Waxaan ka helay maqaal aad u xiiso badan linuxria ku saabsan sida loo ogaado haddii Server-kayga la weerarayo DDoS (Diidmada Adeegga), Ama maxaa isku mid ah, Weerarkii Adeegyada Diidmada.
Weerarka noocan ahi waa wax iska caadi ah waxaana laga yaabaa inuu sabab u yahay in adeegeyaasheena ay xoogaa gaabis yihiin (in kasta oo ay sidoo kale noqon karto dhibaato Lakabka 8) weligoodna ma dhaawaceyso in laga digtoonaado. Si tan loo sameeyo, waxaad isticmaali kartaa qalabka netstat, taas oo noo oggolaaneysa inaan aragno isku xirnaanta shabakadda, miisaska dariiqa, tirakoobka isku xirnaanta iyo waxyaabo kale oo taxane ah.
Tusaalooyinka NetStat
netstat -na
Shaashadani waxay ku jiri doontaa dhammaan isku xirnaanta internetka ee firfircoon ee server-ka iyo kaliya xiriirinta la aasaasay.
netstat -an | dufan: 80 | kala sooc
Kaliya muuji iskuxirka internetka firfircoon serverka dekeda 80, oo ah dekedda http, kalana natiijooyinka. Faa'iido u leh in la ogaado hal daad (daad) sidaas darteed waxay u oggolaaneysaa aqoonsashada xiriiro badan oo ka socda cinwaanka IP-ga.
netstat -n -p | grep SYN_REC | wc -l
Amarkani waa mid waxtar leh in la ogaado inta firfircoon ee SYNC_RECs ee ka dhacaya serverka. Tirada waa inay ahaataa mid aad u hooseysa, iyadoo la doorbidayo inay ka yar tahay 5. Dhacdooyinka diidmada weerarada adeegga ama bambooyinka boostada, tiradu aad ayey u badnaan kartaa. Si kastaba ha noqotee, qiimuhu had iyo jeer waa nidaam ku tiirsan, sidaas darteed qiime sare wuxuu caadi ku noqon karaa server kale.
netstat -n -p | salaax SYN_REC | kala sooc -u
Samee liistada dhammaan cinwaanada IP ee kuwa ku lugta leh.
netstat -n -p | salaax SYN_REC | awk '{daabac $ 5}' | awk -F: '{daabac $ 1}'
Liis garee dhammaan cinwaanada IP-ga ee noodhka soo diraya xaaladda isku xidhka SYN_REC.
netstat -ntu | awk '{daabac $ 5}' | jar -d: -f1 | kala saar | uniq -c | kala sooc -n
Isticmaal amarka netstat si aad u xisaabiso una tiriso tirada isku xirnaanta cinwaan kasta oo IP ah oo aad ku sameyso serverka.
netstat -anp | grep 'tcp | udp' | awk '{daabac $ 5}' | jar -d: -f1 | kala saar | uniq -c | kala sooc -n
Tirada cinwaanada IP ee ku xira server-ka adoo adeegsanaya maamuuska TCP ama UDP.
netstat -ntu | grep ESTAB | awk '{daabac $ 5}' | jar -d: -f1 | kala saar | uniq -c | kala sooc -nr
Hubi iskuxirayaasha calaamadeeyay AAD DHISAY halkii aad ka xidhiidhi lahayd oo dhan, oo muuji iskuxirayaasha IP kasta.
netstat -plan | grep: 80 | awk {'print $ 5'} | cut -d: -f 1 | sort | uniq -c | sort -nk 1
Bandhigyada iyo liiska cinwaanada IP-ga iyo lambarkooda xiriir ee ku xirmaya dekedda 80 ee serverka. Port 80 waxaa u isticmaala HTTP codsiyada Webka.
Sida loo yareeyo weerarka DOS
Markaad hesho IP-ka uu adeeguhu weerarayo waxaad u adeegsan kartaa amarradan soo socda si aad u joojiso ku xirnaantooda server-kaaga:
iptables -GALIGII 1 -s $ IPADRESS -j QAADO / DIIDO
Ogsoonow inaad ku bedesho $ IPADRESS cinwaanada IP ee laga helay netstat.
Ka dib markaad toogato amarka kor ku xusan, DIL dhammaan xiriirada httpd si aad u nadiifiso nidaamkaaga oo aad dib ugu bilowdo mar dambe adoo adeegsanaya amarrada soo socda:
killall -DIL httpd
adeegga httpd bilaw # Nidaamyada loo yaqaan 'Red Hat systems / etc / init / d / apache2 dib u bilow # Nidaamyada Debian
source: linuxria
Mozilla waxaa lagu qasbay inay ku darto DRM fiidiyowyada Firefox
http://alt1040.com/2014/05/mozilla-drm-firefox
Waan ogahay inaysan wax xiriir ah la lahayn boostada. Laakiin waxaan jeclaan lahaa inaan ogaado waxa aad ka aaminsan tahay arrintan. Waxa ugu fiican ayaa ah inuu naafo noqon karo.
Ninyahow, waayo doodaha waa Madal.
Adigu nin iproute2 ah, iskuday 'ss' ...
Waan ku raacsanahay Elav, golahu waa wax ... Ma tirtirayo faallooyinka laakiin, fadlan, ka faa'iideyso meelaha loo diyaariyey shay kasta.
Halkii aad xoqin lahayd, egrep
netstat -anp | grep 'tcp | udp' | awk '{daabac $ 5}' | jar -d: -f1 | kala saar | uniq -c | kala sooc -n
by
netstat -anp | egrep 'tcp | udp' | awk '{daabac $ 5}' | jar -d: -f1 | kala saar | uniq -c | kala sooc -n
Tani waxay noqon doontaa mashruuc aan dejinayo halkaas oo ay ka jiraan fursado badan oo ah bartilmaameedyada DDoS
Aad baad ugu mahadsan tihiin macluumaadka, beryahan dambe tartanku waa ku culus yahay mowduuca.