×ðÁú¿­Ê±

ÔõÑùÓ¦¶ÔLinuxЧÀÍÆ÷µÄ¾Ü¾øЧÀ͹¥»÷

ÔõÑùÓ¦¶ÔLinuxЧÀÍÆ÷µÄ¾Ü¾øЧÀ͹¥»÷

¾Ü¾øЧÀ͹¥»÷£¨Denial of Service, DoS£©ÊÇÒ»ÖÖͨ¹ýÏòÄ¿µÄЧÀÍÆ÷·¢ËÍ´ó×ÚÇëÇó»òʹÓÃÎó²îµÈÊֶΠ£¬ÒÔʹЧÀÍÆ÷ÎÞ·¨Õý³£ÌṩЧÀ͵Ĺ¥»÷ÒªÁì¡£LinuxЧÀÍÆ÷×÷ΪÍøÂçÇéÐÎÖÐ×î³£ÓõÄЧÀÍÆ÷ϵͳ֮һ £¬Ò²ÊǺڿÍÃǾ­³£¹¥»÷µÄÄ¿µÄÖ®Ò»¡£±¾ÎĽ«ÏÈÈÝÔõÑùÓ¦¶ÔLinuxЧÀÍÆ÷µÄ¾Ü¾øЧÀ͹¥»÷ £¬²¢ÌṩһЩ´úÂëʾÀý¡£

Ò»¡¢ÉèÖÃÍøÂç·À»ðǽ

LinuxЧÀÍÆ÷µÄµÚÒ»µÀ·ÀµØÊÇÍøÂç·À»ðǽ £¬¿ÉÒÔʹÓÃiptablesµÈ¹¤¾ß¾ÙÐÐÉèÖá£Í¨¹ýÉèÖÃÍøÂç·À»ðǽ £¬¿ÉÒÔÏÞÖÆijЩIPµØµã»òIPµØµã¶ÎµÄ»á¼û £¬»òÕßÏÞÖÆijЩÌض¨µÄÍøÂçЭÒéµÄ»á¼û¡£ÒÔÏÂʾÀý´úÂëչʾÁËÔõÑùÉèÖÃiptablesÀ´ÏÞÖÆij¸öIPµØµã¶ÎµÄ»á¼û£º

# ÔÊÐíËùÓÐÁ÷Á¿Í¨¹ý
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

# Çå¿Õ¹æÔòÁ´
iptables -F
iptables -X

# ÔÊÐíÍâµØ»Ø»·
iptables -A INPUT -i lo -j ACCEPT

# ÔÊÐíÒѽ¨ÉèµÄÅþÁ¬Í¨¹ý
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

# ÔÊÐíij¸öIPµØµã¶ÎµÄ»á¼û
iptables -A INPUT -s 192.168.0.0/24 -j ACCEPT

# ¾Ü¾øËùÓÐÆäËûµÄÁ÷Á¿
iptables -P INPUT DROP

µÇ¼ºó¸´ÖÆ

ÔÚÉèÖÃÍøÂç·À»ðǽʱ £¬ÐèҪ˼Á¿Ð§ÀÍÆ÷ËùÐèµÄÕý³£Á÷Á¿ £¬²¢Æ¾Ö¤ÏÖÕæÏàÐξÙÐÐÏìÓ¦µÄÉèÖá£

¶þ¡¢ÉèÖÃÈí¼þ·À»ðǽ

³ýÁËÍøÂç·À»ðǽ £¬»¹¿ÉÒÔʹÓÃÈí¼þ·À»ðǽÀ´ÔöÌíЧÀÍÆ÷µÄÇå¾²ÐÔ¡£³£¼ûµÄÈí¼þ·À»ðǽÓÐFail2BanºÍModSecurityµÈ¡£Fail2Ban¿ÉÒÔƾ֤ÉèÖõĹæÔò £¬ÔÚһ׼ʱ¼äÄÚÔÝʱµØեȡÀ´×Ôij¸öIPµØµãµÄ»á¼û £¬´Ó¶ø±ÜÃⱩÁ¦Æƽâ»ò¶ñÒâ¹¥»÷¡£ModSecurityÔòÊÇÒ»¸öWebÓ¦ÓóÌÐò·À»ðǽ £¬¿ÉÒÔͨ¹ý½ç˵¹æÔòÀ´×èֹDZÔڵĹ¥»÷ÐÐΪ¡£ÒÔÏÂÊÇFail2BanµÄʾÀýÉèÖãº

[DEFAULT]
bantime = 3600
findtime = 600
maxretry = 5

[sshd]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log

µÇ¼ºó¸´ÖÆ

ÔÚÒÔÉÏʾÀýÉèÖÃÖÐ £¬Fail2Ban»á¼à¿ØsshdЧÀ͵ÄÈÕÖ¾Îļþ £¬²¢ÔÚ10·ÖÖÓÄÚ±¬·¢5´ÎÒÔÉϵĵǼʧ°Üºó £¬ÔÝʱµØեȡÀ´×Ô¸ÃIPµØµãµÄ»á¼û¡£

Èý¡¢ÉèÖÃDoS·À»¤ÏµÍ³

ΪÁËÓ¦¶Ô¾Ü¾øЧÀ͹¥»÷ £¬¿ÉÒÔÉèÖÃרÃŵÄDoS·À»¤ÏµÍ³À´¼à¿ØЧÀÍÆ÷µÄÁ÷Á¿ £¬²¢¹ýÂ˵ôÒì³£µÄ»ò¶ñÒâµÄÇëÇó¡£³£¼ûµÄDoS·À»¤ÏµÍ³ÓÐModEvasiveºÍDOSarrestµÈ¡£ÒÔÏÂÊÇModEvasiveµÄʾÀýÉèÖãº

<IfModule mod_evasive24.c>
    DOSHashTableSize    3097
    DOSPageCount        5
    DOSSiteCount        100
    DOSPageInterval     2
    DOSSiteInterval     1
    DOSBlockingPeriod   10
    DOSLogDir           "/var/log/httpd/modevasive"

    <IfModule mod_ssl.c>
        DOSBlockingList     "/var/log/httpd/mod_evasive/blocked_ips_ssl.db"
    </IfModule>
    <IfModule !mod_ssl.c>
        DOSBlockingList     "/var/log/httpd/mod_evasive/blocked_ips_nonssl.db"
    </IfModule>
</IfModule>

µÇ¼ºó¸´ÖÆ

ÔÚÒÔÉÏʾÀýÉèÖÃÖÐ £¬ModEvasive»áÔÚ2ÃëÄÚ±¬·¢5´ÎÒÔÉϵĻá¼ûÇëÇó»ò1ÃëÄÚ´ÓͳһIPµØµã±¬·¢100´ÎÒÔÉϵĻá¼ûÇëÇóµÈÇéÐÎÏ £¬×Ô¶¯ÆÁÕϸÃIPµØµãµÄ»á¼û £¬Ò»Á¬10ÃëÖÓ¡£

×ܽá

¹ØÓÚLinuxЧÀÍÆ÷µÄ¾Ü¾øЧÀ͹¥»÷·À»¤ £¬ÐèÒª×ÛºÏʹÓÃÍøÂç·À»ðǽ¡¢Èí¼þ·À»ðǽºÍDoS·À»¤ÏµÍ³µÈ¶àÖÖÊֶΡ£ºÏÀíÉèÖúÍʹÓÃÕâЩ·À»¤»úÖÆ £¬Äܹ»ÓÐÓõر£»¤Ð§ÀÍÆ÷ÃâÊܾܾøЧÀ͹¥»÷µÄË𺦡£

ÒÔÉÏÊÇÔõÑùÓ¦¶ÔLinuxЧÀÍÆ÷µÄ¾Ü¾øЧÀ͹¥»÷µÄÏÈÈÝ £¬²¢ÌṩÁËһЩÉèÖÃʾÀý¡£Ï£ÍûÄܹ»¶ÔÄúµÄЧÀÍÆ÷Çå¾²ÓÐËù×ÊÖú¡£

ÒÔÉϾÍÊÇÔõÑùÓ¦¶ÔLinuxЧÀÍÆ÷µÄ¾Ü¾øЧÀ͹¥»÷µÄÏêϸÄÚÈÝ £¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡

ÃâÔð˵Ã÷£ºÒÔÉÏչʾÄÚÈÝȪԴÓÚÏàÖúýÌå¡¢ÆóÒµ»ú¹¹¡¢ÍøÓÑÌṩ»òÍøÂçÍøÂçÕûÀí £¬°æȨÕùÒéÓë±¾Õ¾ÎÞ¹Ø £¬ÎÄÕÂÉæ¼°¿´·¨Óë¿´·¨²»´ú±í×ðÁú¿­Ê±ÂËÓÍ»úÍø¹Ù·½Ì¬¶È £¬Çë¶ÁÕß½ö×ö²Î¿¼¡£±¾ÎĽӴýתÔØ £¬×ªÔØÇë˵Ã÷À´ÓÉ¡£ÈôÄúÒÔΪ±¾ÎÄÇÖÕ¼ÁËÄúµÄ°æȨÐÅÏ¢ £¬»òÄú·¢Ã÷¸ÃÄÚÈÝÓÐÈκÎÉæ¼°ÓÐÎ¥¹«µÂ¡¢Ã°·¸Ö´·¨µÈÎ¥·¨ÐÅÏ¢ £¬ÇëÄúÁ¬Ã¦ÁªÏµ×ðÁú¿­Ê±ÊµÊ±ÐÞÕý»òɾ³ý¡£

Ïà¹ØÐÂÎÅ

ÁªÏµ×ðÁú¿­Ê±

13452372176

¿É΢ÐÅÔÚÏß×Éѯ

ÊÂÇéʱ¼ä£ºÖÜÒ»ÖÁÖÜÎå £¬9:30-18:30 £¬½ÚãåÈÕÐÝÏ¢

QR code
¡¾ÍøÕ¾µØͼ¡¿¡¾sitemap¡¿