Traffic throttling using iptables
It can be useful in certain cases to limit the frequency of certain request as described here.
Key code:
iptables -I INPUT -p tcp –dport 22 -i eth0 -m state –state NEW -m recent \
…
It can be useful in certain cases to limit the frequency of certain request as described here.
Key code:
iptables -I INPUT -p tcp –dport 22 -i eth0 -m state –state NEW -m recent \
…
Some South African IPs have been SYN flooding my website today.
The proposed solution was to enable SYN cookies in /etc/sysctl.conf:
net.ipv4.tcp_syncookies=1
net.ipv4.tcp_max_syn_backlog=2048
net.ipv4.tcp_synack_retries=3
When one works over ssh, ‘sysctl -p /etc/sysctl.conf’ can be used to activate the changes.
Read More →Short time after cleaning up the infection, the attacks renewed, bringing down the website on periodical basis.
After some digging, it looked like some Chinese based IPs were hitting xmlrpc.php on port 80 and brute forcing …
Read More →Below steps are based on this article.
It is assumed that OpenVPN configuration files will be located under /etc/openvpn .
If you haven’t done it already, then install openvpn ‘opkg update’ followed by ‘opkg install openvpn-openssl’
scp …
The setup has been made primarily using the information here.
I. Remove your existing driver
If you have the default driver, then the instructions are:
opkg update
opkg remove kmod-b43
II. Install broadcom-wl driver mentionned here and some …
Read More →Our website appears to have been the victim of an attack.
At first, it was difficult to assess what was happening.
The box on which it has been running kept going down.
It seemed like a problem with the …
Read More →