发布于 2016-02-10 04:25:56 | 131 次阅读 | 评论: 0 | 来源: 网友投递

这里有新鲜出炉的精品教程，程序狗速度看过来！

DDoS 分布式拒绝服务攻击

分布式拒绝服务(DDoS:Distributed Denial of Service)攻击指借助于客户/服务器技术，将多个计算机联合起来作为攻击平台，对一个或多个目标发动DDoS攻击，从而成倍地提高拒绝服务攻击的威力。

---

本文可以用于redhat centos 系列 linux 系统的 屏蔽多连接ip，具有抗ddos功能的代码。

 
############################################## 
#version="20100718" 
#author="phpsir" 
#author_email="phpsir@phpsir.com" 
############################################## 
maxnum=50 
runmin_max=300 
#runmin_max is clear time 
ipfile="/tmp/80link.txt" 
banip_data_file="/root/banip_data.txt" 
ipopenfile="/root/openip.txt" 
nsfile="/tmp/netstat80.txt" 

myip=`/sbin/ifconfig eth0 | grep inet | awk '{print $2}' | sed 's/addr://' | grep .` 
if [ ! -f $ipopenfile ] 
then 
echo "init $ipopenfile" 
touch $ipopenfile 
fi 
if [ -f $banip_data_file ] 
then 
source $banip_data_file 
echo "last runtime=$runtime" 
else 
echo "init $banip_data_file" 
echo 'runtime='`date "+%s"` > $banip_data_file 
source $banip_data_file 
runmin_max=-1 
fi 

echo "start shell" `date "+%Y-%m-%d %H:%M:%S"` 
runmin=$((`date "+%s"`-$runtime)) 
if [ $runmin -gt $runmin_max ] 
then 
echo $runmin "is bigger than " $runmin_max 
echo "clear ips" 
/sbin/iptables -F 
echo 'runtime='`date "+%s"` > $banip_data_file 
else 
echo $runmin "is lowwer than " $runmin_max 
fi 

netstat -an | grep "$myip:80" > $nsfile 

echo "Total Links = " `cat $nsfile | wc -l ` 
echo "Total Links ESTABLISHED = " `cat $nsfile | grep ESTABLISHED | wc -l ` 
echo "Total Links SYNC = " `cat $nsfile | grep SYN | wc -l ` 

cat $nsfile | awk '{print $5}' | awk -F: '{print $1}' | sort|uniq -c|sort -rn | head -n 10 > $ipfile 

cat $ipfile | while read oneline 
do 
ip=`echo $oneline | cut -d " " -f 2` 
num=`echo $oneline | cut -d " " -f 1` 
str="$ip has linked $num " 
banme="yes" 

for allowip in `cat $ipopenfile` 
do 
echo $ip | grep $allowip > /dev/null 
if [ $? -eq 0 ] 
then 
banme="no" 
echo $allowip "banme = " $banme 
/sbin/iptables -D INPUT -p tcp -s $ip -d $myip --dport 80 -j REJECT > /dev/null 2>&1 
continue 
fi 
done 

if [ $banme = "yes" ] 
then 
if [ $num -gt "$maxnum" ] 
then 
/sbin/iptables -L -n | grep "$ip" >/dev/null 
status=`echo $?` 
if [ $status -eq 1 ] 
then 
echo "deny $ip ,because $str " 
/sbin/iptables -A INPUT -p tcp -s $ip -d $myip --dport 80 -j REJECT 
echo "BAN " $ip " OK " 
#/sbin/iptables -L -n | grep "$ip" 
else 
echo > /dev/null 
#echo "$str alread reject" 
fi 
else 
echo > /dev/null 
#echo "$str $ip ok ,less $maxnum " 
fi 
fi 

done 

echo "stop shell" `date "+%Y-%m-%d %H:%M:%S"`