Author:
erics, December 30th, 2022
Summary Use AWS CloudTrail as the basis for a simple Intrusion Detection System to monitor your AWS account for unwanted activity. Background While I follow best practices for security, it is always possible that a bad actor could obtain my credentials and gain access to my AWS account. Once access is gained, such criminals could […]
Categories: Technology Tags: Attack, AWS, Bad Actor, Cloud, CloudTrail, CloudWatch, Compromise, Crypto, DDOS, Detection, dos, howto, IDS, Intrusion, Intrusion Detection, Mining, tips, Vector
| 
No comments
Author:
erics, October 24th, 2019
All credit to Matt Wilcox for this excellent article, for which this post is based – thank you, Matt! https://mattwilcox.net/web-development/unexpected-ddos-blocking-china-with-ipset-and-iptables/ All commands run as root!
|
|
yum install -y ipset vi blockchina (see below for contents) chmod 755 blockchina ./blockchina |
Do this once only:
|
|
iptables -A INPUT -p tcp -m set --match-set china src -j DROP; service iptables save |
Then add blockchina to the root cron
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
#!/bin/sh # # blockchina # DIR=/etc # Create the ipset list ipset -N china hash:net # remove any old list that might exist from previous runs of this script rm $DIR/cn.zone # Pull the latest IP set for China wget -P $DIR http://www.ipdeny.com/ipblocks/data/countries/cn.zone # Add each IP address from the downloaded list into the ipset 'china' for i in $(cat $DIR/cn.zone ); do ipset -A china $i; done # Update iptables service iptables restart |
Categories: How-To's, Technology Tags: Amazon, Amazon Linux, AWS, Block, China, DDOS, dos, Firewall, ipset, IPTables, Linux, root, traffic
| No comments
Author:
erics, February 21st, 2018
$text = str_replace(“\r”, “”, $text);
Categories: How-To's, Technology Tags: convert, dos, howto, Newline, newlines, php, Strip, tips
| No comments
Author:
erics, July 26th, 2014
I was getting tired of using iptables to block the various hackers and bots constantly slamming my servers (the Chinese are the worst offenders by far – curse them!). I found the Apache module mod_evasive and installed it. Here are links to various articles about mod_evasive: http://www.zdziarski.com/blog/?page_id=442 https://coderwall.com/p/eouy3g http://www.crucialp.com/resources/tutorials/server-administration/flood-protection-dos-ddos-protection-apache-1.3-2.0-mod_dosevasive-avoiding-denial-of-service-attacks.php Add the Module to Apache I […]
Categories: How-To's, Technology Tags: apache, Attack, AWS, AWS Linux, CentOS, DDOS, Defend, dos, evasive, http, mod_evasive, Web
| No comments
Author:
erics, July 8th, 2014
Add the following to either your .htaccess file or to your Apache config:
|
|
<Files xmlrpc.php> Order allow,deny Deny from all </Files> |
Categories: How-To's, Technology Tags: .htaccess, Attack, Block, DDOS, dos, howto, tips, WordPress, xmlrpc
| No comments
Author:
erics, January 20th, 2011
As a webmaster of over a decade, sometimes the load on my server spikes high. Investigation discovered that various bad guys on the Internet were probing/attacking my server on a regular basis. Step One – Be Aware Read your apache logs Actively monitor your servers. I use Nagios running on my home server. Use top […]
Categories: How-To's, Technology Tags: Attack, dos, howto, IPTables, tips
| No comments
Author:
erics, December 30th, 2010
There is no excerpt because this is a protected post.
Categories: BeeGood, Technology Tags: Attack, Denial of Service, dos, nagios
| Enter your password to view comments.
Author:
erics, September 29th, 2009
|
|
To convert DOS line breaks (^M) to UNIX in VIM: |
|
|
:%s/^M/\r/g -OR- :set fileformat=unix |
Categories: How-To's, Technology Tags: convert, dos, line break, linebreak, unix, vim
| No comments
