Views
From digital-bit.ch's wiki
just a snippet for old crappy iptables
netstat -n|grep -v FIN_WAIT|awk '/80/ { printf $5 "\n" }'| awk -F ":" '{ printf $1 "\n"}'| \
sort| uniq -c|sort|tail -n10|awk '{ printf $2 "\n" }'|while read i; do iptables -A INPUT -p tcp --dport 80 -s $i -j DROP; done
better use connection limits like:
iptables -A INPUT -p tcp --syn --dport 80 -m connlimit --connlimit-above 10 -j REJECT
we all love cookies
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
more snipplin', for this one you need IPs of Drones in a file called doser
for i in $( cat doser ); do whois $i|awk '/inetnum/ { print $2 $3 $4 }'| xargs -n1 ipcalc| \
grep -v deagg; done|egrep '(digit:{1,3}\.){3}digit:{1,3}'| egrep -v "(Broad|Host|Network|Netmask|ipcalc|Address|Wildcard)"
BlogMarks
del.icio.us
digg
Slashdot
