|
|
5月7日上午11點多,碧華樓網路交換器不明原因斷訊,造成碧華樓全棟及敬業樓一至五樓各層樓第1~第4間教室的網路中斷,檢修後判斷是光纖網路斷訊,已向事務組長反應,目前正搶修中。
5月8日下午3點左右,網路工程師至校維修,於下午3點50分左右,接通網路。
- 網路故障原因:光纖其中一芯斷掉,導致無法正常連線。
- 故障排除方法:更換為另一組備用光纖。
ANA事件單通知:TACERT-ANA-2015050408053636)(【漏洞預警】Mozilla Firefox 存在系統存取等弱點,建議請使用者儘速更新!)
教育機構ANA通報平台
| 發佈編號 |
TACERT-ANA-2015050408053636 |
發佈時間 |
2015-05-04 08:58:37 |
| 事故類型 |
ANA-漏洞預警 |
發現時間 |
2015-04-29 00:00:00 |
| 影響等級 |
高 |
|
|
| [主旨說明:]
【漏洞預警】Mozilla Firefox 存在系統存取等弱點,建議請使用者儘速更新! |
| [內容說明:]
轉發HiNet SOC 漏洞/資安訊息警訊Mozilla Firefox 存在系統存取等弱點,惡意人士可透過引誘使用者瀏覽事先建立的惡意網頁後,便可執行任意程式碼等讓使用者系統受駭之安全性弱點。目前已知會受到影響的版本為Mozilla Firefox 37.0.2 之前版本,HiNet SOC 建議使用者應儘速上網更新,以降低受駭風險。細節描述Mozilla 近日發佈Firefox 存在系統存取等弱點,該弱點為“AsyncPaintWaitEvent():: AsyncPaintWaitEvent” 函式在插件初始化失敗時存在競爭條件錯誤(race condition error) ,可能會觸發使用釋放後記憶體錯誤(use-after-free) 的條件,並接著發生記憶體損毀錯誤,成功利用此弱點可能允許執行任意程式碼。
惡意人士可透過這些弱點執行任意程式碼。HiNet SOC 建議使用者應儘速上網更新,並勿隨意瀏覽來源不明的網頁以及開啟郵件附加檔案,以降低受駭風險。 |
| [影響平台:]Mozilla Firefox 37.0.2 之前版本 |
| [建議措施:]手動下載安裝:
Mozilla Firefox 37.0.2 (含)之後版本:http://mozilla.com.tw/ |
| [參考資料:]Secunia:http://secunia.com/advisories/64071/
Mozilla:https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ |
教學網站:
系統內建指令:
| Command |
Description |
| ASSOC |
Associates an extension with a file type (FTYPE). |
| BREAK |
Sets or clears extended CTRL+C checking. |
| CALL |
Calls one batch program from another. |
| CD, CHDIR |
Displays or sets the current directory. |
| CHCP |
Displays or sets the active code page number. |
| CLS |
Clears the screen. |
| COLOR |
Sets the console foreground and background colors. |
| COPY |
Copies files. |
| DATE |
Displays and sets the system date. |
| DEL, ERASE |
Deletes one or more files. |
| DIR |
Displays a list of files and subdirectories in a directory. |
| ECHO |
Displays messages, or turns command echoing on or off. |
| ELSE |
Performs conditional processing in batch programs when “IF" is not true. |
| ENDLOCAL |
Ends localization of environment changes in a batch file. |
| EXIT |
Quits the CMD.EXE program (command interpreter). |
| FOR |
Runs a specified command for each file in a set of files. |
| FTYPE |
Sets the file type command. |
| IF |
Performs conditional processing in batch programs. |
| MD, MKDIR |
Creates a directory. |
| MOVE |
Moves a file to a new location |
| PATH |
Sets or modifies the PATH environment |
| PAUSE |
Causes the command session to pause for user input. |
| POPD |
Changes to the drive and directory poped from the directory stack |
| PROMPT |
Sets or modifies the string displayed when waiting for input. |
| PUSHD |
Pushes the current directory onto the stack, and changes to the new directory. |
| RD / RMDIR |
Removes the directory. |
| REM |
A comment command. Unlike double-colon (::), the command can be executed. |
| REN / RENAME |
Renames a file or directory |
| SET |
Sets or displays shell environment variables |
| SETLOCAL |
Creates a child-environment for the batch file. |
| SHIFT |
Moves the batch parameters forward. |
| START |
Starts a program with various options. |
| TIME |
Displays or sets the system clock |
| TITLE |
Changes the window title |
| TYPE |
Prints the content of a file to the console. |
| VER |
Shows the command processor, operating system versions. |
| VERIFY |
Verifies that file copy has been done correctly. |
| VOL |
Shows the label of the current volume. |
指令範例:
FOR
Iterates over a series of values, executing a command.
In the following examples, %i is to be used from the command line while %%i is to be used from a batch.
Examples:
- for %%i in (1,2,3) do echo %%i
- In a batch, echoes 1, 2, and 3. In a batch, the command must use a double percent sign.
- The remaining examples are intended to be directly pasted into a command line, so they use a single percent sign and include “@" to prevent repetitive display.
- for %i in (1,2,3) do @echo %i
- From a command line, echoes 1, 2, and 3.
- The for command tries to interpret the items as file names and as patterns of file names containing wildcards.
- It does not complain if the items do not match existing file names, though.
- for %i in (1,2,a*d*c*e*t) do @echo %i
- Unless you happen to have a file matching the third pattern, echoes 1 and 2, discarding the third item.
- for %i in (1 2,3;4) do @echo %i
- Echoes 1, 2, 3, and 4. Yes, a mixture of item separators is used.
- for %i in (*.txt) do @echo %i
- Echoes file names of files located in the current folder and having the .txt extension.
- for %i in (“C:\Windows\system32\*.exe") do @echo %i
- Echoes file names matching the pattern.
- for /r %i in (*.txt) do @echo %i
- Echoes file names with full paths, of files having the extension .txt located anywhere in the current folder including nested folders.
- for /d %i in (*) do @echo %i
- Echoes the names of all folders in the current folder.
- for /r /d %i in (*) do @echo %i
- Echoes the names including full paths of all folders in the current folder, including nested folders.
- for /l %i in (1,1,10) do @echo %i
- Echoes the numbers from 1 to 10.
- for /f “tokens=*" %i in (list.txt) do @echo %i
- For each line in a file, echoes the line.
- for /f “tokens=*" %i in (list1.txt list2.txt) do @echo %i
- For each line in the files, echoes the line.
- for /f “tokens=*" %i in (*.txt) do @echo %i
- Does nothing. Does not accept wildcards to match file names.
- for /f “tokens=1-3 delims=:" %a in (“First:Second::Third") do @echo %c-%b-%a
- Parses a string into tokens delimited by “:".
- The quotation marks indicate the string is not a file name.
- The second and third tokens are stored in %b and %c even though %b and %c are not expressly mentioned in the part of the command before “do".
- The two consecutive colons are treated as one separator; %c is not “" but rather “Third".
- Does some of the job of the cut command from other operating systems.
- for /f “tokens=1-3* delims=:" %a in (“First:Second::Third:Fourth:Fifth") do @echo %c-%b-%a: %d
- As above, just that the 4th and 5th items get captured in %d as “Fourth:Fifth", including the separator.
- for /f “tokens=1-3* delims=:," %a in (“First,Second,:Third:Fourth:Fifth") do @echo %c-%b-%a: %d
- Multiple delimiters are possible.
- for /f “tokens=1-3″ %a in (“First Second Third,item") do @echo %c-%b-%a
- The default delimiters are space and tab. Thus, they differ from the separators used to separate arguments passed to a batch.
- for /f “tokens=*" %i in (‘cd’) do @echo %i
- For each line of the result of a command, echoes the line.
- for /f “tokens=*" %i in (‘dir /b /a-d-h’) do @echo %~nxai
- For each non-hidden file in the current folder, displays the file attributes followed by the file name. In the string “%~nxai", uses the syntax described at #Percent tilde.
- for /f “usebackq tokens=*" %i in (`dir /b /a-d-h`) do @echo %~nxai
- As above, but using the backquote character (`) around the command to be executed.
- for /f “tokens=*" %i in (‘tasklist ^| sort ^& echo End’) do @echo %i
- Pipes and ampersands in the command to be executed must be escaped using caret (^).
- (for %i in (1,2,3) do @echo %i) > anyoldtemp.txt
- To redirect the entire result of a for loop, place the entire loop inside brackets before redirecting. Otherwise, the redirection will tie to the body of the loop, so each new iteration of the body of the loop will override the results of the previous iterations.
- for %i in (1,2,3) do @echo %i > anyoldtemp.txt
- An example related to the one above. It shows the consequence of failing to put the loop inside brackets.
--------------------------------------------
for %%i in (a b c) do (
echo 1 %%i
goto :cont
echo 2 %%i
:cont
echo 3 %%i
)
--------------------------------------------
--------------------------------------------
for %%i in (a b c) do call :for_body %%i
exit /b
:for_body
echo 1 %1
goto :cont
echo 2 %1
:cont
exit /b
--------------------------------------------
String processing
Getting a substring of a variable by position and length:
Before running the following examples, ensure that %a% equals “abcd" by running this:
The examples:
- echo %a:~0,1%
- echo %a:~1,1%
- echo %a:~0,2%
- echo %a:~1,2%
- echo %a:~1%
- echo %a:~-1%
- echo %a:~-2%
- echo %a:~0,-2%
- echo %a:~0,-1%
- echo %a:~1,-1%
Testing substring containment:
- if not “%a:bc=%"=="%a%" echo yes
- If variable a contains “bc" as a substring, echo “yes".
- This test is a trick that uses string replacement, discussed below.
- This test does not work if the variable contains a quotation mark.
Testing for “starts with":
- if %a:~0,1%==a echo yes
- If variable a starts with “a", echo “yes".
- if %a:~0,2%==ab echo yes
- If variable a starts with “ab", echo “yes".
String replacement:
- set a=abcd & echo %a:c=%
- set a=abcd & echo %a:c=e%
- set a=abcd & echo %a:*c=%
- Result: d
- The asterisk only works at the beginning of the sought pattern; it does not work at the end or in the middle.
See also the help for SET command: set /?.
Splitting a string by any of " “, “,", and “;":
- set myvar=a b,c;d
- for %%a in (%myvar%) do echo %%a
Splitting a string by semicolon, assuming the string contains no quotation marks:
@echo off
set myvar=a b;c;d
set strippedvar=%myvar%
:repeat
for /f "delims=;" %%a in ("%strippedvar%") do echo %%a
set prestrippedvar=%strippedvar%
set strippedvar=%strippedvar:*;=%
if not "%prestrippedvar:;=%"=="%prestrippedvar%" goto :repeat
4月29日,和203教室單槍及吊架移至新大樓教室,當示範教室用。
因應「個人資料保護法」實施、教育部「教育體系資通安全管理規範」、「國中小學資通安全管理系統實施原則」及「教育部所屬機關及各級公私立學校資通安全工作事項」與本市「中、小學資訊安全工作」等相關規定,修訂本校本校資通安全管理系統實施原則。
碧華國小資通安全管理系統實施原則1040201修訂版(含核章)
|
|
