DDOS分布式混合攻击

#/bin/bash

function init_epel(){
yum install epel-release -y >/dev/null 2>&1
sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/epel.repo
sed -i 's/#baseurl/baseurl/g' /etc/yum.repos.d/epel.repo
sed -i '6s/enabled=0/enabled=1/g' /etc/yum.repos.d/epel.repo
sed -i '7s/gpgcheck=1/gpgcheck=0/g' /etc/yum.repos.d/epel.repo
yum clean all >/dev/null 2>&1
#阿里云机器用aliyun epel
echo "[EPEL 配置] ==> OK"
}

function init_ulimits(){
cat > /etc/security/limits.conf <<EOF
* soft noproc 20480
* hard noproc 20480
root soft nofile 65535
root hard nofile 65535
* soft nofile 65535
* hard nofile 65535
EOF
ulimit -n 65535
ulimit -u 20480
echo "[ulimits 配置] ==> OK"
}

function init_ssh(){
[ -f /etc/ssh/sshd_config ] && sed -ir '13 iUseDNS no\nGSSAPIAuthentication no' /etc/ssh/sshd_config && /etc/init.d/sshd restart >/dev/null 2>&1
echo "[SSH 优化] ==> OK"
}

function init_kernel(){
cat > /etc/sysctl.conf <<EOF
fs.file-max = 65535
net.ipv4.tcp_max_tw_buckets = 1000000
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 5000 65000
net.ipv4.tcp_mem = 786432 1048576 1572864
net.core.wmem_max = 873200
net.core.rmem_max = 873200
net.ipv4.tcp_wmem = 8192 436600 873200
net.ipv4.tcp_rmem = 32768 436600 873200
net.core.somaxconn = 10240
net.core.netdev_max_backlog = 20480
net.ipv4.tcp_max_syn_backlog = 20480
net.ipv4.tcp_retries2 = 5
net.ipv4.conf.lo.arp_ignore = 0
net.ipv4.conf.lo.arp_announce = 0
net.ipv4.conf.all.arp_ignore = 0
EOF
sysctl -p >/dev/null 2>&1
echo "[内核 优化] ==> OK"
}

function init_history(){
if ! grep "HISTTIMEFORMAT" /etc/profile >/dev/null 2>&1
then echo '
UserIP=$(who -u am i | cut -d"(" -f 2 | sed -e "s/[()]//g")
export HISTTIMEFORMAT="[%F %T] [whoami] [${UserIP}] " ' >> /etc/profile;
fi
echo "[history 优化] ==> OK"
}

function init_security(){
> /etc/issue
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
sed -i 's/SELINUX=permissive/SELINUX=disabled/g' /etc/selinux/config
setenforce 0 >/dev/null 2>&1
#systemctl stop firewalld.service
#systemctl disable firewalld.service
yum install -y openssl openssh bash >/dev/null 2>&1
echo "[安全配置] ==> OK"
}

function init_hping(){
yum groupinstall Development tools -y >/dev/null 2>&1
yum install -y vim wget lrzsz iftop iotop htop tree hping3 nload>/dev/null 2>&1
yum install -y git zlib-devel openssl-devel unzip libxslt-devel libxml2-devel libcurl-devel >/dev/null 2>&1
echo "[安装常用工具] ==> OK"
}

function init_chmod(){
chown root:root /etc/passwd /etc/shadow /etc/group /etc/gshadow && chmod 0644 /etc/group && chmod 0644 /etc/passwd && chmod 0400 /etc/shadow && chmod 0400 /etc/gshadow
echo "[关键文件权限设置] ==> OK"
}

function init_ssh_history(){
touch /var/log/check_user_history.log
chown nobody.nobody /var/log/check_user_history.log >/dev/null 2>&1
chmod 002 /var/log/check_user_history.log >/dev/null 2>&1
chattr +a /var/log/check_user_history.log >/dev/null 2>&1
cat >> /etc/profile << "EOF"
export HISTORY_FILE=/var/log/check_user_history.log

export PROMPT_COMMAND='{ date "+%Y-%m-%d %T ##### USER:$USER IP:$SSH_CLIENT PS:$SSH_TTY ppid=$PPID pwd=$PWD #### $(history 1 | { read x cmd; echo "$cmd"; })";} >>$HISTORY_FILE'
EOF
source /etc/profile
echo "[ssh实时操作记录] ==> OK"
}

#依次导入函数

export -f init_epel
export -f init_ulimits
export -f init_ssh
export -f init_kernel
export -f init_history
export -f init_security
export -f init_hping
export -f init_chmod
export -f init_ssh_history


#依次执行函数
echo "[系统初始化开始] ==> OK"
init_epel
init_ulimits
init_ssh
init_kernel
init_history
init_security
init_hping
init_chmod
init_ssh_history

echo "[系统初始化结束] ==> OK"
echo "服务器公网ip `curl -s ifconfig.me` 主机名 `hostname`"

上一页IIS日志分析工具Log Parser Studio 下一页hping3

最后更新于3年前

#/bin/bash function init_epel(){ yum install epel-release -y >/dev/null 2>&1 sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/epel.repo sed -i 's/#baseurl/baseurl/g' /etc/yum.repos.d/epel.repo sed -i '6s/enabled=0/enabled=1/g' /etc/yum.repos.d/epel.repo sed -i '7s/gpgcheck=1/gpgcheck=0/g' /etc/yum.repos.d/epel.repo yum clean all >/dev/null 2>&1 #阿里云机器用aliyun epel echo "[EPEL 配置] ==> OK" } function init_ulimits(){ cat > /etc/security/limits.conf <<EOF * soft noproc 20480 * hard noproc 20480 root soft nofile 65535 root hard nofile 65535 * soft nofile 65535 * hard nofile 65535 EOF ulimit -n 65535 ulimit -u 20480 echo "[ulimits 配置] ==> OK" } function init_ssh(){ [ -f /etc/ssh/sshd_config ] && sed -ir '13 iUseDNS no\nGSSAPIAuthentication no' /etc/ssh/sshd_config && /etc/init.d/sshd restart >/dev/null 2>&1 echo "[SSH 优化] ==> OK" } function init_kernel(){ cat > /etc/sysctl.conf <<EOF fs.file-max = 65535 net.ipv4.tcp_max_tw_buckets = 1000000 net.ipv4.tcp_fin_timeout = 30 net.ipv4.tcp_keepalive_time = 300 net.ipv4.tcp_keepalive_probes = 3 net.ipv4.tcp_keepalive_intvl = 30 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.ip_local_port_range = 5000 65000 net.ipv4.tcp_mem = 786432 1048576 1572864 net.core.wmem_max = 873200 net.core.rmem_max = 873200 net.ipv4.tcp_wmem = 8192 436600 873200 net.ipv4.tcp_rmem = 32768 436600 873200 net.core.somaxconn = 10240 net.core.netdev_max_backlog = 20480 net.ipv4.tcp_max_syn_backlog = 20480 net.ipv4.tcp_retries2 = 5 net.ipv4.conf.lo.arp_ignore = 0 net.ipv4.conf.lo.arp_announce = 0 net.ipv4.conf.all.arp_ignore = 0 EOF sysctl -p >/dev/null 2>&1 echo "[内核优化] ==> OK" } function init_history(){ if ! grep "HISTTIMEFORMAT" /etc/profile >/dev/null 2>&1 then echo ' UserIP=$(who -u am i | cut -d"(" -f 2 | sed -e "s/[()]//g") export HISTTIMEFORMAT="[%F %T] [whoami] [${UserIP}] " ' >> /etc/profile; fi echo "[history 优化] ==> OK" } function init_security(){ > /etc/issue sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config sed -i 's/SELINUX=permissive/SELINUX=disabled/g' /etc/selinux/config setenforce 0 >/dev/null 2>&1 #systemctl stop firewalld.service #systemctl disable firewalld.service yum install -y openssl openssh bash >/dev/null 2>&1 echo "[安全配置] ==> OK" } function init_hping(){ yum groupinstall Development tools -y >/dev/null 2>&1 yum install -y vim wget lrzsz iftop iotop htop tree hping3 nload>/dev/null 2>&1 yum install -y git zlib-devel openssl-devel unzip libxslt-devel libxml2-devel libcurl-devel >/dev/null 2>&1 echo "[安装常用工具] ==> OK" } function init_chmod(){ chown root:root /etc/passwd /etc/shadow /etc/group /etc/gshadow && chmod 0644 /etc/group && chmod 0644 /etc/passwd && chmod 0400 /etc/shadow && chmod 0400 /etc/gshadow echo "[关键文件权限设置] ==> OK" } function init_ssh_history(){ touch /var/log/check_user_history.log chown nobody.nobody /var/log/check_user_history.log >/dev/null 2>&1 chmod 002 /var/log/check_user_history.log >/dev/null 2>&1 chattr +a /var/log/check_user_history.log >/dev/null 2>&1 cat >> /etc/profile << "EOF" export HISTORY_FILE=/var/log/check_user_history.log export PROMPT_COMMAND='{ date "+%Y-%m-%d %T ##### USER:$USER IP:$SSH_CLIENT PS:$SSH_TTY ppid=$PPID pwd=$PWD #### $(history 1 | { read x cmd; echo "$cmd"; })";} >>$HISTORY_FILE' EOF source /etc/profile echo "[ssh实时操作记录] ==> OK" } #依次导入函数 export -f init_epel export -f init_ulimits export -f init_ssh export -f init_kernel export -f init_history export -f init_security export -f init_hping export -f init_chmod export -f init_ssh_history #依次执行函数 echo "[系统初始化开始] ==> OK" init_epel init_ulimits init_ssh init_kernel init_history init_security init_hping init_chmod init_ssh_history echo "[系统初始化结束] ==> OK" echo "服务器公网ip `curl -s ifconfig.me` 主机名 `hostname`"