daily pastebin goal
61%
SHARE
TWEET

Anti-Syn Ddos firewall

a guest Jun 15th, 2012 235 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/sh
  2. # R00TW0RMs (https://www.r00tw0rm.com/)
  3. #-------------------------------------|------------------------------------------#
  4. #        _______  _______   __          _______                
  5. #_______ \   _  \ \   _  \_/  |___  _  _\   _  \_______  _____  
  6. #\_  __ \/  /_\  \/  /_\  \   __\ \/ \/ /  /_\  \_  __ \/     \
  7. # |  | \/\  \_/   \  \_/   \  |  \     /\  \_/   \  | \/  Y Y  \
  8. # |__|    \_____  /\_____  /__|   \/\_/  \_____  /__|  |__|_|  /
  9. #               \/       \/                    \/            \/
  10. #
  11. #
  12. # This was written for educational purpose and pentest only.
  13. # Use it at your own risk. Author will be not responsible for any damage!
  14. # Coder      : th3breacher <th3breacher@r00tw0rm.com> |th3breacher.wordpress.com|
  15. # Version    : 0.1
  16. # Description: That's SYN flood firewall script , it uses tcp_syncookies ,backlog protection and also
  17. #                          iptables rules , the script runs in background...
  18. # Usage      : Simple , when a SYN attack comes out , run the script as "./antiSyn watchtime & " , watch time
  19. #                          deals with the severity of the attack , 10 seconds as default.
  20. # Tested on  : linux(all)
  21. # Special thanks to :  r0073r, r4dc0re, Sid3^effects, L0rd CrusAd3r, KedAns-Dz, Angel Injection, gunslinger, JF,Seishin, CrosS (1337day.com)
  22. #                      CrosS, Xenu, Versus71, alsa7r, mich4th3c0wb0y, FInnH@X, s3rver.exe (r00tw0rm.com)
  23. #-------------------------------------|------------------------------------------#
  24. level=""
  25. logfile="/tmp/synlogs"
  26. RED="\\033[1;31m"
  27. NORMAL="\\033[0;39m"
  28. showbanner() {
  29. echo -ne "$RED"  "
  30.  
  31.     .d88b. .d88b.  w              .d88b.                
  32. 8d8b 8P  Y8 8P  Y8 w8ww Yb  db  dP 8P  Y8 8d8b 8d8b.d8b.
  33. 8P   8b  d8 8b  d8  8    YbdPYbdP  8b  d8 8P   8P Y8P Y8
  34. 8     Y88P   Y88P   Y8P   YP  YP    Y88P  8    8   8   8
  35.                                                        
  36.    
  37.                                #SYN flood firewall
  38.                                th3breacher <th3breacher@r00tw0rm.com>
  39.                                
  40. Usage : $0 watchtime (watchtime (seconds))
  41. Example : $0 10   means the firewall will watch for Syn Ddos every 10 seconds
  42. KILL    : ps aux | grep antiSyn take the PID and kill PID
  43. ""$NORMAL"    
  44. }
  45.  
  46.  
  47. preparation () {
  48.  
  49. echo "[+] SYN Flood protection started..." > $logfile
  50.    
  51. }
  52. configuration() {
  53.    
  54.     echo "1" > /proc/sys/net/ipv4/tcp_syncookies
  55.    
  56.     echo "1024" > /proc/sys/net/ipv4/tcp_max_syn_backlog
  57.    
  58.     echo "1" > /proc/sys/net/ipv4/conf/all/rp_filter
  59.    
  60.     echo "[+] Preparation completed..." >> $logfile
  61.  
  62.    
  63. }
  64. iptables_watch () {
  65.     echo "[+] SYN Firewall Started..." >> $logfile
  66.     while true; do
  67.         for i in ` netstat -tanpu | grep "SYN_RECV" | awk {'print $5'} | cut -f 1 -d ":" | sort | uniq -c | sort -n | awk {'if ($1 > 3) print $2'}` ; do echo $i; iptables -A INPUT -s $i/24 -j DROP; done
  68.         sleep $level
  69.        
  70.     done
  71. }
  72. mynohup(){
  73. # Close stdin, and make any read attempt an error
  74.     if [ -t 0 ]
  75.     then
  76.         exec 0>/dev/null
  77.     fi
  78.  
  79. # Redirect stdout to a file if it's a TTY
  80.     if [ -t 1 ]
  81.     then
  82.         exec 1>nohup.out
  83.         if [ $? -ne 0 ]
  84.         then
  85.             exec 1>$HOME/nohup.out
  86.         fi
  87.     fi
  88.  
  89. # Redirect stderr to stdout if it's a TTY
  90.     if [ -t 2 ]
  91.     then
  92.         exec 2>&1
  93.     fi
  94.  
  95. # Trap
  96.     trap : HUP
  97. }
  98. showbanner
  99. if [ -z "$1" ]; then
  100.     echo "[+] Using default level set to 10 seconds"
  101.     level=10
  102. else
  103.     echo "[+] Setting up level to $1 "
  104.     level=$1
  105. fi
  106.  
  107. mynohup
  108. preparation
  109. configuration
  110. iptables_watch
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top