Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/sh
- # R00TW0RMs (https://www.r00tw0rm.com/)
- #-------------------------------------|------------------------------------------#
- # _______ _______ __ _______
- #_______ \ _ \ \ _ \_/ |___ _ _\ _ \_______ _____
- #\_ __ \/ /_\ \/ /_\ \ __\ \/ \/ / /_\ \_ __ \/ \
- # | | \/\ \_/ \ \_/ \ | \ /\ \_/ \ | \/ Y Y \
- # |__| \_____ /\_____ /__| \/\_/ \_____ /__| |__|_| /
- # \/ \/ \/ \/
- #
- #
- # This was written for educational purpose and pentest only.
- # Use it at your own risk. Author will be not responsible for any damage!
- # Coder : th3breacher <th3breacher@r00tw0rm.com> |th3breacher.wordpress.com|
- # Version : 0.1
- # Description: That's SYN flood firewall script , it uses tcp_syncookies ,backlog protection and also
- # iptables rules , the script runs in background...
- # Usage : Simple , when a SYN attack comes out , run the script as "./antiSyn watchtime & " , watch time
- # deals with the severity of the attack , 10 seconds as default.
- # Tested on : linux(all)
- # Special thanks to : r0073r, r4dc0re, Sid3^effects, L0rd CrusAd3r, KedAns-Dz, Angel Injection, gunslinger, JF,Seishin, CrosS (1337day.com)
- # CrosS, Xenu, Versus71, alsa7r, mich4th3c0wb0y, FInnH@X, s3rver.exe (r00tw0rm.com)
- #-------------------------------------|------------------------------------------#
- level=""
- logfile="/tmp/synlogs"
- RED="\\033[1;31m"
- NORMAL="\\033[0;39m"
- showbanner() {
- echo -ne "$RED" "
- .d88b. .d88b. w .d88b.
- 8d8b 8P Y8 8P Y8 w8ww Yb db dP 8P Y8 8d8b 8d8b.d8b.
- 8P 8b d8 8b d8 8 YbdPYbdP 8b d8 8P 8P Y8P Y8
- 8 Y88P Y88P Y8P YP YP Y88P 8 8 8 8
- #SYN flood firewall
- th3breacher <th3breacher@r00tw0rm.com>
- Usage : $0 watchtime (watchtime (seconds))
- Example : $0 10 means the firewall will watch for Syn Ddos every 10 seconds
- KILL : ps aux | grep antiSyn take the PID and kill PID
- ""$NORMAL"
- }
- preparation () {
- echo "[+] SYN Flood protection started..." > $logfile
- }
- configuration() {
- echo "1" > /proc/sys/net/ipv4/tcp_syncookies
- echo "1024" > /proc/sys/net/ipv4/tcp_max_syn_backlog
- echo "1" > /proc/sys/net/ipv4/conf/all/rp_filter
- echo "[+] Preparation completed..." >> $logfile
- }
- iptables_watch () {
- echo "[+] SYN Firewall Started..." >> $logfile
- while true; do
- for i in ` netstat -tanpu | grep "SYN_RECV" | awk {'print $5'} | cut -f 1 -d ":" | sort | uniq -c | sort -n | awk {'if ($1 > 3) print $2'}` ; do echo $i; iptables -A INPUT -s $i/24 -j DROP; done
- sleep $level
- done
- }
- mynohup(){
- # Close stdin, and make any read attempt an error
- if [ -t 0 ]
- then
- exec 0>/dev/null
- fi
- # Redirect stdout to a file if it's a TTY
- if [ -t 1 ]
- then
- exec 1>nohup.out
- if [ $? -ne 0 ]
- then
- exec 1>$HOME/nohup.out
- fi
- fi
- # Redirect stderr to stdout if it's a TTY
- if [ -t 2 ]
- then
- exec 2>&1
- fi
- # Trap
- trap : HUP
- }
- showbanner
- if [ -z "$1" ]; then
- echo "[+] Using default level set to 10 seconds"
- level=10
- else
- echo "[+] Setting up level to $1 "
- level=$1
- fi
- mynohup
- preparation
- configuration
- iptables_watch
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement