Phat Site Blog

Sekilas Tentang mod_evasive

What is mod_evasive?

mod_evasive is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. it is also designed to be a detection and network management tool, and can be easily configured to talk to ipchains, firewalls, routers, and etcetera. mod_evasive presently reports abuses via email and syslog facilities.

Detection is performed by creating an internal dynamic hash table of IP Addresses and URIs, and denying any single IP address from any of the following:

• Requesting the same page more than a few times per second
• Making more than 50 concurrent requests on the same child per second
• Making any requests while temporarily blacklisted (on a blocking list)

This method has worked well in both single-server script attacks as well as distributed attacks, but just like other evasive tools, is only as useful to the point of bandwidth and processor consumption (e.g. the amount of bandwidth and processor required to receive/process/respond to invalid requests), which is why it’s a good idea to integrate this with your firewalls and routers for maximum protection.

This module instantiates for each listener individually, and therefore has a built-in cleanup mechanism and scaling capabilities. because of this per-child design, legitimate requests are never compromised (even from proxies and NAT addresses) but only scripted attacks. even a user repeatedly clicking on ‘reload’ should not be affected unless they do it maliciously. mod_evasive is fully tweakable through the Apache configuration file, easy to incorporate into your web server, and easy to use.

Pemasangan:

1. Akses VPS/DS anda menggunakan ssh client (putty/tunnelier)
2. Chdir ke /usr/local/src dengan perintah

3. ambil pake mod_evasive

4. Extract paket tersebut

5. Pindah ke direktori hasil extract

Konfigurasi:

1.Edit file httpd.conf anda, bila anda menggunakan cPanel/WHM, file httpd.conf terletak di /usr/local/apache/conf/

2. tambahkan baris berikut ke file tersebut:

<IfModule mod_evasive20.c> DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 10 DOSEmailNotify webmaster@yourdomain.com</IfModule>

3. Kemudian simpan dan jalankan perintah berikut untuk mengupdate konfigurasi httpd (cPanel/WHM only):

4. Restart webserver anda dengan perintah:

Mari kita test apakah modulnya telah berjalan
1. Masuk ke direktori src mod_evasive td

2. beri akses executable pada file test.pl

3. jalankan file tersebut

Bila anda melihat hasil berikut brarti instalasi anda sukses :-bd

Semoga bermanfaat

Popularity: 1% [?]

Posting Lain

• Blog Hamdi Akhirnya Online Lagi (4)
• Rate Paypal hari ini (26/10/08) (2)
• Vista Transformatin Pack 9.0.1 (3)
• Iwhic.com Suck!!! (6)

CentOS VPS/DS dengan WHM: Mencegah DDOS attack dengan mod_evasive …

I’ve got a G1. bought it used from a local phone/laptop repair place.

Paid somebody in Germany or something like that 20 bucks to get the unlock code, downgraded the firmware, rooted it, and upgraded to Cyanogenmod firmware.

Fantastic stuff. Most of the features listed in Froyo 2.2 as good things (wireless tether, install apps to sd card, etc) have been used in Cyanogen for a while now. also Cyanogenmod is the first firmware for Android to use the BFS kernel patches to improve responsiveness, which (from what I understand) Google has since adopted.

The phone is very limited in capabilities (low ram, mundain processor, and tiny onboard flash) and I am looking forward to getting a more powerful phone, but for right now this firmware has helped me extend and lengthen the useful lifespan of this phone massively while improving performance and gaining 2.x features.

If your curious about Android (which I was) it’s not a bad idea to go and see if you can find a used, but in good condition, T-Mobile G1 somewhere. It’s a decent tiny computer and if you end up not liking it you can still boot it using Debian proper if you’d like.

Cyanogenmod supports other phones, of course. Nexus one is probably the best one to get, I suppose. but the Dream is notable due to the low capabilities of the phone hardware and there were doubts that anybody using one would be able to benefit from the 2.x Android series.

CyanogenMod 5 for the G1/ADP1

eMazzanti Technologies was awarded another Microsoft partner competency certification for server platforms. Additional expertise benefits clients

Hoboken, NJ (Vocus/PRWEB ) March 18, 2010 — eMazzanti Technologies has been recognized by Microsoft for achieving a new server platform competency as a part of the company’s ongoing focus of adding value to clients. “When it comes to staying up with the latest server solution technology, it is critical that we pay attention,” noted Jenifer Mazzanti , president, eMazzanti Technologies. “Being recognized for various competency and specialization levels are ways our customers can be assured they’ve chosen the right IT partner.”

Competency and Specialization Levels
As one of the requirements for attaining Gold Certified Partner status, eMazzanti Technologies had to declare a Microsoft Competency. Microsoft Competencies are designed to help differentiate a partner’s capabilities with specific Microsoft technologies to customers looking for a particular type of solution. each Competency has a unique set of requirements and benefits, formulated to accurately represent the specific skills and services that partners bring to the technology industry. Within select Competencies, there are Specializations that focus on specific solution areas that recognize deeper expertise within that Competency. Serving as a specialized path to earning those Competencies, Specializations give direct access to the tools and resources that support that specific area of focus. “eMazzanti Technologies is an example of the kind of best-practices partner we love to have aboard,” noted Paul Lindberg, Microsoft Partner Manager Northeast. “They understand the importance of the competency program and the value it gives clients.”

Recognition of Partner Skills
“The Server Platform Competency is designed to recognize the unique skills and requirements of partners specializing in delivering network-based solutions,” said Mazzanti. By attaining the Server Platform competency, eMazzanti Technologies demonstrates its expertise in building, designing, deploying, and supporting Windows Server, Windows Server-based applications, and the Microsoft server infrastructure. “We are better positioned to help support our customers’ business strategy through high levels of availability, agility, automation, infrastructure, and applications to run their businesses.

Seven Earned Competencies
Microsoft recognizes eMazzanti Technologies’ expertise within seven competencies, Small Business Specialist, Server Platform, Security, Mobility, Advanced Infrastructure, Networking Infrastructure, and Information Worker Solutions. “If businesses are utilizing a variety of Microsoft products and aren’t using deeply credentialed experts like us, they are short-changing themselves,” commented Mazzanti.

About eMazzanti Technologies
eMazzanti Technologies works with businesses to provide growth strategies through the use of intelligent technology. Utilizing a disciplined approach of business process analysis, network design, security planning and preventative maintenance, the IT expert delivers solutions that reduce costs, mitigate risk and drive revenue for its clients. This innovative and comprehensive approach to technology services has earned eMazzanti the trust of a rapidly growing client base and recognition by many of the industry’s foremost publications. For more information, contact eMazzanti Technologies at 201-360-4400.

###

Hoboken IT Consultant Achieves New Microsoft Server Platform Competency