Back: USB Gadgets, USB Gadgets, USB Gadgets!回: USB定位的小工具,小工具的USB ,的USB小工具!
Forward: Zink Camera and Printer together提出: zink相機和打印機一起
DIY Linux DoS HACK - HOWTO Limit your the max number of TCP connections to your Web Server! diy的Linux DOS的攻擊-如何限制您的最高數目的T CP連接到您的W eb服務器!
I have been reading the following book called,我一直在讀下列書籍所謂, Linux Server Hacks Linux服務器的竅門 , which shows you many ways you can hack your Linux server so your server doesn’t die. ,這表明你有很多方法可以入侵你的Linux服務器,使您的服務器沒有死。
This actually works since we just had a DoS attack about 5 minutes ago.這其實是工程以來,我們就剛經歷了DoS攻擊約5分鐘前。 (It seems like we are getting more and more DoS attacks these days. You can refer to the (好像我們正越來越DoS攻擊,這些天來,你可以指以 DDOS Deflate script also DDoS的腳本也deflate ) )
Here’s HACK #47 I read about last week in my bath room from the book and I just used it to prevent DoS attackers from bringing my precious Quad-CPU dedicated server down.這裡的哈克# 47我看到上週在我的浴室,從本書,我只是用它來防止DOS的攻擊,使我寶貴的四CPU的專用服務器。
Enter the following commands and you will limit number of TCP connections to your server to 12 connections per second after 24 connections have been seen.輸入以下命令,你會限制人數的TCP連接到您的服務器連接至12每秒24連接後,已經看到。 (It means that no matter what, your server will not try to serve more than 12 visitors during one second of period when your server gets digged, farked, stumbled, or whatever) (這意味著,無論怎樣,您的服務器將不會嘗試以服務12個以上的旅客在一秒的時期,當您的服務器得到挖, farked ,偶然,或什麼)
iptables -t nat -N syn-flood iptables的-噸的NAT氮的SYN洪水
iptables -t nat -A syn-flood -m limit —limit 12/s —limit-burst 24 -j RETURN iptables的-噸的NAT -一同步防洪米的極限限制12 / S的限制爆裂24 - j返回
iptables -t nat -A syn-flood -j DROP iptables的-噸的NAT -一同步防洪j下降
iptables -t nat -A PREROUTING -i $EXT_IFACE -d $DEST_IP -p tcp –syn -j syn-flood iptables的-噸的NAT -一的kernel我ext_iface元,三維元dest_ip磷的TCP的SYN - j的SYN洪水
I think you can increase the values steadily if your server can handle more.我認為你可以增加值穩步如果您的服務器可以處理更多。 But it seems to have brought our server load from 33.00 somethin’ to under 1.0.但它似乎已經把我們的服務器負載從33.00 somethin '下的1.0 。 Yey! yey !
If you are a hacker, sorry dude.如果你是一個黑客,對不起, dude 。 You are gonna have to try a little harder hacking Zedomax since we are hackers too.你是哪裡有嘗試有點困難黑客zedomax既然我們是黑客太。
PS You know what I try to do when I find out where the hackers are coming from, I do a DoS attack back on them.附註:您知道什麼我嘗試這樣做時,我覺得在哪裡,黑客是來自,我做了DOS攻擊的回對他們的影響。 This usually pisses them off enough to DoS me more but I kinda enjoy the battle so bring it on!這通常pisses將它們趕走,足以DOS的我更多,但我kinda享有的戰鬥,以便使其對! :p :對
(No Ratings Yet) (尚無評) 
Loading ...載入中... If you like this post then please subscribe to my如果你喜歡這個職位,然後請訂閱我的 full feed RSS充分飼料的RSS . 。 You can also subscribe by您也可以訂閱 Email電子郵件 . 。
Got a new hack, DIY, howto, or gadget?得到一個新的入侵, diy ,如何,或小工具? Tip us here提示我們在這裡 . 。
Search for a Hack:尋找一個哈克:
Bookmark It!書籤它!
| Digg it它digg | SiteHoppin sitehoppin | Wagg It wagg它 |
Related Posts相關文章
- Hacking and Network Security黑客和網絡安全
- DIY HACK - HOWTO Make Windows XP Look Like Fedora Linux! diy哈克-如何使W indowsX P的樣子的F edoraL inux的!
- DIY - Linux FTP how-to diy -的L inux的F TP如何到
- list of Linux HOWTOs名單上的Linux howtos
- DIY HACK HOWTO - Snoop Doggy USB diy哈克如何-史努比狗狗的U SB
TrackBack Trackback跟踪
Email this to a Friend通過電子郵件發送給朋友
Email This Post電子郵件這個職位
Wow!哇! What an attitude!什麼態度! I would love to shake hands with you.我會愛握手與您聯繫。 Fix the cockroaches.修復蟑螂。 Guys like me depend on fellows like you to do such things.球員像我一樣依賴於研究員一樣,你做這些事情。 All the best.所有最好的。 I hope that you wipe them out completely!我希望你消滅他們完全!
yes, i can’t wipe them out completely but i can limit their strategies to bring sites down… :p是的,我不能消滅他們,但我完全可以限制其戰略,以使網站下來… :對
Hi, any idea why Im getting this error message when I try your approach:您好,任何知道為什麼即時通訊得到此錯誤訊息當我嘗試你的方法:
srv098:~$ iptables -t nat -A syn-flood -m limit -limit 12/s -limit-burst 24 -j RETURN srv098 : 〜 $ iptables的-噸的NAT -一同步防洪米的極限限制12 / S的限制爆裂24 - j返回
iptables v1.3.6: Unknown arg `limit’ iptables的v1.3.6 :不明阿根廷`限制'
Try `iptables -h’ or ‘iptables –help’ for more information.嘗試` iptables的- H的'或' iptables的幫助'以獲取更多信息。
THANKS in advance !!!感謝在前進!
Try this instead, my blog post looks like it won’t let you copy two dashes:嘗試此相反,我的博客後看起來像它不會讓你的副本兩個破折號:
iptables -t nat -A syn-flood -m limit –limit 12/s –limit-burst 24 -j RETURN iptables的-噸的NAT -一同步防洪米的極限限制12 / S的限制爆裂24 - j返回
and you can see the instructions better on our wiki:你可以看到的指示,更好地對我們的wiki :
http://zedomax.com/wiki/index.php/Linux/Unix_HOWTOs#HOWTO_Limit_number_of_connections_to_your_server_to_fight_Denial_of_Service_attacks http://zedomax.com/wiki/index.php/linux/unix_howtos # howto_limit_number_of_connections_to_your_server_to_fight_denial_of_service_attacks
THANKS for the fast reply.感謝快速的答复。 However, now I got:不過,現在我得到:
srv098:~$ iptables -t nat -A syn-flood -m limit –limit 12/s –limit-burst 24 -j RETURN srv098 : 〜 $ iptables的-噸的NAT -一同步防洪米的極限限制12 / S的限制爆裂24 - j返回
iptables: Invalid argument iptables的:無效的引
Hey there,嘿,
Try entering the first line first:嘗試進入第一線,第一:
iptables -t nat -N syn-flood iptables的-噸的NAT氮的SYN洪水
You have enter all the lines one at a time and it will work~你有進入的所有線路之一,在時間和會的工作〜
Let me know if you need more help.讓我知道,如果您需要更多的幫助。
I did the first one before the problematic one ofcourse.我第一個問題之前,一ofcourse 。 However, not Im getting:然而,並非即時通訊越來越:
srv098:~$ iptables -t nat -N syn-flood srv098 : 〜 $ iptables的-噸的NAT氮的SYN洪水
iptables: Chain already exists iptables的:鏈條已經存在
No matter what I do Im either getting:無論什麼,我即時通訊要么獲得:
iptables: Invalid argument iptables的:無效的引
or或
iptables: Chain already exists iptables的:鏈條已經存在
:((( : ( ( (
Oh you know what, I think it’s already worki