 |
APACHE防止DoS模块 dosevasive |
|
|
| APACHE防止DoS模块 dosevasive |
|
| 作者:佚名 文章来源:不详 点击数: 更新时间:2007-1-25 9:47:15 |
|
http://freshmeat.net/redir/mod_dosevasive/34138/url_tgz/mod_dosevasive.1.8.tar.gz
Apache DoS Evasive Maneuvers Module [v1.4-Stable]
A module for Apache 1.3 giving Apache the ability to fend off request-based DoS attacks conserving your system resources and bandwidth. This new tool maintains an internal table of IP addresses and URLs and will deny repeated requests for the same URL from the same IP address, blacklisting the address for 10-seconds per extraneous request. This is by no means designed to be a complete solution. In the event of a heavy distributed DoS attack, this module will not fend off attacks consuming all available bandwidth or more resources than are available to send 403's, but is very successful in typical flood attacks or cgi flood attacks.
This tool wasn't designed as an end-all be-all solution, it was designed as a starting point for cutting off extraneous requests (so you don't have a few thousand CGIs running on your server, or a few thousand page sends) and to provide a means of detection. You could easily take this code and have it talk to your firewalls or border routers to shut down the ip addresses that are being blacklisted. If you don't have decentralized content or at the very least a distributed design, you're going to be DoS'd regardless, but this tool can at least make it take more power to do it.
安装方法:
tar zxvf mod_dosevasive.tar.gz
cd dosevasive/
/usr/local/apache/bin/apxs -i -c mod_dosevasive.c
vi /usr/local/apache/conf/httpd.conf
加入
LoadModule dosevasive_module libexec/mod_dosevasive.so
AddModule mod_dosevasive.c
<IfModule mod_dosevasive.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
</IfModule>
重起apache
APACHE v2.0
-----------
1. Extract this archive
2. Run $APACHE_ROOT/bin/apxs -i -a -c mod_dosevasive20.c
3. The module will be built and installed into $APACHE_ROOT/modules, and loaded into your httpd.con【转自世纪安全网 http://www.21safe.com】
|
|
| 文章录入:admin 责任编辑:admin |
|
|
上一篇文章: 对一个注册表项的粗略分析
下一篇文章: 删除系统Services.msc里残留下来的服务 |
|
|
| 【字体:小 大】【发表评论】【加入收藏】【告诉好友】【打印此文】【关闭窗口】 |
|
|
 网友评论:(只显示最新10条。评论内容只代表网友观点,与本站立场无关!) |
|
|
|
|
|
