lsof en sevdigim komuttur.

lsof -c httpd | grep cwd demek cok nefis birseydir.

fazlasi icin buraya bakabilirim sonra

/etc/system_filter_exim

ekle:::

if first_delivery
and (
("$h_from:" matches ".+@.+\\\\.ml[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ro[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.stream[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.gr[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.in[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ca[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.in[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.gen.in[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ua[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.net.in[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ar[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.be[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.id[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.pl[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.au[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.cz[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ir[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ae[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.mx[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.br[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.uk[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.jp[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ci[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.download[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.ug[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.kz[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.se[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.com.hk[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.ke[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.ce[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.com.pe[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.tv[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.my[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.xyz[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.com.ph.tk[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.sk[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.pe[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.me[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.th[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.hr[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.cl[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.host[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ga[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ml[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.online[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.win[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.top[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.bid[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.us[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.tk[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.site[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.club[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.info[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.click[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.space[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.gdn[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.fun[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.rest[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.best[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.pro[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.monster[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.live[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.pw[^a-zA-Z0-9_]")

)
then
seen finish
endif

Openvz icin bir iki komut.

vzlist -o ctid,laverage

node ustundeki containerlerin yuk durumunu listele

-------------------
vzlist -H -o veid,hostname,diskspace | awk '{ printf("%d\t%s\t%.2f GB\n", $1, $2, $3/(1024*1024))}'

node ustundeki aktif containlerin ne kadar disk kullandigini listele


vzlist -H -o veid,hostname,diskspace | awk '{ printf("%d\t%s\t%.2f GB\n", $1, $2, $3/(1024*1024))} {sum += $3} END {printf("Total disk usage: %.2f GB\n", sum/(1024*1024))}'

yukaridakine ek toplam kullanilan disk alaninida goster.

If you want help your router to support 2x DDoS you’re receiving now, disable route cache. You will see your cpu usage immediately goes down.

Put rp_filter in loose mode and enable tcp syncookie.

Set (only if you use router as border one and you not do nat or similar services)
/ip firewall connection tracking set enabled=no

Use only raw rules and setup something like this:

/ip firewall raw
add    chain=prerouting action=jump jump-target=udp-filters in-interface=NETIX log=no log-prefix="" protocol=udp

add    chain=prerouting action=jump jump-target=tcp-filters in-interface=NETIX log=no log-prefix="" protocol=tcp

add   chain=udp-filters action=accept in-interface=NETIX src-port=53 limit=2500,100:packet log=no log-prefix="" protocol=udp

add    chain=udp-filters action=drop in-interface=NETIX src-port=53 log=no log-prefix="" protocol=udp

add  chain=udp-filters action=drop in-interface=NETIX src-port=389 log=no log-prefix="" protocol=udp comment=LDAP

add  chain=udp-filters action=drop in-interface=NETIX src-port=80 log=no log-prefix="" protocol=udp comment="UDP SRC 80"

add  chain=udp-filters action=drop in-interface=NETIX src-port=443 log=no log-prefix="" protocol=udp comment="UDP SRC 443"

add  chain=udp-filters action=drop in-interface=NETIX dst-port=80 log=no log-prefix="" protocol=udp comment="UDP DST 80"

add  chain=udp-filters action=drop in-interface=NETIX dst-port=443 log=no log-prefix="" protocol=udp comment="UDP DST 443"

add    chain=udp-filters action=notrack log=no log-prefix=""

add    chain=tcp-filters action=notrack log=no log-prefix=""

add    chain=prerouting action=notrack log=no log-prefix=""

/ip firewall filter

add chain=forward protocol=tcp tcp-flags=syn,rst action=drop

You will block most know UDP Amplification script.

this is the best configuration we found to allow MT absorb attacks, you can’t get better performance.

Now to do real tcp mitigation you should apply an external device (in line or out of line is your choice) to filter some more specific packets (strings, ttl, flags…). If you not feel safe to use in line, consider to use fastnemon that detect a ddos and inject a route to forward /32 to that device.

Or if you have a budget, choose a company that does ddos mitigation and you will sleep better

umount /mnt
fdisk /dev/vdb
g
w
fdisk /dev/vdb
n
w
mkfs.ext4 /dev/vdb1
nano /etc/fstab
/dev/vdb1 /home ext4 defaults 0 1
mount -a
reboot

askubuntudan copy paste ettim

The commandline version of the libatasmart library used by Gnome Disks is called skdump part of the libatasmart-bin package which is not installed by default. Install by using:

sudo apt-get install libatasmart-bin

Next run the following command to see the SMART information by running the following command in the terminal (replacing /dev/sda by the path to your drive):

sudo skdump /dev/sda

As an alternative the smartctl from the smartmontools package could be used. Install by using:

sudo apt-get install smartmontools

You will then be able to get information on SMART by running the following command in the terminal (replacing /dev/sda by the path to your drive):

sudo smartctl -a /dev/sda

Note that smartctl tends to be overly verbose. Use the -q errorsonly argument to display only errors:

sudo smartctl -q errorsonly -a /dev/sda

du –max-depth=1 | sort -n # Show the size of all the directories in the current directory and sort them by size.

hatta du -h –max-depth=1 | sort -n

[root@isminiyaz log]

# du -h –max-depth=1 | sort -n
2,0M ./directadmin
4,0K ./iptraf
4,0K ./ntpstats
4,0K ./sssd
7,4G .
8,0K ./samba
21M ./sa
30M ./audit
32K ./ConsoleKit
56K ./cups
80K ./prelink
111M ./httpd
554M ./proftpd
698M ./exim

[root@isminiyaz log]

#

php ile mssql sunucuya baglanalim. Centos 7 uzerinde Directadmin icin yazdim.

1- php 5.6 ile FREETDS kullaniyoruz

freetds yi cek

wget wget ftp://ftp.freetds.org/pub/freetds/stable/freetds-patched.tar.gz

freetds yi uygun sekilde kur:

tar zxvf freetds-patched.tar.gz
cd freetds-1.00.109/
./configure –prefix=/usr/local/freetds
make
make install

php configure dosyasini duzenle

nano /usr/local/directadmin/custombuild/configure/ap2/configure.php56

    --with-mssql=/usr/local/freetds \

ekle 

sonrasi bu:

cd /usr/local/directadmin/custombuild
./build php n

2- Php 7.2 icin – Php 7 ile beraber freetds kullanamiyoruz. php destegini kesti.

microsoft kendisi cikardi pdo lib sqlsrv vs vs

php 7.2 icin kurulum su sekildedir. (PECL ile yapicaz)

curl https://packages.microsoft.com/config/rhel/7/prod.repo > /etc/yum.repos.d/mssql-release.repo
yum update
ACCEPT_EULA=Y yum install -y msodbcsql mssql-tools unixODBC-devel
pecl install sqlsrv
pecl install pdo_sqlsrv
nano /usr/local/lib/php.ini

ekle:

extension=sqlsrv
extension=pdo_sqlsrv

kaydet.

service httpd restart

Gule Gule Kullan…

this is youtube re-embed test