Na sami labari mai ban sha'awa a cikin linuxaria kan yadda ake gano idan Sabinmu yana fuskantar hari DDoS (Rarraba Musun Sabis), Ko menene iri ɗaya, Karyata Kai harin.
Irin wannan harin ya zama gama-gari kuma yana iya zama dalilin da yasa sabobinmu suke da ɗan jinkiri (kodayake kuma yana iya zama matsalar Layer 8) kuma bai taɓa yin zafi ba don a yi gargaɗi. Don yin wannan, zaka iya amfani da kayan aiki netstat, wanda ke bamu damar ganin hanyoyin sadarwar, hanyoyin tebur, ƙididdigar keɓaɓɓu da sauran jerin abubuwa.
Misalan NetStat
netstat - na
Wannan allon zai haɗa da duk haɗin Intanet mai aiki akan sabar kuma kawai kafa hanyoyin sadarwa.
netstat -an | grep: 80 | raba
Nuna haɗin Intanet mai aiki kawai ga uwar garken a tashar tashar jiragen ruwa 80, wanda shine tashar tashar http, kuma tsara sakamakon. Yana da amfani wajen gano ambaliyar guda (Ruwan tsufana) don haka yana ba da damar fahimtar haɗin kai da yawa daga adireshin IP.
netstat -n -p | grep SYN_REC | wc -l
Wannan umarnin yana da amfani don sanin adadin SYNC_RECs da ke faruwa a kan sabar. Adadin ya zama mara ƙasa sosai, zai fi dacewa ƙasa da 5. A cikin abin da ya faru na musun hare-haren sabis ko bam ɗin bam, lambar na iya zama babba. Koyaya, ƙimar koyaushe tsarin dogaro ne, don haka babban ƙimar na iya zama al'ada akan wani sabar.
netstat -n -p | gaisuwa SYN_REC | raba -u
Yi jerin duk adiresoshin IP na waɗanda suke da hannu.
netstat -n -p | gaisuwa SYN_REC | awk '{buga $ 5}' | awk -F: '{buga $ 1}'
Rubuta dukkan adiresoshin IP na ƙirar da ke aika halin haɗin SYN_REC.
netstat -ntu | awk '{buga $ 5}' | yanke -d: -f1 | irin | uniq -c | raba -n
Yi amfani da umarnin gidan yanar gizo don ƙididdigewa da ƙididdige adadin hanyoyin haɗi daga kowane adireshin IP ɗin da kuke yi zuwa sabar.
netstat -anp | grep 'tcp | udp' | awk '{buga $ 5}' | yanke -d: -f1 | irin | uniq -c | raba -n
Yawan adiresoshin IP waɗanda ke haɗi zuwa sabar ta amfani da yarjejeniyar TCP ko UDP.
netstat -ntu | grep ESTAB | awk '{buga $ 5}' | yanke -d: -f1 | irin | uniq -c | raba -nr
Bincika haɗin haɗin da aka yiwa alama An kafa shi maimakon duk haɗin, kuma nuna haɗin haɗin kowane IP.
netstat -plan | grep: 80 | awk {'buga $ 5'} | yanke -d: -f 1 | irin | uniq -c | irin -nk 1
Nuna da jerin adiresoshin IP da lambar haɗin su waɗanda suke haɗuwa da tashar jiragen ruwa 80 akan sabar. Ana amfani da Port 80 da farko ta HTTP don buƙatun Gidan yanar gizo.
Yadda za a magance harin DOS
Da zarar ka samo IP ɗin da sabar ke kaiwa hari zaka iya amfani da waɗannan umarnin don toshe haɗin su zuwa sabarka:
iptables -A shigar da 1 -s $ IPADRESS -j SHAFE / RASHI
Lura cewa dole ne ka maye gurbin $ IPADRESS tare da adiresoshin IP waɗanda aka samo tare da netstat.
Bayan ƙaddamar da umarnin da ke sama, KASHE duk haɗin haɗin httpd don tsabtace tsarin ku kuma sake kunna shi daga baya ta amfani da waɗannan umarnin:
killall -KILI httpd
sabis httpd fara # Domin tsarin Red Hat / sauransu / init / d / apache2 sake farawa # Ga tsarin Debian
Source: linuxaria
An tilasta Mozilla don ƙara DRM zuwa bidiyo a cikin Firefox
http://alt1040.com/2014/05/mozilla-drm-firefox
Na san ba shi da alaƙa da post ɗin. Amma zan so in san abin da kuke tunani game da wannan. Abu mai kyau shine za'a iya kashe shi.
Mutum, don muhawara ita ce dandalin tattaunawa.
Ku da kuke mutumin iproute2, gwada 'ss' ...
Na yarda da Elav, dandalin na wani abu ne ... Ba zan share bayanin ba amma, don Allah, dole ne ku yi amfani da wuraren da aka tanada don kowane abu.
Maimakon shafawa, egrep
netstat -anp | grep 'tcp | udp' | awk '{buga $ 5}' | yanke -d: -f1 | irin | uniq -c | raba -n
de
netstat -anp | egrep 'tcp | udp' | awk '{buga $ 5}' | yanke -d: -f1 | irin | uniq -c | raba -n
Wannan zai kasance don aikin da zan kafa inda akwai dama da yawa na zama abubuwan DDoS
Na gode sosai da bayanin, kwanan nan gasar ta yi nauyi a kan batun.