Neurochirurgie minim invazivă
"Primum non nocere" este ideea ce a deschis drumul medicinei spre minim invaziv. Avansul tehnologic extraordinar din ultimele decenii a permis dezvoltarea tuturor domeniilor medicinei. Microscopul operator, neuronavigația, tehnicile anestezice avansate permit intervenții chirurgicale tot mai precise, tot mai sigure. Neurochirurgia minim invazivă, sau prin "gaura cheii", oferă pacienților posibilitatea de a se opera cu riscuri minime, fie ele neurologice, infecțioase, medicale sau estetice. www.neurohope.ro |
Securizare server CentOS 6.4 (64bit) - DoS Attack
Last Updated: Nov 15 2013 01:24, Started by
dan74mm
, Oct 29 2013 17:06
·
0
#1
Posted 29 October 2013 - 17:06
Am un server cu CentOS 6.4 / 64bit si de cateva ore bune (cred ca) sunt tinta unui atac DoS.
Va dau cateva randuri din LOG-uri: 29-Oct-2013 18:46:01.464 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:01.796 client 98.177.228.39#37734: query (cache) 'pkts.asia/ANY/IN' denied 29-Oct-2013 18:46:01.804 client 190.210.176.4#4532: query (cache) 'pkts.asia/ANY/IN' denied 29-Oct-2013 18:46:01.937 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:02.003 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:02.159 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:02.242 client 98.177.228.39#13514: query (cache) 'pkts.asia/ANY/IN' denied 29-Oct-2013 18:46:02.617 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:02.687 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:02.853 client 185.4.149.15#11373: query (cache) 'pkts.asia/ANY/IN' denied 29-Oct-2013 18:46:02.896 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:03.316 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:04.026 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:04.098 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:04.763 client 2.88.107.51#15934: query (cache) 'pkts.asia/ANY/IN' denied 29-Oct-2013 18:46:04.812 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:05.022 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:05.264 client 190.210.176.254#6516: query (cache) 'pkts.asia/ANY/IN' denied 29-Oct-2013 18:46:05.469 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:05.537 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:05.690 client 190.210.176.253#55662: query (cache) 'pkts.asia/ANY/IN' denied 29-Oct-2013 18:46:05.690 client 190.210.176.253#30200: query (cache) 'pkts.asia/ANY/IN' denied 29-Oct-2013 18:46:05.693 client 2.88.107.51#39585: query (cache) 'pkts.asia/ANY/IN' denied 29-Oct-2013 18:46:05.697 client 190.210.176.4#23011: query (cache) 'pkts.asia/ANY/IN' denied 29-Oct-2013 18:46:05.729 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:06.005 client 2.88.107.51#7206: query (cache) 'pkts.asia/ANY/IN' denied 29-Oct-2013 18:46:06.010 client 2.88.107.51#25117: query (cache) 'pkts.asia/ANY/IN' denied 29-Oct-2013 18:46:06.161 client 91.121.220.207#50650: query (cache) 'a.packetdevil.com/A/IN' denied 29-Oct-2013 18:46:06.161 client 91.121.220.207#43183: query (cache) 'a.packetdevil.com/A/IN' denied 29-Oct-2013 18:46:06.168 client 91.121.220.207#50534: query (cache) 'a.packetdevil.com/A/IN' denied 29-Oct-2013 18:46:06.182 client 91.121.220.207#10125: query (cache) 'a.packetdevil.com/A/IN' denied 29-Oct-2013 18:46:06.192 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:06.264 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:06.390 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:06.544 client 91.121.220.207#32801: query (cache) 'a.packetdevil.com/A/IN' denied 29-Oct-2013 18:46:06.666 client 91.121.220.207#6145: query (cache) 'a.packetdevil.com/A/IN' denied 29-Oct-2013 18:46:06.691 client 91.121.220.207#46949: query (cache) 'a.packetdevil.com/A/IN' denied 29-Oct-2013 18:46:06.925 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:06.997 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:07.062 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:07.680 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:07.753 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:08.003 client 2.88.107.51#12735: query (cache) 'pkts.asia/ANY/IN' denied 29-Oct-2013 18:46:08.399 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied 29-Oct-2013 18:46:08.440 client 190.210.176.253#52158: query (cache) 'pkts.asia/ANY/IN' denied 29-Oct-2013 18:46:08.444 client 190.210.176.253#32149: query (cache) 'pkts.asia/ANY/IN' denied 29-Oct-2013 18:46:09.143 client 192.99.5.169#25345: query (cache) 'isc.org/ANY/IN' denied ... si logurile acestea sunt interminabile ... Ei bine, log-urile astea "curg" cu o repeziciune de nedescris !!! Load-ul a urcat la vreo 31~40, cand din conditii normale de utilizare statea undeva la vreo 0.50 ... Am pus un firewall IPTABLES combinat cu Fail2Ban ... Fail2Ban a inceput sa dea ban-uri in nestire, cred ca da cate un ban la fiecare 3~5 secunde ... dar, atacurile continua si load-ul pe server ramane. in IPTABLES au inceput sa apara IP-urile: Chain fail2ban-Named (1 references) num target prot opt source destination 1 REJECT all -- 86.127.118.226 0.0.0.0/0 reject-with icmp-port-unreachable 2 REJECT all -- 192.99.5.169 0.0.0.0/0 reject-with icmp-port-unreachable 3 REJECT all -- 190.210.176.3 0.0.0.0/0 reject-with icmp-port-unreachable 4 REJECT all -- 94.14.219.166 0.0.0.0/0 reject-with icmp-port-unreachable 5 REJECT all -- 109.219.158.175 0.0.0.0/0 reject-with icmp-port-unreachable 6 REJECT all -- 81.110.18.179 0.0.0.0/0 reject-with icmp-port-unreachable 7 REJECT all -- 82.77.157.6 0.0.0.0/0 reject-with icmp-port-unreachable 8 REJECT all -- 62.50.35.247 0.0.0.0/0 reject-with icmp-port-unreachable 9 REJECT all -- 37.59.56.164 0.0.0.0/0 reject-with icmp-port-unreachable 10 REJECT all -- 2.88.107.51 0.0.0.0/0 reject-with icmp-port-unreachable 11 REJECT all -- 82.77.157.2 0.0.0.0/0 reject-with icmp-port-unreachable 12 REJECT all -- 64.94.238.15 0.0.0.0/0 reject-with icmp-port-unreachable 13 REJECT all -- 178.63.95.7 0.0.0.0/0 reject-with icmp-port-unreachable 14 REJECT all -- 190.210.177.254 0.0.0.0/0 reject-with icmp-port-unreachable 15 REJECT all -- 193.231.100.22 0.0.0.0/0 reject-with icmp-port-unreachable 16 REJECT all -- 190.210.177.253 0.0.0.0/0 reject-with icmp-port-unreachable 17 REJECT all -- 82.76.252.18 0.0.0.0/0 reject-with icmp-port-unreachable 18 REJECT all -- 83.21.79.252 0.0.0.0/0 reject-with icmp-port-unreachable 19 REJECT all -- 109.99.188.88 0.0.0.0/0 reject-with icmp-port-unreachable 20 REJECT all -- 74.125.189.23 0.0.0.0/0 reject-with icmp-port-unreachable 21 REJECT all -- 190.210.177.252 0.0.0.0/0 reject-with icmp-port-unreachable 22 REJECT all -- 193.231.100.37 0.0.0.0/0 reject-with icmp-port-unreachable 23 REJECT all -- 81.196.14.134 0.0.0.0/0 reject-with icmp-port-unreachable 24 REJECT all -- 190.210.177.234 0.0.0.0/0 reject-with icmp-port-unreachable 25 RETURN all -- 0.0.0.0/0 0.0.0.0/0 Deci, presupun ca Fail2Ban isi face treaba ... totusi, de ce nu blocheaza atacul ? Am facut si un filmulet DEMO, sa va dati seama. Daca observati in coltul din dreapta-jos, apar mailurile primite unul dupa celalalt, care ma anunta ca Fail2Ban "a mai banat un IP". Baneaza asta in nestire, si tot degeaba [ https://www.youtube-nocookie.com/embed/8DjLnx5CJbI?feature=oembed - Pentru incarcare in pagina (embed) Click aici ] Astept sugestiile celor mai "avansati" in domeniu ... Edited by dan74mm, 29 October 2013 - 17:08. |
#2
Posted 29 October 2013 - 17:40
Fii atent ca au mai fost atacati si altii in mod similar. Uite aici cum au rezolvat
http://foxpa.ws/tag/...ial-of-service/ Vezi ca domeniile difera putin. |
#3
Posted 29 October 2013 - 18:11
@ Bodanel: - Ok, si regulile astea le pun in firewallul de pe router ? Sau in firewallul de pe serverul care este atacat ?
#!/bin/bash iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|1b323031336e69616e636875616e7169736966756661627577616e67076164736634327703636f6d|' -j DROP # -m comment "DROP DNS Q 2013nianchuanqisifufabuwang.adsf42w.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|03697363036f72670000ff00|' -j DROP # -m comment "DROP DNS Q ANY isc.org" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|077375636b64646702636300|' -j DROP # -m comment "DROP DNS Q suckddq.cc" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|076e61706966756e03636f6d|' -j DROP # -m comment "DROP DNS Q napifun.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0768616b34756d7a036e6574|' -j DROP # -m comment "DROP DNS Q hak4umz.net" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|06616e6f6e736303636f6d00|' -j DROP # -m comment "DROP DNS Q anonsc.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0331783102637a0000ff0001|' -j DROP # -m comment "DROP DNS Q ANY 1x1.cz" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|056266686d6d03636f6d000010000100|' -j DROP # -m comment "DROP DNS Q TXT bfhmm.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|03697363036f72670000ff00|' -j DROP # -m comment "DROP DNS Q ANY isc.org dns.id" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|076564656c696f6e02737500|' -j DROP # -m comment "DROP DNS Q edelion.su" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0432736f65027275|' -j DROP # -m comment "DROP DNS Q 2soe.ru" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0472697065036e657400|' -j DROP # -m comment "DROP DNS Q ripe.net" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0968697a62756c6c6168026d6500|' -j DROP # -m comment "DROP DNS Q hizbullah.me" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|11657667656e69792d6d61726368656e6b6f02636300|' -j DROP # -m comment "DROP DNS Q evgeniy-marchenko.cc" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|057372766974036f726700|' -j DROP # -m comment "DROP DNS Q srvit.org" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0B7061636b6574646576696c03636f6d00|' -j DROP # -m comment "DROP DNS Q packetdevil.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|046a756e6b087468657977616e7402696e00|' -j DROP # -m comment "DROP DNS Q junk.theywant.in" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0374787408707773657276657203636f6d02756100|' -j DROP # -m comment "DROP DNS Q txt.pwserver.com.ua" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0469657466036f726700|' -j DROP # -m comment "DROP DNS Q ietf.org" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0371686102636300|' -j DROP # -m comment "DROP DNS Q qha.cc" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|066c61326c6f7702636300|' -j DROP # -m comment "DROP DNS Q la2low.cc" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|057a7a67737403636f6d00|' -j DROP # -m comment "DROP DNS Q zzgst.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|01610B7061636b6574646576696c03636f6d00|' -j DROP # -m comment "DROP DNS Q a.packetdevil.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0778706c6f64696e03636f6d00|' -j DROP # -m comment "DROP DNS Q xplodin.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0261610661736433736303636f6d00|' -j DROP # -m comment "DROP DNS Q aa.asd3sc.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0962697473747265737303636f6d00|' -j DROP # -m comment "DROP DNS Q bitstress.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|026161066d6d7461633103636f6d00|' -j DROP # -m comment "DROP DNS Q aa.mmtac1.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0C6b696464793332333336353502727500|' -j DROP # -m comment "DROP DNS Q kiddy3233655.ru" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|05643639393103636f6d00|' -j DROP # -m comment "DROP DNS Q d6991.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0661613332343703636f6d00|' -j DROP # -m comment "DROP DNS Q aa3247.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|08666b666b666b666103636f6d00|' -j DROP # -m comment "DROP DNS Q fkfkfkfa.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0A677261707079626c6f6703636f6d00|' -j DROP # -m comment "DROP DNS Q grappyblog.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|05636d69756903636f6d00|' -j DROP # -m comment "DROP DNS Q cmiui.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|05346677686b03636f6d00|' -j DROP # -m comment "DROP DNS Q 4fwhk.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0673616e64696103676f7600|' -j DROP # -m comment "DROP DNS Q sandia.gov" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0A7a61696b617061696b6103636f6d00|' -j DROP # -m comment "DROP DNS Q zaikapaika.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|08766572697369676e03636f6d00|' -j DROP # -m comment "DROP DNS Q verisign.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0473656d6102637a00|' -j DROP # -m comment "DROP DNS Q sema.cz" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|04706b7473046173696100|' -j DROP # -m comment "DROP DNS Q pkts.asia" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0A69726c77696e6e696e6703636f6d00|' -j DROP # -m comment "DROP DNS Q irlwinning.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|053337397a6303636f6d00|' -j DROP # -m comment "DROP DNS Q 379zc.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|05333630383804696e666f00|' -j DROP # -m comment "DROP DNS Q 36088.info" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|067478743430390874656b6a65746f6e03636f6d00|' -j DROP # -m comment "DROP DNS Q txt409.tekjeton.com" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0D73757065726d65676174727565056d6364697202727500|' -j DROP # -m comment "DROP DNS Q supermegatrue.mcdir.ru" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|05333032353904696e666f00|' -j DROP # -m comment "DROP DNS Q 30259.info" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|0762616279776f7702636f02756b00|' -j DROP # -m comment "DROP DNS Q babywow.co.uk" iptables --insert FORWARD -p udp --dport 53 -m string --algo bm --hex-string '|05333633373204696e666f00|' -j DROP # -m comment "DROP DNS Q 36372.info" |
#4
Posted 29 October 2013 - 18:20
Fail2ban este folosit de obicei impreuna cu ssh, daca la X incercari de conectare nereusite prin ssh la masina fail2ban adauga IPul sursa la lista de IPuri "banate" de iptables. In cazul tau nu prea te ajuta fail2ban. Incearca sa limitezi numarul de pachete pe secunda primite, nu garantez ca te ajuta sau cat te ajuta insa poti incerca.
|
#5
Posted 30 October 2013 - 10:37
Regulile le pui pe router. Ca si regula: cand te ataca cineva ideea este sa-l blochezi cat mai departe de tine. Adica pe router. Sau daca ai pile la isp poti vorbi cu ei .
|
#6
Posted 30 October 2013 - 10:43
Pe acelasi server (cel atacat), am avut inainte cu cateva zile, un CentOS 5.x ...
Cu CentOS 5.x pe serverul atacat, aveam urmatoarea problema: pe router (router care e pe un CentOS 5), aveam acest mesaj: "ip_conntrack: table full, dropping packet" si mergea ca porcu' toata reteaua ... Acum, cu CentOS 6.4 pe serverul atacat, nu mai primesc aceste mesaje de eroare in LOG-uri, reteaua merge ok, insa serverul atacat este de nefolosit ... Sa raman pe serverul atacat cu CentOS 6.4, ori sa trec inapoi la CentOS 5.x ? Edited by dan74mm, 30 October 2013 - 10:44. |
#7
Posted 05 November 2013 - 18:48
Ramai cu ultima versiune si limiteaza nr de conexiuni. Daca atacul persista, va trebui sa vb mai sus pt a bloca atacul.
|
#8
Posted 05 November 2013 - 19:53
Well, daca pe CentOS 5.x aveam problema cu ip_conntrack-ul (dar, macar cu CentOS 5.x serverul a ramas in picioare, mergea), ei bine ... CentOS-ul 6.4 mi l-au zapacit de tot! Pe CentOS 6.x, altminteri "proaspat" instalat de la 0, pe langa problemele pe care le avusesem pe CentOS 5, mai aveam si vreo 20~30 de procese ZIP care arhivau intr-o veselie. Led-ul rosu de la hard-disk pur si simplu nu se mai stingea, era aprins continuu iar serverul arhiva de zor ... Ce ? Nu stiu, habar n-am ... si nici n-am mai stat sa-mi bat capul cu el. Loadul pe server ajunsese la vreo 40~50, etc ... o adevarat istorie.
Am radiat tot hard diskul (din nou) si am pus iarasi un CentOS 5. Am refacut toate setarile (inclusiv firewallul cu IPTABLES), dupa care am pus pe router regulile acestea: http://forum.softped.../#entry14030176 Restart la toate masinile si ... ochii beliti prin SSH-uri sa vad ce se intampla. A inceput sa "sughite" routerul de cateva ori, dar dupa vreo doua ore ... a revenit inapoi la "load 00" si acum ... merge ca uns ... atat routerul cat si serverul atacat. Ce-i drept, routerul e destul de "robust" - un Xeon Quad Core la vreo 3 GHz si cu 4 GB RAM. Ce am facut in plus: pe serverul atacat aveam "dns recursion = on", l-am pus pe "off". Cam asta e singura chestie "in plus", facuta pe serverul atacat si impreuna cu regulile mai sus amintite, puse pe router, am scapat in sfarsit .... Multumesc mult celor care mi-au raspuns si in special lui Bodanel care mi-a dat solutia. Sper sa nu aveti probleme de acest gen, anyway daca sa intampla si la voi, v-am spus cum am reusit sa rezolv eu ... Merci inca o data ! I'm happy, in sfarsit! Edited by dan74mm, 05 November 2013 - 20:03. |
#9
Posted 14 November 2013 - 02:34
A studiat cineva metoda asta Anti-DOS ? http://deflate.medialayer.com/
|
#10
Posted 14 November 2013 - 07:52
Ma voi juca un pic cu el diseara cand voi intra in tura. Am luat jucaria (scriptul) si voi testa diseara. Sper sa am ceva rezultate atunci.
|
|
#11
Posted 14 November 2013 - 09:15
Astept sa vad ce parere ai ... Daca zici ca e bun si e "safe", il pun si eu ...
|
#12
Posted 14 November 2013 - 23:14
Am incercat ceva ceva sa fac insa nu a iesit nimic deci cu am ce sa comentez pe seama scriptului de mai sus. Nu garantez ca functioneaza dar nici ca nu functioneaza.
|
#13
Posted 14 November 2013 - 23:18
Ai studiat putin scriptul ? http://www.inetbase....ts/ddos/ddos.sh
Banuiesc ca ai ceva VPS de test ... ?! Edited by dan74mm, 14 November 2013 - 23:19. |
#14
Posted 15 November 2013 - 01:24
Pe script inca nu m-am uitat sa vad ce face. Banuiesc ca odata rulat cronjob-ul daca se sare de limita setata in conf pune o regula in iptables pentru IPul care are X conexiuni deschise cu masina gazda. Nu am VPS. Dar cum lucrez la un ISP am masini de pe care pot sa fac teste iar in cazuri de urgenta am laptopul din dotare plus masina de la munca plus masina de pe care fac teste colegii de departament.
PS: Mai incolo voi arunca un ochi pe script. |
Anunturi
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users