07-09-2008
The best way to avoid being the victim of a DoS attack is to close off all un-used services/daemons & install all security patches from your vendor... I'd run Nessus/NMap against your server to see what's open & vulnerable
7 More Discussions You Might Find Interesting
1. Cybersecurity
are there any popular DDoS simulation tools to test my own infrastructure? Anyone tried to setup all these in AWS EC2? (1 Reply)
Discussion started by: boriskong
1 Replies
2. Linux
Hello,
a few days ago (June 19) a server that I manage has suffered an attack.
Analyzing the log I discovered that there were several attempts to access a web scanner called w00tw00t.at.ISC.SANS.DFind
I set the firewall to prevent further visits from this scanner.
The problem is that the... (3 Replies)
Discussion started by: viessenetwork
3 Replies
3. Ubuntu
Hi Friends,
This is logs of my mail log:
mail for yahoo.com.tw is using up 4001 of 6992 active queue entries : 1 Time(s)
mail for yahoo.com.tw is using up 4001 of 7018 active queue entries : 1 Time(s)
mail for yahoo.com.tw is using up 4001 of 7072 active queue entries : 1 Time(s)
... (1 Reply)
Discussion started by: darakas
1 Replies
4. Cybersecurity
How to protect DDoS and brute force attack.
I want to secure my server and block attacker. (1 Reply)
Discussion started by: romanepo
1 Replies
5. Emergency UNIX and Linux Support
Dear community,
my site was recently attacjed by DDOS technique and goes down in a few minutes. My site runs under Debian/Apache2/Mysql.
I identified the IPs who attack me and block it through iptable firewall from debian.
Something like:
iptables -D INPUT -s xxx.xxx.xxx.xxx -j DROP
This... (7 Replies)
Discussion started by: Lord Spectre
7 Replies
6. UNIX for Advanced & Expert Users
Hi guys, just need a opinion from you.
I found anti ddos script from github
Script
What is your opinion about it? Is it usefull? Do you have some similar? I want to protect my servers on all levels, why not in the servers via script.
I assume I must fix this script to be useful for me, but... (1 Reply)
Discussion started by: tomislav91
1 Replies
7. What is on Your Mind?
No rest for the weary, a Revive Ad Server I am responsible for experienced a MySQL injection attack due to a vulnerability uncovered in the past few months. I was busy developing Vue.js code for the forums and thought to myself "I will get around to upgrading to Revive 4.2.0 (supposedly the... (0 Replies)
Discussion started by: Neo
0 Replies
LEARN ABOUT REDHAT
upsset.conf
UPSSET.CONF(5) Network UPS Tools (NUT) UPSSET.CONF(5)
NAME
upsset.conf - Configuration for Network UPS Tools upsset.cgi
DESCRIPTION
This file only does one job - it lets you convince upsset.cgi(8) that your system's CGI directory is secure. The program will not run
until this file has been properly defined.
SECURITY REQUIREMENTS
upsset.cgi(8) allows you to try login name and password combinations. There is no rate limiting, as the program shuts down between every
request. Such is the nature of CGI programs.
Normally, attackers would not be able to access your upsd(8) server directly as it would be protected by the ACCESS/ACL directives in your
upsd.conf(5) file and hopefully local firewall settings in your OS.
Since upsset runs on your web server, it could provide a passage from the outside to the inside, bypassing any firewall rules or upsd
access control limitations, since it appears to be coming from the web server. This is why you must secure it first.
On Apache, you can use the .htaccess file or put the directives in your httpd.conf. It looks something like this, assuming the .htaccess
method:
<Files upsset.cgi>
deny from all
allow from your.network.addresses
</Files>
You will probably have to set "AllowOverride Limit" for this directory in your server-level configuration file as well.
If this doesn't make sense, then stop reading and leave this program alone. It's not something you absolutely need to have anyway.
Assuming you have all this done, and it actually works (test it!), then you may add the following directive to this file:
I_HAVE_SECURED_MY_CGI_DIRECTORY
If you lie to the program and someone beats on your upsd through your web server, don't blame me.
SEE ALSO
upsset.cgi(8)
Internet resources:
The NUT (Network UPS Tools) home page: http://www.exploits.org/nut/
NUT mailing list archives and information: http://lists.exploits.org/
Tue Jul 30 2002 UPSSET.CONF(5)