×ðÁú¿­Ê±¹ÙÍøµÇ¼

ʹÓÃLinuxЧÀÍÆ÷±£»¤Web½Ó¿ÚÃâÊÜBotnet¹¥»÷¡£

ʹÓÃLinuxЧÀÍÆ÷±£»¤Web½Ó¿ÚÃâÊÜBotnet¹¥»÷

ÔÚWeb¿ª·¢ºÍÖÎÀíÖУ¬±£»¤Web½Ó¿ÚÃâÊÜBotnet£¨½©Ê¬ÍøÂ磩¹¥»÷ÊÇÒ»ÏîÖ÷ÒªµÄÇ徲ʹÃü¡£Botnet¹¥»÷Ö¸µÄÊǺڿÍʹÓÃÒ»×éÊÜѬȾµÄÅÌËã»ú»ò×°±¸À´Ìᳫ¹¥»÷£¬¶ÔWebЧÀÍÆ÷¾ÙÐдó¹æÄ£µÄ¶ñÒâÇëÇó£¬ÒÔѹµ¹Ð§ÀÍÆ÷µÄ×ÊÔ´ºÍ´ø¿í£¬Ôì³É¾Ü¾øЧÀÍ£¨DoS£©¹¥»÷»òÂþÑÜʽ¾Ü¾øЧÀÍ£¨DDoS£©¹¥»÷¡£

ÔÚ±¾ÎÄÖУ¬ÎÒÃǽ«ÏÈÈÝһЩʹÓÃLinuxЧÀÍÆ÷À´±£»¤Web½Ó¿ÚÃâÊÜBotnet¹¥»÷µÄÒªÁ죬²¢ÌṩÏà¹ØµÄ´úÂëʾÀý¡£

¿ªÆô·À»ðǽ

Ê×ÏÈ£¬ÎÒÃÇÐèҪȷ±£LinuxЧÀÍÆ÷ÉϵķÀ»ðǽÒѾ­¿ªÆô²¢ÉèÖÃ׼ȷ¡£·À»ðǽ¿ÉÒÔ¹ýÂ˺Í×èÖ¹À´×ÔÌض¨IPµØµã»òIPµØµã¹æÄ£µÄÇëÇó¡£ÒÔÏÂÊÇÒ»¸öʹÓÃiptablesÏÂÁîÀ´¿ªÆô·À»ðǽ²¢ÔÊÐíÖ»ÓÐÌض¨IPµØµãµÄÇëÇóµÄʾÀý£º

sudo iptables -A INPUT -p tcp -s Ìض¨IPµØµã -j ACCEPT
sudo iptables -A INPUT -p tcp -j DROP

µÇ¼ºó¸´ÖÆ

Ç뽫”Ìض¨IPµØµã”Ì滻ΪÄúÔÊÐíµÄIPµØµã¡£

ʹÓÃFail2Ban

Fail2BanÊÇÒ»¸öÊ¢ÐеŤ¾ß£¬ÓÃÓÚ±ÜÃâ¶ñÒâµÇ¼ºÍ±©Á¦Æƽâ¡£Ëü¿ÉÒÔ¼àÊÓЧÀÍÆ÷µÄÈÕÖ¾Îļþ£¬²¢ÔÚ¼ì²âµ½¶à´Îʧ°ÜµÄµÇ¼ʵÑéºó×Ô¶¯·â±ÕÀ´×Ô¸ÃIPµØµãµÄÇëÇó¡£ÒÔÏÂÊÇÔõÑùÔÚLinuxЧÀÍÆ÷ÉÏ×°ÖúÍÉèÖÃFail2BanµÄʾÀý£º

sudo apt-get install fail2ban

sudo vi /etc/fail2ban/jail.local

µÇ¼ºó¸´ÖÆ

ÔÚjail.localÎļþÖÐÌí¼ÓÒÔÏÂÄÚÈÝ£º

[http-get-dos]
enabled = true
port = http,https
filter = http-get-dos
logpath = /var/log/apache2/access.log
maxretry = 100
findtime = 60
bantime = 600

µÇ¼ºó¸´ÖÆ

ÉúÑÄÎļþ²¢Í˳ö£¬È»ºóÖØÆôFail2BanЧÀÍ£º

sudo service fail2ban restart

µÇ¼ºó¸´ÖÆ

ÉèÖÃWebЧÀÍÆ÷

ΪÁ˽øÒ»²½±£»¤Web½Ó¿ÚÃâÊÜBotnet¹¥»÷£¬ÎÒÃÇ¿ÉÒÔÔÚWebЧÀÍÆ÷ÉÏÉèÖÃһЩÌØÁíÍâÇå¾²²½·¥¡£ÒÔÏÂÊÇÒ»¸öʹÓÃApacheЧÀÍÆ÷ÉèÖ÷´ÏòÊðÀíºÍÏÞÖÆƵÂʵÄʾÀý£º

sudo a2enmod proxy
sudo a2enmod proxy_http

sudo vi /etc/apache2/conf-available/security.conf

µÇ¼ºó¸´ÖÆ

ÔÚsecurity.confÎļþÖÐÌí¼ÓÒÔÏÂÄÚÈÝ£º

<IfModule mod_reqtimeout.c>
  RequestReadTimeout header=20-40,MinRate=500
</IfModule>

<Proxy *>
  Order deny,allow
  Deny from all
  Allow from Ìض¨IPµØµã
</Proxy>

ProxyPass / http://localhost:8000/
ProxyPassReverse / http://localhost:8000/

µÇ¼ºó¸´ÖÆ

ÉúÑÄÎļþ²¢Í˳ö£¬È»ºóÖØмÓÔØApacheЧÀÍÆ÷ÉèÖãº

sudo service apache2 reload

µÇ¼ºó¸´ÖÆ

Ç뽫”Ìض¨IPµØµã”Ì滻ΪÄúÔÊÐíµÄIPµØµã¡£

ʹÓÃÑéÖ¤Âë

ΪÁ˱ÜÃâBotnet¹¥»÷ÖеĶñÒâ»úеÈË×Ô¶¯»¯¾ÙÐÐÇëÇó£¬ÎÒÃÇ¿ÉÒÔͨ¹ýʵÑéÑéÖ¤ÂëÀ´½øÒ»²½ÔöÇ¿Çå¾²ÐÔ¡£ÒÔÏÂÊÇÒ»¸öʹÓÃPython Flask¿ò¼ÜʵÏÖÑéÖ¤Âë±£»¤µÄʾÀý£º

from flask import Flask, request, render_template
from flask_wtf import FlaskForm, RecaptchaField
from wtforms import StringField, SubmitField
from wtforms.validators import DataRequired

app = Flask(__name__)
app.config['SECRET_KEY'] = 'your_secret_key'
app.config['RECAPTCHA_PUBLIC_KEY'] = 'your_recaptcha_public_key'
app.config['RECAPTCHA_PRIVATE_KEY'] = 'your_recaptcha_private_key'

class MyForm(FlaskForm):
    name = StringField('Name', validators=[DataRequired()])
    recaptcha = RecaptchaField()
    submit = SubmitField('Submit')

@app.route('/', methods=['GET', 'POST'])
def index():
    form = MyForm()
    if form.validate_on_submit():
        return 'Success!'
    return render_template('index.html', form=form)

if __name__ == '__main__':
    app.run()

µÇ¼ºó¸´ÖÆ

ÇëÈ·±£ÄúÒѾ­ÔÚFlaskÓ¦ÓóÌÐòÖÐÉèÖÃÁË׼ȷµÄÃØÔ¿ºÍÑéÖ¤ÂëÃÜÔ¿¡£

ͨ¹ýÒÔÉϲ½·¥£¬ÎÒÃÇ¿ÉÒÔÓÐÓõر£»¤Web½Ó¿ÚÃâÊÜBotnet¹¥»÷¡£¿ÉÊÇ£¬Çë¼Ç×Å£¬Çå¾²ÊÇÒ»¸öÒ»Á¬µÄÀú³Ì£¬ÎÒÃÇÐèÒªÒ»Ö±µØ¸üкÍË¢ÐÂÎÒÃǵķÀ»¤²½·¥£¬ÒÔ±£»¤Ð§ÀÍÆ÷ºÍÓû§µÄÊý¾ÝÇå¾²¡£

ÒÔÉϾÍÊÇʹÓÃLinuxЧÀÍÆ÷±£»¤Web½Ó¿ÚÃâÊÜBotnet¹¥»÷¡£µÄÏêϸÄÚÈÝ£¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡

ÃâÔð˵Ã÷£ºÒÔÉÏչʾÄÚÈÝȪԴÓÚÏàÖúýÌå¡¢ÆóÒµ»ú¹¹¡¢ÍøÓÑÌṩ»òÍøÂçÍøÂçÕûÀí£¬°æȨÕùÒéÓë±¾Õ¾Î޹أ¬ÎÄÕÂÉæ¼°¿´·¨Óë¿´·¨²»´ú±í×ðÁú¿­Ê±¹ÙÍøµÇ¼ÂËÓÍ»úÍø¹Ù·½Ì¬¶È£¬Çë¶ÁÕß½ö×ö²Î¿¼¡£±¾ÎĽӴýתÔØ£¬×ªÔØÇë˵Ã÷À´ÓÉ¡£ÈôÄúÒÔΪ±¾ÎÄÇÖÕ¼ÁËÄúµÄ°æȨÐÅÏ¢£¬»òÄú·¢Ã÷¸ÃÄÚÈÝÓÐÈκÎÉæ¼°ÓÐÎ¥¹«µÂ¡¢Ã°·¸Ö´·¨µÈÎ¥·¨ÐÅÏ¢£¬ÇëÄúÁ¬Ã¦ÁªÏµ×ðÁú¿­Ê±¹ÙÍøµÇ¼ʵʱÐÞÕý»òɾ³ý¡£

Ïà¹ØÐÂÎÅ

ÁªÏµ×ðÁú¿­Ê±¹ÙÍøµÇ¼

18523999891

¿É΢ÐÅÔÚÏß×Éѯ

ÊÂÇéʱ¼ä£ºÖÜÒ»ÖÁÖÜÎ壬9:30-18:30£¬½ÚãåÈÕÐÝÏ¢

QR code
ÍøÕ¾µØͼ