ʹÓÃLinuxЧÀÍÆ÷±£»¤Web½Ó¿ÚÃâÊÜBotnet¹¥»÷¡£
ʹÓÃLinuxЧÀÍÆ÷±£»¤Web½Ó¿ÚÃâÊÜBotnet¹¥»÷
ÔÚWeb¿ª·¢ºÍÖÎÀíÖУ¬±£»¤Web½Ó¿ÚÃâÊÜBotnet£¨½©Ê¬ÍøÂ磩¹¥»÷ÊÇÒ»ÏîÖ÷ÒªµÄÇ徲ʹÃü¡£Botnet¹¥»÷Ö¸µÄÊǺڿÍʹÓÃÒ»×éÊÜѬȾµÄÅÌËã»ú»ò×°±¸À´Ìᳫ¹¥»÷£¬¶ÔWebЧÀÍÆ÷¾ÙÐдó¹æÄ£µÄ¶ñÒâÇëÇó£¬ÒÔѹµ¹Ð§ÀÍÆ÷µÄ×ÊÔ´ºÍ´ø¿í£¬Ôì³É¾Ü¾øЧÀÍ£¨DoS£©¹¥»÷»òÂþÑÜʽ¾Ü¾øЧÀÍ£¨DDoS£©¹¥»÷¡£
ÔÚ±¾ÎÄÖУ¬ÎÒÃǽ«ÏÈÈÝһЩʹÓÃLinuxЧÀÍÆ÷À´±£»¤Web½Ó¿ÚÃâÊÜBotnet¹¥»÷µÄÒªÁ죬²¢ÌṩÏà¹ØµÄ´úÂëʾÀý¡£
¿ªÆô·À»ðǽ
Ê×ÏÈ£¬ÎÒÃÇÐèҪȷ±£LinuxЧÀÍÆ÷ÉϵķÀ»ðǽÒѾ¿ªÆô²¢ÉèÖÃ׼ȷ¡£·À»ðǽ¿ÉÒÔ¹ýÂ˺Í×èÖ¹À´×ÔÌض¨IPµØµã»òIPµØµã¹æÄ£µÄÇëÇó¡£ÒÔÏÂÊÇÒ»¸öʹÓÃiptablesÏÂÁîÀ´¿ªÆô·À»ðǽ²¢ÔÊÐíÖ»ÓÐÌض¨IPµØµãµÄÇëÇóµÄʾÀý£º
sudo iptables -A INPUT -p tcp -s Ìض¨IPµØµã -j ACCEPT sudo iptables -A INPUT -p tcp -j DROP
µÇ¼ºó¸´ÖÆ
Ç뽫”Ìض¨IPµØµã”Ì滻ΪÄúÔÊÐíµÄIPµØµã¡£
ʹÓÃFail2Ban
Fail2BanÊÇÒ»¸öÊ¢ÐеŤ¾ß£¬ÓÃÓÚ±ÜÃâ¶ñÒâµÇ¼ºÍ±©Á¦Æƽ⡣Ëü¿ÉÒÔ¼àÊÓЧÀÍÆ÷µÄÈÕÖ¾Îļþ£¬²¢ÔÚ¼ì²âµ½¶à´Îʧ°ÜµÄµÇ¼ʵÑéºó×Ô¶¯·â±ÕÀ´×Ô¸ÃIPµØµãµÄÇëÇó¡£ÒÔÏÂÊÇÔõÑùÔÚLinuxЧÀÍÆ÷ÉÏ×°ÖúÍÉèÖÃFail2BanµÄʾÀý£º
sudo apt-get install fail2ban sudo vi /etc/fail2ban/jail.local
µÇ¼ºó¸´ÖÆ
ÔÚjail.localÎļþÖÐÌí¼ÓÒÔÏÂÄÚÈÝ£º
[http-get-dos] enabled = true port = http,https filter = http-get-dos logpath = /var/log/apache2/access.log maxretry = 100 findtime = 60 bantime = 600
µÇ¼ºó¸´ÖÆ
ÉúÑÄÎļþ²¢Í˳ö£¬È»ºóÖØÆôFail2BanЧÀÍ£º
sudo service fail2ban restart
µÇ¼ºó¸´ÖÆ
ÉèÖÃWebЧÀÍÆ÷
ΪÁ˽øÒ»²½±£»¤Web½Ó¿ÚÃâÊÜBotnet¹¥»÷£¬ÎÒÃÇ¿ÉÒÔÔÚWebЧÀÍÆ÷ÉÏÉèÖÃһЩÌØÁíÍâÇå¾²²½·¥¡£ÒÔÏÂÊÇÒ»¸öʹÓÃApacheЧÀÍÆ÷ÉèÖ÷´ÏòÊðÀíºÍÏÞÖÆƵÂʵÄʾÀý£º
sudo a2enmod proxy sudo a2enmod proxy_http sudo vi /etc/apache2/conf-available/security.conf
µÇ¼ºó¸´ÖÆ
ÔÚsecurity.confÎļþÖÐÌí¼ÓÒÔÏÂÄÚÈÝ£º
<IfModule mod_reqtimeout.c> RequestReadTimeout header=20-40,MinRate=500 </IfModule> <Proxy *> Order deny,allow Deny from all Allow from Ìض¨IPµØµã </Proxy> ProxyPass / http://localhost:8000/ ProxyPassReverse / http://localhost:8000/
µÇ¼ºó¸´ÖÆ
ÉúÑÄÎļþ²¢Í˳ö£¬È»ºóÖØмÓÔØApacheЧÀÍÆ÷ÉèÖãº
sudo service apache2 reload
µÇ¼ºó¸´ÖÆ
Ç뽫”Ìض¨IPµØµã”Ì滻ΪÄúÔÊÐíµÄIPµØµã¡£
ʹÓÃÑéÖ¤Âë
ΪÁ˱ÜÃâBotnet¹¥»÷ÖеĶñÒâ»úеÈË×Ô¶¯»¯¾ÙÐÐÇëÇó£¬ÎÒÃÇ¿ÉÒÔͨ¹ýʵÑéÑéÖ¤ÂëÀ´½øÒ»²½ÔöÇ¿Çå¾²ÐÔ¡£ÒÔÏÂÊÇÒ»¸öʹÓÃPython Flask¿ò¼ÜʵÏÖÑéÖ¤Âë±£»¤µÄʾÀý£º
from flask import Flask, request, render_template from flask_wtf import FlaskForm, RecaptchaField from wtforms import StringField, SubmitField from wtforms.validators import DataRequired app = Flask(__name__) app.config['SECRET_KEY'] = 'your_secret_key' app.config['RECAPTCHA_PUBLIC_KEY'] = 'your_recaptcha_public_key' app.config['RECAPTCHA_PRIVATE_KEY'] = 'your_recaptcha_private_key' class MyForm(FlaskForm): name = StringField('Name', validators=[DataRequired()]) recaptcha = RecaptchaField() submit = SubmitField('Submit') @app.route('/', methods=['GET', 'POST']) def index(): form = MyForm() if form.validate_on_submit(): return 'Success!' return render_template('index.html', form=form) if __name__ == '__main__': app.run()
µÇ¼ºó¸´ÖÆ
ÇëÈ·±£ÄúÒѾÔÚFlaskÓ¦ÓóÌÐòÖÐÉèÖÃÁË׼ȷµÄÃØÔ¿ºÍÑéÖ¤ÂëÃÜÔ¿¡£
ͨ¹ýÒÔÉϲ½·¥£¬ÎÒÃÇ¿ÉÒÔÓÐÓõر£»¤Web½Ó¿ÚÃâÊÜBotnet¹¥»÷¡£¿ÉÊÇ£¬Çë¼Ç×Å£¬Çå¾²ÊÇÒ»¸öÒ»Á¬µÄÀú³Ì£¬ÎÒÃÇÐèÒªÒ»Ö±µØ¸üкÍË¢ÐÂÎÒÃǵķÀ»¤²½·¥£¬ÒÔ±£»¤Ð§ÀÍÆ÷ºÍÓû§µÄÊý¾ÝÇå¾²¡£
ÒÔÉϾÍÊÇʹÓÃLinuxЧÀÍÆ÷±£»¤Web½Ó¿ÚÃâÊÜBotnet¹¥»÷¡£µÄÏêϸÄÚÈÝ£¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡