LInux防攻击脚本2.10
本帖最后由 gearfox 于 2010-3-15 20:50 编辑帖子有点儿老了 重新编辑一下吧
国外原帖地址为
http://forum.fastfrag.ro/index.php/topic,2839.0.html
WARNING: this is Linux version only. For Windows, check Shocker's AntiCSDoS.
This is experimental version, which can be used with cbooster/dproto and blocking SV_ParseVoiceData exploit.
Installing procedure (run this commands in hlds_run's directory):
Code:
wget http://hobby.sarichioi.com/cstrike/hlshield2-install.sh
sh hlshield2-install.sh
If you already installed hlshield2, just run sh hlshield2-install.sh one more time, hlshield will be updated automatically.
Differences between 2.2 and 2.3 version:
logging addeed - in hlshield.log (ensure that hlds have rights to write in the directory where hlds_run is located)
drop from server the user used by SV_ParseVoiceData exploit
Differences between 2.3 and 2.4 version:
stop hlds_fuck attacks
Differences between 2.4 and 2.5 version:
avoid false detected hlds_fuck attacks
Differences between 2.5 and 2.6 version:
new feature added: firewalling attaker ip (using iptables)
Differences between 2.6 and 2.7 version:
two more logging modes: verbose and debug
Differences between 2.7 and 2.9 version:
hlds_fuck is detected now in very early stage (this meaning that this will not be compatibile with dproto, but because dproto fix already hlds_fuck, is not very important)
better detection of hlds_fuck
Differences between 2.9 and 2.10 version:
hlds_fuck checking only for protocol 48, I hope 47 engines will not crash
If you using AMD processor, put in hlds_run a line like this:
Code:
export HLSHIELD_ARCH=amd
If you want to disable logging feature, put following line in hlds_run:
Code:
export HLSHIELD_LOG=no
For increasing verbosity you can put export HLSHIELD_LOG=2 (this will dump key in logs for rejected attacks) or even export HLSHIELD_LOG=3 (this will dump EVERY client authentication, useful for catch new kind of attacks).
Another variable enviroments:
Code:
Variable Default value Explanation
HLSHIELD_REPLY Get lost, looser! Send a funny message to csdos attacker
HLSHIELD_PARANOID 0 Checking very strict userinfo string. Is not recommended, can reject real players
HLSHIELD_FIREWALL 0 If put 1 or 2, hlshield will send firewall command to hlfirewall daemon.
HLSHIELD_FIREWALL details:
If HLSHIELD_FIREWALL is set, hlshield will send the ip attacker to hlfirewall, then hlfirewall will run iptables command.
LEVEL 1 - iptables -A INPUT -p udp -s xxx.xxx.xxx.xxx -j DROP
LEVEL 2 - iptables -A INPUT -s xxx.xxx.xxx.xxx -j DROP
Be very careful, LEVEL 2 will block ANY access of attacker to the server, so if you will try to attack your server, you will loose remotely control of your own server.
NOTE: to start HLFirewall, just run hlfirewall.pl (as root), installed by hlshield2-install.sh. It is important to run it as root, otherwise HLFirewall will not be able to run iptables command (because iptables need administrator privilege). Of course, hlfirewall.pl can be modified to use sudo for this.
NOTE: even you run multiple cstrike servers on your machine, you need run ONLY ONE instance of HLFirewall.
Known bugs:
- there is no support for 64 bit hlds (actually i'm not sure if is needed 64 bit version)
Removed features:
- rejecting players with ` and ~ in name, this can be done easily with an amxmodx plugin.
- ban players who reconnecting too fast
If somebody found any bug in this version of HLShield, let me know.http://forum.fastfrag.ro/index.php?action=dlattach;topic=2839.0;attach=3349;image :D
看到了
测试看看先 2.14发布呀。很久没来了。
gearf0x好么 还好~~~~~谢谢 跟你网盘做一个友情链接? 行啊。。
网盘的密码我也可以告诉你
没事儿也更新一下呗~ 我也要你的网盘密码~哈哈 本帖最后由 gearfox 于 2010-3-14 18:42 编辑
我也要你的网盘密码~哈哈
snooper 发表于 2010-3-14 13:10 http://www.dt-club.net/forum/images/common/back.gif
哈哈随便更新了一下版本 用linux的去试试吧 唉呀,没有多余的机器测试了。。。。
页:
[1]