Quote:
Originally Posted by
[xEF]Danger
How to make a log that will log all ips that connect to the server or send packets?
While this is perhaps possible (look into
tcpdump if you insist) you don't want to do that. Usually a server has one or at best several services it offers - like "web services" if it is a web server, etc.. This makes one or several ports (for the exemplary webserver this is 80 - HTTP) necessary. Identify these, close all the others and log only those really necessary. Most network-applications (web server software, for instance) offer specialized logging facilities for what they do. You should use these.
Quote:
Originally Posted by
[xEF]Danger
And how to block an ip that make packets flood and try to DDoS? Thanks.
Not at all. Of course, there are IP-filtering programs like "iptables", but a "server" should do what it is intended to do - nothing else. For everything else there are specialized machines (firewalls, packet filters, etc.) which you should task with filtering the IP packets for things not to be processed. Put such a system "in front of" the server and route all traffic through it, dropping what should not be processed.
I hope this helps.
bakunin
