address when a IP is banned.##### Blank would suppress sending of mailsemail_to= "root"///when IP is blocked to send mail to the specified mailbox, recommended to use, change your own mailbox can##### number of seconds the banned IP should remain in blacklist.ban_period=600//Disable IP time, default 600 seconds, according to the situation can adjust the user according to the default profile added to the comment content, modify the configuration file.
The user can modify the configuration file
recently took a little time to "the King of Destruction-ddos attack and the depth of the prevention of the analysis" to read it, frankly, this book is relatively simple, can be said to be an introductory book, of course, for me this kind of DDoS smattering people, is also a good book, at least I learned something. DDoS is a shorthand for distributed denial-of-ser
We know that the VPS server is a virtualization technology, build VPS server virtualization software and new cloud architecture solutions are many, they have advantages and disadvantages, therefore, different VPS Server service providers may use different virtualization technology to build VPS servers, Similarly, the c
1, Baidu search 360php-ddos script Kill tool we enter to 360 official to download this toolkit.
2, download the Good toolkit after we upload the 360doskill.php to your site root directory.
3, then we directly in the browser to access 360doskill.php, access to address: http://site domain name/360doskill.php
4, then we enter the default username and password login.
5, then we click on the scan can scan the entire directory, of course, you can al
First look at the VPS is what: plain English is that it is from a physical server divided into multiple ' virtual ' server, has its own independent public network IP, independent memory, independent CPU, independent operating system configuration, independent hard disk space, etc., can be convenient to restart the server alone, its own installation program, Like a smaller version of the physical server, use it to do multiple virtual hosting, Enterpris
How to solve the problems of switch DDoS attacks and Intranet server DDoS attacks
Those who have experience in Internet cafes or data center management must know that computer viruses are a headache, especially intranet server DDoS attacks and switch DDoS attacks, which directly affect the security of Internet cafes,
I. Viewing an attacker's IPawk ' {print $} ' Cut Sort Uniq Sort -NTwo. Installing the DDoS deflate#wget http:// // download DDoS deflate#chmod0700 Install. SH // Add permissions #./install. SH // ExecutionThree. Configuring DDoS deflateThe following is the default configuration of the DDoS deflate in/usr/local/
1. Common DDos attack types
SYN Flood: it is currently the most popular DoS (DoS attacks) and is a type of TCP connection request that uses TCP protocol defects to send a large number of forged TCP connection requests, so that the attacked party's resources are exhausted (the CPU is full or the memory is insufficient.
Smurf: This attack sends a packet with a specific request (such as an ICMP Response Request) to a subnet broadcast address, and disguis
To go to the bank to do business examples:Network layer DDoS is to let the road to the bank become congested, unable to get the people who really want to go to the bank, often use the protocol as a network layer, such as TCP (using three handshake response to wait and limit the number of computer TCP connections), etc.The application layer DDoS is to consume the bank's business resources, such as using HTTP
DDoS (Distributed denial of service) attack is a simple and fatal network attack using TCP/IP protocol vulnerability, because the TCP/IP protocol is unable to modify the session mechanism, so it lacks a direct and effective defense method. A large number of examples prove that the use of traditional equipment passive defense is basically futile, and the existing firewall equipment will be paralyzed due to limited processing capacity, become a network
VPS Exclusive host has been small and medium enterprises and high-end webmaster users of the best choice to build a station, and, with the cloud computing technology application and development, the VPS host prices more civilians, making more people contact with VPS host, and often use VPS host. At the same time,
define a bad IP? Indicate that below.
NO_OF_CONNECTIONS = 150 // The maximum number of connections. IP addresses exceeding this value will be blocked. Generally, the default value is enough.
##### APF_BAN = 1 (Make sure your APL version is atleast 0.96)
##### APF_BAN = 0 (Uses iptables for banning ips instead of APT)
APF_BAN = 1 // whether to use the public IP address whitelist or iptables. We recommend that you use iptables to change the value of APF_BAN to 0.
##### KILL = 0 (Bad IPs are 'nt
Eduvps is a dedicated to learn and provide a free VPS host, because it is purely personal to provide and focus on the use of learning tests, so even if the application of the Eduvps free VPS, there are not open machine, can not connect VPS host and so on, And most of the VPS host applications have different problems in
Test system: CENTOS7
Modify the connection port to modify the configuration file
vi /etc/ssh/sshd_config
Remove the comment from Port 22 to add a new port configurationport your_port_num
Custom port selection recommended on the million-bit ports (e.g., 10000-65535)
Do not delete port 22 directly, so as not to forget the new SSH port or the port is not accessible, we can continue to access SSH, save and exitTo restart the SSH configuration
service sshd re
If you think that the virtual host cannot meet your needs, want more resources, and feel that the whole machine is a waste, the VPs server may also be suitable for you.
In terms of price, the VPs host is between the virtual host and the host lease. The performance of the website is more stable than that of the virtual host. users on the VPs do not compete for
is a Linux kernel-integrated IP packet filtering system that allows simple addition, editing, and removal of rules that are followed and composed by firewalls when making packet filtering decisions.We prefer to confirm the status of the Iptables service (this general VPS system is brought)Service Iptables StausAfter confirmation, install the DDoS deflatewget http://www.inetbase.com/scripts/
, this value may be the IP address of the proxy server, which may be empty or random.
Http_x_forwarded_for can be arbitrarily modified. Most proxy servers are transparent proxies. That is to say, this value is set to the IP address of the original visitor.
2. CC attacks
Sort by processing efficiency from high to low.
(Because this article is for VPs servers, VPs is simply a low-end alternative to servers, a
Vps security settings, server security dog
It is suitable for new users and friends who have access to VPS. It focuses on VPS security.
Prohibit ROOT login to ensure security;
Use DDoS deflate to defend against attacks;
Iftop Linux traffic monitoring tool;
Automatically backs up VP
Introduction to DDoS Deflate
DDoS deflate is a free script for defending and mitigating DDoS attacks. It creates an IP address for a large number of network connections through Netstat monitoring trails that prohibit or block these IPs through APF or iptables when a node is detected that exceeds the preset limit.
DDoS
ipsec static add filterlist name= deny list
REM add filter to IP filter list (allow Internet access)
netsh ipsec static add filter filterlist= allow List srcaddr=me dstaddr=any description=dns access protocol=udp mirrored=yes dstport= 53
REM add filter to IP filter list (no one else to access)
netsh ipsec static add filter filterlist= deny list Srcaddr=any dstaddr=me description= others to me any access protocol=udp Mirrored=yes
REM Add filter action
netsh ipsec static add filteraction name= ca
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.