vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 Programming Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=15)
-   -   DDoS Protection (https://vborg.vbsupport.ru/showthread.php?t=217258)

James Birkett 06-27-2009 11:09 AM
DDoS Protection
 
Alright, so DDoS works by attacking the server with requests which then overloads and fails (to put it basically). Now, this could be stopped (especially the idiots who use 300+ botnets) by creating a simple IP restriction.
How it would work:
A simple script that bans any IP that requests too much in X seconds.
IP1 is the botnet, and it's sending 300-400 requests per second for example. Now a script could be created that basically works by only allowing X requests per X time limit. If any IP address overloads that limit, the IP is banned (and maybe an e-mail notification or something?).
I was wondering if someone could create this, it sure as hell would help a lot of members secure their vBulletin servers.

Nassou 06-27-2009 11:30 AM
Look this bash script maybe it help you :

log to your server and do this
Quote:
wget http://www.inetbase.com/scripts/ddos/install.sh
chmod 0755 install.sh
./install.sh
It'll create a cron to run it every 5 minutes, but you can run it manually with "cd /usr/local/ddos/;./ddos.sh". or
Code:
cd /usr/local/ddos/
sh ddos.sh
You can configure it here :

nano /usr/local/ddos/ddos.conf

Set NO_OF_CONNECTIONS=60 and BAN_PERIOD=10000

but you can , run it manually to block IPs rapidly.


More informations > http://deflate.medialayer.com/

James Birkett 06-27-2009 11:52 AM
So basically this downloads install.sh into the webroot, CHMOD's it to 755?
Also, this isn't very effective to me as the webserver isn't mine. I just host my domain on it :rolleyes:
That's why I was looking for a script of some kind, so that I could implement it into the actual site as I am getting DDoS at my site and not the actual webserver.

Nassou 06-27-2009 12:04 PM
Quote:
Originally Posted by James Birkett (Post 1838366)
So basically this downloads install.sh into the webroot, CHMOD's it to 755?
Also, this isn't very effective to me as the webserver isn't mine. I just host my domain on it :rolleyes:
That's why I was looking for a script of some kind, so that I could implement it into the actual site as I am getting DDoS at my site and not the actual webserver.
Your webserver should have a ddos protection , you can do this in php but i don't think it will be efficace...

you know the protection should be in the server...

James Birkett 06-27-2009 12:56 PM
Hmm, a user was able to DDoS with 300+ botnets and take down my forum. Surely it wouldn't need to be effective, as long as it can identify the requests and auto-ban the IP address that is causing the requests?

Zachery 06-27-2009 01:05 PM
There is not anything you can do at the vBulletin application level, this needs to be stoped much sooner in the OS. A software or firewall hardware to shut down the requests before they get anywhere in the server is really required.

Andreas 06-28-2009 08:03 AM
There is not much you could do against DDoS even at server level - if the attacker has enough bandwidth he could flood you with so many packets that your full bandwidth (100MBit most likely) is used.

Such scenarios can probably only be handeled by your co-location partner.


All times are GMT. The time now is 11:58 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01107 seconds
  • Memory Usage 1,726KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_code_printable
  • (2)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (7)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete