Jump to content

nevadies

Member
  • Content Count

    2
  • Joined

  • Last visited

  • Days Won

    2

nevadies last won the day on March 4

nevadies had the most liked content!

About nevadies

  • Birthday 01/07/1978
  1. I was going to sell this. But I have decided to leave the wow EMU scene. If you need assistance on this my discord is WiFi-404Verified#2160 if you need more settings and Kernal setting Pm me on discord! DO NOT PM me with wow-Related question's. Only pm me about Linux stuff. Nodaways seems that every script kid is able to produce a soft DDOS attack, happily they are small and limited so they cant saturate your DNS unless they really know what they are doing. So lets Build some rules that will no longer allow a "Web Booter" to knock your server Offline! lets edit Ip tables first this way we can Stop, all known attacks for a short time, until it is blocked by out Table rules! iptables -I INPUT -p tcp --dport 80 -m state --state NEW -m recent --set iptables -I INPUT -p tcp --dport 80 -m state --state NEW -m recent --update --seconds 20 --hitcount 5 -j DROP ----Now Lets stop Invalid packets iptables -t mangle -A PREROUTING -m conntrack --ctstate INVALID -j DROP Now lets block those Bullshit packets that "skids" Find on pastebin to attack your servers with iptables -t mangle -A PREROUTING -p tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP iptables -t mangle -A PREROUTING -p tcp --tcp-flags FIN,SYN FIN,SYN -j DROP iptables -t mangle -A PREROUTING -p tcp --tcp-flags SYN,RST SYN,RST -j DROP iptables -t mangle -A PREROUTING -p tcp --tcp-flags FIN,RST FIN,RST -j DROP iptables -t mangle -A PREROUTING -p tcp --tcp-flags FIN,ACK FIN -j DROP iptables -t mangle -A PREROUTING -p tcp --tcp-flags ACK,URG URG -j DROP iptables -t mangle -A PREROUTING -p tcp --tcp-flags ACK,FIN FIN -j DROP iptables -t mangle -A PREROUTING -p tcp --tcp-flags ACK,PSH PSH -j DROP iptables -t mangle -A PREROUTING -p tcp --tcp-flags ALL ALL -j DROP iptables -t mangle -A PREROUTING -p tcp --tcp-flags ALL NONE -j DROP iptables -t mangle -A PREROUTING -p tcp --tcp-flags ALL FIN,PSH,URG -j DROP iptables -t mangle -A PREROUTING -p tcp --tcp-flags ALL SYN,FIN,PSH,URG -j DROP iptables -t mangle -A PREROUTING -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP Next Lets Block those Spoofed Servers People Buy Now days iptables -t mangle -A PREROUTING -s 224.0.0.0/3 -j DROP iptables -t mangle -A PREROUTING -s 169.254.0.0/16 -j DROP iptables -t mangle -A PREROUTING -s 172.16.0.0/12 -j DROP iptables -t mangle -A PREROUTING -s 192.0.2.0/24 -j DROP iptables -t mangle -A PREROUTING -s 192.168.0.0/16 -j DROP iptables -t mangle -A PREROUTING -s 10.0.0.0/8 -j DROP iptables -t mangle -A PREROUTING -s 0.0.0.0/8 -j DROP iptables -t mangle -A PREROUTING -s 240.0.0.0/5 -j DROP iptables -t mangle -A PREROUTING -s 127.0.0.0/8 ! -i lo -j DROP Now lets block pings, this way the attack cant see if he got anywhere with his attacks! iptables -t mangle -A PREROUTING -p icmp -j DROP iptables -A INPUT -p tcp -m connlimit --connlimit-above 80 -j REJECT --reject-with tcp-reset iptables -A INPUT -p tcp -m conntrack --ctstate NEW -m limit --limit 60/s --limit-burst 20 -j ACCEPT iptables -A INPUT -p tcp -m conntrack --ctstate NEW -j DROP Now lets stop the HARDEST attack. This will limit the SYN to 2r/s iptables -t mangle -A PREROUTING -f -j DROP iptables -A INPUT -p tcp --tcp-flags RST RST -m limit --limit 2/s --limit-burst 2 -j ACCEPT iptables -A INPUT -p tcp --tcp-flags RST RST -j DROP Lets even set up a Proxy to handle all the SYN that gets past this limit! Aka the Bypass methods iptables -t raw -A PREROUTING -p tcp -m tcp --syn -j CT --notrack iptables -A INPUT -p tcp -m tcp -m conntrack --ctstate INVALID,UNTRACKED -j SYNPROXY --sack-perm --timestamp --wscale 7 --mss 1460 iptables -A INPUT -m conntrack --ctstate INVALID -j DROP now lets also block abnormal Segment sizes iptables -t mangle -A PREROUTING -p tcp -m conntrack --ctstate NEW -m tcpmss ! --mss 536:65535 -j DROP Check ip that attacks netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n Here we will install a program called DSniff apt-get install dsniff Now lets kill the Ip that is attacking tcpkill host ip Now lets make it so that IP can NEVER attack again We have to install a program called Cutter for this apt-get install cutter now lets run cutter cutter NOW when you restart as of now the (Attacker) can just attack again. So lets make it save the "Banned Ips" on restart iptables-save > /etc/iptables.up.rules iptables-restore < /etc/iptables.up.rules Now Lets edit your Kernel. My Kernel settings are No longer included. IF YOU FIND THIS ON ANY OTHER EMU WEBSITE OTHER THAN MMO-SOCIETY PLEASE PM ME ON DISCORD! i have successfully mitigated DDoS attacks that peaked at multiple million packets per second using these rules. i cant even down a Time4VPS server which has NO ddos Protextion with 912 gbps
×
×
  • Create New...