OVH Community, your new community space.

[ SynFlood & PortScan ] protection


natran
12.03.2009, 07.04
Due semplici e abbastanza utili esempi per mitigare - ridurre synflood e portscan:

Codice:
$IPTABLES -A FORWARD -p tcp --syn -m limit --limit-burst 5 -j ACCEPT
$IPTABLES -A FORWARD -p tcp --syn -j LOG --log-prefix "SYN flood: "
--log-ip-options --log-tcp-options
$IPTABLES -A FORWARD -p tcp --syn -j DROP
Codice:
$IPTABLES -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit
--limit-burst 1 -j ACCEPT
$IPTABLES -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -j LOG
--log-prefix "Portscan: " --log-ip-options --log-tcp-options
$IPTABLES -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -j DROP
Salvare le citate regole e riavviare iptables