Hollaaa Pemirsa blog saya yang setia, udah lama gw nih ga post lagi ... Maklum lah, kemaren lupa password, wkwkwkwk baru inget sekarang ... bagaimana kabar ozyl0calhoster ? Baiik semua ye ... alhamdulillah kalo gitu. oke dah, sekarang gw mau share script gw yang biasa gw pake buat server gw di camfrog, biar g keflood mulu . Sebenernya sih ga begitu kuat-kuat amat, ini cuma cukup membantu, buat orang-orang yang iseng mau DoS/DDoS server kita, terutama di
CAMFROG .
Hmmm, tapi saya sarankan ga cuma pake script ini aja yaa, kalo bisa buat kalian yang mau naekin room camfrog / mau usaha dicamfrog minimal modal dikit, belilah server yang mumpuni, contohnya
ovh.co.uk dan
voxility.Com . Well kalo masalah perbandingan, lebih trusted ke voxility , karena ovh.co.uk bisa ditembus, kalo DDoS nya itu make ratusan, bahkan ribuan booter-booter, contoh Botnet di IRC . Ampun dah kalo kena kayak gituan, bisa bisa suspend bro . lol hihiihihii
Langsung aja gw share Script nya nih
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
#!/bin/bash
iptables -F
iptables -X
iptables -A INPUT -p tcp --syn --dport 6005:6010 -d 127.0.0.1 -m connlimit --connlimit-above 100 -j REJECT --reject-with tcp-reset
iptables -A INPUT -p tcp --dport 2000:3000 -j ACCEPT
iptables -A INPUT -p tcp --dport 6005:6010 -j ACCEPT
iptables -A INPUT -p tcp --dport 8999 -j ACCEPT
iptables -A INPUT -p udp --dport 5000:15000 -j ACCEPT
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags FIN,RST FIN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,FIN FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,PSH PSH -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,URG URG -j DROP
iptables -A INPUT -m state --state INVALID -j DROP
iptables -A OUTPUT -m state --state INVALID -j DROP
iptables -A FORWARD -m state --state INVALID -j DROP
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
iptables -N syn-flood
iptables -A syn-flood -m limit --limit 1/second --limit-burst 3 -j RETURN
iptables -A syn-flood -j DROP
iptables -A INPUT -i eth0 -p tcp --tcp-flags SYN,RST,ACK,FIN SYN,ACK -j syn-flood
iptables -N udp-flood
iptables -A udp-flood -m limit --limit 1/second --limit-burst 3 -j RETURN
iptables -A udp-flood -j DROP
iptables -A INPUT -i eth0 -p tcp ! --syn -m state --state NEW -j DROP
iptables -A INPUT -i eth0 -p udp -j udp-flood
iptables -A INPUT -i eth0 -f -j DROP
iptables -A INPUT -p icmp --icmp-type echo-request -j DROP
iptables -A INPUT -p tcp --syn -j syn-flood
iptables -A syn-flood -m limit --limit 1/s --limit-burst 3 -j RETURN
iptables -A syn-flood -j DROP
iptables -A INPUT -p icmp -m limit --limit 1/s --limit-burst 1 -j LOG --log-prefix PING-DROP:
iptables -A OUTPUT -p icmp -j ACCEPT
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j LOG --log-prefix "Stealth Scan"
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
iptables -A INPUT -s 64.40.0.0/16 -j ACCEPT
iptables -A INPUT -s 64.40.0.0/24 -j ACCEPT
iptables -A INPUT -s 64.40.0.0/32 -j ACCEPT
iptables -A OUTPUT -d 64.40.0.0/16 -j ACCEPT
iptables -A OUTPUT -d 64.40.0.0/24 -j ACCEPT
iptables -A OUTPUT -d 64.40.0.0/32 -j ACCEPT
iptables -N ATTACKED
iptables -N ATTK_CHECK
iptables -N SYN_FLOOD
iptables -A INPUT -f -j DROP
iptables -A INPUT -p tcp --syn -j SYN_FLOOD
iptables -A SYN_FLOOD -p tcp --syn -m hashlimit --hashlimit 100/sec --hashlimit-burst 3 --hashlimit-htable-expire 3600 --hashlimit-mode srcip --hashlimit-name synflood -j ACCEPT
iptables -A SYN_FLOOD -j ATTK_CHECK
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A ATTACKED -m limit --limit 5/min -j LOG --log-prefix "IPTABLES (Rule ATTACKED): " --log-level 7
iptables -A ATTACKED -m recent --set --name BANNED --rsource -j DROP
iptables -A ATTK_CHECK -m recent --set --name ATTK
iptables -A ATTK_CHECK -m recent --update --seconds 180 --hitcount 20 --name ATTK --rsource -j ATTACKED
iptables -A ATTK_CHECK -m recent --update --seconds 60 --hitcount 6 --name ATTK --rsource -j ATTACKED
iptables -A ATTK_CHECK -j ACCEPT
service iptables save
udah ya sampe disini dulu, gw mau rehat sejenak, kalo ada yang ga ngerti silahkan comment
Posted by: ozy localhost
Ozy L0caLHosT | PersonaL BLog
Updated at :
16.11
Hi, I am the author of Ozy L0caLHost | PersonaL BLog. I am an Interpreter and English Lecturer of a college in Jember, Indonesia as well as a part-time blogger. More
About Me