Dari milis Slackware-id, Menghindari flod pada Web Server Apache

ini salah satu cara setelah saya cari kemana2,
# echo 1 > /proc/sys/net/ipv4/tcp_syncookies

lalu saya tambahkan script ini :
==========================================================================================================

#SCRIPT BLOK SYN FLOOD IPTABLES
clear
printf ” cyberslackerz.org \n”
printf “\n\n”
printf “Masukan ip address server:”
read SERVER_IP
iptables -A INPUT -p tcp –syn -m limit –limit 1/s –limit-burst 3 -j RETURN
iptables -N syn_flood
iptables -A INPUT -p tcp –syn -j syn_flood
iptables -A syn_flood -m limit –limit 1/s –limit-burst 3 -j RETURN
iptables -A syn_flood -j DROP
iptables -A INPUT -p icmp -m limit –limit 1/s –limit-burst 1 -j ACCEPT

iptables -A INPUT -p icmp -m limit –limit 1/s –limit-burst 1 -j LOG –log-prefix PING-DROP:
iptables -A INPUT -p icmp -j DROP

iptables -A OUTPUT -p icmp -j ACCEPT
iptables -I INPUT -p tcp -s 0/0 -d $SERVER_IP –sport 513:65535 –dport 22 -m state –state NEW,ESTABLISHED -m recent –set -j ACCEPT

iptables -I INPUT -p tcp –dport 22 -m state –state NEW -m recent –update –seconds 600 –hitcount 11 -j DROP

iptables -A OUTPUT -p tcp -s $SERVER_IP -d 0/0 –sport 22 –dport 513:65535 -m state –state ESTABLISHED -j ACCEPT

==========================================================================================================


Molavi Arman
ym: neounfor
nick:pinguinmabuk
fb: molaviarman@yahoo.com
Sumatera Selatan – Palembang
7A6F 6AA0 593E 07EC F708 0075 7AC6 FC3B FBEE A845
You are registered Linux user number 492497
Your machine has registration number 403813
chanel: ##id-slackware
machine : pinguinmabuk.net

Silahkan Komentar ... !

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s