document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-02-28 01:01:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'LCTT/master'

Browse Source
This commit is contained in:
Xingyu.Wang 2019-03-06 08:00:21 +08:00
commit 820e4abacd
5 changed files with 353 additions and 359 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

127
published/20190108 How ASLR protects Linux systems from buffer overflow attacks.md Normal file
View File

@ -0,0 +1,127 @@
[#]: collector: (lujun9972)
[#]: translator: (leommxj)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-10592-1.html)
[#]: subject: (How ASLR protects Linux systems from buffer overflow attacks)
[#]: via: (https://www.networkworld.com/article/3331199/linux/what-does-aslr-do-for-linux.html)
[#]: author: (Sandra Henry-Stocker https://www.networkworld.com/author/Sandra-Henry_Stocker/)
ASLR 是如何保护 Linux 系统免受缓冲区溢出攻击的
======
> 地址空间随机化ASLR是一种内存攻击缓解技术可以用于 Linux 和 Windows 系统。了解一下如何运行它、启用/禁用它,以及它是如何工作的。
![](https://images.idgesg.net/images/article/2019/01/shuffling-cards-100784640-large.jpg)
<ruby>地址空间随机化<rt>Address Space Layout Randomization</rt></ruby>ASLR是一种操作系统用来抵御缓冲区溢出攻击的内存保护机制。这种技术使得系统上运行的进程的内存地址无法被预测使得与这些进程有关的漏洞变得更加难以利用。
ASLR 目前在 Linux、Windows 以及 MacOS 系统上都有使用。其最早出现在 2005 的 Linux 系统上。2007 年,这项技术被 Windows 和 MacOS 部署使用。尽管 ASLR 在各个系统上都提供相同的功能,却有着不同的实现。
ASLR 的有效性依赖于整个地址空间布局是否对于攻击者保持未知。此外,只有编译时作为<ruby>位置无关可执行文件<rt>Position Independent Executable</rt></ruby>PIE的可执行程序才能得到 ASLR 技术的最大保护因为只有这样可执行文件的所有代码节区才会被加载在随机地址。PIE 机器码不管绝对地址是多少都可以正确执行。
### ASLR 的局限性
尽管 ASLR 使得对系统漏洞的利用更加困难了,但其保护系统的能力是有限的。理解关于 ASLR 的以下几点是很重要的:
* 它不能*解决*漏洞,而是增加利用漏洞的难度
* 并不追踪或报告漏洞
* 不能对编译时没有开启 ASLR 支持的二进制文件提供保护
* 不能避免被绕过
### ASLR 是如何工作的
通过对攻击者在进行缓冲区溢出攻击时所要用到的内存布局中的偏移做了随机化ASLR 加大了攻击成功的难度,从而增强了系统的控制流完整性。
通常认为 ASLR 在 64 位系统上效果更好,因为 64 位系统提供了更大的熵(可随机的地址范围)。
### ASLR 是否正在你的 Linux 系统上运行?
下面展示的两条命令都可以告诉你的系统是否启用了 ASLR 功能:
```
$ cat /proc/sys/kernel/randomize_va_space
2
$ sysctl -a --pattern randomize
kernel.randomize_va_space = 2
```
上方指令结果中的数值(`2`)表示 ASLR 工作在全随机化模式。其可能为下面的几个数值之一:
```
0 = Disabled
1 = Conservative Randomization
2 = Full Randomization
```
如果你关闭了 ASLR 并且执行下面的指令,你将会注意到前后两条 `ldd` 的输出是完全一样的。`ldd` 命令会加载共享对象并显示它们在内存中的地址。
```
$ sudo sysctl -w kernel.randomize_va_space=0 <== disable
[sudo] password for shs:
kernel.randomize_va_space = 0
$ ldd /bin/bash
linux-vdso.so.1 (0x00007ffff7fd1000) <== same addresses
libtinfo.so.6 => /lib/x86_64-linux-gnu/libtinfo.so.6 (0x00007ffff7c69000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007ffff7c63000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007ffff7a79000)
/lib64/ld-linux-x86-64.so.2 (0x00007ffff7fd3000)
$ ldd /bin/bash
linux-vdso.so.1 (0x00007ffff7fd1000) <== same addresses
libtinfo.so.6 => /lib/x86_64-linux-gnu/libtinfo.so.6 (0x00007ffff7c69000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007ffff7c63000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007ffff7a79000)
/lib64/ld-linux-x86-64.so.2 (0x00007ffff7fd3000)
```
如果将其重新设置为 `2` 来启用 ASLR你将会看到每次运行 `ldd`,得到的内存地址都不相同。
```
$ sudo sysctl -w kernel.randomize_va_space=2 <== enable
[sudo] password for shs:
kernel.randomize_va_space = 2
$ ldd /bin/bash
linux-vdso.so.1 (0x00007fff47d0e000) <== first set of addresses
libtinfo.so.6 => /lib/x86_64-linux-gnu/libtinfo.so.6 (0x00007f1cb7ce0000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f1cb7cda000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f1cb7af0000)
/lib64/ld-linux-x86-64.so.2 (0x00007f1cb8045000)
$ ldd /bin/bash
linux-vdso.so.1 (0x00007ffe1cbd7000) <== second set of addresses
libtinfo.so.6 => /lib/x86_64-linux-gnu/libtinfo.so.6 (0x00007fed59742000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007fed5973c000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fed59552000)
/lib64/ld-linux-x86-64.so.2 (0x00007fed59aa7000)
```
### 尝试绕过 ASLR
尽管这项技术有很多优点,但绕过 ASLR 的攻击并不罕见,主要有以下几类:
* 利用地址泄露
* 访问与特定地址关联的数据
* 针对 ASLR 实现的缺陷来猜测地址,常见于系统熵过低或 ASLR 实现不完善。
* 利用侧信道攻击
### 总结
ASLR 有很大的价值,尤其是在 64 位系统上运行并被正确实现时。虽然不能避免被绕过,但这项技术的确使得利用系统漏洞变得更加困难了。这份参考资料可以提供 [在 64 位 Linux 系统上的完全 ASLR 的有效性][2] 的更多有关细节,这篇论文介绍了一种利用分支预测 [绕过 ASLR][3] 的技术。
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3331199/linux/what-does-aslr-do-for-linux.html
作者:[Sandra Henry-Stocker][a]
选题:[lujun9972][b]
译者:[leommxj](https://github.com/leommxj)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Sandra-Henry_Stocker/
[b]: https://github.com/lujun9972
[1]: https://www.networkworld.com/article/3242170/linux/invaluable-tips-and-tricks-for-troubleshooting-linux.html
[2]: https://cybersecurity.upv.es/attacks/offset2lib/offset2lib-paper.pdf
[3]: http://www.cs.ucr.edu/~nael/pubs/micro16.pdf
[4]: https://www.facebook.com/NetworkWorld/
[5]: https://www.linkedin.com/company/network-world

2
sources/tech/20190128 Top Hex Editors for Linux.md
View File

@ -1,5 +1,5 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: translator: (zero-mk)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )

226
sources/tech/20190212 How To Check CPU, Memory And Swap Utilization Percentage In Linux.md
View File

@ -1,226 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (An-DJ)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How To Check CPU, Memory And Swap Utilization Percentage In Linux?)
[#]: via: (https://www.2daygeek.com/linux-check-cpu-memory-swap-utilization-percentage/)
[#]: author: (Vinoth Kumar https://www.2daygeek.com/author/vinoth/)
How To Check CPU, Memory And Swap Utilization Percentage In Linux?
======
There is a lot of commands and options are available in Linux to check memory utilization but i dont see much information to check about memory utilization percentage.
Most of the times we are checking memory utilization alone and we wont think about how much percentage is used.
If you want to know those information then you are in the right page.
We are here to help you out on this in details.
This tutorial will help you to identify the memory utilization when you are facing high memory utilization frequently in Linux server.
But the same time, you wont be getting the clear utilization if you are using `free -m` or `free -g`.
These format commands fall under Linux advanced commands. It will be very useful for Linux Experts and Middle Level Linux Users.
### Method-1: How To Check Memory Utilization Percentage In Linux?
We can use the following combination of commands to get this done. In this method, we are using combination of free and awk command to get the memory utilization percentage.
If you are looking for other articles which is related to memory then navigate to the following link. Those are **[free Command][1]** , **[smem Command][2]** , **[ps_mem Command][3]** , **[vmstat Command][4]** and **[Multiple ways to check size of physical memory][5]**.
For `Memory` Utilization Percentage without Percent Symbol:
```
$ free -t | awk 'NR == 2 {print "Current Memory Utilization is : " $3/$2*100}'
or
$ free -t | awk 'FNR == 2 {print "Current Memory Utilization is : " $3/$2*100}'
Current Memory Utilization is : 20.4194
```
For `Swap` Utilization Percentage without Percent Symbol:
```
$ free -t | awk 'NR == 3 {print "Current Swap Utilization is : " $3/$2*100}'
or
$ free -t | awk 'FNR == 3 {print "Current Swap Utilization is : " $3/$2*100}'
Current Swap Utilization is : 0
```
For `Memory` Utilization Percentage with Percent Symbol and two decimal places:
```
$ free -t | awk 'NR == 2 {printf("Current Memory Utilization is : %.2f%"), $3/$2*100}'
or
$ free -t | awk 'FNR == 2 {printf("Current Memory Utilization is : %.2f%"), $3/$2*100}'
Current Memory Utilization is : 20.42%
```
For `Swap` Utilization Percentage with Percent Symbol and two decimal places:
```
$ free -t | awk 'NR == 3 {printf("Current Swap Utilization is : %.2f%"), $3/$2*100}'
or
$ free -t | awk 'FNR == 3 {printf("Current Swap Utilization is : %.2f%"), $3/$2*100}'
Current Swap Utilization is : 0.00%
```
If you are looking for other articles which is related to memory then navigate to the following link. Those are **[Create/Extend Swap Partition using LVM][6]** , **[Multiple Ways To Create Or Extend Swap Space][7]** and **[Shell Script to automatically Create/Remove and Mount Swap File][8]**.
free command output for better clarification:
```
$ free
total used free shared buff/cache available
Mem: 15867 3730 9868 1189 2269 10640
Swap: 17454 0 17454
Total: 33322 3730 27322
```
Details are follow:
* **`free:`** free is a standard command to check memory utilization in Linux.
* **`awk:`** awk is a powerful command which is specialized for textual data manipulation.
* **`FNR == 2:`** It gives the total number of records for each input file. Basically its used to select the given line (Here, it chooses the line number 2).
* **`NR == 2:`** It gives the total number of records processed. Basically its used to filter the given line (Here, it chooses the line number 2)..
* **`$3/$2*100:`** It divides column 2 with column 3 and its multiply the results with 100.
* **`printf:`** It used to format and print data.
* **`%.2f%:`** By default it prints floating point numbers with 6 decimal places. Use the following format to limit a decimal places.
### Method-2: How To Check Memory Utilization Percentage In Linux?
We can use the following combination of commands to get this done. In this method, we are using combination of free, grep and awk command to get the memory utilization percentage.
For `Memory` Utilization Percentage without Percent Symbol:
```
$ free -t | grep Mem | awk '{print "Current Memory Utilization is : " $3/$2*100}'
Current Memory Utilization is : 20.4228
```
For `Swap` Utilization Percentage without Percent Symbol:
```
$ free -t | grep Swap | awk '{print "Current Swap Utilization is : " $3/$2*100}'
Current Swap Utilization is : 0
```
For `Memory` Utilization Percentage with Percent Symbol and two decimal places:
```
$ free -t | grep Mem | awk '{printf("Current Memory Utilization is : %.2f%"), $3/$2*100}'
Current Memory Utilization is : 20.43%
```
For `Swap` Utilization Percentage with Percent Symbol and two decimal places:
```
$ free -t | grep Swap | awk '{printf("Current Swap Utilization is : %.2f%"), $3/$2*100}'
Current Swap Utilization is : 0.00%
```
### Method-1: How To Check CPU Utilization Percentage In Linux?
We can use the following combination of commands to get this done. In this method, we are using combination of top, print and awk command to get the CPU utilization percentage.
If you are looking for other articles which is related to memory then navigate to the following link. Those are **[top Command][9]** , **[htop Command][10]** , **[atop Command][11]** and **[Glances Command][12]**.
If it shows multiple CPU in the output then you need to use the following method.
```
$ top -b -n1 | grep ^%Cpu
%Cpu0 : 5.3 us, 0.0 sy, 0.0 ni, 94.7 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
%Cpu1 : 0.0 us, 0.0 sy, 0.0 ni,100.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
%Cpu2 : 0.0 us, 0.0 sy, 0.0 ni, 94.7 id, 0.0 wa, 0.0 hi, 5.3 si, 0.0 st
%Cpu3 : 5.3 us, 0.0 sy, 0.0 ni, 94.7 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
%Cpu4 : 10.5 us, 15.8 sy, 0.0 ni, 73.7 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
%Cpu5 : 0.0 us, 5.0 sy, 0.0 ni, 95.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
%Cpu6 : 5.3 us, 0.0 sy, 0.0 ni, 94.7 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
%Cpu7 : 5.3 us, 0.0 sy, 0.0 ni, 94.7 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
```
For `CPU` Utilization Percentage without Percent Symbol:
```
$ top -b -n1 | grep ^%Cpu | awk '{cpu+=$9}END{print "Current CPU Utilization is : " 100-cpu/NR}'
Current CPU Utilization is : 21.05
```
For `CPU` Utilization Percentage with Percent Symbol and two decimal places:
```
$ top -b -n1 | grep ^%Cpu | awk '{cpu+=$9}END{printf("Current CPU Utilization is : %.2f%"), 100-cpu/NR}'
Current CPU Utilization is : 14.81%
```
### Method-2: How To Check CPU Utilization Percentage In Linux?
We can use the following combination of commands to get this done. In this method, we are using combination of top, print/printf and awk command to get the CPU utilization percentage.
If it shows all together CPU(s) in the single output then you need to use the following method.
```
$ top -b -n1 | grep ^%Cpu
%Cpu(s): 15.3 us, 7.2 sy, 0.8 ni, 69.0 id, 6.7 wa, 0.0 hi, 1.0 si, 0.0 st
```
For `CPU` Utilization Percentage without Percent Symbol:
```
$ top -b -n1 | grep ^%Cpu | awk '{print "Current CPU Utilization is : " 100-$8}'
Current CPU Utilization is : 5.6
```
For `CPU` Utilization Percentage with Percent Symbol and two decimal places:
```
$ top -b -n1 | grep ^%Cpu | awk '{printf("Current CPU Utilization is : %.2f%"), 100-$8}'
Current CPU Utilization is : 5.40%
```
Details are follow:
* **`top:`** top is one of the best command to check currently running process on Linux system.
* **`-b:`** -b option, allow the top command to switch in batch mode. It is useful when you run the top command from local system to remote system.
* **`-n1:`** Number-of-iterations
* **`^%Cpu:`** Filter the lines which starts with %Cpu
* **`awk:`** awk is a powerful command which is specialized for textual data manipulation.
* **`cpu+=$9:`** For each line, add column 9 to a variable cpu.
* **`printf:`** It used to format and print data.
* **`%.2f%:`** By default it prints floating point numbers with 6 decimal places. Use the following format to limit a decimal places.
* **`100-cpu/NR:`** Finally print the CPU Average by subtracting 100, divided by the number of records.
--------------------------------------------------------------------------------
via: https://www.2daygeek.com/linux-check-cpu-memory-swap-utilization-percentage/
作者:[Vinoth Kumar][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.2daygeek.com/author/vinoth/
[b]: https://github.com/lujun9972
[1]: https://www.2daygeek.com/free-command-to-check-memory-usage-statistics-in-linux/
[2]: https://www.2daygeek.com/smem-linux-memory-usage-statistics-reporting-tool/
[3]: https://www.2daygeek.com/ps_mem-report-core-memory-usage-accurately-in-linux/
[4]: https://www.2daygeek.com/linux-vmstat-command-examples-tool-report-virtual-memory-statistics/
[5]: https://www.2daygeek.com/easy-ways-to-check-size-of-physical-memory-ram-in-linux/
[6]: https://www.2daygeek.com/how-to-create-extend-swap-partition-in-linux-using-lvm/
[7]: https://www.2daygeek.com/add-extend-increase-swap-space-memory-file-partition-linux/
[8]: https://www.2daygeek.com/shell-script-create-add-extend-swap-space-linux/
[9]: https://www.2daygeek.com/linux-top-command-linux-system-performance-monitoring-tool/
[10]: https://www.2daygeek.com/linux-htop-command-linux-system-performance-resource-monitoring-tool/
[11]: https://www.2daygeek.com/atop-system-process-performance-monitoring-tool/
[12]: https://www.2daygeek.com/install-glances-advanced-real-time-linux-system-performance-monitoring-tool-on-centos-fedora-ubuntu-debian-opensuse-arch-linux/

132
translated/tech/20190108 How ASLR protects Linux systems from buffer overflow attacks.md
View File

@ -1,132 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (leommxj)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How ASLR protects Linux systems from buffer overflow attacks)
[#]: via: (https://www.networkworld.com/article/3331199/linux/what-does-aslr-do-for-linux.html)
[#]: author: (Sandra Henry-Stocker https://www.networkworld.com/author/Sandra-Henry_Stocker/)
ASLR是如何保护Linux系统免受缓冲区溢出攻击的
======
![](https://images.idgesg.net/images/article/2019/01/shuffling-cards-100784640-large.jpg)
地址空间随机化( ASLR )是一种操作系统用来抵御缓冲区溢出攻击的内存保护机制。这种技术使得系统上运行的进程的内存地址无法预测,使得与这些进程有关的漏洞变得更加难以利用。
ASLR目前在 Linux Windows 以及 MacOS 系统上都有使用。其最早出现在 2005 的Linux系统上。2007 年,这项技术被 Windows 和 MacOS 部署使用。尽管 ASLR 在各个系统上都提供相同的功能,却有着不同的实现。
ASLR的有效性依赖于整个地址空间布局对于攻击者保持未知。此外只有编译时作为位置无关可执行文件(PIE)的程序才能得到ASLR最大的保护因为只有这样可执行文件的所有代码节区才会被加载在随机地址。PIE 代码不管绝对地址是多少都可以正确执行。
**[ 参见:[用于排除Linux故障的宝贵提示和技巧][1] ]**
### ASLR 的局限性
尽管 ASLR 使得对系统漏洞的利用更加困难了,但其保护系统的能力是有限的。理解关于 ASLR 的以下几点是很重要的:
* 不能解决漏洞,而是增加利用漏洞的难度
* 并不追踪或报告漏洞
* 不能对编译时没有开启 ASLR 支持的二进制文件提供保护
* 不能避免被绕过
### ASLR 是如何工作的
ASLR通过对攻击者在进行缓冲区溢出攻击时所要用到的内存布局中的偏移做随机化来加大攻击成功的难度从而增强了系统的控制流完整性。
通常认为 ASLR 在64位系统上效果更好因为64位系统提供了更大的熵(可随机的地址范围)。
### ASLR 是否正在你的 Linux 系统上运行?
下面展示的两条命令都可以告诉你你的系统是否启用了 ASLR 功能
```
$ cat /proc/sys/kernel/randomize_va_space
2
$ sysctl -a --pattern randomize
kernel.randomize_va_space = 2
```
上方指令结果中的数值 (2) 表示 ASLR 工作在全随机化模式。其可能为下面的几个数值之一:
```
0 = Disabled
1 = Conservative Randomization
2 = Full Randomization
```
如果你关闭了 ASLR 并且执行下面的指令,你将会注意到前后两条**ldd**的输出是完全一样的。**ldd**命令会加载共享对象并显示他们在内存中的地址。
```
$ sudo sysctl -w kernel.randomize_va_space=0 <== disable
[sudo] password for shs:
kernel.randomize_va_space = 0
$ ldd /bin/bash
linux-vdso.so.1 (0x00007ffff7fd1000) <== same addresses
libtinfo.so.6 => /lib/x86_64-linux-gnu/libtinfo.so.6 (0x00007ffff7c69000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007ffff7c63000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007ffff7a79000)
/lib64/ld-linux-x86-64.so.2 (0x00007ffff7fd3000)
$ ldd /bin/bash
linux-vdso.so.1 (0x00007ffff7fd1000) <== same addresses
libtinfo.so.6 => /lib/x86_64-linux-gnu/libtinfo.so.6 (0x00007ffff7c69000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007ffff7c63000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007ffff7a79000)
/lib64/ld-linux-x86-64.so.2 (0x00007ffff7fd3000)
```
如果将其重新设置为**2**来启用 ASLR你将会看到每次运行**ldd**,得到的内存地址都不相同。
```
$ sudo sysctl -w kernel.randomize_va_space=2 <== enable
[sudo] password for shs:
kernel.randomize_va_space = 2
$ ldd /bin/bash
linux-vdso.so.1 (0x00007fff47d0e000) <== first set of addresses
libtinfo.so.6 => /lib/x86_64-linux-gnu/libtinfo.so.6 (0x00007f1cb7ce0000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f1cb7cda000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f1cb7af0000)
/lib64/ld-linux-x86-64.so.2 (0x00007f1cb8045000)
$ ldd /bin/bash
linux-vdso.so.1 (0x00007ffe1cbd7000) <== second set of addresses
libtinfo.so.6 => /lib/x86_64-linux-gnu/libtinfo.so.6 (0x00007fed59742000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007fed5973c000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fed59552000)
/lib64/ld-linux-x86-64.so.2 (0x00007fed59aa7000)
```
### 尝试绕过 ASLR
尽管这项技术有很多优点绕过ASLR的攻击并不罕见主要有以下几类
* 利用地址泄露
* 访问与特定地址关联的数据
* 针对ASLR 实现的缺陷来猜测地址,常见于系统熵过低或 ASLR 实现不完善。
* 利用侧信道攻击
### 总结
ASLR 有很大的价值尤其是在64位系统上运行并被正确实现时。虽然不能避免被绕过但这项技术的确使得利用系统漏洞变得更加困难了。这份参考资料可以提供更多有关细节 [on the Effectiveness of Full-ASLR on 64-bit Linux][2] 这篇论文介绍了一种利用分支预测绕过ASLR的技术 [bypass ASLR][3]。
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3331199/linux/what-does-aslr-do-for-linux.html
作者:[Sandra Henry-Stocker][a]
选题:[lujun9972][b]
译者:[leommxj](https://github.com/leommxj)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Sandra-Henry_Stocker/
[b]: https://github.com/lujun9972
[1]: https://www.networkworld.com/article/3242170/linux/invaluable-tips-and-tricks-for-troubleshooting-linux.html
[2]: https://cybersecurity.upv.es/attacks/offset2lib/offset2lib-paper.pdf
[3]: http://www.cs.ucr.edu/~nael/pubs/micro16.pdf
[4]: https://www.facebook.com/NetworkWorld/
[5]: https://www.linkedin.com/company/network-world

225
translated/tech/20190212 How To Check CPU, Memory And Swap Utilization Percentage In Linux.md Normal file
View File

@ -0,0 +1,225 @@
[#]: collector: (lujun9972)
[#]: translator: (An-DJ)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How To Check CPU, Memory And Swap Utilization Percentage In Linux?)
[#]: via: (https://www.2daygeek.com/linux-check-cpu-memory-swap-utilization-percentage/)
[#]: author: (Vinoth Kumar https://www.2daygeek.com/author/vinoth/)
如何查看Linux下CPU内存和Swap交换分区的占用率
======
在Linux下有很多可用的命令和选项来查看内存占用情况但是我并没有看见关于内存利用率的更多的信息。
在大多数情况下我们只单独查看内存使用情况,并没有考虑占用的百分比究竟是多少。
如果你想要了解这些信息,那你看这篇文章就对了。
我们将会详细地在这里帮助你解决这个问题。
这篇教程将会帮助你在面对Linux服务器下频繁内存高占用情况时确定内存使用情况。
但是在同时,如果你使用的是`free -m`或者`free -g`,占用情况描述地并不是十分清楚。
这些格式化命令属于Linux高级命令。它将会对Linux专家和中等水平Linux使用者非常有用。
### 方法-1如何查看Linux下内存占用率
我们可以使用下面命令的组合来达到此目的。在该方法中,我们使用的是`free`和`awk`命令的组合来获取内存占用率。
如果你正在寻找其他有关于内存的文章,你可以导航到如下链接。这些文章有 **[free命令][1]** , **[smem命令][2]** , **[ps_mem命令][3]** , **[vmstat命令][4]** 及 **[多种方式来查看物理内存大小][5]**.
对于获取不包含百分比符号的`内存`占用率:
```
$ free -t | awk 'NR == 2 {print "Current Memory Utilization is : " $3/$2*100}'
$ free -t | awk 'FNR == 2 {print "Current Memory Utilization is : " $3/$2*100}'
Current Memory Utilization is : 20.4194
```
对于获取不包含百分比符号的`Swap交换分区`占用率:
```
$ free -t | awk 'NR == 3 {print "Current Swap Utilization is : " $3/$2*100}'
$ free -t | awk 'FNR == 3 {print "Current Swap Utilization is : " $3/$2*100}'
Current Swap Utilization is : 0
```
对于获取包含百分比符号及保留两位小数的`内存`占用率:
```
$ free -t | awk 'NR == 2 {printf("Current Memory Utilization is : %.2f%"), $3/$2*100}'
$ free -t | awk 'FNR == 2 {printf("Current Memory Utilization is : %.2f%"), $3/$2*100}'
Current Memory Utilization is : 20.42%
```
对于获取包含百分比符号及保留两位小数的`Swap交换分区`占用率:
```
$ free -t | awk 'NR == 3 {printf("Current Swap Utilization is : %.2f%"), $3/$2*100}'
$ free -t | awk 'FNR == 3 {printf("Current Swap Utilization is : %.2f%"), $3/$2*100}'
Current Swap Utilization is : 0.00%
```
如果你正在寻找有关于内存的其他文章,你可以导航至如下链接。这些链接有 **[使用LVM逻辑盘卷管理Logical Volume Manager创建和扩展Swap交换分区][6]** , **[多种方式创建或扩展Swap交换分区][7]** 和 **[多种方式创建/删除和挂载交换分区文件][8]**。
键入free命令会更好地作出阐释
```
$ free
total used free shared buff/cache available
Mem: 15867 3730 9868 1189 2269 10640
Swap: 17454 0 17454
Total: 33322 3730 27322
```
如下是一些细节:
* **`free:`** free是一个标准命令用于在Linux下查看内存使用情况。
* **`awk:`** awk是一个专门用来做文本数据处理的强大命令。
* **`FNR == 2:`** 该命令给出了对于每一个输入文件的行数。其基本上用于挑选出给定的行(针对于这里它选择的是行数为2的行)
* **`NR == 2:`** 该命令给出了处理的行总数。其基本上用于过滤给出的行针对于这里它选择的是行数为2的行
* **`$3/$2*100:`** 该命令将列3除以列2并将结果乘以100。
* **`printf:`** 该命令用于格式化和打印数据。
* **`%.2f%:`** 默认情况下其打印小数点后保留6位的浮点数。使用后跟的格式来约束小数位。
### 方法-2如何查看Linux下内存占用率
我们可以使用下面命令的组合来达到此目的。在这种方法中,我们使用`free`,`grep`和`awk`命令的组合来获取内存占用率。
对于获取不包含百分比符号的`内存`占用率:
```
$ free -t | grep Mem | awk '{print "Current Memory Utilization is : " $3/$2*100}'
Current Memory Utilization is : 20.4228
```
对于获取不包含百分比符号的`Swap交换分区`占用率:
```
$ free -t | grep Swap | awk '{print "Current Swap Utilization is : " $3/$2*100}'
Current Swap Utilization is : 0
```
对于获取包含百分比符号及保留两位小数的`内存`占用率:
```
$ free -t | grep Mem | awk '{printf("Current Memory Utilization is : %.2f%"), $3/$2*100}'
Current Memory Utilization is : 20.43%
```
对于获取包含百分比符号及保留两位小数的`Swap交换空间`占用率:
```
$ free -t | grep Swap | awk '{printf("Current Swap Utilization is : %.2f%"), $3/$2*100}'
Current Swap Utilization is : 0.00%
```
### 方法-1如何查看Linux下CPU的占用率
我们可以使用如下命令的组合来达到此目的。在这种方法中,我们使用`top`,`print`和`awk`命令的组合来获取CPU的占用率。
如果你正在寻找其他有关于CPU译者勘误原文为memory)的文章,你可以导航至如下链接。这些文章有 **[top命令][9]** , **[htop命令][10]** , **[atop命令][11]** 及 **[Glances命令][12]**.
如果在输出中展示的是多个CPU的情况那么你需要使用下面的方法。
```
$ top -b -n1 | grep ^%Cpu
%Cpu0 : 5.3 us, 0.0 sy, 0.0 ni, 94.7 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
%Cpu1 : 0.0 us, 0.0 sy, 0.0 ni,100.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
%Cpu2 : 0.0 us, 0.0 sy, 0.0 ni, 94.7 id, 0.0 wa, 0.0 hi, 5.3 si, 0.0 st
%Cpu3 : 5.3 us, 0.0 sy, 0.0 ni, 94.7 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
%Cpu4 : 10.5 us, 15.8 sy, 0.0 ni, 73.7 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
%Cpu5 : 0.0 us, 5.0 sy, 0.0 ni, 95.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
%Cpu6 : 5.3 us, 0.0 sy, 0.0 ni, 94.7 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
%Cpu7 : 5.3 us, 0.0 sy, 0.0 ni, 94.7 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
```
对于获取不包含百分比符号的`CPU`占用率:
```
$ top -b -n1 | grep ^%Cpu | awk '{cpu+=$9}END{print "Current CPU Utilization is : " 100-cpu/NR}'
Current CPU Utilization is : 21.05
```
对于获取包含百分比符号及保留2位小数的`CPU`占用率:
```
$ top -b -n1 | grep ^%Cpu | awk '{cpu+=$9}END{printf("Current CPU Utilization is : %.2f%"), 100-cpu/NR}'
Current CPU Utilization is : 14.81%
```
### 方法-2如何查看Linux下CPU的占用率
我们可以使用如下命令的组合来达到此目的。在这种方法中,我们使用的是`top`,`print/printf`和`awk`命令的组合来获取CPU的占用率。
如果在单个输出中一起展示了所有的CPU的情况那么你需要使用下面的方法。
```
$ top -b -n1 | grep ^%Cpu
%Cpu(s): 15.3 us, 7.2 sy, 0.8 ni, 69.0 id, 6.7 wa, 0.0 hi, 1.0 si, 0.0 st
```
对于获取不包含百分比符号的`CPU`占用率:
```
$ top -b -n1 | grep ^%Cpu | awk '{print "Current CPU Utilization is : " 100-$8}'
Current CPU Utilization is : 5.6
```
对于获取包含百分比符号及保留2位小数的`CPU`占用率:
```
$ top -b -n1 | grep ^%Cpu | awk '{printf("Current CPU Utilization is : %.2f%"), 100-$8}'
Current CPU Utilization is : 5.40%
```
如下是一些细节:
* **`top:`** top命令是一种用于查看当前Linux系统下正在运行的进程的非常好的命令。
* **`-b:`** -b选项允许top命令切换至批处理的模式。当你从本地系统运行top命令至远程系统时它将会非常有用。
* **`-n1:`** 迭代次数
* **`^%Cpu:`** 过滤以%CPU开头的行。
* **`awk:`** awk是一种专门用来做文本数据处理的强大命令。
* **`cpu+=$9:`** 对于每一行将第9列添加至变量cpu'。
* **`printf:`** 该命令用于格式化和打印数据。
* **`%.2f%:`** 默认情况下它打印小数点后保留6位的浮点数。使用后跟的格式来限制小数位数。
* **`100-cpu/NR:`** 最终打印出CPU平均占用即用100减去其并除以行数。
--------------------------------------------------------------------------------
via: https://www.2daygeek.com/linux-check-cpu-memory-swap-utilization-percentage/
作者:[Vinoth Kumar][a]
选题:[lujun9972][b]
译者:[An-DJ](https://github.com/An-DJ)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.2daygeek.com/author/vinoth/
[b]: https://github.com/lujun9972
[1]: https://www.2daygeek.com/free-command-to-check-memory-usage-statistics-in-linux/
[2]: https://www.2daygeek.com/smem-linux-memory-usage-statistics-reporting-tool/
[3]: https://www.2daygeek.com/ps_mem-report-core-memory-usage-accurately-in-linux/
[4]: https://www.2daygeek.com/linux-vmstat-command-examples-tool-report-virtual-memory-statistics/
[5]: https://www.2daygeek.com/easy-ways-to-check-size-of-physical-memory-ram-in-linux/
[6]: https://www.2daygeek.com/how-to-create-extend-swap-partition-in-linux-using-lvm/
[7]: https://www.2daygeek.com/add-extend-increase-swap-space-memory-file-partition-linux/
[8]: https://www.2daygeek.com/shell-script-create-add-extend-swap-space-linux/
[9]: https://www.2daygeek.com/linux-top-command-linux-system-performance-monitoring-tool/
[10]: https://www.2daygeek.com/linux-htop-command-linux-system-performance-resource-monitoring-tool/
[11]: https://www.2daygeek.com/atop-system-process-performance-monitoring-tool/
[12]: https://www.2daygeek.com/install-glances-advanced-real-time-linux-system-performance-monitoring-tool-on-centos-fedora-ubuntu-debian-opensuse-arch-linux/