pache2.x Dos 공ᅄ1;ኔ1;기

shell>wget http://www.zdziarski.com/projects/mod_evasive/mod_...

--15:33:40-- http://www.zdziarski.com/projects/mod_evasive/mod_...

=> `mod_evasive_1.10.1.tar.gz"

Resolving www.zdziarski.com... 209.51.159.242

Connecting to www.zdziarski.com|209.51.159.242|:80... connected.

HTTP request sent, awaiting response... 200 OK

Length: 20,454 (20K) [application/x-tar]

100%[=================================================================================================================>] 20,454 44.55K/s

15:33:41 (44.43 KB/s) - `mod_evasive_1.10.1.tar.gz" saved [20454/20454]

shell>tar xvfz mod_evasive_1.10.1.tar.gz

shell>cd mod_evasive

shell>/usr/local/apache/bin/apxs -iac mod_evasive20.c

/usr/local/apache_2.0.59/build/libtool --silent --mode=compile gcc -prefer-pic -DAP_HAVE_DESIGNATED_INITIALIZER -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache_2.0.59/include -I/usr/local/apache_2.0.59/include -I/usr/local/apache_2.0.59/include -c -o mod_evasive20.lo mod_evasive20.c && touch mod_evasive20.slo

/usr/local/apache_2.0.59/build/libtool --silent --mode=link gcc -o mod_evasive20.la -rpath /usr/local/apache_2.0.59/modules -module -avoid-version mod_evasive20.lo

/usr/local/apache_2.0.59/build/instdso.sh SH_LIBTOOL="/usr/local/apache_2.0.59/build/libtool" mod_evasive20.la /usr/local/apache_2.0.59/modules

/usr/local/apache_2.0.59/build/libtool --mode=install cp mod_evasive20.la /usr/local/apache_2.0.59/modules/

cp .libs/mod_evasive20.so /usr/local/apache_2.0.59/modules/mod_evasive20.so

cp .libs/mod_evasive20.lai /usr/local/apache_2.0.59/modules/mod_evasive20.la

cp .libs/mod_evasive20.a /usr/local/apache_2.0.59/modules/mod_evasive20.a

ranlib /usr/local/apache_2.0.59/modules/mod_evasive20.a

chmod 644 /usr/local/apache_2.0.59/modules/mod_evasive20.a

PATH="$PATH:/sbin" ldconfig -n /usr/local/apache_2.0.59/modules

----------------------------------------------------------------------

Libraries have been installed in:

/usr/local/apache_2.0.59/modules

If you ever happen to want to link against installed libraries

in a given directory, LIBDIR, you must either use libtool, and

specify the full pathname of the library, or use the `-LLIBDIR"

flag during linking and do at least one of the following:

- add LIBDIR to the `LD_LIBRARY_PATH" environment variable

during execution

- add LIBDIR to the `LD_RUN_PATH" environment variable

during linking

- use the `-Wl,--rpath -Wl,LIBDIR" linker flag

- have your system administrator add LIBDIR to `/etc/ld.so.conf"

See any operating system documentation about shared libraries for

more information, such as the ld(1) and ld.so(8) manual pages.

----------------------------------------------------------------------

chmod 755 /usr/local/apache_2.0.59/modules/mod_evasive20.so

[activating module `evasive20" in /usr/local/apache_2.0.59/conf/httpd.conf]

shell>ls /usr/local/apache/modules/

httpd.exp libphp4.so mod_evasive20.so mod_url2.so

설치 후 httpd.conf 파1068; 안에 다1020;과 같1008; 설1221;1012; 1077;/141;Ȣ16;여 1456;다.

<IfModule mod_evasive.c>

DOSHashTableSize 3097

DOSPageCount 20

DOSSiteCount 100

DOSPageInterval 1

DOSSiteInterval 1

DOSBlockingPeriod 10

DOSEmailNotify *******@*******.net

DOSLogDir "/var/lock/mod_evasive"

DOSWhitelist 127.0.0.1

</IfModule>

설1221;에 대한 설명1008; 다1020;과 같다.

1. DOSPageCount: ኧ1;개1032; 연속 pagehit 에 대해 차단 1312;치를 할 ,163;1064;가에 대한 설1221;.

2. DOSSiteCount: ኧ1;개1032; 연속 site 1217;속에 대해 차단 1312;치를 할 ,163;1064;가에 대한 설1221;.

3. DOSPageInterval: pagehit 에 대한 "허용.112; 연속 1217;속 사1060;1032; 시간 간ᅄ1;"1012; (초) 단위/196; 1077;/141;.

4. DOSSiteInterval: site 1217;속에 대한 "허용.112; 연속 1217;속 사1060;1032; 시간 간ᅄ1;"1012; (초) 단위/196; 1077;/141;.

5. DOSBlockingPeriod: 차단.108; 호스트가 풀릴 ǐ12; 까1648;1032; 시간1012; (초) 단위/196; 1077;/141;.

6. DOSEmailNotify: 공ᅄ1;에 대한 1221;보를 보낼 메1068; 1452;소.

7. DOSLogDir: /196;그파1068; ᅆ1;/196;

8. DOSWhitelist: 차단에서 1228;외.112; 호스트

필1088;1032; 설1221;1012; 설명Ȣ16;1088;면 다1020;과 같다.

** ᇼ1;1068;한 호스트/196;ǥ12;터 "1초" 사1060;에 "20번" 1060;상1032; pagehit 가 1060;루Ǻ12;1656; ᅆ1;우 호스트 차단.

** ᇼ1;1068;한 호스트/196;ǥ12;터 "1초" 사1060;에 "100번" 1060;상1032; site 1217;속 1060; 1060;루Ǻ12;1656; ᅆ1;우 호스트 차단.

** 차단.108; 호스트lj16; 10초 ᇼ1;안 차단한다.

** DoS 공ᅄ1;1060; 1060;루1656; ǐ12; *****@*****.net 1004;/196; 메1068;1012; 보낸다.

** 127.0.0.1 1008; 차단 1312;치를 Ȣ16;1648; 않lj16;다.&#160;