Go Back   vb.org Archive > Community Discussions > Forum and Server Management
Reload this Page Attacks
FAQ Community Calendar Today's Posts Search

Reply
Page 1 of 2 1 2
 
Thread Tools Display Modes
  #1  
Old 07-13-2009, 02:55 AM
Ronald0's Avatar
Ronald0 Ronald0 is offline
 
Join Date: Jan 2009
Posts: 219
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Attacks
DDoS attacks, Botnet attacks, or any other http flood attacks on forums that we all own.

Is it possible to create a scripting of any language to block that such stuff?
Reply With Quote
  #2  
Old 07-13-2009, 03:00 AM
Dismounted's Avatar
Dismounted Dismounted is offline
 
Join Date: Jun 2005
Location: Melbourne, Australia
Posts: 15,047
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Such attacks cannot be effectively "fought" at the server level. They are best dealt with at the router, or with the upstream provider. These are things you cannot do yourself, and are best dealt with by consulting your host.

Also see the other threads in this section.
Reply With Quote
  #3  
Old 07-13-2009, 03:02 AM
Ronald0's Avatar
Ronald0 Ronald0 is offline
 
Join Date: Jan 2009
Posts: 219
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Alright ill read them, but there has to be a way in the software that you can manually plug in the scripting to block all connections over 1000+ from the same ip in 10 seconds or less.
Reply With Quote
  #4  
Old 07-13-2009, 03:09 AM
Dismounted's Avatar
Dismounted Dismounted is offline
 
Join Date: Jun 2005
Location: Melbourne, Australia
Posts: 15,047
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Imagine a pipe to your server. This pipe carries data. If this pipe is full of data, nothing else can get through. Even if you "block" packets at the server level, the pipe is still full...

I'm not saying you can't use software to block incoming connections, I'm just saying it is ineffective for all but the weakest of attacks.
Reply With Quote
  #5  
Old 07-13-2009, 03:15 AM
Ronald0's Avatar
Ronald0 Ronald0 is offline
 
Join Date: Jan 2009
Posts: 219
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I understand that but what are ways you can? like whats been discovered?
Reply With Quote
  #6  
Old 07-13-2009, 06:56 AM
Dismounted's Avatar
Dismounted Dismounted is offline
 
Join Date: Jun 2005
Location: Melbourne, Australia
Posts: 15,047
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
You can use an Apache module, such as mod_evasive.
Reply With Quote
  #7  
Old 07-13-2009, 07:12 AM
Ronald0's Avatar
Ronald0 Ronald0 is offline
 
Join Date: Jan 2009
Posts: 219
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Alright ill look into it. I just need ideas of what to add to my site as well. =X oh well thanks for the help.
Reply With Quote
  #8  
Old 07-13-2009, 02:12 PM
Lynne's Avatar
Lynne Lynne is offline
 
Join Date: Sep 2004
Location: California/Idaho
Posts: 41,180
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
There are also scripts, and command lines, you can use along with the iptables to grab 'bad' ips and block them (google is your friend to find them). Again, this is at the server level and not effective against someone who is determined to cause you problems.
Reply With Quote
  #9  
Old 07-14-2009, 03:22 AM
TECK's Avatar
TECK TECK is offline
 
Join Date: Nov 2001
Location: Canada
Posts: 4,182
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Ronald0 View Post
Alright ill read them, but there has to be a way in the software that you can manually plug in the scripting to block all connections over 1000+ from the same ip in 10 seconds or less.
If a hacker wants your site down, there is nothing you can do about it:
"One common method of attack involves saturating the target (victim) machine with external communications requests, such that it cannot respond to legitimate traffic, or responds so slowly as to be rendered effectively unavailable."

US-Certs confirms it also:
"Unfortunately, there are no effective ways to prevent being the victim of a DoS or DDoS attack, but there are steps you can take to reduce the likelihood that an attacker will use your computer to attack other computers."

Whoever tells you they can stop a DDoS attack, they are telling you big red lies. There is no way in the world you will stop (for example) a russian hacker who wants to keep your site down for a month.
Reply With Quote
  #10  
Old 07-14-2009, 03:53 AM
R1lover's Avatar
R1lover R1lover is offline
 
Join Date: Apr 2006
Location: Northern Ca
Posts: 428
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Ronald0 View Post
Alright ill read them, but there has to be a way in the software that you can manually plug in the scripting to block all connections over 1000+ from the same ip in 10 seconds or less.
CSF&LFD will do this, but again it won't give you full protection.
Reply With Quote
Reply
Page 1 of 2 1 2

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 12:46 AM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05421 seconds
  • Memory Usage 2,251KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete