리눅스 DDOS 공격 예방법

  • 패스워드 공격 :

iptables -A INPUT -p tcp –dport 22 -m state –state NEW -m recent –set –name SSHSCAN

iptables -A INPUT -p tcp –dport 22 -m state –state NEW -m recent –update –seconds 60 –hitcount 8 –rttl –name SSHSCAN -j LOG –log-prefix SSH_SCAN:

iptables -A INPUT -p tcp –dport 22 -m state –state NEW -m recent –update –seconds 60 –hitcount 8 –rttl –name SSHSCAN -j DROP

혹은 ..

# /etc/rc.d/init.d/iptables save
# vi /etc/sysconfig/iptables

# Generated by iptables-save v1.4.7 on Mon Nov 24 18:13:04 2014
*filter
:INPUT ACCEPT [77821:18947147]
# 룰 추가
-A INPUT -p tcp –dport 22 -m state –state NEW -m recent –set –name SSHSCAN
-A INPUT -p tcp –dport 22 -m state –state NEW -m recent –update –seconds 60 –hitcount 8 –rttl –name SSHSCAN -j LOG –log-prefix SSH_Scan:
-A INPUT -p tcp –dport 22 -m state –state NEW -m recent –update –seconds 60 –hitcount 8 –rttl –name SSHSCAN -j DROP
# 룰 추가 끝
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [76355:16945171]
COMMIT
# Completed on Mon Nov 24 18:13:04 2014

# /etc/rc.d/init.d/iptables start
# chkconfig –level 345 iptables on

fail2ban 설치. http://www.fail2ban.org

– DDos 공격 :

iptables -A INPUT -p tcp –dport 80 -m recent –update –seconds 1 –hitcount 10 –name HTTP -j DROP

서진우

서진우

슈퍼컴퓨팅 전문 기업 클루닉스/ 상무(기술이사)/ 정보시스템감리사/ 시스존 블로그 운영자

You may also like...

페이스북/트위트/구글 계정으로 댓글 가능합니다.