چجوری جلوی این حملاتو بگیرم syn (SYN_RECV) flood attacks
جلوی این ها رو چجوری بگیرم
csf نصبه ولی هیچ غلطی نمیکنه:((
:-ss
نقل قول:
root@box01 [~]# netstat -an|grep SYN_RECV
tcp 0 0 74.81.90.77:80 217.218.227.17:2773 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:50705 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:58392 SYN_RECV
tcp 0 0 74.81.90.66:80 89.144.145.87:2172 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:39654 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:43325 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:39671 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:59602 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:38711 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:40464 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:54662 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:36275 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:55249 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.244.77:51245 SYN_RECV
tcp 0 0 74.81.90.77:80 217.218.227.17:2844 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:34170 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:37663 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:52866 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:38420 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:44776 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.211.36:55674 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:37077 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:37691 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:53068 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:38373 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:50787 SYN_RECV
tcp 0 0 74.81.90.77:80 217.218.227.17:2837 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:33644 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:43814 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:40630 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:56626 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:41407 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:51328 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:39638 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:46365 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:58773 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:59879 SYN_RECV
tcp 0 0 74.81.90.77:80 83.147.215.130:1739 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:60575 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:34121 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.244.77:51240 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:38295 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:50101 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:38818 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:49875 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:37509 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:37646 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:55566 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:50698 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:33566 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:50830 SYN_RECV
tcp 0 0 74.81.90.77:80 79.127.30.144:1900 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:43926 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:46188 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:42917 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:37178 SYN_RECV
tcp 0 0 74.81.90.77:80 212.50.230.112:32404 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:42961 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:45816 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:38662 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:50230 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:37449 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:48181 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:43479 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:44877 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.244.77:51244 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:46938 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:50864 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:55320 SYN_RECV
tcp 0 0 74.81.90.77:80 217.218.227.17:2808 SYN_RECV
tcp 0 0 74.81.90.77:80 85.9.75.52:3067 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:49178 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:56068 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:35779 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:59372 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:48022 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:51784 SYN_RECV
tcp 0 0 74.81.90.77:80 83.147.215.130:1737 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:59241 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:44945 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:35702 SYN_RECV
tcp 0 0 74.81.90.77:80 217.218.227.17:2757 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:54433 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:49867 SYN_RECV
tcp 0 0 74.81.90.77:80 82.99.201.219:37709 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:54343 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.244.77:51246 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:59126 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:35457 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:39503 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:50639 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:34064 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:58785 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:51143 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:55184 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:50533 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:58330 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:34629 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.244.77:51242 SYN_RECV
tcp 0 0 74.81.90.77:80 93.126.14.178:1483 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:49597 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:41406 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:59332 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:48014 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:38023 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.138.131:37877 SYN_RECV
اینم تعداد کانکشن ها
نقل قول:
c|sort -n1 [~]# netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -
1 109.110.177.48
1 209.191.87.214
1 212.50.227.151
1 213.176.95.42
1 213.207.216.224
1 217.201.147.131
1 217.219.119.187
1 217.219.172.34
1 217.219.184.238
1 217.219.210.3
1 217.219.3.247
1 217.219.84.232
1 217.219.95.59
1 65.49.14.12
1 65.49.2.12
1 65.49.2.13
1 65.49.2.16
1 65.49.2.24
1 74.81.90.66
1 78.109.201.21
1 78.110.117.182
1 78.157.36.106
1 78.38.108.12
1 78.39.197.226
1 78.39.198.25
1 78.39.237.143
1 78.39.35.22
1 80.191.110.239
1 80.191.211.36
1 80.69.249.25
1 83.147.236.2
1 85.185.0.12
1 85.185.41.34
1 85.185.70.245
1 85.236.156.132
1 85.9.93.115
1 87.107.33.251
1 89.144.160.147
1 89.165.90.254
1 91.184.89.252
1 92.113.98.10
1 92.242.206.98
2 188.136.132.2
2 188.136.142.7
2 217.218.211.139
2 217.219.244.23
2 217.219.46.6
2 67.195.37.182
2 77.101.236.17
2 79.127.25.191
2 79.132.205.7
2 80.71.126.235
2 82.115.16.130
2 85.198.7.237
2 91.99.235.85
2 92.242.207.126
2 93.190.139.38
2 95.38.14.141
3 0.0.0.0
3 188.158.147.200
3 216.155.148.9
3 84.47.246.78
3 91.99.236.169
4 80.191.244.22
4 82.99.253.202
4 85.198.14.227
5 82.99.251.93
5 94.182.20.8
6 78.38.162.121
6 79.127.25.133
6 85.9.76.135
6 87.107.80.149
6 95.38.47.37
7 85.9.117.129
7 89.165.58.80
8 109.122.192.25
8 217.219.223.228
8 92.50.41.60
9 79.127.31.173
10 212.120.198.192
10 213.207.241.223
13 188.34.249.27
13 85.9.75.52
16 79.127.98.55
17 92.61.177.189
19 79.127.30.144
25 217.218.227.17
49 217.219.188.229
378 80.191.138.131
پاسخ : چجوری جلوی این حملاتو بگیرم syn (SYN_RECV) flood attacks
سرور رو خاموش کنید راحت !
پاسخ : چجوری جلوی این حملاتو بگیرم syn (SYN_RECV) flood attacks
این سه تا آیپی رو بلوک کن !
217.218.227.17
217.219.188.229
80.191.138.131
پاسخ : چجوری جلوی این حملاتو بگیرم syn (SYN_RECV) flood attacks
خوب می خوام اصولی باشه
یه چی باشه خودکار تشخیص بده d:
---------- Post added at 08:46 PM ---------- Previous post was at 08:43 PM ----------
نقل قول:
نوشته اصلی توسط
nswir
سرور رو خاموش کنید راحت !
اینم پاسخ یه شخص انگلیسی زبان به شما
نقل قول:
first and foremost i want to say that this is not going to make your server 100% cracker proof, there is always a possibility that somebody will find a way in. I have listed a lot of things you can do to protect your server and that will help you secure it. While securing your server you have to find a median between what is secure and what restricts your clients or websites. you can easily make your server 100% secure from remote attacks by unplugging the ethernet cable, but chances are you will not get much good with it. this is not a complete guide and i will update it when i find time or it needs it. Overall it is a very good start and it is probably more then most servers have.
---------- Post added at 08:55 PM ---------- Previous post was at 08:46 PM ----------
این همه رو بن کردم تا الان
خسته شدم :((
نقل قول:
217.218.227.17
217.219.188.229
80.191.138.131
212.50.233.90
80.191.94.168
85.9.80.136
89.165.90.69
95.82.63.202
85.9.80.136
82.115.16.130
212.80.5.28
80.191.156.2
پاسخ : چجوری جلوی این حملاتو بگیرم syn (SYN_RECV) flood attacks
نقل قول:
first and foremost i want to say that this is not going to make your server 100% cracker proof, there is always a possibility that somebody will find a way in. I have listed a lot of things you can do to protect your server and that will help you secure it. While securing your server you have to find a median between what is secure and what restricts your clients or websites. You can easily make your server 100% secure from remote attacks by unplugging the ethernet cable, but chances are you will not get much good with it. This is not a complete guide and i will update it when i find time or it needs it. Overall it is a very good start and it is probably more then most servers have.
کمی گیج شدم
میشه خودتون خلاصه بگید یعنی چی؟
پاسخ : چجوری جلوی این حملاتو بگیرم syn (SYN_RECV) flood attacks
نقل قول:
You can easily make your server 100% secure from remote attacks by unplugging the ethernet cable, but chances are you will not get much good with it.
شما می توانید سرورتون رو در مقابل حملات از راه دور با قطع کابل ethernet به صورت 100% امن کنید.ولی شانس زیادی برای گرفتن بهترین نتیجه رو نخواهید داشت.
بقیش دیگه بهحرف شما مربوط نمیشد
همونی که درشت کردمو مربوط میشد رو ترچمه کردم
پاسخ : چجوری جلوی این حملاتو بگیرم syn (SYN_RECV) flood attacks
هر وقت وقت داشتی لیستهای ساکس رو جمع کن از نت و بلوکشون کن یا اگه بازدید کننده ها از داخل کشور هستن فقط آی پی ایران رو اکسس بده + آی پی های گوگل بوت و ...
وب سرور رو لیمیت کن (کانکشن هاش رو)
پاسخ : چجوری جلوی این حملاتو بگیرم syn (SYN_RECV) flood attacks
کانکشن ها رو 1000 تا لیمیته
آخه این سایته روزی 7000 تا ویزیتشه نمیشه کمتر از این کرد
---------- Post added at 09:11 PM ---------- Previous post was at 09:09 PM ----------
همه ip های حمله کننده ماله ایرانه
پاسخ : چجوری جلوی این حملاتو بگیرم syn (SYN_RECV) flood attacks
نقل قول:
نوشته اصلی توسط
woshka
کانکشن ها رو 1000 تا لیمیته
آخه این سایته روزی 7000 تا ویزیتشه نمیشه کمتر از این کرد
---------- post added at 09:11 pm ---------- previous post was at 09:09 pm ----------
همه ip های حمله کننده ماله ایرانه
اسم سایت رو پ ن کن
1000 تا زیاده کمش کن
ایران باشه که راحتتره که
پاسخ : چجوری جلوی این حملاتو بگیرم syn (SYN_RECV) flood attacks
نتیجه بعد از بن کردن دستیه اینهمه ip
تمومی ندارن :((
نقل قول:
217.218.227.17
217.219.188.229
80.191.138.131
212.50.233.90
80.191.94.168
85.9.80.136
89.165.90.69
95.82.63.202
85.9.80.136
82.115.16.130
212.80.5.28
80.191.156.2
213.207.221.10
217.219.139.72
84.47.241.145
77.77.72.141
82.115.24.160
82.115.19.81
212.120.200.83
212.80.3.44
217.11.27.248
95.38.72.45
217.11.27.248
212.80.3.44
85.9.124.81
87.248.130.218
78.39.197.20
80.66.180.38
نقل قول:
root@box01 [~]# netstat -an|grep SYN_RECV
tcp 0 0 74.81.90.77:80 78.38.144.95:2748 SYN_RECV
tcp 0 0 74.81.90.77:80 78.38.144.95:2744 SYN_RECV
tcp 0 0 74.81.90.77:80 78.38.144.95:2745 SYN_RECV
tcp 0 0 74.81.90.77:80 85.185.94.203:1108 SYN_RECV
tcp 0 0 74.81.90.77:80 80.191.168.115:31363 SYN_RECV
tcp 0 0 74.81.90.77:80 85.185.94.203:1107 SYN_RECV
tcp 0 0 74.81.90.77:80 89.144.166.194:1299 SYN_RECV
tcp 0 0 74.81.90.77:80 78.38.144.95:2747 SYN_RECV
tcp 0 0 74.81.90.77:80 78.39.198.25:1695 SYN_RECV
tcp 0 0 74.81.90.77:80 85.185.94.203:1105 SYN_RECV
tcp 0 0 74.81.90.77:80 78.39.198.25:1687 SYN_RECV
tcp 0 0 74.81.90.77:80 95.38.24.254:2886 SYN_RECV
tcp 0 0 74.81.90.77:80 82.99.229.247:1085 SYN_RECV
tcp 0 0 74.81.90.77:80 85.185.94.203:1109 SYN_RECV
tcp 0 0 74.81.90.77:80 85.185.94.203:1106 SYN_RECV
tcp 0 0 74.81.90.77:80 77.77.92.47:2530 SYN_RECV
tcp 0 0 74.81.90.77:80 82.115.24.94:1436 SYN_RECV
tcp 0 0 74.81.90.77:80 217.218.40.242:33547 SYN_RECV
tcp 0 0 74.81.90.77:80 88.89.145.241:19728 SYN_RECV
tcp 0 0 74.81.90.77:80 213.217.40.100:21990 SYN_RECV
tcp 0 0 74.81.90.77:80 82.99.201.219:25924 SYN_RECV
root@box01 [~]#
---------- Post added at 09:19 PM ---------- Previous post was at 09:17 PM ----------
نقل قول:
نوشته اصلی توسط
packsaft
اسم سایت رو پ ن کن
1000 تا زیاده کمش کن
ایران باشه که راحتتره که
خیلی ساده ip ری***ت شده رو بزن :)
---------- Post added at 09:34 PM ---------- Previous post was at 09:19 PM ----------
اگه الان پست داده بودم یه هاست با این قیمت می خوام تا صفحه 5 ، 6 یا حتی بیشتر میکشید
یعنی شما فقط تو آفر و فروش کیفیت دارید؟
خارج از اون هیچی؟
برنامه ای که جلوی اینجور حملاتو بگیره سراع ندارید؟
