Prevent DDOS Attacks

C

computerwis

Acquaintance
Joined
Aug 9, 2010
Messages
49
Reaction score
0
FP$
542
This is a script to protect your forum or server from simple DDOS attacks. This script uses AWK magic, with netstat, to show connections per IP on the server.

This script will block ip's which try to make ddos attacks. It is proven and it will work.

Code is here:
Code: 
#!/usr/bin/env python
import os, time
CONLIMIT = 20
SLEEP = 12
Round = 0
Banned = 0
while True:
Round += 1
for Line in os.popen("netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n", "r").read().split("\n"):
  List = Line.split(" ")
  try:
   if int(List[-2]) > CONLIMIT:
    os.system( "route add %s gw 127.0.0.1 lo" % ( List[ -1 ] ) )
    print "Banning %s...." % ( List[ -1 ] )
    Banned += 1
  except Exception:
    pass
print "Round: %s Bans: %s" % ( str(Round), str(Banned) )
time.sleep(SLEEP)
 
I'm gonna run this by my techy-head friend, just to make sure there's nothing bad hiding in that there code, but I'm pretty sure that you just made my day.

Thanks for sharing 🙂
 
SSH is required to run this script, you have to edit this file:usr/bin/env python
 
I have some issue at offwalk, I think similar one
Please come and check
G!

computerwis said:
This is a script to protect your forum or server from simple DDOS attacks. This script uses AWK magic, with netstat, to show connections per IP on the server.

This script will block ip's which try to make ddos attacks. It is proven and it will work.

Code is here:
Code: 
#!/usr/bin/env python
import os, time
CONLIMIT = 20
SLEEP = 12
Round = 0
Banned = 0
while True:
Round += 1
for Line in os.popen("netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n", "r").read().split("\n"):
  List = Line.split(" ")
  try:
   if int(List[-2]) > CONLIMIT:
    os.system( "route add %s gw 127.0.0.1 lo" % ( List[ -1 ] ) )
    print "Banning %s...." % ( List[ -1 ] )
    Banned += 1
  except Exception:
    pass
print "Round: %s Bans: %s" % ( str(Round), str(Banned) )
time.sleep(SLEEP)
Click to expand...
 
Thanks for this! I'll run this by my co-administrator (tecchy) as well!
 
You can't prevent DDOS attacks like that. The whole idea is that there are sooooo many attackers that you can't ban their IPs. That's why it's called distributed.
 
Cosmic said:
You can't prevent DDOS attacks like that. The whole idea is that there are sooooo many attackers that you can't ban their IPs. That's why it's called distributed.
Click to expand...
Exactly :yes:
 
You must log in or register to reply here.

About Us

Since 2007, Forum Promotion has specialized in providing advertising solutions to webmasters looking to promote their communities. We pride ourselves in being the bridge that connects forum administrators, bloggers, and more.

Sponsors

Affiliates

    Universal Gaming The Coffee House

Stay Connected

Back
Top Bottom