , . . , . Open Source- MUA Windows Vista Windows Mail.

# define( confCACERTJ?ATH', /etc/pki/tls/certs')dnl1 1

# , . # define('confCACERT', ' / e t c / p k i / C A / c a c e r t . p e r n ' ) d n l # , # define('confSERVER_CERT', J /etc/pki/tls/certs/sendmail.crt')dnl4

# define('confSERVER_KEY , J '/etc/pki/tls/certs/sendmail.key')dnl1

:# , # . # , , define('confSERVER_CERT', J /etc/pki/tls/certs/sendmail.crt')dnl define('confSERVER_KEY', J /etc/pki/tls/certs/sendmail.key')dnl4 1

25- telnet:# o p e n s s l - i n s e n d m a i l . c s r - o u t s e n d m a i l . c r t Trying 192.168.0.17... Connected t o s t a t i o n l 7 . e x a n p l e . c o m (192.168.0.17) Escape c h a r a c t e r i s ]'. 220 s t a t i o n l 7 . e x a n p l e . c o m ESMTP Sendmail 8 . 1 3 . 8 / 8 . 1 3 . 8 ; Thu, 31 J u l 2008 14:21:33 +0400, A

. , STARTTLS . , , , STARTTLS. , . , . S/MIME GnuPG/PGP. :# o p e n s s l g e n r s a 1024 > s e n d m a i l . k e y # o p e n s s l r e q -new - k e y s e n d m a i l . k e y - o u t sendmail.csr

EHLO s t a t i o n l 8 . e x a m p l e . c o m 2 5 0 - s t a t i o n l 7 . e x a m p l e . c o m H e l l o s t a t i o n l 8 . e x a m p l e .com [ 1 9 2 . 1 6 8 . 0 . 1 8 ] , p l e a s e d t o meet y o u 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-81 ' 250-SIZE 250-DSN 250-ETRN 250-STARTTXS 250-DELIVERBY 250 HELP STARTTLS 220 2 . 0 . 0 Beady t o s t a r t TLS QUIT

. :# o p e n s s l - i n s e n d m a i l . c s r - o u t sendmail.crt

( ) . . , . MUA, mutt, , // log/maillog :J u l 31 0 1 : 0 7 : 2 1 s t a t i o n l 8 s e n d m a i l [ 9 5 5 8 ] : STARTTLS=client, r e l a y = s t a t i o n l 7 . e x a m p l e . c o m . , version=TLSvl/SSLv3, v e r i f y = O K , cipher=33HE-RSA-AES256-SHA, b i t s = 2 5 6 / 2 5 6 J u l 31 0 1 : 0 7 : 2 1 s t a t i o n l 8 s e n d m a i l [ 9 5 5 8 ] : m6UL7Lpc009556: to=, c t l a d d r = < r o o t @ s t a t i o n l 8 . e x a m p l e . com> ( 0 / 0 ) , d e l a y = 0 0 : 0 0 : 0 0 , x d e l a y = 0 0 : 0 0 : 0 0 , m a i l e r = e s m t p , pri=120467, relay=stationl7.example.com. [192.168.0.17], d s n = 2 . 0 . 0 , s t a t = S e n t (m6UL7LpK009193 Message a c c e p t e d f o r delivery)

/etc/pki/tls/ certs. 600 400. /etc/ mail/sendmail.mc. :

:J u l 31 0 1 : 0 7 : 2 1 s t a t i o n l 7 s e n d m a i l [ 9 1 9 3 ] : STARTTLS=server, relay=stationl8.exanple.com [192.168.0.18], version=TLSvl/SSLv3, v e r i f y = O K , cipher=DHE-RSA-AES256-SHA, b i t s = 2 5 6 / 2 5 6 J u l 31 0 1 : 0 7 : 2 1 s t a t i o n l 7 s e n d m a i l [ 9 1 9 3 ] : m6UL7LpK009193: from=, s i z e = 7 4 8 , c l a s s = 0 , n r c p t s = l , msgid.=, proto=ESMTP, daemon=MTA, r e l a y = s t a t i o n l 8 . example, com [ 1 9 2 . 1 6 8 . 0 . 1 8 ] J u l 31 0 1 : 0 7 : 2 1 s t a t i o n l 7 s e n d m a i l [ 9 1 9 4 ] : m6UL7LpK009193: to=, d e l a y = 0 0 : 0 0 : 0 0 , x d e lay=00:00:00, m a i l e r = l o c a l , pri=31037, dsn=2.0.0, stat=Sent

MUA, Windows Mail. , :# cat /etc/mail/access

, , , . , wireshark tcpdump.

Connect:localhost.localdomain BELAY Connect : l o c a l h o s t RELAY Connect:127.0.0.1 RELAY CERTISSUER:/C^/ST=Berkshire/I^Nev*ury/C)^+20Ccimpany+20Ltd/ CN=Station+2018+20CA RELAY CERTSUBJECT: /C>^/SlbBerkshire/I^Newbury/C=My+20Coitpany+20Ltd/ CN=Station+2018+20CA RELAY

TLS Sendmail , , TLS . , - , TLS. :J u l 30 2 3 : 2 9 : 0 9 s t a t i o n l 7 sendmail [ 8 2 2 8 ] : STARTTLS=server, r e l a y = s t a t i o n 5 1 . example. com [ 1 9 2 . 1 6 8 . 0 . 5 1 ] , version=TLSvl/SSLv3, v e r i f y = N O , cipher=DHE-RSA-AES256-SHA, b i t s = 2 5 6 / 2 5 6 J u l 30 2 3 : 2 9 : 0 9 s t a t i o n l 7 s e n d m a i l [ 8 2 2 8 ] : m6UJT8GH008228: from=, s i z e = 3 4 1 , c l a s s = 0 , n r c p t s = l , msgid=, proto=ESMTP, daemon=MTA, r e l a y = s t a t i o n 5 1 . e x a m p l e . c o m [ 1 9 2 . 1 6 8 . 0 . 5 1 ] J u l 30 2 3 : 2 9 : 0 9 s t a t i o n l 7 s e n d m a i l [ 8 2 2 9 ] : m6TJJT8GH008228: to=, ctladdr= ( 5 0 7 / 5 0 8 ) , d e l a y = 0 0 : 0 0 : 0 0 , x d e l a y = 0 0 : 0 0 : 0 0 , m a i l e r = l o c a l , pri=30623, dsn=2.0.0, stat=Sent

, . CERTISSUER CERTSUBJECT , Issuer Subject :# o p e n s s l 509 - i n c a c e r t . p e m - n o o u t - s u b j e c t -issuer

s u b j e c t = /C=GB/ST=Berkshire/L=Newbury/0=4fy Company L t d / O J = S t a t i o n 18 CA i s s u e r = /CM3/ST=Berkshire/L=Mei*jury/0=*fy Company L t d / CN=Station 18 CA

, {, , (, ), ",+,}, ASCII-, . :# man a s c i i

, verify NO. . . OpenSSL, , . , , . - -. , :# o p e n s s l g e n r s a 1024 > a n d r e y . k e y # o p e n s s l r e q -new - k e y a n d r e y . k e y - o u t andrey.csr

/var/log/messages :J u l 31 0 2 : 1 0 : 3 1 s t a t i o n l 7 s e n d m a i l [ 9 7 0 0 ] : STARTTLS=server, r e l a y = s t a t i o n 5 1 . e x a m p l e . c o m [ 1 9 2 . 1 6 8 . 0 . 5 1 ] , version=TLSvl/SSLv3, v e r i f y = O K , cipher^AES128-SHA, b i t s = 1 2 8 / 1 2 8 J u l 31 0 2 : 1 0 : 3 1 s t a t i o n l 7 s e n d m a i l [ 9 7 0 0 ] : m6UMAVTH009700: from=, size=112S, c l a s s = 0 , n r c p t s = l , msgid=, proto=ESMTP, daemon=MIA, r e l a y = s t a t i o n 5 1 . e x a m p l e . c o m [ 1 9 2 . 1 6 8 . 0 . 5 1 ] J u l 31 0 2 : 1 0 : 3 1 s t a t i o n l 7 s e n d m a i l [ 9 7 0 2 ] : SIARTTLS=client, r e l a y = s t a t i o n l 8 . e x a m p l e . c o m . , version=TLSvl/SSLv3, v e r i f y = O K , cipher=DHE-RSA-AES256-SHA, b i t s = 2 5 6 / 2 5 6 J u l 31 0 2 : 1 0 : 3 1 s t a t i o n l 7 s e n d m a i l [ 9 7 0 2 ] : m6UMAVTH009700: to=, ctladdr= ( 5 0 7 / 5 0 8 ) , d e l a y = 0 0 : 0 0 : 0 0 , x d e l a y = 0 0 : 0 0 : 0 0 , m a i l e r = e s m t p , pri=121128, relay=stationl8.example.com. [192.168.0.18], d s n = 2 . 0 . 0 , s t a t = S e n t (m6UMAVR4009739 Message a c c e p t e d f o r d e l i v ery)

:# o p e n s s l - i n a n d r e y . c s r - o u t andrey.crt

PKCS#12:# c a t andrey.key a n d r e y . c r t > andrey.pem # openssl pkcsl2 - e x p o r t - i n andrey.pem J - o u t t e s t u s e r c e r t . p l 2 -name " A n d r e y ' s P e r s o n a l

cert"

, . , , wireshark. , , Sendmail, STARTTLS . . >

? {, . 7 2008 .) . - , : ( ) ( , ). , . , , , . , , . . . : ( , ), , , ( . 3 . 177 ), , . , , . , , , . - . . , ,

, , . , , . , 2 2005 . N 636, , , . . 4 , , , , , , ( ) , . , . , . , , , . . , , . : ; , 144 ( ) 145 ( -

) ; ; , ; . , , .. : , . , , , , . , , ; , . , . # ) [email protected] www.samag.ru/forum.

Java- jar-, . jar- , . Java- j a r - (Java ARchive), zip-. , - , . : jar- , ; ;

:

; ; . JAR jar, JDK (Java Development Kit), JAR API. , , , , , -

. JAR API jar- , . ( - (.) , . . ( ).

jar jar (http://java. sun.eom/javase/6/docs/technotes/tools/

solaris/jar.html). , . : // JAR- JAR CFFILE.JAR _ // JAR TF FILE, JAR // J R A - JAR XF FILE, JAR

1 . Manifest-Version Created-By Signature-Version Class-Path Main-Class -. : +{.+}* Java, . jar jar-. , Manifest-Version (URL) , main(String[] args). .class. , jar, Java : Java -jar file.jar

MANIFEST.MFJAR File Specification (http://java.sun. com/javase/6/docs/technotes/guides/jar/ jar.html), file.jar META-INF/MANIFEST.MF, UTF-8. jar-, , JDK, jar-: MANIFEST-VERSION: 1.0 CREATED-BY: 1.6.0 (SUN MC O Y T M INC.) I R S SE Sjava.util.jar.Attribut.es

2. JAR API jar-, , .class java.util.zip.ZipFile . jar- Java.util.zip.ZiplnputStream . jar- java.util.zip.ZipOutputStream . jar- . jar- : :!/{_)_), : jar:http://www.site.org/folder/ file.jarl/org/site/Clazz.class classpath ( , , Class-Path) java.utii.jar.Attributes.Name java.util.jar.JarEntry java.util.jar. JarFile java.util.jar.JarlnputStream java.util.jar. JarOutputStream java.util.jar.Manifest java.net.JarURLConnection

java.net. URLCIassLoader

( , 1) ( ) . , _ , - 70 . , , . JAR META-INF/ MANIFEST.MF , JAR.

PUBLIC STATIC VOID MAIN(STRING[] ARGS) ( SYSTEM.OUT.PRINTLN("MAIN(): "),}

MANIFEST.MF : MANIFEST-VERSION: 1.0 CREATED-BY: 1.6.0_03-B05 (SUN MC O Y T M INC.) I R S SE S MAIN-CLASS: PKG.MAIN URL : U LFILEURL= NW FILE ("FILE. JAR") . TOURL(); R E U L U L = NW URL("JAR", "",FILEURL+ "!/"); R R E :

JAR API Java 1.6 JAR API java.util.jar, java.net. JarURLConnection Java.net.URLCIassLoader. (. 2).

, public static void main(String[] args) jar-. , file.jar, pkg.Main: PACKAGE PKG; PUBLIC CLASS MAIN {

PUBLIC STATICFINALSTRING M I _ E H D = "MAIN"; AN M T O PUBLIC VOID RUNMAINMETHOD(STRING C A S A E T R W J L S N M ) HO S EXCEPTION { STRING!] A G = NW STRING[1]; RS E CLASS CLAZZ; MT O M I M T O ; E H D AN E H D // CLASSLOADER URLCIASSLOADER URLCLASSLOADER = NW URLCIASSLOADER(NEW URL[] { U L }); E R // CLAZZ = URLCLASSLOADER.LOADCLASS(CLASSNAME); // M I - , AN // M I M T O = CLAZZ.GETMETHOD(MAIN_METHOD, J A EH D N ARGS. GETCLASS ()) ; MAINMETHOD.SETACCESSIBLE(TRUE); INT M D = MAINMETHOD.GETMODIFIERS(); OS IF (MAINMETHOD.GETRETURNTYPE() != VOID.CLASS || IMODIFIER.ISSTATIC(MODS) || J !MODIFIER.ISPUBLIC(MODS)) ( T R W NW N S C M T O E C P I NM I _ E H D; HO E O U H E H D X E TO ( AN M T O )

} else { / / , / / , . // n u l l , mainMethod.invoke(null, a r g s ) ;)}

:M a n i f e s t - V e r s i o n : 1.0 Created-By: J a r A t t r i b u t e W r i t e r A t t r i b u t e _ l : Value_l A t t r i b u t e 2: Value 2

JAR API - main() jar-. runMainMethod() , Main-Class:p r i v a t e S t r i n g getMainClassName() throws IOException { JarURLConnection connection = J (JarURLConnection) u r l . o p e n C o n n e c t i o n ( ) ; Attributes attributes = J connection.getMainAttributes(); r e t u r n attributes.getValue(Attributes.Name.MAIN_CLASS);}

jar- - , , jar- . JarAttributeReader:import Java.io.IOException; import J a v a . u t i l . j a r . A t t r i b u t e s ; import J a v a . u t i l . j a r . J a r F i l e ; p u b l i c class JarAttributeReader { p r i v a t e s t a t i c final S t r i n g OUTPUTJTEMPLATE

= "%s=%s";

runMainMethodQ :main():

/ / jar- filename A t t r i b u t e s g e t A l l A t t r i b u t e s ( S t r i n g filename) throws J IOException ( JarFile j a r F i l e ; Attributes attributes; j a r F i l e = new JarFile(filename); attributes = jarFile.getManifest(). J getMainAttributes(); return attributes;}

main() jar-, . , . , JarAttributeWriter :import import import import import import Java.io.ByteArraylnputStream; java.io.FileOutputStream; Java.io.IOException; Java.io.InputStream; java.io.OutputStream; Java.util.jar.Manifest;

// v o i d p r i n t A l l A t t r i b u t e s W i t h V a l u e s ( S t r i n g filename) { try { Attributes attributes = J getAllAttributes(filename); f o r (Object : a t t r i b u t e s . k e y S e t ( ) ) ( System.out.println J (String.format J

(OUTPUTJTEMPLATE, J

o, a t t r i b u t e s . g e t V a l u e J (o.toStringO))) ;}

} catch (IOException e) { e.printStackTrace();} })

p u b l i c class J a r A t t r i b u t e W r i t e r ( p r i v a t e s t a t i c final S t r i n g LINEJIEMPLATE = "%s: %s\n"; // - // filename p u b l i c v o i d generateManifest(String filename) ( S t r i n g B u f f e r buf = new S t r i n g B u f f e r ( ) ; buf.append(getLine("Manifest-Version", "1.0")); buf.append(getLine("Created-By", J t h i s . g e t C l a s s ( ) .getName())) ; buf.append(getLine("Attribute_l", "Value_l"));

:Manifest-Version=l. Created-By=JarAttributeWriter Attribut