黑帽联盟

标题: shell防ddos攻击脚本 [打印本页]

作者: 定位    时间: 2017-3-20 21:40
标题: shell防ddos攻击脚本
  最近服务器经常受到攻击,并且还大多数是晚上,实在是受不了晚上起来处理,直接从网上搜了个写得不错的shell封ddos脚本,这个脚本是老外写的,我觉得效果还不错,发给大家看看吧.

   系统:centos 5.9 64位

脚本内容:
vi ipdrop.sh
  1. #!/bin/bash

  2. #Collecting list of ip addresses connected to port 80

  3. netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1 > /root/iplist

  4. #Limit the no of connections
  5. LIMIT=100;

  6. for ip in `cat /root/iplist |awk '{print $2}'`;do

  7. if [ `grep $ip /root/iplist | awk '{print $1}'` -gt $LIMIT ]
  8. then
  9. echo "100 connection from $ip... `grep $ip /root/iplist | awk '{print $1}'` number of connections... Blocking $ip";

  10. #Blocking the ip ...

  11. /etc/rc.d/init.d/iptables save > /dev/null;
  12. CHECK_IF_LOCALIP=0;
  13. /sbin/ifconfig | grep $ip > /dev/null;
  14. if [ $? -ne $CHECK_IF_LOCALIP ]
  15. then
  16. {
  17. FLAG=0;
  18. grep $ip /etc/sysconfig/iptables | grep DROP > /dev/null;
  19. if [ $? -ne $FLAG ]
  20. then
  21. iptables -I INPUT -s $ip -j DROP;
  22. else
  23. echo " Ipaddress $ip is already blocked ";
  24. fi
  25. }
  26. else
  27. echo " Sorry, the ip $ip cannot be blocked since this is a local ip of the server ";
  28. fi
  29. fi
  30. done
复制代码





欢迎光临 黑帽联盟 (https://bbs.cnblackhat.com/) Powered by Discuz! X2.5