_php tutorial on preventing local users from using Fsockopen DDoS attack countermeasures

Source: Internet
Author: User
Reason
PHP script part of the source code:
Copy CodeThe code is as follows:
$fp = Fsockopen ("udp://$ip", $rand, $errno, $ERRSTR, 5);
if ($fp) {
Fwrite ($fp, $out);
Fclose ($FP);

PHP script in the Fsockopen function, to the external address, through the UDP send a large number of packets, attack each other.

Response
You can disable the Fsockopen function through php.ini, and use Windows 2003 Security Policy to mask the UDP port on this computer.

disabling functions
To find disable_functions, add the function name you want to disable, as in the following example:

Passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_ Restore,dl,pfsockopen,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,fsocket,fsockopen

Takes effect after restarting IIS.

Masking UDP ports
Copy the following shaded text to Notepad, save as Banudp.bat or any name, and double-click to run.

REM Add security Policy, name
netsh ipsec static add policy name= my security policy

REM Add IP Filter List
netsh ipsec static add filterlist name= allow List
netsh ipsec static add filterlist name= deny list

REM add filter to IP filter list (allow Internet access)
netsh ipsec static add filter filterlist= allow List srcaddr=me dstaddr=any description=dns access protocol=udp mirrored=yes dstport= 53

REM add filter to IP filter list (no one else to access)
netsh ipsec static add filter filterlist= deny list Srcaddr=any dstaddr=me description= others to me any access protocol=udp Mirrored=yes

REM Add filter action
netsh ipsec static add filteraction name= can be action=permit
netsh ipsec static add filteraction name= cannot be action=block

REM Create a link specify rules for IPSEC policies, filter lists, and filter actions (join rules to my security policy)
netsh ipsec static add rule name= allow rules policy= my security policy filterlist= allow List filteraction= can
netsh ipsec static add rule name= Deny rule policy= my security policy filterlist= deny list filteraction= can not

REM activates my security policy
netsh ipsec static set policy name= my security Policies assign=y

http://www.bkjia.com/PHPjc/324451.html www.bkjia.com true http://www.bkjia.com/PHPjc/324451.html techarticle reason PHP script part source code: Copy the Code as follows: $fp = Fsockopen ("udp://$ip", $rand, $errno, $ERRSTR, 5); if ($fp) {fwrite ($fp, $out); Fclose ($ FP); PHP Script Fsockope ...

  • Related Article

    Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.