document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-01-28 23:20:10 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'LCTT/master'

Browse Source
This commit is contained in:
Xingyu Wang 2020-12-07 21:04:13 +08:00
commit 21859013b0
7 changed files with 227 additions and 225 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
translated/tech/20201026 7 Git tricks that changed my life.md → published/20201026 7 Git tricks that changed my life.md
View File

@ -1,8 +1,8 @@
[#]: collector: (lujun9972)
[#]: translator: (wxy)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-12894-1.html)
[#]: subject: (7 Git tricks that changed my life)
[#]: via: (https://opensource.com/article/20/10/advanced-git-tips)
[#]: author: (Rajeev Bera https://opensource.com/users/acompiler)
@ -12,9 +12,9 @@
> 这些有用的技巧将改变你使用这个流行的版本控制系统的工作方式。
[打开文件或窗口的电脑屏幕][1]
![](https://img.linux.net.cn/data/attachment/album/202012/07/092803d67fa7bttuuj98fb.jpg)
Git 是目前最常见的版本控制系统之一,无论是私有系统还是公开托管的网站,都在使用它进行各种开发工作。无论我对 Git 的使用有多熟练,似乎总有一些功能还没有被发现,下面是改变我使用 Git 工作方式的七个技巧。
Git 是目前最常见的版本控制系统之一,无论是私有系统还是公开托管的网站,都在使用它进行各种开发工作。无论我对 Git 的使用有多熟练,似乎总有一些功能还没有被发现,下面是改变我使用 Git 工作方式的七个技巧。
### 1、Git 中的自动更正
@ -53,9 +53,9 @@ Git 现在不会建议使用其他子命令,而是直接运行最上面的建
### 2、计算你的提交量
有很多原因让你需要计算提交数。例如,许多开发者通过计算提交数量来判断何时增加构建版本号,或者只是为了了解项目的进展情况。
你需要计算提交数量可能有很多原因。例如,许多开发者通过计算提交数量来判断何时该增加构建版本号,或者只是想了解项目的进展情况。
要计算提交数其实很简单直接,下面是 Git 的命令:
要计算提交数其实很简单直接,下面是 Git 的命令:
```
$ git rev-list --count branch-name
@ -86,7 +86,7 @@ $ git gc --prune=now --aggressive
### 4、备份未被跟踪的文件
大多数时候,删除所有未被跟踪的文件是安全的。很多时候,你不仅要删除,还要为你的未跟踪文件创建一个备份,以备以后需要。
大多数时候,删除所有未被跟踪的文件是安全的。不过很多时候,你不仅要删除,还要为你的未跟踪文件创建一个备份,以备以后需要。
通过 Git 和一些 Bash 命令管道,可以很容易地为你的未被跟踪的文件创建一个压缩包:
@ -109,13 +109,13 @@ $ ls -a
Git 的工作主要依赖于两个部分:
1. 工作树(你当前签出的文件状态)。
2. 你的 Git 仓库的路径(特别是 `.git` 文件夹的位置,其中包含版本信息)。
2. 你的 Git 仓库的路径(即你的 `.git` 文件夹的位置,其中包含版本信息)。
这个文件夹存储了所有的引用和其他重要的细节比如配置、仓库数据、HEAD 状态、日志等等。
如果你删除这个文件夹,你的源代码的当前状态不会被删除,但你的远程信息,如你的项目历史记录,会被删除。删除这个文件夹意味着你的项目(至少是本地副本)不再处于版本控制之下。这意味着你不能跟踪你的变化;你不能从远程拉取或推送。
一般来说,没有什么需要在 `.git` 文件夹里做的,也没有什么应该做的。它是由 Git 管理的,被认为基本上是禁区。然而,这个目录里有一些有趣的工件,包括 HEAD 的当前状态。
一般来说,不需要在 `.git` 文件夹里做什么,也没有什么应该做的。它是由 Git 管理的,基本上被认为是禁区。然而,这个目录里有一些有趣的工件,包括 HEAD 的当前状态。
```
$ cat .git/HEAD
@ -128,9 +128,9 @@ ref: refs/heads/master
$ cat .git/description
```
这是一个未命名的仓库,编辑这个 `description` 文件命名这个仓库。
这是一个未命名的仓库,编辑这个 `description` 文件可以命名这个仓库。
Git 钩子文件夹也在这里,里面有一些钩子示例文件。你可以阅读这些示例来了解通过 Git 钩子可以实现什么,你也可以 [阅读 Seth Kenlon 的 Git 钩子介绍][4]。
Git 钩子文件夹`hooks`也在这里,里面有一些钩子示例文件。你可以阅读这些示例来了解通过 Git 钩子可以实现什么,你也可以 [阅读 Seth Kenlon 的 Git 钩子介绍][4]。
### 6、查看另一个分支的文件
@ -157,7 +157,7 @@ $ git rev-list --all | xargs git grep -F 'string'
例如,假设你想在你的版本库中搜索 `font-size: 52 px;` 这个字符串:
```
$ git rev-list all | xargs git grep -F font-size: 52 px;
$ git rev-list all | xargs git grep -F 'font-size: 52 px;'
F3022…9e12:HtmlTemplate/style.css: font-size: 52 px;
E9211…8244:RR.Web/Content/style/style.css: font-size: 52 px;
```
@ -175,7 +175,7 @@ via: https://opensource.com/article/20/10/advanced-git-tips
作者:[Rajeev Bera][a]
选题:[lujun9972][b]
译者:[wxy](https://github.com/wxy)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
@ -183,7 +183,7 @@ via: https://opensource.com/article/20/10/advanced-git-tips
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/browser_screen_windows_files.png?itok=kLTeQUbY (Computer screen with files or windows open)
[2]: https://git-scm.com/book/en/v2/Customizing-Git-Git-Configuration#_code_help_autocorrect_code
[3]: https://opensource.com/article/20/8/dont-ignore-gitignore
[3]: https://linux.cn/article-12524-1.html
[4]: https://opensource.com/life/16/8/how-construct-your-own-git-server-part-6
[5]: http://README.md
[6]: https://acompiler.com/git-tips/

36
translated/tech/20201129 How to Go Full Dark Mode With LibreOffice.md → published/20201129 How to Go Full Dark Mode With LibreOffice.md
View File

@ -1,36 +1,38 @@
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-12893-1.html)
[#]: subject: (How to Go Full Dark Mode With LibreOffice)
[#]: via: (https://itsfoss.com/libreoffice-dark-mode/)
[#]: author: (Dimitrios Savvopoulos https://itsfoss.com/author/dimitrios/)
如何使用 LibreOffice 进入黑暗模式
如何在 LibreOffice 中完全启用深色模式
======
[LibreOffice][1] 是一款免费的开源跨平台办公生产力软件。如果你没有充分利用它,那么必须看下 [LibreOffice 小技巧][2]。
![](https://img.linux.net.cn/data/attachment/album/202012/07/083812n0zgss9qt175pm9z.jpg)
黑暗主题甚至在非编程人员中也越来越受欢迎。它减轻了眼睛的压力,特别适合长时间使用屏幕。有人认为,这使文本看起来清晰明了,有助于提高生产率
[LibreOffice][1] 是一款自由开源的跨平台办公生产力软件。如果你没有充分利用它,那么必须看下 [LibreOffice 小技巧][2]
如今,某些 Linux 发行版例如 [Ubuntu 带有黑暗模式][3],使你的系统具有更暗的色彩。当你打开黑暗模式时,某些应用将自动切换到黑暗模式。
甚至在非编程人员中,深色主题也越来越受欢迎。它减轻了眼睛的压力,特别适合长时间使用屏幕。有人认为,这使文本看起来清晰明了,有助于提高生产率。
如今,某些 Linux 发行版例如 [Ubuntu 带有深色模式][3],使你的系统具有更暗的色彩。当你打开<ruby>深色模式<rt>dark mode</rt></ruby>时,某些应用将自动切换到深色模式。
LibreOffice 也会这样,但你编辑的主区域除外:
![LibreOffice semi dark mode matching with the system theme][4]
你可以更改它。如果要让 LibreOffice 进入完全黑暗模式,只需更改一些设置。让我告诉你如何做。
你可以更改它。如果要让 LibreOffice 进入完全深色模式,只需更改一些设置。让我告诉你如何做。
### 如何在 LibreOffice 中完全启用黑暗模式
### 如何在 LibreOffice 中完全启用深色模式
如前所述,你需要先启用系统范围的黑暗模式。这样可以确保窗口颜色(或标题栏)与应用内深色完全融合。
如前所述,你需要先启用系统范围的深色模式。这样可以确保窗口颜色(或标题栏)与应用内深色完全融合。
接下来,打开套件中的_**任意**_ LibreOffice 工具,例如 ** Writer **。然后从菜单中,依次点击 **Tools -&gt; Options -gt; Application Colors**,然后选择 **Document background 和 Application background****Black****Automatic**(任意适合你的方式)。
接下来,打开套件中的**任意** LibreOffice 应用,例如 **Writer**。然后从菜单中,依次点击 **Tools -> Options -> Application Colors**,然后选择 **Document background 和 Application background****Black****Automatic**(任意适合你的方式)。
![][5]
如果图标不是深色,那么可以从菜单(如下图所示)中更改它们,** Tools -&gt; Options -&gt; View** ,我在 MX Linux 上的个人选择是 Ubuntu 的 [Yaru][6] 图标样式(如果你使用的图标包为黑暗版本,请选择它) 。
如果图标不是深色,那么可以从菜单(如下图所示)中更改它们,**Tools -> Options -> View** ,我在 MX Linux 上的个人选择是 Ubuntu 的 [Yaru][6] 图标样式(如果你使用的图标包为深色版本,请选择它) 。
![][7]
@ -42,17 +44,17 @@ LibreOffice 也会这样,但你编辑的主区域除外:
#### LibreOffice flatpak 软件包的其他技巧
如果你使用的是 LibreOffice 套件的 [Flatpak 软件包][10],那么 LibreOffice 的标题区域(或菜单区域)可能看起来是白色的。在这种情况下,你可以尝试进入 **Tools-&gt; Options-&gt; Personalization**,然后选择 “**灰色主题**”,如下截图所示。
如果你使用的是 LibreOffice 套件的 [Flatpak 软件包][10],那么 LibreOffice 的标题区域(或菜单区域)可能看起来是白色的。在这种情况下,你可以尝试进入 **Tools -> Options -> Personalization**,然后选择 “**灰色主题**”,如下截图所示。
![][11]
它并不完全是黑色的,但应该可以使外观看起来更好。希望可以帮助你切换到黑暗主题的 LibreOffice 体验!
它并不完全是黑色的,但应该可以使外观看起来更好。希望可以帮助你切换到深色主题的 LibreOffice 体验!
#### 总结
黑暗主题逐渐开始在我们的台式机中占主导地位,它具有现代品味并减少了眼睛疲劳,尤其是在弱光条件下。
深色主题逐渐开始在我们的台式机中占主导地位,它具有现代品味并减少了眼睛疲劳,尤其是在弱光条件下。
LibreOffice 使你可以自由地将工作环境切换为黑暗主题或保留浅色主题元素。实际上,你将有大量的自定义选项来调整你喜欢的内容。你是否已在 LibreOffice 上切换为黑暗主题?你首选哪种颜色组合?在下面的评论中让我们知道!
LibreOffice 使你可以自由地将工作环境切换为深色主题或保留浅色主题元素。实际上,你将有大量的自定义选项来调整你喜欢的内容。你是否已在 LibreOffice 上切换为深色主题?你首选哪种颜色组合?在下面的评论中让我们知道!
--------------------------------------------------------------------------------
@ -61,7 +63,7 @@ via: https://itsfoss.com/libreoffice-dark-mode/
作者:[Dimitrios Savvopoulos][a]
选题:[lujun9972][b]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

72
sources/tech/20201201 How this open source security tool halted significant DDoS attacks.md
View File

@ -1,72 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How this open source security tool halted significant DDoS attacks)
[#]: via: (https://opensource.com/article/20/12/open-source-vs-ddos-attacks)
[#]: author: (Philippe Humeau https://opensource.com/users/philippe-humeau)
How this open source security tool halted significant DDoS attacks
======
Configuration changes to CrowdSec stopped a 7,000-machine botnet in less
than a minute.
![Security monster][1]
In 2020, our ways of living and working were turned completely upside down in a matter of days. As COVID-19 began to spread across the globe, we brought our companies home, and staying connected to our colleagues, friends, and family online became a critical necessity. This opened the door for hackers to cause disruption; for example, distributed denial of service (DDoS) attacks around the world were [up 151%][2] in the first half of the year, according to Neustar.
[CrowdSec][3] is an open source security engine that analyzes visitor behavior and provides an adapted response to all kinds of attacks. It parses logs from any source and applies heuristic scenarios to identify aggressive behavior and protect against most attack classes. It then shares that intelligence with other CrowdSec installations; every time an internet protocol (IP) address is blocked, it informs the entire user community. This creates a [real-time, collaborative IP reputation database][4] that leverages the crowd's power to make the internet safer.
### How CrowdSec works: a case study
Sorf Networks, a Turkey-based technology company that provides high-configuration managed servers and DDoS protection solutions for its clients, offers an example of how CrowdSec works. One of Sorf's customers was experiencing daily DDoS attacks from 10,000+ machine botnets and struggled to find a solution that would meet technical requirements to deal with them in a timely manner.
While the customer took general precautions to mitigate those attacks, such as introducing JavaScript (JS) challenges, rate-limiting, and so on, they weren't viable on the entire attack surface. Some URLs needed to be consumed by very basic software that didn't support JS challenges. Hackers being hackers, this was exactly what they targeted every single day: the weakest link in the chain.
Sorf Networks first set up a DDoS mitigation strategy for its customer using [Fail2ban][5] (which inspired CrowdSec); it helped to some degree, but it was too slow. It required 50 minutes to process logs and deal with 7,000- to 10,000-machine DDoS attacks—which rendered it ineffective in this situation. Also, logs continued to stack because it did not ban IPs, and it needed to process several thousand logs per second, which was not possible.
In DDoS testing using a rented botnet, an attack reached around 6,700 requests per second from 8,600 unique IPs. This is a capture of one server's traffic.
![Server traffic][6]
(©2020, CrowdSec)
Although CrowdSec technology can cope with huge attacks, its default setup can process only around 1,000 endpoints per second. Sorf needed a tailor-made configuration to deal with this much traffic on a single machine.
Sorf's team made changes in CrowdSec's configuration to significantly improve its throughput to absorb the log volume. First, it removed expensive and non-crucial enrichment parsers, such as [GeoIP enrichment][7]. It also increased the default number of allowed go-routines from one to five. Afterward, the team did another live test with 8,000 to 9,000 hosts, averaging between 6,000 and 7,000 requests per second. This solution came at a cost, as CrowdSec was eating 600% CPU during the operation, but its memory consumption stayed around 270MB.
The results, however, showed remarkable success:
* In one minute, CrowdSec was able to ingest all the logs
* 95% of the botnet was banned and the attack efficiently mitigated
* 15 domains are now protected from DDoS attacks
According to Sorf Networks' director Cagdas Aydogdu, CrowdSec's platform enabled the team "to deliver a world-class and efficient defense system … in an incredibly short timeframe."
* * *
_This article has been adapted from [How to stop a 7k machine botnet in 1 minute with CrowdSec][8], originally published on CrowdSec's website._
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/12/open-source-vs-ddos-attacks
作者:[Philippe Humeau][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/philippe-humeau
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/security_password_chaos_engineer_monster.png?itok=J31aRccu (Security monster)
[2]: https://www.businesswire.com/news/home/20200916005046/en/DDoS-Attacks-Increase-by-151-in-First-Half-Of-2020
[3]: https://crowdsec.net/
[4]: https://opensource.com/article/20/10/crowdsec
[5]: https://www.fail2ban.org
[6]: https://opensource.com/sites/default/files/uploads/crowdsec_servertraffic.png (Server traffic)
[7]: https://hub.crowdsec.net/author/crowdsecurity/configurations/geoip-enrich
[8]: https://crowdsec.net/2020/10/21/how-to-stop-a-botnet-with-crowdsec/

120
sources/tech/20201202 How to Add Third-Party Repositories in Fedora and Get Access to a Huge Number of Additional Software.md
View File

@ -1,120 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (robsean)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How to Add Third-Party Repositories in Fedora and Get Access to a Huge Number of Additional Software)
[#]: via: (https://itsfoss.com/fedora-third-party-repos/)
[#]: author: (John Paul https://itsfoss.com/author/john/)
How to Add Third-Party Repositories in Fedora and Get Access to a Huge Number of Additional Software
======
After you install Fedora, you may discover that some of the software that you want to install and use is not available in the software store. These packages may not be in the Fedora repos for several reasons.
Dont worry, Ill tell you how to make them available by adding third party repos for Fedora.
### What are the third party repositories in Fedora?
Operating system devs often make decisions on what packages can and cannot be available in their repos. Fedora is no different. According to the [Fedora docs][1], third party repos contain packages that “have more liberal licensing policies and provide software packages that Fedora excludes for various reasons”.
Fedora enforces the following [guidelines][2] when it comes to packages:
* If it is proprietary, it cannot be included in Fedora
* If it is legally encumbered, it cannot be included in Fedora
* If it violates United States laws (specifically, Federal or applicable state laws), it cannot be included in Fedora
For this reason, there exists a couple of repositories that a user can add. This enables the user to get access to the additional software packages.
### Enabling RPM Fusion Repositories in Fedora
[RPM Fusion][3] is the main source for third party applications for Fedora. RPM Fusion is the result of three projects (Dribble, Freshrpms, and Livna) merging. RPM Fusion offers two different software repos.
* The free repo contains open-source software.
* The nonfree repo contains software that does not have an open-source license, but the source code is freely available.
There are two ways to enable RPM Fusion: from the terminal or by clicking a couple of buttons. Well take a look at each.
#### Method 1: Command line method
This is the easiest method to enable the RPM Fusion repos. Just enter the following command to enable both repos:
```
sudo dnf install https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm
```
You will be asked to enter your password. You will then be asked to verify that you want to install these repos. Once you approve it, the installation will be completed in a few seconds or minutes.
![Install RPM Fusion via command line][4]
#### Method 2: Graphical method
To enable the RPM Fusion repos using this method, you need to visit the [RPM Fusion Website][5]. You will see links for both repos for different Fedora versions.
RPM Fusion recommends installing the free repo first. So, click the link for the free repo for your version of Fedora. This will open a window asking if you want to install the repo. Click install.
![Install RPM Fusion via GUI][6]
Once the installation is completed, go back and install the nonfree repo using the same steps.
### Enable Fedoras Third Party repositories
Fedora recently started offering its own [repo of third party apps][7]. The [number of applications available][8] in this repo is very small. You can [install Chrome browser on Fedora with it][9]. Apart from Chrome, it also includes Adobe Brackets, Atom, Steam, Vivaldi, Opera, and more.
Just like RPM Fusion, you can enable this repo via the terminal or graphically.
#### Method 1: Command line method
To enable Fedoras third-party repo, enter the following command into your terminal:
```
sudo dnf install fedora-workstation-repositories
```
Be sure to ensure your password when prompted and type Y to approve the installation.
#### Method 1: Graphical method
If you are not comfortable using the terminal, you can use the graphical method.
First, you need to open Gnome Software. Next, you need to click on the hamburger menu in the top right corner and select “Software Repositories” from the menu.
![Gnome Software Menu][10]
In the Software Repositories window, you will see a section at the top that says “Third Party Repositories”. Click the Install button. Enter your password when you are prompted and you are done.
![Fedora Third Party Repo installation][11]
With these additional repositories enabled, you can install software to your hearts content. You can easily install them from the software center or using the DNF package manager.
If you found this article interesting, please take a minute to share it on social media, Hacker News, or [Re][12][d][12][dit][12].
--------------------------------------------------------------------------------
via: https://itsfoss.com/fedora-third-party-repos/
作者:[John Paul][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/john/
[b]: https://github.com/lujun9972
[1]: https://docs.fedoraproject.org/en-US/quick-docs/setup_rpmfusion/#third-party-repositories
[2]: https://fedoraproject.org/wiki/Forbidden_items
[3]: https://rpmfusion.org/RPM%20Fusion
[4]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2020/11/install-rpmfusion-cli.png?resize=800%2C604&ssl=1
[5]: https://rpmfusion.org/Configuration
[6]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2020/11/install-rpmfusion-gui.png?resize=800%2C582&ssl=1
[7]: https://fedoraproject.org/wiki/Workstation/Third_Party_Software_Repositories
[8]: https://fedoraproject.org/wiki/Workstation/Third_party_software_list
[9]: https://itsfoss.com/install-google-chrome-fedora/
[10]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2020/11/software-meni.png?resize=800%2C672&ssl=1
[11]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2020/11/fedora-third-party-repo-gui.png?resize=746%2C800&ssl=1
[12]: https://%0Areddit.com/r/linuxusersgroup

2
sources/tech/20201205 Why 2020 is the best time to use the Kate text editor.md
View File

@ -1,5 +1,5 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )

72
translated/tech/20201201 How this open source security tool halted significant DDoS attacks.md Normal file
View File

@ -0,0 +1,72 @@
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How this open source security tool halted significant DDoS attacks)
[#]: via: (https://opensource.com/article/20/12/open-source-vs-ddos-attacks)
[#]: author: (Philippe Humeau https://opensource.com/users/philippe-humeau)
这个开源安全工具是如何阻止重大 DDoS 攻击的
======
对 CrowdSec 的配置更改在不到一分钟的时间内阻止了一个 7,000 台机器的僵尸网络。
![Security monster][1]
2020 年,我们的生活和工作方式在短短几天内被彻底颠覆。随着 COVID-19 开始在全球范围内蔓延,我们将工作带回家,与同事、朋友和家人保持在线联系成为关键的必需品。这为黑客造成破坏打开了大门。例如,根据 Neustar 的数据,今年上半年全球的分布式拒绝服务 DDOS 攻击[增长了 151%][2]。
[CrowdSec][3] 是一个开源的安全引擎,它可以分析访问者的行为,并提供适应各种攻击的响应。它解析来自任何来源的日志,并应用启发式方案来识别攻击性行为,并防范大多数攻击类别。并且,它与其他 CrowdSec 安装共享该情报。每次互联网协议 IP 地址被阻止时,它都会通知整个用户社区。这就创建了一个[实时、协作的 IP 信誉数据库][4],利用人群的力量使互联网更加安全。
### CrowdSec 如何工作:案例研究
Sorf Networks 是一家总部位于土耳其的技术公司,为客户提供高配置的托管服务器和 DDoS 防护解决方案,它提供了一个 CrowdSec 工作的例子。Sorf 的一个客户每天都会遇到来自 1 万多台机器僵尸网络的 DDoS 攻击,并努力寻找一种能够满足技术要求的解决方案来及时处理这些攻击。
虽然客户采取了一般的预防措施来缓解这些攻击,比如引入 JavaScriptJS 挑战、限速等,但这些措施在整个攻击面并不可行。一些 URL 需要被非常基本的软件使用,而这些软件不支持 JS 挑战。黑客就是黑客,这正是他们每天的目标:链条上最薄弱的环节。
Sorf Networks 首先使用 [Fail2ban][5](这启发了 CrowdSec为其客户建立了一个 DDoS 缓解策略。它在一定程度上帮助了客户,但它太慢了。它需要 50 分钟来处理日志和处理 7000 到 10000 台机器的 DDoS 攻击。这使得它在这种情况下没有效果。另外,因为它没有禁止 IP日志会持续堆积它需要每秒处理几千条日志这是不可能的。
在使用租用的僵尸网络进行的 DDoS 测试中,一次攻击从 8600 个唯一的 IP 上达到了每秒 6700 个左右的请求。这是对一台服务器流量的捕捉。
![Server traffic][6]
(©2020, CrowdSec)
虽然 CrowdSec 技术可以应对巨大的攻击,但其默认设置每秒只能处理约 1000 个端点。Sorf 需要一个量身定做的配置来处理单台机器上这么多的流量。
Sorf 的团队对 CrowdSec 的配置进行了修改,以显著提高其吞吐量来处理日志。首先,它去掉了高消耗且非关键的富集解析器,例如 [GeoIP 富集][7]。它还将允许的 goroutine 的默认数量从一个增加到五个。之后,团队又用 8000 到 9000 台主机做了一次实测,平均每秒 6000 到 7000 个请求。这个方案是有代价的,因为 CrowdSec 在运行过程中吃掉了 600% 的 CPU但其内存消耗却保持在 270MB 左右。
然而,结果却显示出明显的成功:
* 在一分钟内CrowdSec 能够处理所有的日志
* 95% 的僵尸网络被禁止,攻击得到有效缓解
* 15 个域现在受到保护,不受 DDoS 攻击
根据 Sorf Networks 的总监 Cagdas Aydogdu 的说法CrowdSec 的平台使团队“能够在令人难以置信的短时间内提供一个世界级的高效防御系统”。
* * *
_本文改编自[如何用 CrowdSec 在 1 分钟内阻止 7000 台机器的僵尸网络][8],原载于 CrowdSec 网站。_
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/12/open-source-vs-ddos-attacks
作者:[Philippe Humeau][a]
选题:[lujun9972][b]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/philippe-humeau
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/security_password_chaos_engineer_monster.png?itok=J31aRccu (Security monster)
[2]: https://www.businesswire.com/news/home/20200916005046/en/DDoS-Attacks-Increase-by-151-in-First-Half-Of-2020
[3]: https://crowdsec.net/
[4]: https://opensource.com/article/20/10/crowdsec
[5]: https://www.fail2ban.org
[6]: https://opensource.com/sites/default/files/uploads/crowdsec_servertraffic.png (Server traffic)
[7]: https://hub.crowdsec.net/author/crowdsecurity/configurations/geoip-enrich
[8]: https://crowdsec.net/2020/10/21/how-to-stop-a-botnet-with-crowdsec/

120
translated/tech/20201202 How to Add Third-Party Repositories in Fedora and Get Access to a Huge Number of Additional Software.md Normal file
View File

@ -0,0 +1,120 @@
[#]: collector: (lujun9972)
[#]: translator: (robsean)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How to Add Third-Party Repositories in Fedora and Get Access to a Huge Number of Additional Software)
[#]: via: (https://itsfoss.com/fedora-third-party-repos/)
[#]: author: (John Paul https://itsfoss.com/author/john/)
如何在 Fedora 中添加第三方存储库并访问大量附加软件
======
在你安装 Fedora 后。你可能会发现你想要安装和使用的一些软件不能在软件商店中获得。出于一些原因这些软件包不能出现在e Fedora 存储库中。
不用担心,我将告诉你如何为 Fedora 添加第三方存储库来使这些软件包可使用。
### 在 Fedora 中的第三方存储库是什么?
操作系统开发人员通常会决定哪些软件包可以在其存储库中使用哪些软件包不可以在其存储库中使用。Fedora 也与它们没有什么不同。依据 [Fedora 文档][1] ,第三方存储库包含有 “拥有更为宽松的许可政策,并提供 Fedora 因各种原因所排除软件包” 的软件包。
Fedora 强制执行下面的 [准则][2] ,当它打包软件包时:
* 如果它是专有的,它就不能包含在 Fedora 中
* 如果它在法律上被限制,它就不能包含在 Fedora 中
* 如果它违反美国法律 (特别是联邦政府或适用于州政府的法律),它就不能包含在 Fedora 中
因此,这里存在一组用户可自行添加的存储库。这使得用户能够访问附加的软件包。
### 在 Fedora 中启用 RPM Fusion 存储库
[RPM Fusion][3] 是 Fedora 的第三方应用程序的主要来源。RPM Fusion 是三个项目 (DribbleFreshrpms和 Livna) 合并的结果。RPM Fusion 提供两种不同的软件存储库。
* free repo 包含开源软件。
* nonfree repo 包含没有开源协议的软件,但是它们的源文件代码却是可以自由使用的。
这里有两种方法来启动 RPM Fusion从终端启用或通过点击几个按钮来启用。我们将逐一查看。
#### 方法 1: 命令行方法
这是启用 RPM Fusion 存储库的最简单的方法。只需要输入下面的命令即可启用两个存储库:
```
sudo dnf install https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm
```
你将被要求输入密码。你将被要求验证是否你想要安装这些存储库。在你核准它后,安装过程将在几秒钟或几分钟内完成。
![通过命令行安装 RPM Fusion ][4]
#### 方法 2: 图形用户界面方法
使用这个方法来启用 RPM Fusion 存储库,你需要访问 [RPM Fusion 网站][5] 。你将看到针对不同 Fedora 版本的两个存储库的链接。
RPM Fusion 建议先安装 free 存储库。因此,单击针对你 Fedora 版本的 free 存储库的链接。这将打开一个窗口来询问你是否想安装存储库。单击安装。
![通过图形用户界面安装 RPM Fusion][6]
在安装过程完成后,返回并使用相同的步骤安装 nonfree 存储库。
### 启用 Fedora 的第三方存储库
Fedora 最近开始提供它自己的 [第三方应用程序存储库][7] 。在这个存储库中 [可使用的应用程序的数量][8] 是非常少的。你可以 [使用它来在 Fedora 上安装 Chrome 浏览器][9] 。除 Chrome 外,它也包含 Adobe Brackets Atom Steam Vivaldi Opera 等应用程序。
就像 RPM Fusion 一样,你可以通过终端或图形用户界面的方法来启用这个存储库。
#### 方法 1: 命令行方法
为启用 Fedora 的第三方存储库,输入下面的命令到你的终端中:
```
sudo dnf install fedora-workstation-repositories
```
当被提示时,确保输入你的密码并输入 Y 来核准安装。
#### 方法2 1: 图形用户界面方法
如果你不习惯使用终端,你可以使用图形用户界面方法。
首先,你需要打开 Gnome 软件。接下来,你需要单击右上角的 hamburger 菜单,并从菜单中选择“软件存储库”。
![Gnome 软件菜单][10]
在软件存储库窗口中,你将在其顶部看到写着 “第三方存储库” 字样的部分。单击安装按钮。当你被提示时,输入你的密码。
![Fedora 第三方存储库安装][11]
随着这些附加存储库的启用,你可以安装软件到你的核心的内容中。你可以从软件中心管理器或使用 DNF 软件包管理器来轻松地安装它们。
如果你发现这篇文章很有趣请花费一些时间来在社交媒体Hacker News ,或 [Re][12][d][12][dit][12] 上分享。
--------------------------------------------------------------------------------
via: https://itsfoss.com/fedora-third-party-repos/
作者:[John Paul][a]
选题:[lujun9972][b]
译者:[robsean](https://github.com/robsean)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/john/
[b]: https://github.com/lujun9972
[1]: https://docs.fedoraproject.org/en-US/quick-docs/setup_rpmfusion/#third-party-repositories
[2]: https://fedoraproject.org/wiki/Forbidden_items
[3]: https://rpmfusion.org/RPM%20Fusion
[4]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2020/11/install-rpmfusion-cli.png?resize=800%2C604&ssl=1
[5]: https://rpmfusion.org/Configuration
[6]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2020/11/install-rpmfusion-gui.png?resize=800%2C582&ssl=1
[7]: https://fedoraproject.org/wiki/Workstation/Third_Party_Software_Repositories
[8]: https://fedoraproject.org/wiki/Workstation/Third_party_software_list
[9]: https://itsfoss.com/install-google-chrome-fedora/
[10]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2020/11/software-meni.png?resize=800%2C672&ssl=1
[11]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2020/11/fedora-third-party-repo-gui.png?resize=746%2C800&ssl=1
[12]: https://%0Areddit.com/r/linuxusersgroup