减轻DDOS攻击工具

DoS-Deflate是一款免费的用来防御和减轻DDoS攻击。

它通过netstat监测跟踪创建大量网络连接的IP地址，在检测到某个结点超过预设的限制时，该程序会通过APF或IPTABLES禁止

或阻挡这些IP.

DDoS-Deflate安装及配置

1、安装

wget http://www.inetbase.com/scripts/ddos/install.sh
chmod 0700 install.sh
./install.sh

2、配置

 

配置文件是 /usr/local/ddos/ddos.conf ，默认有如下配置

FREQ=1

NO_OF_CONNECTIONS=150

APF_BAN=1

KILL=1

EMAIL_TO=”root”

BAN_PERIOD=600 

IP地址白名单：/usr/local/ddos/ignore.ip.list

 

创建一个shell脚本..内容如下

 

#!/bin/sh

if [ -d '/usr/local/ddos' ]; then

        echo; echo; echo “Please un-install the previous version first”

        exit 0

else

        mkdir /usr/local/ddos

fi

clear

echo; echo ‘Installing DOS-Deflate 0.6′; echo

echo; echo -n ‘Downloading source files…’

wget -q -O /usr/local/ddos/ddos.conf http://www.inetbase.com/scripts/ddos/ddos.conf

echo -n ‘.’

wget -q -O /usr/local/ddos/LICENSE http://www.inetbase.com/scripts/ddos/LICENSE

echo -n ‘.’

wget -q -O /usr/local/ddos/ignore.ip.list http://www.inetbase.com/scripts/ddos/ignore.ip.list

echo -n ‘.’

wget -q -O /usr/local/ddos/ddos.sh http://www.inetbase.com/scripts/ddos/ddos.sh

chmod 0755 /usr/local/ddos/ddos.sh

cp -s /usr/local/ddos/ddos.sh /usr/local/sbin/ddos

echo ‘…done’

 

echo; echo -n ‘Creating cron to run script every minute…..(Default setting)’

/usr/local/ddos/ddos.sh –cron > /dev/null 2>&1

echo ‘…..done’

echo; echo ‘Installation has completed.’

echo ‘Config file is at /usr/local/ddos/ddos.conf’

echo ‘Please send in your comments and/or suggestions to zaf@vsnl.com’

echo

cat /usr/local/ddos/LICENSE | less

欢迎访问我的空间,由《一佳互联》提供技术支持。

个人博客 http://micoder.cc