gelın ddos hakkında lamerlara karsı koymak ıcın bılgılerımızı guclerımızı bırlestırelım ben bıldıkleırmı yazıyorum sızde yazın mod arkadasta bunu sabıtlesın bı zahmet:
başlıyalım:
pico -w /etc/ssh/sshd_config
Find the line '#Port 22' and uncomment it and change it to look like 'Port [Random high level port here]'.
Request an ip from rackshack and create a nameserver using your registar (like the first time) that will point to that ip and wait till it resolves. (Note: You may have to add an A entry/DNS zone using cpanel or whatever you use as your control panel to get this to function.) Make the name of it something like 'ssh.domain.com', or 'shell1.domain.com'.
When it resolves, ssh into your box and find the line '#ListenAddress 0.0.0.0' and make it look like 'ListenAddress ##.##.##.##' replacing the number signs with the ip address.
Find the line '#Protocol 2, 1' and uncomment it and change it to look like 'Protocol 2'
Find the line '#PermitRootLogin yes' and uncomment it and make it look like 'PermitRootLogin no'.
Now restart SSH using the command:
/etc/rc.d/init.d/sshd restart
telnetı kapatalım
pico -w /etc/xinetd.d/telnet
Note: (change disable = no to yes)
Save and Exit
/etc/init.d/xinetd restart
apf kuralım
1. Make /usr/src the current working directory.
cd /usr/src
2. Fetch the most curent verison of APF.
wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz
3. Expand the APF tar.gz file.
tar -xvzf apf-current.tar.gz
4. Remove the tar.gz file.
rm -f apf-current.tar.gz
5. Locate the APF directory.
ls -la
Look for a directory named apf-#.#/ where #.# represents the version of APF being installed (APF version 0.8.7 would be in a directory apf-0.8.7/ and version 0.9 would be in a directory named apf-0.9).
6. Make the APF directory the current working directory.
cd apf-0.9
Use the directory name you located in step 5.
Note that the numbers will change as new versions are released.
7. Run the APF install.
sh ./install.sh
8. Make /etc/apf the current working directory.
cd /etc/apf
9. Edit the conf.apf file as desired.
pico -w conf.apf
A very important part of this firewall you have to edit is the ports. These ports will allow services such as mail, ftp, and ssh come in and out of the server. If you have changed any ports, please modify them below and add/remove as needed.
################
# Common TCP Ports
TCP_CPORTS="21,22,25,26,53,80,110,143,443,2082,2083,2086,2087, 2095,2096,19638" // please note that ports 2082 to port 2095 is mostly used by cpanel, and port 19638 is only use in ensim.
# Common UDP Ports
UDP_CPORTS="53"
################
Note that you must set the DEVM parameter to "0" BUT only after full testing of the firewall. What DEVM does is that once you start APF with DEVM to 1, it will set a cron job to stop APF in 5 minutes so you don't end up locking yourself out.
Turn on Anti-DOS, and the block list for added security.
10. Start APF.
./apf -start
or
service apf start
Note: To stop or restart apf, use the "service apf restart/stop" commands.
11. Set APF to auto restart on reboot:
chkconfig --level 2345 apf on
remove it: chkconfig --del apf
başlıyalım:
pico -w /etc/ssh/sshd_config
Find the line '#Port 22' and uncomment it and change it to look like 'Port [Random high level port here]'.
Request an ip from rackshack and create a nameserver using your registar (like the first time) that will point to that ip and wait till it resolves. (Note: You may have to add an A entry/DNS zone using cpanel or whatever you use as your control panel to get this to function.) Make the name of it something like 'ssh.domain.com', or 'shell1.domain.com'.
When it resolves, ssh into your box and find the line '#ListenAddress 0.0.0.0' and make it look like 'ListenAddress ##.##.##.##' replacing the number signs with the ip address.
Find the line '#Protocol 2, 1' and uncomment it and change it to look like 'Protocol 2'
Find the line '#PermitRootLogin yes' and uncomment it and make it look like 'PermitRootLogin no'.
Now restart SSH using the command:
/etc/rc.d/init.d/sshd restart
telnetı kapatalım
pico -w /etc/xinetd.d/telnet
Note: (change disable = no to yes)
Save and Exit
/etc/init.d/xinetd restart
apf kuralım
1. Make /usr/src the current working directory.
cd /usr/src
2. Fetch the most curent verison of APF.
wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz
3. Expand the APF tar.gz file.
tar -xvzf apf-current.tar.gz
4. Remove the tar.gz file.
rm -f apf-current.tar.gz
5. Locate the APF directory.
ls -la
Look for a directory named apf-#.#/ where #.# represents the version of APF being installed (APF version 0.8.7 would be in a directory apf-0.8.7/ and version 0.9 would be in a directory named apf-0.9).
6. Make the APF directory the current working directory.
cd apf-0.9
Use the directory name you located in step 5.
Note that the numbers will change as new versions are released.
7. Run the APF install.
sh ./install.sh
8. Make /etc/apf the current working directory.
cd /etc/apf
9. Edit the conf.apf file as desired.
pico -w conf.apf
A very important part of this firewall you have to edit is the ports. These ports will allow services such as mail, ftp, and ssh come in and out of the server. If you have changed any ports, please modify them below and add/remove as needed.
################
# Common TCP Ports
TCP_CPORTS="21,22,25,26,53,80,110,143,443,2082,2083,2086,2087, 2095,2096,19638" // please note that ports 2082 to port 2095 is mostly used by cpanel, and port 19638 is only use in ensim.
# Common UDP Ports
UDP_CPORTS="53"
################
Note that you must set the DEVM parameter to "0" BUT only after full testing of the firewall. What DEVM does is that once you start APF with DEVM to 1, it will set a cron job to stop APF in 5 minutes so you don't end up locking yourself out.
Turn on Anti-DOS, and the block list for added security.
10. Start APF.
./apf -start
or
service apf start
Note: To stop or restart apf, use the "service apf restart/stop" commands.
11. Set APF to auto restart on reboot:
chkconfig --level 2345 apf on
remove it: chkconfig --del apf