DDoS attack download prevents local users from using Fsockopen DDoS attack countermeasures

Source: Internet
Author: User
Reason
PHP script part of the source code:

Copy the Code code as follows:


$fp = Fsockopen ("udp://$ip", $rand, $errno, $ERRSTR, 5);
if ($fp) {
Fwrite ($fp, $out);
Fclose ($FP);


PHP script in the Fsockopen function, to the external address, through the UDP send a large number of packets, attack each other.
Response
You can disable the Fsockopen function through php.ini, and use Windows 2003 Security Policy to mask the UDP port on this computer.
disabling functions
To find disable_functions, add the function name you want to disable, as in the following example:
Passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_ Restore,dl,pfsockopen,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,fsocket,fsockopen
Takes effect after restarting IIS.
Masking UDP ports
Copy the following shaded text to Notepad, save as Banudp.bat or any name, and double-click to run.
REM Add security Policy, name
netsh ipsec static add policy name= my security policy
REM Add IP Filter List
netsh ipsec static add filterlist name= allow List
netsh ipsec static add filterlist name= deny list
REM add filter to IP filter list (allow Internet access)
netsh ipsec static add filter filterlist= allow List srcaddr=me dstaddr=any description=dns access protocol=udp mirrored=yes dstport= 53
REM add filter to IP filter list (no one else to access)
netsh ipsec static add filter filterlist= deny list Srcaddr=any dstaddr=me description= others to me any access protocol=udp Mirrored=yes
REM Add filter action
netsh ipsec static add filteraction name= can be action=permit
netsh ipsec static add filteraction name= cannot be action=block
REM Create a link specify rules for IPSEC policies, filter lists, and filter actions (join rules to my security policy)
netsh ipsec static add rule name= allow rules policy= my security policy filterlist= allow List filteraction= can
netsh ipsec static add rule name= Deny rule policy= my security policy filterlist= deny list filteraction= can not
REM activates my security policy
netsh ipsec static set policy name= my security Policies assign=y

The above describes the DDoS attack download to prevent local users with Fsockopen DDoS attack countermeasures, including the content of the DDoS attack download, I hope that the PHP tutorial interested in a friend helpful.

  • Related Article

    Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.