{"id":167698,"date":"2020-10-16T04:12:38","date_gmt":"2020-10-15T20:12:38","guid":{"rendered":"http:\/\/4563.org\/?p=167698"},"modified":"2020-10-16T04:12:38","modified_gmt":"2020-10-15T20:12:38","slug":"%e7%ae%80%e6%98%93ddos%e9%98%b2%e6%8a%a4%e6%95%99%e7%a8%8b","status":"publish","type":"post","link":"http:\/\/4563.org\/?p=167698","title":{"rendered":"\u7b80\u6613DDOS\u9632\u62a4\u6559\u7a0b"},"content":{"rendered":"\n<p>  \t\t\t\t\t<strong>Alanku<\/strong>  \t\t\t\t\u5927\u4f6c\u6709\u8bdd\u8bf4 : \t<\/p>\n<h3>\u7b80\u6613DDOS\u9632\u62a4\u6559\u7a0b<\/h3>\n<p>  \t\t \u672c\u5e16\u6700\u540e\u7531 Alanku \u4e8e 2020-10-15 23:13 \u7f16\u8f91 <\/p>\n<p> \u5c0f\u767d\u5b89\u5168\u7cfb\u5217\u7b2c\u4e94\u5f39<\/p>\n<p>  1. \u57df\u540d\u6258\u7ba1cloudflare\u5e76\u4ec5\u5141\u8bb8cf\u8282\u70b9\u8bbf\u95ee\u670d\u52a1\u5668<\/p>\n<p>  \u57df\u540d\u6258\u7ba1cf\u5c31\u80fd\u4eab\u53d7cf\u5f3a\u5927\u7684\u9632\u706b\u5899\u529f\u80fd\uff0c\u800c\u5f00\u542fcf CDN\u8fd8\u53ef\u4ee5\u8d77\u5230\u9690\u85cf\u6e90\u7ad9ip\u4f5c\u7528\uff0c\u5e94\u4ed8\u4e00\u822c\u7684\u653b\u51fb\uff0c\u7528cf\u662f\u6ca1\u6709\u95ee\u9898\u7684\uff0c\u4f46\u662f\u5982\u679c\u653b\u51fb\u8005\u627e\u5230\u4e86\u6e90\u7ad9ip\uff0c\u5373\u4f7fcf\u9632\u706b\u5899\u518d\u5f3a\u5927\u4e5f\u6ca1\u6709\u7528\uff0c\u653b\u51fb\u8005\u4f1a\u76f4\u63a5\u7ed5\u8fc7cf\u6253\u5230\u6e90\u7ad9\u3002<\/p>\n<p>  \u8fd9\u65f6\u5019\u5c31\u8981\u5b66\u4f1a\u8fdb\u4e00\u6b65\u9690\u85cf\u6e90\u7ad9ip\uff0cip\u85cf\u4f4f\u4e86\uff0c\u57fa\u672c\u5c31\u9632\u4f4f\u4e00\u534a\u4e86\u3002\u6b63\u6240\u8c13\uff0c\u77e5\u5df1\u77e5\u5f7c\uff0c\u767e\u6218\u4e0d\u6020\uff0c\u6211\u4eec\u8981\u77e5\u9053\u653b\u51fb\u8005\u662f\u600e\u6837\u627e\u5230\u6211\u4eec\u6e90\u7ad9ip\u7684\u624d\u80fd\u5bf9\u75c7\u4e0b\u836f\uff0c\u4e00\u822c\u6709\u4ee5\u4e0b\u51e0\u79cd\u65b9\u6cd5\u83b7\u53d6\u76ee\u6807\u7ad9\u70b9ip\uff1a<\/p>\n<p>  \uff081\uff09\u901a\u8fc7\u626b\u63cf\u5168\u7f51ip 443\u7aef\u53e3\u83b7\u53d6\u8bc1\u4e66\uff0c\u800c\u8bc1\u4e66\u91cc\u542b\u6709\u57df\u540d\u4fe1\u606f\uff0c\u8fd9\u6837ip\u4e0e\u57df\u540d\u5c31\u5bf9\u5e94\u4e0a\u4e86\u3002<br \/>  \u89e3\u51b3\u65b9\u6cd5\uff0c\u7531\u4e8e\u57df\u540d\u6258\u7ba1\u5728cf\u4e14\u5f00\u542f\u4e86cdn\uff0c\u90a3\u4e48\u8fd9\u91cc\u63d0\u4f9b\u4e00\u4e2a\u7b80\u5355\u7c97\u66b4\u7684\u65b9\u6cd5\uff0c\u5c4f\u853d\u9664cf\u8282\u70b9\u5916\u7684\u6240\u6709ip\u5bf9\u670d\u52a1\u566880\/443\u7aef\u53e3\u7684\u8bbf\u95ee\u3002<br \/>  \u4ee5\u4e0b\u7ed9\u51faDebian\/Ubuntu\u7cfb\u7edf\u4e0b\u5229\u7528ufw\u5de5\u5177\u4e00\u952e\u6dfb\u52a0\u9632\u706b\u5899\u89c4\u5219\u7684\u811a\u672c\uff1a<br \/>  #!\/bin\/bash<\/p>\n<p>  for ipv4 in `curl -s https:\/\/www.cloudflare.com\/ips-v4 | tee ips-v4`<br \/>  do<br \/>  &nbsp; &nbsp; sudo ufw allow from $ipv4 to any port 80<br \/>  &nbsp; &nbsp; sudo ufw allow from $ipv4 to any port 443<br \/>  done<\/p>\n<p>  for ipv6 in `curl -s https:\/\/www.cloudflare.com\/ips-v6 | tee ips-v6`<br \/>  do<br \/>  &nbsp; &nbsp; sudo ufw allow from $ipv6 to any port 80<br \/>  &nbsp; &nbsp; sudo ufw allow from $ipv6 to any port 443<br \/>  done<br \/>  \u79fb\u9664\u4e0a\u8ff0\u89c4\u5219\uff1a<br \/>  #!\/bin\/bash<\/p>\n<p>  for ipv4 in `cat ips-v4`<br \/>  do<br \/>  &nbsp; &nbsp; sudo ufw delete allow from $ipv4 to any port 80<br \/>  &nbsp; &nbsp; sudo ufw delete allow from $ipv4 to any port 443<br \/>  done<\/p>\n<p>  for ipv6 in `cat ips-v6`<br \/>  do<br \/>  &nbsp; &nbsp; sudo ufw delete allow from $ipv6 to any port 80<br \/>  &nbsp; &nbsp; sudo ufw delete allow from $ipv6 to any port 443<br \/>  done<\/p>\n<p>  \uff082\uff09\u90ae\u4ef6\u5934\u4fe1\u606f\u4e00\u822c\u4f1a\u5305\u542b\u57df\u540d\u7b49\u4fe1\u606f\uff0c\u4e5f\u4f1a\u6cc4\u9732ip<br \/>  \u6682\u65f6\u6ca1\u60f3\u5230\u597d\u65b9\u6cd5\uff0c\u5c3d\u91cf\u522b\u7528\u57df\u540d\u90ae\u7bb1\u505a\u7ad9\u70b9\u8054\u7cfb\u65b9\u5f0f<\/p>\n<p>  \uff083\uff09\u626b\u63cf\u4e8c\u7ea7\u57df\u540d\uff0c\u56e0\u4e3a\u4e0d\u5c11\u4e8c\u7ea7\u57df\u540d\u548c\u4e3b\u57df\u540d\u7ed1\u8fc7\u540c\u4e00\u4e2aip<\/p>\n<p>  2. \u9632DDOS\u5185\u6838\u53c2\u6570\u8bbe\u7f6e<br \/>  \u4e3b\u8981\u9632syn\u653b\u51fb\uff0c\u53ef\u6709\u6548\u7f13\u89e3<br \/>  \u5728\/etc\/sysctl.conf\u6dfb\u52a0\u6216\u8bbe\u7f6e\u5982\u4e0b\u53c2\u6570\uff1a<br \/>  #\u5206\u522b\u4e3a\u542f\u7528SYN Cookie\u3001\u8bbe\u7f6eSYN\u6700\u5927\u961f\u5217\u957f\u5ea6\u4ee5\u53ca\u8bbe\u7f6eSYN+ACK\u6700\u5927\u91cd\u8bd5\u6b21\u6570\u3002<br \/>  net.ipv4.tcp_syncookies = 1<br \/>  net.ipv4.tcp_max_syn_backlog = 8192<br \/>  net.ipv4.tcp_synack_retries = 2<\/p>\n<p>  3. \u670d\u52a1\u5668\u7981ping<br \/>  \u6b7b\u4ea1\u4e4bping\uff0c\u5e94\u8be5\u4e0d\u964c\u751f\u3002\u8fd9\u4e2a\u4e3b\u8981\u9632ping flood<br \/>  Debian\/Ubuntu\u4e0b\u5229\u7528ufw\u53ef\u7b80\u5355\u6ce8\u91ca\u6389\/etc\/ufw\/before.rules\u6587\u4ef6\u4e0b\u7684\u5982\u4e0b\u5185\u5bb9\uff1a<br \/>  -A ufw-before-input -p icmp &#8211;icmp-type destination-unreachable -j ACCEPT<br \/>  -A ufw-before-input -p icmp &#8211;icmp-type source-quench -j ACCEPT<br \/>  -A ufw-before-input -p icmp &#8211;icmp-type time-exceeded -j ACCEPT<br \/>  -A ufw-before-input -p icmp &#8211;icmp-type parameter-problem -j ACCEPT<br \/>  -A ufw-before-input -p icmp &#8211;icmp-type echo-request -j ACCEPT<\/p>\n<p>  \u5176\u4ed6\u65b9\u9762\u7684\u5f85\u8865\u5145<\/p>\n<p>  \u6709\u4e0d\u8db3\u6216\u9519\u8bef\u7684\u5730\u65b9\u6b22\u8fce\u5404\u4f4d\u5927\u4f6c\u6307\u51fa  \t\t\t\t<\/p>\n<p>  \t\t\t\t\t<strong>\u830e\u809b\u4e92\u64b8\u5a03<\/strong>  \t\t\t\t\u5927\u4f6c\u6709\u8bdd\u8bf4 : \t<\/p>\n<h3><\/h3>\n<p>  \t\t\u8c22\u8c22\u5566\uff0c\u54c8\u54c8\u54c8\u54c8\uff0cyc005t\t\t\t\t<\/p>\n<p>  \t\t\t\t\t<strong>tir<\/strong>  \t\t\t\t\u5927\u4f6c\u6709\u8bdd\u8bf4 : \t<\/p>\n<h3><\/h3>\n<p>  \t\t\u77e5\u9053\u4e86\u77e5\u9053\u4e86\uff0c\u591a\u8c22\u5206\u4eab\uff01\t\t\t  <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Alanku \u5927\u4f6c\u6709\u8bdd\u8bf4 : \u7b80\u6613&hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[],"tags":[],"_links":{"self":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/167698"}],"collection":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=167698"}],"version-history":[{"count":0,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/167698\/revisions"}],"wp:attachment":[{"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=167698"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=167698"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=167698"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}