Apache ๋ฒ์
vim /etc/httpd/conf/httpd.conf
> # ServerSignature Off
MaxRequestWorkers 500 # ๋์ ์ ์์ ์ ์ ํ (DDOS๋ง๊ธฐ)
MaxKeepAliveRequests 500 # ํ ์ ์ ์ ์์ฒญ ์ ์ ํ
TimeOut 300 # 5๋ถ๋์ ์ฌ์ฉํ์ง ์์ผ๋ฉด ์ธ์
๋๊ธฐ
DDOS ๋ง๋ ๋ชจ๋
yum -y install epel-release
yum -y install mod_evasive
vim /etc/httpd/conf.d/mod_evasive.conf
systemctl restart httpd
DDOS ๊ณต๊ฒฉ
systemctl stop firewalld
setenforce 0
yum -y install epel-release
yum -y install mod_evasive
vim /usr/share/doc/mod_evasive-1.10.1/test.pl # perl ํ์ผ ์์
for(0..100) {
my($response);
my($SOCKET) = new IO::Socket::INET( Proto => "tcp",
PeerAddr=> "192.168.111.100:80");
if (! defined $SOCKET) { die $!; }
print $SOCKET "GET /?$_ HTTP/1.0\\r\\nHost:127.0.0.1\\r\\n\\r\\n";
perl /usr/share/doc/mod_evasive-1.10.1/test.pl # perl ์คํ
DDOS ( ์๋น์ค ๊ฑฐ๋ถ ๊ณต๊ฒฉ )
hping3 -1 -c 5 192.168.111.100 (icmp -1 udp -2)
hping3 --scan 1-1024 -S 192.168.111.100
# rand atack ๊ณต๊ฒฉ ( ๋๊ฐ ๊ณต๊ฒฉ์ ํ์ง ๋ชจ๋ฅด๊ฒ ์ถ๋ฐ์ง ์จ๊น )
hping3 -1 -a 10.20.30.40 -d 65000 192.168.111.100
# -a : ์์ ip์ฃผ์ -d : ๋ฐ์ดํฐ ํฌ๊ธฐ
# flooding ๊ณต๊ฒฉ
hping3 -S -d 64 192.168.111.100 -p 80 --flood --rand-source
DDOS ๋ง๊ธฐ
iptables -I INPUT -p tcp --dport 80 -m state --state NEW -m recent --update --seconds 1 --hitcount 10 -j DROP