[질문] 구글 Anti-DDos php Script 적용 하는법? 정보
[질문] 구글 Anti-DDos php Script 적용 하는법?본문
http://sir.co.kr/bbs/tb.php/g4_tiptech/18180/d1942a032fbbda3aee78f7ede55a1cab
에그당님이 예전에 위 글을 올리셨는데,
저희 사이트에 트래픽 유발해서 CPU사용량을 100% 만들어서 렉이 걸리게
공격하는 일이 계속 발생하고 있는데요.
php를 모르다보니 이 소스를 어떻게 적용해야 할지 몰라서 질문 드립니다.
extend 폴더에 그냥 넣으면 되는지 아니면 소스를 head 에 삽입해야 하는지...
좀 알려주시면 감사드리겠습니다. 꼭 필요해서요.
-------------------- Anti-DDos php Script 전문 ----------------------
<?php
/*
Yangon Ethical Hacker Group's DDoS Shield Beta 1.02
Proof of Concept and modified by br0 AKA TweetyCoaster(Myanmar, http://www.yehg.org)
0.9/Add remote IP to Warning messages modified by SaturnGod
(Myanmar, http://www.mysteryzillion.com, http://edu.mysteryzillion.com)
30-July-2008(Wednesday)
1.01/Added mailing system on 31-July-2008(Thursday) by TweetyCoaster
1.02/Added cross icon and seconds of at mail subject
on 31-July-2008(Thursday) by TweetyCoaster
Based on a PHP script written by an unkown programmer(who we forgot name).
Special thanks to him/her.
================= How To Setup ============================
------------------------------------------------------------
Copy this file and folder to same folder of ur index.php.
Add following line to ur index.php, after symbol "<?php"
include("tweety.php");
O.K. Now .... Ready to prevent .... !! good luck guys.... !! :-)
------------------------------------------------------------
*/
// INITIALIZATIONS:
// Set Value as ur choice but read first comment beside of values !!!!
// I set it up my choice now !!!
// Fixed:
$crlf=chr(13).chr(10);
$itime=3; // minimum number of seconds between one-visitor visits
$imaxvisit=10; // maximum visits in $itime x $imaxvisits seconds
$ipenalty=($itime * $imaxvisit); // minutes for waitting
$iplogdir="./Tweetylogs/";
$iplogfile="AttackersIPs.Log";
// Time
$today = date("Y-m-j,G");
$min = date("i");
$sec = date("s");
$r = substr(date("i"),0,1);
$m = substr(date("i"),1,1);
$minute = 0;
// Set ur admin's email address and others as u like
$to = '*** 개인정보보호를 위한 이메일주소 노출방지 ***' . "\r\n" . // change as ur wish
'X-Mailer: yehg.net DDoS Attack Shield';
$subject = "Warning of Possible DoS Attack @ $today:$min:$sec";
// Warning Messages:
$message1='<font color="red">Temporarily under heavy traffic or some like as DoS attack !!!</font><br>';
$message2='Please wait ... ';
$message3=' seconds or try again after some minutes from now.<br>';
$message4='<font color="blue">Protected by TweetyCoaster Little Lady Baby DDoS Shield !!!</font><br>If you are a human, change IP or using freedom, ultra surf etc.<br>We temporarily banned IP <b>'.$_SERVER["REMOTE_ADDR"].' </b>from DoS attack.';
$message5=' Your site got attacking or bot like visiting from IP address: '.$_SERVER["REMOTE_ADDR"];
$message6='<br><img src="./Tweetylogs/cross.gif" alt="" border="0">';
//---------------------- End of Initialization ---------------------------------------
// Get file time:
$ipfile=substr(md5($_SERVER["REMOTE_ADDR"]),-3); // -3 means 4096 possible files
$oldtime=0;
if (file_exists($iplogdir.$ipfile)) $oldtime=filemtime($iplogdir.$ipfile);
// Update times:
$time=time();
if ($oldtime<$time) $oldtime=$time;
$newtime=$oldtime+$itime;
// Check human or bot:
if ($newtime>=$time+$itime*$imaxvisit)
{
// To block visitor:
touch($iplogdir.$ipfile,$time+$itime*($imaxvisit-1)+$ipenalty);
header("HTTP/1.0 503 Service Temporarily Unavailable");
header("Connection: close");
header("Content-Type: text/html");
echo '<html><head><title>Overload Warning by Little Lady Baby DDoS Shield beta 1.02!!!</title></head><body><p align="center"><strong>'
.$message1.'</strong>'.$br;
echo $message2.$ipenalty.$message3.$message4.$message6.'</p></body></html>'.$crlf;
// Mailing Warning Message to Site Admin
{
@mail($to, $subject, $message5, $headers);
}
// logging:
$fp=@fopen($iplogdir.$iplogfile,"a");
if ($fp!==FALSE)
{
$useragent='<unknown user agent>';
if (isset($_SERVER["HTTP_USER_AGENT"])) $useragent=$_SERVER["HTTP_USER_AGENT"];
@fputs($fp,$_SERVER["REMOTE_ADDR"].' on '.date("D, d M Y, H:i:s").' as '.$useragent.$crlf);
}
@fclose($fp);
exit();
}
// Modify file time:
touch($iplogdir.$ipfile,$newtime);
?>
에그당님이 예전에 위 글을 올리셨는데,
저희 사이트에 트래픽 유발해서 CPU사용량을 100% 만들어서 렉이 걸리게
공격하는 일이 계속 발생하고 있는데요.
php를 모르다보니 이 소스를 어떻게 적용해야 할지 몰라서 질문 드립니다.
extend 폴더에 그냥 넣으면 되는지 아니면 소스를 head 에 삽입해야 하는지...
좀 알려주시면 감사드리겠습니다. 꼭 필요해서요.
-------------------- Anti-DDos php Script 전문 ----------------------
<?php
/*
Yangon Ethical Hacker Group's DDoS Shield Beta 1.02
Proof of Concept and modified by br0 AKA TweetyCoaster(Myanmar, http://www.yehg.org)
0.9/Add remote IP to Warning messages modified by SaturnGod
(Myanmar, http://www.mysteryzillion.com, http://edu.mysteryzillion.com)
30-July-2008(Wednesday)
1.01/Added mailing system on 31-July-2008(Thursday) by TweetyCoaster
1.02/Added cross icon and seconds of at mail subject
on 31-July-2008(Thursday) by TweetyCoaster
Based on a PHP script written by an unkown programmer(who we forgot name).
Special thanks to him/her.
================= How To Setup ============================
------------------------------------------------------------
Copy this file and folder to same folder of ur index.php.
Add following line to ur index.php, after symbol "<?php"
include("tweety.php");
O.K. Now .... Ready to prevent .... !! good luck guys.... !! :-)
------------------------------------------------------------
*/
// INITIALIZATIONS:
// Set Value as ur choice but read first comment beside of values !!!!
// I set it up my choice now !!!
// Fixed:
$crlf=chr(13).chr(10);
$itime=3; // minimum number of seconds between one-visitor visits
$imaxvisit=10; // maximum visits in $itime x $imaxvisits seconds
$ipenalty=($itime * $imaxvisit); // minutes for waitting
$iplogdir="./Tweetylogs/";
$iplogfile="AttackersIPs.Log";
// Time
$today = date("Y-m-j,G");
$min = date("i");
$sec = date("s");
$r = substr(date("i"),0,1);
$m = substr(date("i"),1,1);
$minute = 0;
// Set ur admin's email address and others as u like
$to = '*** 개인정보보호를 위한 이메일주소 노출방지 ***' . "\r\n" . // change as ur wish
'X-Mailer: yehg.net DDoS Attack Shield';
$subject = "Warning of Possible DoS Attack @ $today:$min:$sec";
// Warning Messages:
$message1='<font color="red">Temporarily under heavy traffic or some like as DoS attack !!!</font><br>';
$message2='Please wait ... ';
$message3=' seconds or try again after some minutes from now.<br>';
$message4='<font color="blue">Protected by TweetyCoaster Little Lady Baby DDoS Shield !!!</font><br>If you are a human, change IP or using freedom, ultra surf etc.<br>We temporarily banned IP <b>'.$_SERVER["REMOTE_ADDR"].' </b>from DoS attack.';
$message5=' Your site got attacking or bot like visiting from IP address: '.$_SERVER["REMOTE_ADDR"];
$message6='<br><img src="./Tweetylogs/cross.gif" alt="" border="0">';
//---------------------- End of Initialization ---------------------------------------
// Get file time:
$ipfile=substr(md5($_SERVER["REMOTE_ADDR"]),-3); // -3 means 4096 possible files
$oldtime=0;
if (file_exists($iplogdir.$ipfile)) $oldtime=filemtime($iplogdir.$ipfile);
// Update times:
$time=time();
if ($oldtime<$time) $oldtime=$time;
$newtime=$oldtime+$itime;
// Check human or bot:
if ($newtime>=$time+$itime*$imaxvisit)
{
// To block visitor:
touch($iplogdir.$ipfile,$time+$itime*($imaxvisit-1)+$ipenalty);
header("HTTP/1.0 503 Service Temporarily Unavailable");
header("Connection: close");
header("Content-Type: text/html");
echo '<html><head><title>Overload Warning by Little Lady Baby DDoS Shield beta 1.02!!!</title></head><body><p align="center"><strong>'
.$message1.'</strong>'.$br;
echo $message2.$ipenalty.$message3.$message4.$message6.'</p></body></html>'.$crlf;
// Mailing Warning Message to Site Admin
{
@mail($to, $subject, $message5, $headers);
}
// logging:
$fp=@fopen($iplogdir.$iplogfile,"a");
if ($fp!==FALSE)
{
$useragent='<unknown user agent>';
if (isset($_SERVER["HTTP_USER_AGENT"])) $useragent=$_SERVER["HTTP_USER_AGENT"];
@fputs($fp,$_SERVER["REMOTE_ADDR"].' on '.date("D, d M Y, H:i:s").' as '.$useragent.$crlf);
}
@fclose($fp);
exit();
}
// Modify file time:
touch($iplogdir.$ipfile,$newtime);
?>
댓글 전체
$iplogdir="./Tweetylogs/"; 이부분이 문제입니다.
그누보드 _common.php 아래에서 인클루드 하는 경우
$g4['path'] 를 이용하면 됩니다.
아닌 경우도 같이 쓰고싶다면 아래와 같이 define 이용하면 됩니다.
인클루드 부분
define("__TWEETY_DIR__", $g4['path'] . "/tweety");
include_once(__TWEETY_DIR__ . "/tweety.php");
스크립트 부분
$iplogdir=__TWEETY_DIR__ . "/Tweetylogs/";
그누보드 _common.php 아래에서 인클루드 하는 경우
$g4['path'] 를 이용하면 됩니다.
아닌 경우도 같이 쓰고싶다면 아래와 같이 define 이용하면 됩니다.
인클루드 부분
define("__TWEETY_DIR__", $g4['path'] . "/tweety");
include_once(__TWEETY_DIR__ . "/tweety.php");
스크립트 부분
$iplogdir=__TWEETY_DIR__ . "/Tweetylogs/";
스크랩 합니다