proestrela 62 Posted December 31, 2014 Boas Pessoal, eu não sou grande expert na materia, nem percebo muita coisa disso, andeia pesquisar para ajudar o oceanus a dar um pouco mais de proteção ao seu servidor e encontrei um tutorial original da freebsd company, onde eles ensinam e explicam como instalar certas proteções...Aqui deixo o link direto para o tutorial espero não estar a infrigir a regras.... https://forums.freebsd.org/threads/unofficial-freebsd-security-checklist-links-resources.4108/">https://forums.freebsd.org/threads/unofficial-freebsd-security-checklist-links-resources.4108/ O Tutorial que se segue a baixo foi retirado da epvpers, Apenas copiei e colei não fiz modificações. (Como não querem links para outras comunidades...) Hello everybody,Today i will post one tutorial, how to block ddos attacks in your freebsd.Do not know if already posted, have not tried, are huge topics, but this works great! First we turn on the firewall (firewall) and we add the following lines to your rc.conf* which is located in the file/etc/: pf_enable="YES"pf_rules="/etc/pf.conf"pf_flags=""pflog_enable="YES"pflog_logfile="/var/log/pflog"pflog_flags="" Now let's configure the firewall, so let's /etc/pf.conf and open it with a text editor we use and add the following lines: block in allpass in quick on lo0pass out quick on lo0table <bloqueo> persist file "/var/db/antiddos(chamamos-lo como quiser eu dei o nome de antiddos.)"block quick from <bloqueo>pass in quick on sis0 proto tcp from any to any port 22 keep statepass in quick on sis0 proto tcp from any to any port 80 keep statepass in quick on sis0 proto tcp from any to any port 3690 keep statepass out all keep state Thus, block inputs. Now let's create "antiddos" (or whatever name you chose) and, therefore, give the following permission: touch /var/db/antiddoschmod 644 /var/db/antiddos Now let's create the script for that call blocking and give you permission to save chmod 751: #!/usr/bin/perl use strict; my @assholes = (); open (IN, "/var/log/auth.log");while (<IN>) { if ($_ =~ /Invalid user.*from ([0-9]+.[0-9]+.[0-9]+.[0-9]+)/) { push(@assholes, $1); } if ($_ =~ /Did not receive identification string from ([0-9]+.[0-9]+.[0-9]+.[0-9]+)/) { push(@assholes, $1); }}close (IN); @assholes = sort {lc($a) cmp lc($b)} @assholes; my @allowedIPs = ();open (IN, "/var/db/allowed-ips");while (<IN>) { if ($_ =~ /[0-9]+.[0-9]+.[0-9]+.[0-9]+/) { push(@allowedIPs, $_); }}close (IN); chop(@allowedIPs); my $tmp = "";foreach my $asshole (@assholes) { if ($asshole eq $tmp) { $asshole = ""; } else { if ($asshole =~ /127.0.0.1/) { $asshole = ""; } if ($asshole =~ /192.168.[0-9]+.[0-9]+/) { $asshole = ""; } foreach my $allowedIP (@allowedIPs) { if ($asshole =~ /$allowedIP/) { $asshole = ""; } } $tmp = $asshole; }} @assholes = sort {lc($b) cmp lc($a)} @assholes; my $popCount = 0;foreach my $asshole (reverse @assholes) { if ($asshole eq "") { $popCount++; }} for (my $i = 0; $i < $popCount; $i++) { pop (@assholes);} my $list = "";foreach my $asshole (@assholes) { $list = $list . $asshole . " ";} exec "/sbin/pfctl -t bloqueo -T add $list"; Now let /etc/syslog.conf and open it for editing and add the following line: auth.info;authpriv.info | exec /usr/bin/perl /sbin/bloqueo.pl thereby running the script to block external ips. I hope you have learned.* Work perfectly. Source: universojuegos, cybergamers Credit: DjZed, Rancoroso Translated by Tiago Font: epvpersCom os melhores cumprimentos... PS: Não sei se ja existem qualquer um dos topicos criados mas assim fica aqui os 2 em 1... EDIT: Tópico Corrigido... 2 GunTL and K3nkσz reacted to this Share this post Link to post Share on other sites
proestrela 62 Posted December 31, 2014 Não sei o porque do topico ficar assim da maneira que esta <.< Share this post Link to post Share on other sites
AdeusParaSempre-@Zé 254 Posted December 31, 2014 Clique lado direito->Colar como texto simples Ou clicar na borracha aí em cima Ou então ctrl+shift+v para colar Share this post Link to post Share on other sites