'웹사이트'에 해당되는 글 3건

  1. 2011.06.27 KISA, 웹 표준 및 액티브X 대체기술 교육
  2. 2010.07.30 Web Traffic Analysis with httpry
  3. 2009.07.10 웹에서 주소만으로 사이트 캡쳐 (screenshot/websnapshot)
2011.06.27 18:51

KISA, 웹 표준 및 액티브X 대체기술 교육

KISA(한국인터넷진흥원, 원장 서종렬)는 차세대 웹 표준(HTML5 등) 및 액티브X 대체기술에 대한 교육을 6월 23일부터 4차례에 걸쳐 주요 100대 사이트 담당자 및 웹 개발자 대상으로 시행한다고 밝혔다.

KISA아카데미에서 개최되는 '제1기 웹 표준 및 액티브X 대체기술 교육'은 웹 표준 동향, 브라우저별 웹 표준 적용, 모바일 웹 표준, 액티브X 대체기술에 대한 이론 및 실습 교육으로 구성되었다.

이번 교육은 액티브X 과다사용에 따른 웹 호환성 및 보안성 문제를 개선하고 향후 모바일 환경에 적합한 웹 표준환경을 구현하기 위해 지난 3월 방송통신위원회가 발표한 ‘인터넷 이용환경 개선 추진계획’의 일환으로 진행된다. ‘인터넷 이용환경 개선 추진계획’은 웹 서비스 제공자 대상 액티브X 대체기술 적용 컨설팅, 웹 개발자 대상
웹 표준 및 액티브X 대체기술 교육, 인터넷 이용자 대상 캠페인 등의 내용을 포함하고 있다.

서종렬 KISA 원장은 “이번 교육 수요 및 만족도, 성과에 따라 향후 교육대상과 교육기회를 확대해 나갈 방침“
이라며 ”KISA는 최고의 인터넷, 정보보호 전문기관으로서 앞으로 인터넷 이용환경 개선을 위해 지속적으로
기여하겠다“고 말했다.

차기 교육은 7월, 9월, 10월 중 시행될 예정이며 교육신청은 온라인 홈페이지(web.kisa.or.kr)에서 가능하다.

한편, KISA는 이번 교육과 더불어 인터넷 이용환경 개선 선포식 및 세미나, 구버전 브라우저 업그레이드 및
멀티 브라우저 사용환경 조성을 위한 캠페인 등도 ‘인터넷 이용환경 개선 추진계획’의 일환으로 7월 중 진행할
예정이다.
시 간 프로그램
10:00 ~ 10:30 [인터넷 이용환경 개선 사업 소개]
10:30 ~ 11:00 [IPv6 전환 사업 소개]
11:00 ~ 12:00 [웹 표준 동향]
  • - W3C의 웹 표준 권고안
  • - 국내외 주요 웹 표준 사례
12:00 ~ 13:00 Lunch
13:00 ~ 14:00 [브라우저별 웹 표준 적용]
  • - 브라우저별 HTML5 적용 사례
  • - 브라우저별 CSS3 적용 사례
14:00 ~ 15:00 [모바일 웹과 표준 트렌드]
  • - 모바일 브라우징을 위한 기본 웹 표준
  • - 한국형 DDC1.5 권고안
  • - 모바일 웹 표준 사례
15:00 ~ 15:20 Coffee Break
15:20 ~ 16:00 [엑티브X 대페기술 소개]
  • - 국내외 액티브X 현황
  • - 액티브X 주요기능에 대한 대체기술
16:00 ~ 18:00 [실습]
  • - HTML5 코딩 및 CSS3 코딩 실습
  • - 액티브X 대체기술 적용 웹 사이트 제작 실습


출처 : 한국인터넷진흥원

Trackback 0 Comment 0
2010.07.30 13:32

Web Traffic Analysis with httpry

httpry is a tool specialized for the analysis of web traffic. The tool itself can be used to capture traffic (httpry -o file) but other other tools are better suited for that such as tcpdump, Snort, Sguil. When it comes to finding out if certain types of files were downloaded via http, this tool does a super job. It can be used in combination with regular expressions (Regex) to find if a file, a script or a malware was downloaded from site or by a host and will ignore everything else. Whether the http traffic is using port 80, 443, 8080, etc, it will parse and display all the web traffic using this simple command:

httpry -i eth0

If you are working with a large pcap file and want to filter on a particular IP or network, httpry support libpcap filters to zoom in on the web traffic you want to analyze. This libpcap filter will show all the web traffic associated with host 192.168.5.25 using this filter:

httpry -r file 'host 192.168.5.25'

07/28/2010 18:00:02 192.168.5.25 216.66.8.10 > GET www.symantec.com /enterprise/security_response/threatexplorer/threats.jsp HTTP/1.0 - -
07/28/2010 18:00:02 216.66.8.10 192.168.5.25 < - - - HTTP/1.0 301 Moved Permanently
07/28/2010 18:00:02 192.168.5.25 216.66.8.16 > GET www.symantec.com /business/security_response/threatexplorer/threats.jsp HTTP/1.0 - -
07/28/2010 18:00:03 216.66.8.16 192.168.5.25 < - - - HTTP/1.0 200 OK
07/28/2010 18:00:03 192.168.5.25 67.97.80.71 > GET vil.nai.com /VIL/newly_discovered_viruses.aspx HTTP/1.0 - -
07/28/2010 18:00:03 192.168.5.25 67.97.80.71 > GET vil.nai.com /VIL/newly_discovered_viruses.aspx HTTP/1.0 - -
07/28/2010 18:00:03 67.97.80.71 192.168.5.25 < - - - HTTP/1.1 200 OK
07/28/2010 18:01:48 74.125.157.101 192.168.5.25 < - - - HTTP/1.1 200 OK
07/28/2010 18:01:48 192.168.5.25 173.194.15.95 > GET safebrowsing-cache.google.com /safebrowsing/rd/ChNnb29nLW1hbHdhcmUtc2hhdmFyEAEYlZQCIJaUAioFFooAAAEyBRWKAAAB HTTP/1.1 - -
07/28/2010 18:01:48 173.194.15.95 192.168.5.25 < - - - HTTP/1.1 200 OK


If you are checking for a particular file extension such as.exe, .js, .msi, .jpg, etc, if you combined your search with grep, httpry can be used to find if any binaries (i.e. malware) were downloaded from a certain site or by a particular client using a pcap captured files. In this example we grep for all the JavaScript transffered by host 192.168.5.25.

httpry -r file 'host 192.168.5.25' | grep "\.js"

07/28/2010 10:57:08 192.168.5.25 69.192.143.238 > GET www.quickquote.lincoln.com /static/com/forddirect/presentation/constants/SkinConstants_lincoln.js HTTP/1.1 - -
07/28/2010 10:57:08 192.168.5.25 69.192.143.238 > GET www.quickquote.lincoln.com /yui/yahoo-dom-event/yahoo-dom-event.js HTTP/1.1 - -
07/28/2010 10:57:08 192.168.5.25 69.192.143.238 > GET www.quickquote.lincoln.com /static/com/forddirect/application/bp20/metrics/s_code.js HTTP/1.1 - -


The httpry website is here. The tarball can be download here and a freeBSD port here.


출처 : www.sans.org


Trackback 0 Comment 0
2009.07.10 14:42

웹에서 주소만으로 사이트 캡쳐 (screenshot/websnapshot)


URL을 입력하면 잠깐의 캡쳐시간이 소요가됩니다. 느린감이 있습니다.
허나 좋은 점은 다양한 옵션들이 제공이되어 원하는 형태로 스크린샷을 제공합니다.
또한 그동안 스크린샷을 제공한 사이트 이미지는 계속 보관을 하고 있는거 같네요.
URL을 입력하게되면 스크린샷을 제공하는 건 갔지만 다른 점은
결과물을 확인하면서 사이즈 조정이나 자르기 기능을 바로 제공하고 있습니다.
주소만 입력하면 스크린샷이 나오게 됩니다.
스크린샷의 URL 주소도 제공하며 다운로드도 제공하고 있습니다.


간편한 UI 캡쳐가 위의 사이트보다는 빠르고 좋네요.
하지만 단점이라면 Adobi AIR을 설을 해야된다는 문제점과 메모리을 조금은 잡고 있다는거지만
그래도 만족할만한 결과을 주니 좋네요.


다양한 OS환경 그리고 다양한 브라우저에서 어떤 화면이 출력이되는지 확인할수 있는게 특징입니다.
원하는 OS와 브라우저을 선택하면 정해진 캡쳐 순서에따라 실행이 되어지게 되어있습니다.
이 사이트는 오픈소스로 개발이되고 있구요.
XML-RPC 지원으로 매쉬업도 가능하고 이 사이트는 파이썬을 이용하여 제작되었다네요.

Installing the screenshot factory on Linux

This page has been updated to work with Browsershots 0.4.

Install prerequisites

sudo apt-get install tightvncserver xfonts-base netpbm xautomation scrot subversion

Get the screenshot factory source code

svn checkout http://svn.browsershots.org/trunk/shotfactory/

Adjust config files

Change the file ~/.vnc/xstartup to the following three lines. This will set a white background and then run nothing except the window manager. Be sure to remove any reference to xterm because it gets in the way. If you have never run tightvncserver before, this file will not yet exist - run it once to automatically generate the file, and then make the change.

#!/bin/sh
xsetroot -solid "#FFFFFF"
x-window-manager &

If the file doesn't have any effect, make sure it's executable:

chmod a+x ~/.vnc/xstartup

Run

cd shotfactory
screen -L python shotfactory.py

See InstallFactory for registration and troubleshooting tips.

More useful packages

You will want to run a lightweight window manager because it will be restarted for each screenshot request. I don't recommend gnome-session because it uses a lot of memory. If you want nice rounded title bars, you can also install ubuntu-artwork.

sudo apt-get install metacity ubuntu-artwork

The firefox package on Ubuntu suggests these font packages (as of 2007-12-01):

sudo apt-get install latex-xft-fonts ttf-kochi-gothic ttf-kochi-mincho ttf-thryomanes ttf-baekmuk ttf-arphic-gbsn00lp ttf-arphic-bsmi00lp ttf-arphic-gkai00mp ttf-arphic-bkai00mp

If you want to run Flash 9, simply install the following package:

sudo apt-get install flashplugin-nonfree

It's also fun to track the system status graphically. Install Munin somewhere and add all your screenshot factory machines to /etc/munin/munin.conf. Then do this on each screenshot factory:

sudo apt-get install lm-sensors smartmontools
sudo apt-get install munin-node

How to install the ShotServer

This documentation is for the development version 0.4 of Browsershots (based on Django).

If you want to support the development of Browsershots, you can hire me as a contractor to set up Browsershots as an in-house browser testing system for you, and adapt it to your requirements. I speak German and English (and a little French and Swedish), and will come to your office even if it's in Timbuktu. Send email to johann@browsershots.org if you're interested. My rates are cheap because I'm still a student, so hurry!


Hardware and OS

See RequirementsForServer. The ShotServer software needs Python version 2.4 or newer (e.g. for the function decorator syntax).


Software

Prerequisites

sudo apt-get install netpbm

Install Django source code

Until Django 1.0 is released, Browsershots 0.4 will use the development version (trunk) of Django.

svn checkout http://code.djangoproject.com/svn/django/trunk django
cd django
sudo python setup.py install

Install ShotServer source code

Use Subversion to check out the latest development version of the software (the same code that is running on http://v04.browsershots.org/):

svn checkout http://svn.browsershots.org/trunk/shotserver

For the quick-start development server, you don't need to install the Browsershots source code in /usr/lib/ because you run the development server from your local copy. Only for use with a real web server like Apache, you would do the following:

cd shotserver
sudo python setup.py install

Install the database

You need a recent version of PostgreSQL. If version 8.3 is not available on your distribution, 8.2 or 8.1 should work too.

sudo apt-get install postgresql python-psycopg

You can create the database as the same user that will be running the development server, so you don't need to worry about passwords.

createdb shotserver04
CREATE DATABASE

If necessary, create the database user first (replace www-data with your username):

sudo -u postgres createuser www-data
Shall the new role be a superuser? (y/n) n
Shall the new role be allowed to create databases? (y/n) y
Shall the new role be allowed to create more new roles? (y/n) n
CREATE ROLE

Let Django create the database tables for you:

cd shotserver/shotserver04
./manage.py syncdb

When it asks if you would like to create an admin account, say yes.

Create content folders

If you haven't changed the directories in settings.py, you need the following folders:

sudo mkdir -p /var/www/v04.browsershots.org/png

The png folder must be writable by the user running the server.

sudo chown www-data:www-data /var/www/v04.browsershots.org/png

Quick start with the development server

On a production system, you would use Apache 2 or some other serious web server. But to get started quickly, it is recommended that you use the Django development server first, and then switch to a real web server later when it works okay.

Run the development server

You can do this on your normal user account, but you must have write access to the database shotserver04 and to the directory /var/www/browsershots.org/png/.

cd shotserver/shotserver04
./manage.py runserver

The above will start the server on the local IP address 127.0.0.1 with port number 8000. If you want the server to be reachable from the outside, you have to specify your external IP address (and your desired port number):

./manage.py runserver 192.168.1.112:8000

More detailed instructions are available in the Django documentation.

Admin interface

Point your browser to http://127.0.0.1:8000/admin/ and enter your username and password.

Adjust the sites configuration

  • Go to the "Sites" admin page http://127.0.0.1:8000/admin/sites/site/
  • Change "example.com" to "127.0.0.1:8000" or equivalent
  • Change the display name to "Browsershots"

Create screenshot factories

http://127.0.0.1:8000/admin/factories/factory/add/

Web frontend

Point your browser to http://127.0.0.1:8000/ to see the web interface. Replace 127.0.0.1 with the hostname of your development machine if you want to access it from other computers.

Add browsers to your factories

Visit http://127.0.0.1:8000/browsers/add/ with each browser on your screenshot factory. The page should detect your browser settings automatically. Enter your password and click submit to register your browser in the database.

You can use http://127.0.0.1:8000/admin/browsers/browser/ to add or delete browsers manually or change their settings.

Run Django with mod_python on Apache

After you get the development server to run, you may want to switch to a real web server for performance and stability. See the Django documentation for details, and InstallServerApache for example configuration.

Install the ShotServer with Apache

For a production system, you don't want to use the development server that comes with Django. Here's how you set up Apache for Browsershots.

sudo apt-get install apache2 libapache2-mod-python

Create directory for log files:

sudo mkdir -p /var/log/apache2/v04.browsershots.org/

Enable mod_rewrite:

sudo a2enmod rewrite

Then put the following in /etc/apache2/sites-available/v04.browsershots.org:

ExtendedStatus On
NameVirtualHost *:80
<VirtualHost *:80>
    ServerName browsershots.example.com # FQDN
    ServerAlias browsershots # Local alias
    ServerAdmin webmaster@example.com
    ServerSignature On

    LogLevel warn
    ErrorLog /var/log/apache2/v04.browsershots.org/error.log
    CustomLog /var/log/apache2/v04.browsershots.org/access.log combined

    DocumentRoot /var/www/v04.browsershots.org
    <Directory /var/www/v04.browsershots.org>
        Options -Indexes

        RewriteEngine On
        RewriteBase /

        # Force canonical hostname.
        RewriteCond %{HTTP_HOST} !^browsershots.example.com(|:80)$
        RewriteRule ^(.*)$ http://browsershots.example.com/$1 [R,L]

        # Static files at server root
        RewriteRule ^(favicon.ico|robots.txt)$ static/$1 [L]

        # Force HTTPS for secure pages (uncomment next line to enable)
        # RewriteRule ^(admin|accounts)(/.*)$ https://browsershots.example.com/$1$2 [R,L]
    </Directory>

    <Location />
        SetHandler python-program
        PythonHandler django.core.handlers.modpython
        SetEnv DJANGO_SETTINGS_MODULE shotserver04.settings
        PythonDebug Off
        PythonAutoReload Off
    </Location>

    <Location /png>
        SetHandler None
    </Location>

    <Location /static>
        SetHandler None
    </Location>

    <Location /media>
        SetHandler None
    </Location>

    <Location /server-status>
        SetHandler server-status
        Allow from all
    </Location>
</VirtualHost>

# Local variables:
# mode: apache
# end:

Make sure that file is the first symlink in /etc/apache/sites-enabled and then restart Apache:

sudo a2dissite default
sudo a2ensite v04.browsershots.org
sudo apache2ctl restart

Create some symlinks for static content:

cd /var/www/v04.browsershots.org/
sudo ln -s /usr/lib/python2.5/site-packages/shotserver04/static
sudo ln -s /usr/lib/python2.5/site-packages/django/contrib/admin/media

Trackback 3 Comment 0