firewall & pinguin: iptables where do thou go? it is said that when using “ip-sets” iptables and nftables achieve almost same performance (amounts of ips possible to block, without server becoming slow/unresponsive) Redhat and nftables on DDoS “so the only […]
please see: https://dwaves.de/2019/01/08/fail2ban-manually-ban-and-unban-ip/
if fail2ban fails to ban: https://dwaves.de/2017/07/27/centos7-replaced-firewall-iptables-with-firewalld-iptables-vs-nftables-benchmark-performance-comparison-scalability-when-facing-ddos-scenarios vim /etc/fail2ban/jail.conf; # open up the config file that defines all the defaults # find those lins: # # Destination email address used solely for the interpolations in # jail.{conf,local} configuration files. destemail = […]
if fail2ban fails to ban: https://dwaves.de/2017/07/27/centos7-replaced-firewall-iptables-with-firewalld-iptables-vs-nftables-benchmark-performance-comparison-scalability-when-facing-ddos-scenarios/ but also whole companies from israel are offering tools to nuke off your webserver with “rented” DDoS attacks vim /etc/fail2ban/jail.local; # add those lines: [apache] enabled = true port = http,https filter = apache-auth […]
update: 2020: last time checked fail2ban was INCOMPATIBLE with nftables (next version of iptables) so either one uninstalls nftables and installs “pure” iptables fail2ban might not do what is expected. might also be interesting: automatically banning ssh bruteforce via cron […]
if fail2ban fails to ban: https://dwaves.de/2017/07/27/centos7-replaced-firewall-iptables-with-firewalld-iptables-vs-nftables-benchmark-performance-comparison-scalability-when-facing-ddos-scenarios KEEP IN MIND: OVERLOAD OF WEBSERVER MIGHT BE FROM BRUTEFORCE OR DDoS!!! (512MB RAM was “enogh RAM” for a webserver in those days X-D) sudden spikes of (botnet) traffic might deplete your RAM via […]
# become root su – root; # rpm based yum install nmap # apt based apt install nmap # find snmp enabled devices # (UDP port 161, can not be tested with telnet (can only do TCP)) nmap -sU -p […]
firewall & pinguin: iptables where do thou go? it is said that when using “ip-sets” iptables and nftables achieve almost same performance (amounts of ips possible to block, without server becoming slow/unresponsive) Redhat and nftables on DDoS “so the only […]
Why the EU hates facebook? Captured states – e-Privacy Regulation victim of a “lobby onslaught” The politicians there are afraid that facebook can be used against them – and “Steve Bannon’s bold plan to start a populist revolution in Europe” is […]
who is who? concepts: docker is written in Google Go by Docker Inc, SanFrancisco because it does not emulate any hardware – it is a linux container / sandbox or jail like Free BSD Jail or Solaris Zones or OpenVZ so […]
What is docker? (src) Docker is the world’s leading software container platform. Developers use Docker to eliminate “works on my machine” problems when collaborating on code with co-workers. Operators use Docker to run and manage apps side-by-side in isolated containers […]
firewall & pinguin: iptables where do thou go? it is said that when using “ip-sets” iptables and nftables achieve almost same performance (amounts of ips possible to block, without server becoming slow/unresponsive) Redhat and nftables on DDoS “so the only […]
In General: while a update/upgrade between major releases in theory is always “possible” – i realized it comes with a lot of problems. A complete reinstall “from scratch” is probably always the cleaner approach. apt-get dist-upgrade; # fails miserably because […]
[cc lang=”bash” escaped=”true” width=”600″] ps -eo size,pid,user,command –sort -size | awk ‘{ hr=$1/1024 ; printf(“%13.2f Mb “,hr) } { for ( x=4 ; x
if fail2ban fails to ban: have a look here: https://configserver.com/cp/csf.html tcp wrapper (tcpd) tcpd.man.txt Centos5 documentation (Centos7 does not have it installed per default can be installed like this: yum install xinetd*) To control access to Internet services, use xinetd, […]
while fencing of DDoS is a science of itself, a little .htaccess can help provide additional security: https://dwaves.de/2019/03/04/how-to-htaccess-limit-wordpress-searches/ in my opinion this is just plain stupid… luckily fail2ban is realitvely fast in stopping those attacks… but they also put strain […]
tested on vesta cp (apach2+nginx+Debian 8.7) this script could be placed into a file called: /scripts/mon_webserver_activity.sh [cc lang=”bash” escaped=”true” width=”600″] #!/bin/bash #sh -c ‘tail -f /var/log/vesta/*.log && tail -f /var/log/nginx/*.log’ & tail -f /var/log/vesta/*.log & tail -f /var/log/nginx/*.log & [/cc] […]
if fail2ban fails to ban: https://dwaves.de/2017/07/27/centos7-replaced-firewall-iptables-with-firewalld-iptables-vs-nftables-benchmark-performance-comparison-scalability-when-facing-ddos-scenarios Update! “Within hours of that story running, the two alleged owners — 18-year-old Israeli men identified in the original report — were arrested in Israel in connection with an FBI investigation into the shady […]