2021年4月28日 星期三

Install Moxa NPort Real TTY drivers for Linux 5.x.x on Ubuntu 20.04

今天開會同事說安裝Moxa的Nport driver 在Ubuntu 20.04上無法complier

所以我自己下載了一個ubuntu 20.04安裝看看 結果成功了

首先到moxa網站如下網址下載driver

https://www.moxa.com/getmedia/c075914f-6187-4f7f-a1c8-e444389d69e8/moxa-real-tty-drivers-for-linux-5.x.x-driver-v5.0.tgz

解開這個檔案後裡面有一個readme.txt 打開會寫如何安裝driver 然後有一個system Requirement如下所示 所以就照順序每個套件安裝 

System Requirement

    To install this driver, you will need NPort Server and one of the
    following system.

     -  kernel 3.0 or above and the kernel source package
     -  gcc-2.7.2.1 or above
     -  ld.so-1.7.14 or above
     -  libc.so-5 or above
     -  binutils-2.7.0 or above
     -  make-3.74 or above
     -  gunzip-1.2.4 or above
     -  gawk-3.1.1.9 or above
     -  openssl-1.0.0 or above (For Secure Real COM Mode only)
     -  libssl-dev-1.0.0 or above (For Secure Real COM Mode only)
     
    Additional requirements for Raspbian
     -  gcc-4.8.3 or above
     -  ncurses-devel-5.9 or above
     -  rpi-source, read the instruction from it's website.

    

1.先安裝Ubuntu 20.04

2.然後安裝gcc 指令如下
sudo apt update
sudo apt install build-essential

3.安裝
libc.so
指令如下
sudo ln -s /lib64/x86_64-linux-gnu/libc.so.6 /lib64/libc.so.6

4.安裝binutils指令如下
sudo apt-get update -y

sudo apt-get install -y binutils-common

5.安裝make指令如下
sudo apt-add-repository ppa:ubuntu-desktop/ubuntu-make 

sudo apt-get update 

sudo apt-get install ubuntu-make 


6.安裝gunzip指令如下

sudo apt-get update -y

sudo apt-get install -y gzip


7.安裝gawk 指令如下
sudo apt-get update -y

sudo apt-get install -y gawk


8.安裝openssl指令如下(nport 6系列才有用)

sudo apt update

sudo apt install openssl

9.安裝libssl指令如下(nport 6系列才有用)

sudo apt install libssl-dev


10.安裝ncurses-devel (樹莓派才需要)
Sudo apt install ncurses-devel

ncurses-devel


11.重新開機
reboot

12.安裝Nport Real TTY drivers for Linux 5.x.x
解壓縮到moxa目錄 cd到 moxa目錄執行
sudo ./mxinst


然後出現如下字串安裝成功
===============================================================================
Installation process is completed.
The all driver files are installed on /usr/lib/npreal2/driver.
Now you can cd /usr/lib/npreal2/driver and run ./mxaddsvr to add tty port.
===============================================================================

安裝過程截圖如下





















張貼者: 沒有留言:
標籤: , , , ,

2021年4月8日 星期四

ASP .Net Core MVC 3.1 偵測到漏洞 HSTS Missing From HTTPS Server (RFC 6797)

ASP .Net Core MVC 3.1 的網站使用nessus弱點掃描
偵測到漏洞 HSTS Missing From HTTPS Server (RFC 6797)
原本網站的 Startup.cs 的HTTPS Redirect寫成
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)        {
  app.UseForwardedHeaders();
            app.Use(async (context, next) =>
            {
                if (context.Request.IsHttps || context.Request.Headers["X-Forwarded-Proto"] == Uri.UriSchemeHttps)
                {
                    await next();
                }
                else
                {
                    string queryString = context.Request.QueryString.HasValue ? context.Request.QueryString.Value : string.Empty;
                    var https = "https://" + context.Request.Host + context.Request.Path + queryString;
                    context.Response.Redirect(https);
                }
            });

            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }
            else
            {
                app.UseExceptionHandler("/Home/Error");
                // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
                app.UseHsts();
            }
            app.UseHttpsRedirection();
            app.UseStaticFiles();
}

改成 
 services.Configure<ForwardedHeadersOptions>(options =>
            {
                options.ForwardedHeaders =
                    ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
                options.KnownNetworks.Clear();
                options.KnownProxies.Clear();
            });
            services.AddHttpsRedirection(opt => opt.HttpsPort = 443);
//其他省略
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
        {
            app.UseForwardedHeaders();
            app.Use(async (context, next) =>
            {
                context.Response.Headers.Add("X-Frame-Options", "SAMEORIGIN"); // Or this
                await next();
            });

            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }
            else
            {
                app.UseExceptionHandler("/Home/Error");
                // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
                app.UseHsts();
            }
            app.UseHttpsRedirection();
            app.UseStaticFiles();
//其他省略
}

然後就正常了



張貼者: 沒有留言:
標籤: , ,

解決 ASP .Net Core MVC 3.1 的Clickjacking弱點

 弱掃偵測偵測到一個ClickJacking的弱點

Web Application Potentially Vulnerable to Clickjacking

解決方法在 Startup.cs 的Configure 加上 header SAMEORIGIN 如下方程式碼

或是加上deny 不能同時加 同時加就會500

app.Use(async (context, next) =>
	{
	context.Response.Headers.Add("X-Frame-Options", "SAMEORIGIN");
	await next();
	});
張貼者: 沒有留言:
訂閱: 文章 (Atom)