使用DDoS deflate防御DDos攻击
1 命令行判断连接服务器客户端IP的连接数
bear@njava:~$ netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
2 安装medialayer给我们带来的防止ddos攻击的免费软件DDoS deflate
地址 :http://deflate.medialayer.com/
DDoS deflate是一款免费的用来防御和减轻DDoS攻击的脚本。它通过netstat监测跟踪创建大量网络连接的IP地址,在检测到某个结点超过预设的限 制时,该程序会通过APF或IPTABLES禁止或阻挡这些IP.
Installation
bear@njava:~$wget http://www.inetbase.com/scripts/ddos/install.sh bear@njava:~$chmod 0700 install.sh bear@njava:~$./install.sh
Uninstalling
bear@njava:~$wget http://www.inetbase.com/scripts/ddos/uninstall.ddos bear@njava:~$chmod 0700 uninstall.ddos bear@njava:~$./uninstall.ddos
Version 0.6 | Change Log
whitelisting possible by adding IPs in /usr/local/ddos/ignore.ip.list
it uses this file to avoid banning the ip again (it was handling this differently and was a bit slower too)