最新消息:

如何卸载阿里云&腾讯云官方的监控软件服务?

新闻 yan 3浏览 0评论
文章目录

如何卸载阿里云&腾讯云官方的监控软件服务?

 

国内用户数比较大云服务商还属于阿里云和腾讯云。相对来说阿里云的相关产品最完善了!

当然阿里云的云服务也算是ZF重点监控对象。其中阿里提供了云盾(安骑士)监控服务,虽然功能是好的,但是……

使用阿里云ECS(尤其是海外的)之前得先把监控软件干掉,要不然啥都给阿里云监控了,一点隐私都没了。博主的女装照被爆出去可不好啦~~~

下面转载一篇卸载过程的日志,以后用得上。

 

卸载云盾(安骑士)

1
2
3
4
5
6
7
curl sSL http://update.aegis.aliyun.com/download/quartz_uninstall.sh | sudo bash
 
sudo rm rf /usr/local/aegis
 
sudo rm /usr/sbin/aliyunservice
 
sudo rm /lib/systemd/system/aliyun.service

代码备份↓↓↓

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
bash
#!/bin/bash
 
#check linux Gentoo os
var=`lsb_release a | grep Gentoo`
if [ z “${var}” ]; then
    var=`cat /etc/issue | grep Gentoo`
fi
 
if [ d “/etc/runlevels/default” a n “${var}” ]; then
    LINUX_RELEASE=“GENTOO”
else
    LINUX_RELEASE=“OTHER”
fi
 
stop_aegis(){
    killall 9 aegis_cli >/dev/null 2>&1
    killall 9 aegis_update >/dev/null 2>&1
    killall 9 aegis_cli >/dev/null 2>&1
    printf “%-40s %40s/n” “Stopping aegis” “[  OK  ]”
}
 
stop_quartz(){
    killall 9 aegis_quartz >/dev/null 2>&1
        printf “%-40s %40s/n” “Stopping quartz” “[  OK  ]”
}
 
remove_aegis(){
if [ d /usr/local/aegis ];then
    rm rf /usr/local/aegis/aegis_client
    rm rf /usr/local/aegis/aegis_update
fi
}
 
remove_quartz(){
if [ d /usr/local/aegis ];then
    rm rf /usr/local/aegis/aegis_quartz
fi
}
 
 
uninstall_service() {
 
   if [ f “/etc/init.d/aegis” ]; then
        /etc/init.d/aegis stop  >/dev/null 2>&1
        rm f /etc/init.d/aegis
   fi
 
    if [ $LINUX_RELEASE = “GENTOO” ]; then
        rcupdate del aegis default 2>/dev/null
        if [ f “/etc/runlevels/default/aegis” ]; then
            rm f “/etc/runlevels/default/aegis” >/dev/null 2>&1;
        fi
    elif [ f /etc/init.d/aegis ]; then
         /etc/init.d/aegis  uninstall
        for ((var=2; var<=5; var++)) do
            if [ d “/etc/rc${var}.d/” ];then
                 rm f “/etc/rc${var}.d/S80aegis”
            elif [ d “/etc/rc.d/rc${var}.d” ];then
                rm f “/etc/rc.d/rc${var}.d/S80aegis”
            fi
        done
    fi
 
}
 
stop_aegis
stop_quartz
uninstall_service
remove_aegis
printf “%-40s %40s/n” “Uninstalling aegis”  “[  OK  ]”
 
remove_quartz
printf “%-40s %40s/n” “Uninstalling aegis_quartz”  “[  OK  ]”

 

或者用网友简单粗暴版本:

1
2
3
4
5
6
#!/bin/bash
rm rf /usr/local/aegis
for A in $(ps aux | grep Ali | grep v grep | awk ‘{print $2}’)
do
  kill 9 $A;
done

 

屏蔽云盾 IP

而后检查服务器记录时发现一堆  Alibaba.Security.Heimdall 的访问记录。网上查询发现是云盾。

根据官方介绍

云盾会通过公网模拟黑客入侵攻击,进行安全扫描。所以服务器有安全防护时,需要对云盾扫描ip进行放行。

赶快屏蔽!

此处使用 UFW, iptables 用户请自己找一下添加方法。注意:如果已有接受 80 端口之类的规则,新增的拒绝 IP 规则在其后将不会生效。所以要在  /etc/ufw/before.rules 设置。

sudo nano 编辑此文件并找到  # End required lines,在其后添加:

1
2
3
4
5
6
7
8
9
10
11
12
13
# Block Ali Yun Dun  https://help.aliyun.com/knowledge_detail/37436.html
A ufwbeforeinput s 140.205.201.0/28 j DROP
A ufwbeforeinput s 140.205.201.16/29 j DROP
A ufwbeforeinput s 140.205.201.32/28 j DROP
A ufwbeforeinput s 140.205.225.192/29 j DROP
A ufwbeforeinput s 140.205.225.200/30 j DROP
A ufwbeforeinput s 140.205.225.184/29 j DROP
A ufwbeforeinput s 140.205.225.183/32 j DROP
A ufwbeforeinput s 140.205.225.206/32 j DROP
A ufwbeforeinput s 140.205.225.205/32 j DROP
A ufwbeforeinput s 140.205.225.195/32 j DROP
A ufwbeforeinput s 140.205.225.204/32 j DROP

保存后运行  sudo ufw reload。完毕!

 

腾讯云解决方案

据说腾讯云也有类似问题:转:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
#!/bin/bash
#fuck tx process
rm rf /usr/local/sa
rm rf /usr/local/agenttools
rm rf /usr/local/qcloud
process=(sap100 secutcsagent sgagent64 barad_agent agent agentPlugInD pvdriver )
for i in ${process[@]}
do
  for A in $(ps aux | grep $i | grep v grep | awk ‘{print $2}’)
  do
    kill 9 $A
  done
done
chkconfig level 35 postfix off
service postfix stop
echo >/var/spool/cron/root
echo ‘#!/bin/bash’ >/etc/rc.local

 

 

文章转载:

https://www.cmsky.com/uninstall-aliyun-monitoring

https://blog.whe.me/post/uninstall-aliyun-monitoring.html

参考文献:

https://www.v2ex.com/t/217931

https://help.aliyun.com/knowledge_detail/40477.html

Related posts:

  1. Mailsac临时邮件使用以及自己搭建邮箱教程
  2. Google BBR 优化算法,实现TCP加速
  3. 利用 Caddy 轻松实现反向代理/镜像(支持自签SSL证书)
  4. Cloud Torrent配置使用教程

转载请注明:E644 » 如何卸载阿里云&腾讯云官方的监控软件服务?

发表我的评论
取消评论
表情

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址