Team BlueWater Game Online Tutorial's
Bine ati venit la Team-BlueWater!!Tutorial's 4 all Games!

[Release] Protectie Optima Dedicat

View previous topic View next topic Go down

[Release] Protectie Optima Dedicat

Post  Karma on Mon Feb 13, 2012 2:19 am

Este vorba de un FireWall preinstalat in Free BSD , PF (Packet Filter),nativ in Open BSD, acest FireWall este in grad de a bloca:

-Brute Force
-Spoofing -ul
-Dos Attack
-DDos
-RDos

Intram in WinSCp in folderul etc/ si deschideti fisierul rc.conf;
In josul acestei pagini adaugati aceste randuri :
Code:
# Fisier de Configurare By Nytro
ext_if="re0"

table <spamd-white> persist

set skip on lo

antispoof log for $ext_if

pass in on $ext_if proto tcp to ($ext_if) port 22 # Adaugati port ssh
pass in log on $ext_if proto tcp to ($ext_if) port 3306 # Adaugati port mysql
pass out on $ext_if proto tcp from ($ext_if) port 22 # Adaugati port ssh
pass out on $ext_if proto tcp from ($ext_if) port 3306 # Adaugati port mysql

webserver_ip="Aici Ip-ul vostru" # <- Adaugati ip-ul dedicatului intre aceste doua " "
table <abusive_ips> persist file "/pf/pf.block.list"
block in quick from <abusive_ips>
#Aici jos in locul portului SSH 22,adaugati portul folosit de voi.Acesta este un script care blocheaza Brute Force - ingul,limiteaza conexiunile in portul 22 la 10,la fiecare 40 de secunde!
pass in quick on $ext_if inet proto tcp from any to ($ext_if) port 22 keep state (max-src-conn-rate 10/40, overload <abusive_ips> flush global)
# Aici in locul portului 21000 adaugati portul fiecarui Core Games, Db si Auth,desigur,pentru fiecare port in parte,un rand cu scriptul de mai jos.Aici se limiteaza conexiunile la maxim 100,cu o viteza de 15,la fiecare 5 secunde;Aceste valori trebuie modificate in baza utilizatorilor
pass in on $ext_if proto tcp to $webserver_ip port 21000 flags S/SA keep state (max-src-conn 100, max-src-conn-rate 15/5, overload <abusive_ips> flush)
Daca nu ati inteles nimic din modelul de mai sus;
Aici aveti un model de configurare care poate fii rulat,tot ce trebuie modificat sunt porturile si Ip-ul :
Code:
# Fisier de Configurare By Nytro
ext_if="re0"

table <spamd-white> persist

set skip on lo

antispoof log for $ext_if

pass in on $ext_if proto tcp to ($ext_if) port 1666
pass in log on $ext_if proto tcp to ($ext_if) port 3306
pass out on $ext_if proto tcp from ($ext_if) port 1666
pass out on $ext_if proto tcp from ($ext_if) port 3306

webserver_ip="217.23.1.134"
table <abusive_ips> persist file "/pf/pf.block.list"
block in quick from <abusive_ips>
pass in quick on $ext_if inet proto tcp from any to ($ext_if) port 1666 keep state (max-src-conn-rate 10/40, overload <abusive_ips> flush global)
pass in on $ext_if proto tcp to $webserver_ip port 13099 flags S/SA keep state (max-src-conn 300, max-src-conn-rate 45/5, overload <abusive_ips> flush)
pass in on $ext_if proto tcp to $webserver_ip port 21888 flags S/SA keep state (max-src-conn 300, max-src-conn-rate 45/5, overload <abusive_ips> flush)
pass in on $ext_if proto tcp to $webserver_ip port 21887 flags S/SA keep state (max-src-conn 300, max-src-conn-rate 45/5, overload <abusive_ips> flush)
pass in on $ext_if proto tcp to $webserver_ip port 21982 flags S/SA keep state (max-src-conn 300, max-src-conn-rate 45/5, overload <abusive_ips> flush)
pass in on $ext_if proto tcp to $webserver_ip port 21886 flags S/SA keep state (max-src-conn 300, max-src-conn-rate 45/5, overload <abusive_ips> flush)
pass in on $ext_if proto tcp to $webserver_ip port 21981 flags S/SA keep state (max-src-conn 300, max-src-conn-rate 45/5, overload <abusive_ips> flush)
pass in on $ext_if proto tcp to $webserver_ip port 11000 flags S/SA keep state (max-src-conn 300, max-src-conn-rate 45/5, overload <abusive_ips> flush)
pass in on $ext_if proto tcp to $webserver_ip port 3306 flags S/SA keep state (max-src-conn 300, max-src-conn-rate 45/5, overload <abusive_ips> flush)
Acum dupa ce am configurat pf.conf,salvati,inchideti iar apoi din consola putty dati urmatoarea comanda:

/etc/rc.d/pf start

Daca in caz ca schimbati regulile din pf.conf (acele script-uri),nu este nevoie sa restartati serverul,trebuie data doar urmatoarea comanda:

/etc/rc.d/pf stop && /etc/rc.d/pf start

Pentru a vizualiza statusul PF -ului nostru dati urmatoarea comanda:

/etc/rc.d/pf status

Perfect! Ati configurat si instalat PF in dedicatul vostru,asiguranduva astfel o protectie OPTIMA !

Update 1 :

O erroare care poate aparea este aceasta :

/etc/rc.d/pf start
/etc/rc.d/pf: WARNING: /pf/pf.conf is not readable.


O metoda de rezolvare ar fii :

In caz ca apare aceasta problema de mai sus scrieti in consola putty urmatoarea comanda :

chmod a+r /pf/pf.conf

Si ar trebui sa fie functionabila aceasta metoda !

_________________
[You must be registered and logged in to see this image.]
avatar
Karma
Admin
Admin

Mesaje : 1092
Data de inscriere : 2011-04-22
Varsta : 26
Localizare : Craiova

View user profile http://team-bluewater.forumz.ro

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum