設為首頁

收藏本站

導覽首頁 | 新登場    ◇聯盟溫泉 | 民宿 | 人力銀行 | 女性 |

類型:Linux_commend

CSF PORTFLOOD, csf
避免DDOS攻擊,可以設定:

限制每秒允許20連繫HTTP

PORTFLOOD = "80;tcp;20;1"

如果要避免郵件伺服器遭到攻擊,可以設定 22;tcp;5;300 (三百杪允許連繫五次以內)

所以,HTTP+SMTP設定為

PORTFLOOD = "80;tcp;20;1,22;tcp;5;300"


SYNFLOOD
SYNFLOOD is disabled by default. If you are not receiving any sort of attack, there is no need to enable it. If you are expecting an attack, enable it and set the rules a bit strict, like
SYNFLOOD = "1"  #設為使用
SYNFLOOD_RATE = "60/s"  #每秒敲求連接次數
SYNFLOOD_BURST = "30"  #連續超過30次異常大量連接要求
#如果連續超過30次從某個個別IP每秒鐘收到60次以上的連接請求,則封鎖這個IP。(亦即某個IP連續向伺服器發出大量連接請求。即加以封鎖。)

i.e. if 60 connections are received from an IP/sec for 30 times, block it. Make sure don’t keep it too strict if you are not receiving an attack else it will generate false positives and will block legit connections.

PORTFLOOD

PORTFLOOD = 80;tcp;100;5,22;tcp;5;300

ie, If an IP makes 100 connections in 5 sec to port 80 (tcp), then it will be blocked from the server and if 5 connections in 300 sec to 22 port.

# Send an email alert if an IP address is blocked by one of the
  • triggers
    csf 信件提示
    不寄信
    LF_EMAIL_ALERT = "0"
    寄信
    LF_EMAIL_ALERT = "1"

    EMAIL_ALERT可以查出更多寄信通知設定EMAIL_ALERT=,並手動設定為1或0(要不要通知)

    # Leave this option empty to use the To: field setting in each alert template
    csf提醒通知
    LF_ALERT_TO = " abc@domain.com"





  • 104休閒信箱 2.3.0 © 104mm.com 2001 - 2018. 您尚未登錄
    Page generated in 0.01015592 seconds with 3 Queries