'
Yes.PassFilter out nginx logsFrequentAccessIP address, directly using iptablesShieldThis IP address does not need to restart nginx, andShieldBetter results.
The command for a single IP address isIptables-I INPUT-s 124.115.0.199-j DROP
The command for sealing IP segments isIptables-I INPUT-s 124.115.0.0/16-j DROP
The command to block the entire segment isIptables-I INPUT-s 194.42.0.0/8-j DROP
The command for writing several segments isIptables-I INPUT-s 61.37.80.0/24-j DROPIptables-I INPUT-s 61
I think now everyone contact with the VPS for a long time, also know that the Internet is ddos,cc is the norm, in the absence of hard defense, looking for software replacement is the most direct method, such as with iptables, but iptables can not be automatically shielded, can only be manually shielded, Today, I would like to introduce you to a software that can
DDoS deflate is actually a shell script that uses Netstat and iptables tools to block IP that has too many links, effectively preventing common malicious scanners, but it is not really an effective DDoS defense tool.
Work Process Description:
The same IP link to the number of connections to the server after the setting of the cut value, all over the cut value o
April 19, 2010 Morning |VPS DetectiveObjectiveThe internet is as full of rivalry as the real world, and the site has become the most headache for webmasters. In the absence of hard defense, looking for software replacement is the most direct method, such as with iptables, but iptables can not be automatically shielded, can only be manually shielded. What we're going to talk about today is a software that au
Preface
As in the real world, the Internet is full of intrigue. Website DDoS attacks have become the biggest headache for webmasters. In the absence of hardware protection, finding a software alternative is the most direct method. For example, iptables is used, but iptables cannot be automatically blocked and can only be manually shielded. Today we are talkin
ObjectiveThe internet is as full of rivalry as the real world, and the site has become the most headache for webmasters. In the absence of hard defense, looking for software replacement is the most direct method, such as with iptables, but iptables can not be automatically shielded, can only be manually shielded. What we're going to talk about today is a software that automatically shields
Ddos-deflate is a very small tool for defense and mitigation of DDoS attacks, which can be tracked by monitoring netstat to create IP address information for a large number of Internet connections, by blocking or blocking these very IP addresses via APF or iptables.We can use the Netstat command to view the status of the current system connection and whether it is compromised by a
Ddos-deflate Installation and Configuration
1, installation
The code is as follows
Copy Code
wget http://www.inetbase.com/scripts/ddos/install.shChmod 0700 install.sh./install.sh
2, configuration
The configuration file is/usr/local/ddos/ddos.conf and is configured as follows by default
The code is as follows
-scripts.googlecode.com/files/deflate.sh
chmod +x deflate.sh
./deflate.sh
The second step is to configure the/usr/local/ddos/ddos.conf file.
##### Paths of the script and other files progdir="/usr/local/ddos "prog="/usr/local/ddos/ Ddos.sh "ignore_ip_list="/usr/local/ddos/ignore.ip.list "cron="/etc/cron.d/ddo
This morning, the server was under ddos attack. Fortunately, the other party only used a computer without thousands of Trojans. Otherwise, the server would crash. I found a tutorial on the Internet and solved it successfully. So I recorded the anti-ddos method.View Attack IP
First, use the following code to find the attacker's IP address.
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort
-scripts.googlecode.com/files/deflate.sh
chmod +x deflate.sh
./deflate.sh
The second step is to configure the/usr/local/ddos/ddos.conf file.
##### Paths of the script and other files
progdir= "/usr/local/ddos"
prog= "/usr/local/d dos/ddos.sh "
ignore_ip_list="/usr/local/ddos/ignore.ip.list "
cron="/etc/cron.d/ddos.cron "
a
DDoS attacks are essentially time-series data, and the data characteristics of t+1 moments are strongly correlated with T-moments, so it is necessary to use HMM or CRF for detection! --and a sentence of the word segmentation algorithm CRF no difference!Note: Traditional DDoS detection is directly based on the IP data sent traffic to identify, through the hardware firewall. Big data scenarios are done for sl
The basis for successfully mitigating DDoS attacks includes: knowing what to monitor, monitoring these signs around the clock, identifying and mitigating DDoS attacks with technology and capabilities, and allowing legal communication to reach the destination, real-time skills and experience in solving problems. The best practices discussed below reflect these principles.
Best Practice 1: centralize data co
In linux, the most common way to defend against ddos attacks is to install DDoS deflate to prevent or mitigate ddos attacks. However, there are other methods to use. I will introduce them below.
Introduction to DDoS deflate
DDoS deflate is a free script for defending against
attack that forged the source IP address. The method is not validOther referencesPrevent sync packet flooding (sync Flood)# iptables-a forward-p tcp--syn-m limit--limit 1/s-j ACCEPTsomeone else is writing .# iptables-a input-p tcp--syn-m limit--limit 1/s-j ACCEPT--limit 1/s Limit syn concurrency by 1 times per second, can be modified to prevent various port scans according to your needs#
Linux Server operation process may be subject to hacker attacks, common attack methods have Syn,ddos, etc. By replacing the IP, it may be possible to circumvent the attack by locating the attacked site, but the service will be interrupted for a long time. A more thorough solution is to add a hardware firewall. However, the hardware firewall price is more expensive. In the absence of hard-to-prevent, looking for software replacement is the most direct
=650; "src=" Http://s3.51cto.com/wyfs02/M02/75/51/wKiom1Y2Hy7wrYmAAAEuLkCurCk884.jpg "title=" 10installsoftware.png "alt=" Wkiom1y2hy7wrymaaaeulkcurck884.jpg "/>4. After the installation is complete, the software needs to be further configured:$ sudo vi/usr/local/ddos/ddos.conf4.1 You need to check that the configuration path is consistent with your actual environment, and this test remains the same:##### Paths of the script and other filesProgdir= "/
As in the real world, the Internet is full of intrigue. Website DDOS attacks have become the biggest headache for webmasters. In the absence of hardware protection, finding a software alternative is the most direct method. For example, iptables is used, but iptables cannot be automatically blocked and can only be manually shielded. Today we are talking about a so
Introduction to DDoS Deflate
DDoS deflate is a free script for defending and mitigating DDoS attacks. It creates an IP address for a large number of network connections through Netstat monitoring trails that prohibit or block these IPs through APF or iptables when a node is detected that exceeds the preset limit.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.