<![CDATA[沧海一粟]]>

<![CDATA[沧海一粟]]> http://www.dzhope.com/index.php zh-cn http://www.dzhope.com/post// <![CDATA[linux下防止syn攻击，端口扫描和死亡之ping ]]> jed <jed521@163.com> Tue, 01 Jun 2010 01:55:57 +0000 http://www.dzhope.com/post// iptables -I INPUT -p tcp --syn -m limit --limit 1/s -j ACCEPT
iptables -I FORWARD -p tcp --syn -m limit --limit 1/s -j ACCEPT
防止各种端口扫描
iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j ACCEPT
Ping洪水攻击（Ping of Death）
iptables -A FORWARD -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT

Tags - linux , 防止攻击 ]]> http://www.dzhope.com/post//#blogcomment <![CDATA[[评论] linux下防止syn攻击，端口扫描和死亡之ping ]]> <user@domain.com> Thu, 01 Jan 1970 00:00:00 +0000 http://www.dzhope.com/post//#blogcomment