Ndakawana chinyorwa chinonakidza kwazvo mu linuxaria maitiro ekuona kana Server yedu iri kurwiswa DDoS (Yakagoverwa Kuramba Kwebasa), Kana chii chakafanana, Kuramba kweMasevhisi kurwisa.
Rudzi urwu rwekurwisa rwakajairika uye runogona kunge chiri chikonzero nei maseva edu achinonoka (kunyangwe ichigonawo kunge iri Dambudziko 8) uye hazvimbokuvadza kunyeverwa. Kuti uite izvi, unogona kushandisa chishandiso netstat, iyo inotibvumidza isu kuti tione kubatana kwenetiweki, matafura emigwagwa, interface manhamba uye zvimwe zvakateedzana zvezvinhu.
NetStat Mienzaniso
netstat -na
Ichi chinovhara chinosanganisira zvese zvinoshanda zveInternet zvinongedzo pane server uye chete zvakasimbiswa kubatana.
netstat -an | grep: 80 | ronga
Ratidza chete zvinoshanda zveInternet zvinongedzo kuseva pachiteshi 80, inova iyo http port, uye gadzirisa zvabuda Inobatsira kuona mafashama (mafashamo) saka inobvumira kuziva kwakawanda kubatana kubva kukero ye IP.
netstat -n -p | grep SYN_REC | wc -l
Uyu murairo unobatsira kuziva kuti mangani anoshanda SYNC_RECs ari kuitika pane server. Iyo nhamba inofanirwa kuve yakadzikira kwazvo, ndoda kushoma pane mashanu Mune zviitiko zvekurambwa kwekurwiswa kwebasa kana kutumira mabhomba, huwandu hunogona kuve hwakareba. Nekudaro, kukosha kwacho kunogara kuchitsamira pahurongwa, saka kukosha kwakakwira kunogona kuve kwakajairika pane imwe server.
netstat -n -p | grep SYN_REC | ronga -u
Gadzira runyorwa rweese IP kero yeavo vanobatanidzwa.
netstat -n -p | grep SYN_REC | awk '{anodhinda $ 5}' | awk -F: '{dhinda $ 1}'
Nyora ese akasarudzika IP kero yenode iri kutumira iyo SYN_REC yekubatanidza mamiriro.
netstat -ntu | awk '{anodhinda $ 5}' | cheka -d: -f1 | ronga | uniq -c | ronga -n
Shandisa iyo netstat kuraira kuverenga uye kuverenga iyo nhamba yekubatanidza kubva kune yega IP kero iwe yaunogadzira kuseva.
netstat -anp | grep 'tcp | udp' | awk '{anodhinda $ 5}' | cheka -d: -f1 | ronga | uniq -c | ronga -n
Nhamba ye IP kero dzinosangana kune sevha dzichishandisa iyo TCP kana UDP protocol.
netstat -ntu | grep ESTAB | awk '{anodhinda $ 5}' | cheka -d: -f1 | ronga | uniq -c | ronga -nr
Tarisa uone kubatana kwakamisikidzwa ESTABLISHED panzvimbo yeese kubatana, uye kuratidza kubatana kune yega IP.
netstat -plan | grep: 80 | awk {'purinda $ 5'} | cheka -d: -f 1 | ronga | uniq -c | ronga -nk 1
Ratidza uye runyorwa rwe IP kero uye yavo nhamba yekubatana iyo inosangana kune port 80 pane server. Port 80 inoshandiswa kunyanya neHTTP yezvikumbiro zveWebhu.
Maitiro ekudzora kurwisa kweDOS
Paunenge iwe wawana iyo IP iyo sevha iri kurwisa iwe unogona kushandisa inotevera mirairo kuvharidzira kubatana kwavo kuseva yako:
iptables -A INPUT 1 -s $ IPADRESS -j DROP / REJECT
Ziva kuti iwe unofanirwa kutsiva $ IPADRESS ne IP kero dzakawanikwa ne netstat.
Mushure mekupfura rairo iri pamusoro, KURE ese httpd kubatana kuti uchenese system yako woitangazve gare gare uchishandisa inotevera mirairo:
kuuraya -KURA httpd
service httpd kutanga # YeRed Hat masisitimu / etc / init / d / apache2 restart # YeDebian masystem
mabviro: linuxaria
Mozilla inomanikidzwa kuwedzera DRM kumavhidhiyo muFirefox
http://alt1040.com/2014/05/mozilla-drm-firefox
Ndoziva hazvinei nechekuita. Asi ndingade kuziva zvaunofunga pamusoro peizvi. Chinhu chakanaka ndechekuti inogona kuremara.
Murume, kumakakatanwa ari forum.
Iwe uri murume weproute2, edza 'ss' ...
Ini ndinobvumirana naElav, foramu ndeyechimwe chinhu ... ini handizodzime chirevo asi, ndapota, shandisa nzvimbo dzakapihwa chinhu chimwe nechimwe.
Panzvimbo pegrep, egrep
netstat -anp | grep 'tcp | udp' | awk '{anodhinda $ 5}' | cheka -d: -f1 | ronga | uniq -c | ronga -n
kubudikidza
netstat -anp | egrep 'tcp | udp' | awk '{anodhinda $ 5}' | cheka -d: -f1 | ronga | uniq -c | ronga -n
Izvi zvichave zvechirongwa chandinozo gadza uko kune mikana yakawanda yekuve zvinangwa zveDDoS
Ndatenda zvikuru neruzivo, nguva pfupi yadarika makwikwi acho anorema pachinhu ichi.