- 论坛徽章:
- 0
|
这几天一直被攻击,很多IP确定的连接都是上百个,想限制IP的并发连接数,暂时不用IPFW,服务器不能停,
现在使用MOD_LIMITIP限制IP连接数没能成功
# wget http://dominia.org/djao/limit/mod_limitipconn-0.22.tar.gz
# tar –zxvf mod_limitipconn-0.22.tar.gz
# cd mod_limitipconn-0.22
# vi Makefile
修改相关路径适应你的系统 这里我什么都没改,我改什么都make install 不下去了
# make install
# vi /usr/local/etc/apache22/httpd.conf
=========+===========+===========+============
<IfModule mod_limitipconn.c>
<Location /usr/local/www/apache22/data/jmxy> //设置要控制的目录
MaxConnPerIP 10 //限制单IP最大进程数
</Location>
然后发现攻击者IP连接数量还是那么多,晕了!攻击信息
tcp4 0 0 218.199.48.20.80 119.36.170.158.54093 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.53781 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.54152 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.54146 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.54117 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.54110 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.54077 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.54057 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.54048 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.54028 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.54019 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.54018 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.53987 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.53940 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.53930 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.53919 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.53897 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.53879 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.53836 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.53829 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.53808 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.53751 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.53731 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.170.158.53684 ESTABLISHED
tcp4 0 0 218.199.48.20.80 58.19.202.18.13769 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44881 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44879 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44883 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44882 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44880 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44878 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44834 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44833 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44832 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44831 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44830 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44829 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44742 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44683 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44792 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44820 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44810 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44808 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44789 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44771 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44782 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44779 ESTABLISHED
tcp4 0 0 218.199.48.20.80 119.36.153.133.44772 ESTABLISHED
tcp4 0 0 218.199.48.20.80 222.58.8.100.2284 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2282 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2280 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2278 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2276 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2274 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2272 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2270 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2268 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2266 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2264 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2262 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2260 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2258 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2256 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2254 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2252 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2250 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2248 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2246 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2244 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2242 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2283 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2281 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2279 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2277 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2275 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2273 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2271 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2269 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2267 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2265 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2263 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2261 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2259 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2257 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2255 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2253 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2251 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2249 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2247 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2245 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2243 SYN_RCVD
tcp4 0 0 218.199.48.20.80 222.58.8.100.2241 SYN_RCVD
在线等!!
LoadModule limitipconn_module libexec/apache22/mod_limitipconn.so 模块已经加载了,为什么不生效了!
apache重启也出现错误信息,以前没有的,难道是攻击导致的!
Performing sanity check on apache22 configuration:
Syntax OK
apache22 not running? (check /var/run/httpd.pid).
Performing sanity check on apache22 configuration:
Syntax OK
Starting apache22.
(4 Address already in use: make_sock: could not bind to address 218.199.48.20:80
no listening sockets available, shutting down
Unable to open logs大家给点建议啊!
[ 本帖最后由 smilecat 于 2008-10-9 10:49 编辑 ] |
|