My Blog List

Saturday 8 October 2011

How To Defend slowloris DDoS With mod_qos for Apache2.2 CentOS 5

Prepare your server to install mod_qos:


# yum install openssl-devel pcre-devel httpd-devel

Download mod_qos
# cd  ~root
# wget "http://downloads.sourceforge.net/project/mod-qos/mod_qos-9.71.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fmod-qos%2Ffiles%2F&ts=1318107337&use_mirror=iweb"
# tar xvfz mod_qos-9.71.tar.gz
# cd mod_qos-9.71/apache2/

# apxs -i -c  mod_qos.c   
/usr/lib/apr-1/build/libtool --silent --mode=compile gcc -prefer-pic -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i386 -mtune=generic -fasynchronous-unwind-tables -fno-strict-aliasing  -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -pthread -I/usr/include/httpd  -I/usr/include/apr-1   -I/usr/include/apr-1   -c -o mod_qos.lo mod_qos.c && touch mod_qos.slo
mod_qos.c:673: warning: 'm_worker_mpm' defined but not used

/usr/lib/apr-1/build/libtool --silent --mode=link gcc -o mod_qos.la  -rpath /usr/lib/httpd/modules -module -avoid-version    mod_qos.lo
/usr/lib/httpd/build/instdso.sh SH_LIBTOOL='/usr/lib/apr-1/build/libtool' mod_qos.la /usr/lib/httpd/modules
/usr/lib/apr-1/build/libtool --mode=install cp mod_qos.la /usr/lib/httpd/modules/
cp .libs/mod_qos.so /usr/lib/httpd/modules/mod_qos.so
cp .libs/mod_qos.lai /usr/lib/httpd/modules/mod_qos.la
cp .libs/mod_qos.a /usr/lib/httpd/modules/mod_qos.a
chmod 644 /usr/lib/httpd/modules/mod_qos.a
ranlib /usr/lib/httpd/modules/mod_qos.a
PATH="$PATH:/sbin" ldconfig -n /usr/lib/httpd/modules
----------------------------------------------------------------------
Libraries have been installed in:
   /usr/lib/httpd/modules

If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
   - add LIBDIR to the `LD_LIBRARY_PATH' environment variable
     during execution
   - add LIBDIR to the `LD_RUN_PATH' environment variable
     during linking
   - use the `-Wl,--rpath -Wl,LIBDIR' linker flag
   - have your system administrator add LIBDIR to `/etc/ld.so.conf'

See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
chmod 755 /usr/lib/httpd/modules/mod_qos.so
-bash-3.2#

Open your httpd.conf:
# vi /etc/httpd/conf/httpd.conf

#Put in the line:
LoadModule qos_module /usr/lib/httpd/modules/mod_qos.so

Load configuration:
# vi /etc/httpd/conf.d/qos.conf

Paste these:
## QoS Settings
<IfModule mod_qos.c>
    # handles connections from up to 100000 different IPs
    QS_ClientEntries 100000
    # will allow only 50 connections per IP
    QS_SrvMaxConnPerIP 50
    # maximum number of active TCP connections is limited to 256
    MaxClients              256
    # disables keep-alive when 70% of the TCP connections are occupied:
    QS_SrvMaxConnClose      70%
   # minimum request/response speed (deny slow clients blocking the server, ie. slowloris keeping connections open without requesting anything):
    QS_SrvMinDataRate       150 1200
    # and limit request header and body (carefull, that limits uploads and post requests too):
    # LimitRequestFields      30
    # QS_LimitRequestBody     102400
</IfModule>


Restart your apache:
# service httpd stop
# service httpd start

Check the status: http://your-domain/server-status


More detail: http://opensource.adnovum.ch/mod_qos
Posted by at No comments:

Wednesday 20 July 2011

Install Red5 and LightIRC webcam

CentOS 5.6: 

# yum -y install java-1.6.0-openjdk java-1.6.0-openjdk-devel
 
Debian:
# apt-get install sun-java6-jdk 
# apt-get install ant subversion


Install Red5 and LightIRC webcam

# cd /usr/local
# wget http://trac.red5.org/downloads/1_0/red5-1.0.0-RC1.tar.gz
# tar -xvzf red5-1.0.0-RC1.tar.gz
# cd red5-1.0.0
# cd webapps
# wget http://lightirc.com/release/lightIRC_1.0_webapp_Red5.zip
# unzip lightIRC_1.0_webapp_Red5.zip
# cd ..
# ./red5.sh 
 
You can purchase Shell account from RisingNet.com
You need to purchase LightIRC webcam license from: www.lightirc.com
Posted by at 2 comments:

Thursday 30 June 2011

How to install psybnc on Shell Account for IRC bouncer

Easy Steps to install psybnc.

You need a Shell Account in order to install psybnc.
If you do not have shell account, you can purchase a shell account from RisingNet.
It is $25/year for the psybnc shell account which include your personal custom vhost.
You can use your own domain or RisingNet domain for your vhost.
Psybnc allows you to hide your HOME IP address on IRC so people won't be able to see your real IP.
It is more secure to connect to IRC. Also, it can prevent attack on your home computer such as port scan or DDoS/DoS attack.

INSTALL PSYBNC:
1) Download psybnc:

On your shell account Type:
$ wget http://risingnet.net/download/psyBNC-2.3.2-9.tar.gz

2) untar the psybnc that you download:
$ tar xvfz psyBNC-2.3.2-9.tar.gz

3) install the psybnc
$ cd psybnc
$ make

4) After everything already install, you need to create psybnc configuration.
Name it: psybnc.conf

Type: $ nano psybnc.conf 
(or use any editors which available on the shell)

Put in these 3 lines on: psybnc.conf
PSYBNC.SYSTEM.PORT1=45678"
PSYBNC.SYSTEM.HOST1=your.vhost.name"
PSYBNC.HOSTALLOWS.ENTRY0=*;*"

after that SAVE the file
NOTE:
You can replace the port number 45678 to any number from 1024 to 65000
You need to replace "you.vhost.name" with the IP or vhost that the shell provider assign to you.

5) After you have everything setup, you can run it:
$ ./psybnc

Next, connect to your psybnc:
1) open your mIRC Program

2) Type: /server your.vhost.name 45678 your-new-password
(note: change your-new-password with any password that you want)

3) After you have connected inside the psybnc.
You need to add vhost,
3.1. Add vhost: /quote BVHOST your.custom.vhost
3.2. Add IRC Server: /quote ADDSERVER irc.server.name:6667

The see more psybnc commands, type: /bhelp
Posted by at No comments:

Thursday 16 June 2011

How to setup SSH tunnel, Web Proxy, Bitvise Tunnelier, sock browsing

First, In order to have SSH tunnel web proxy, you need to have a shell account.
you can get shell account from RisingNet.com 
The reason that we choose Risingnet because they provide Dedicated IP address which mean only you can use your own personal IP and it is not share with anyone else.
Moreover, you can choose any TCP port that you wish the SSH server to listen.


Second, you need an SSH client so you can setup tunnel or web proxy to the shell account.
I use Bitvise Tunnelier, you can download it from their website, it is free.



SETUP Bitvise Tunnelier

1) Install Bitvise Tunnelier on your windows OS.
2) Put in the login/password information
Hostname: (put in the SSH IP or hostname)
Port: (put in your SSH port number, default is 22)
Username: (put in the username that your provider assign to you)
Initial method: (password)
Check on (Store encrypted password in profile)

3) Next, click on "Terminal"
Under: "Remote Desktop"
Computer: 127.0.0.1
Check on (Use SSH login credentials)


4) Next setup the socks/http proxy forwarding, click on "Services"
Click on (Enabled)
Listen Interface:  127.0.0.1
Listen Port: 8080 (or put in any port that you wish)
Server Bind Interface: 0.0.0.0


Third, you need to configure your web browser so you can browse the internet using your personal static IP from RisingNet.
Setting up Firefox Browser for SSH tunnel:

If you do not have Firefox web browser, you can download it from:  download it here
  1. Open your firefox browser
  2. Go to: Tools > Options
  3. Next click on: Networks
  4. Next click on: Settings
  5. After that click on: Manual Proxy Configuration
  6. On SOCK enter the IP: 127.0.0.1
  7. On Port enter port: 8080
  8. Click OK to finish the setup.
Video Tutorial SSH Tunnel Firefox

Finally, you should be able to browse the internet using static IP which assign to you from RisingNet instead of the IP from your Internet provider.
You will be using the USA IP address, location: Seattle, Washington.
Posted by at 1 comment:

Wednesday 8 June 2011

Install Ruby 1.9 for CentOS

Source from: http://www.freshblurbs.com/install-ruby-1-9-centos

Erase all of your ruby which was installed via yum or rpm:

# yum erase ruby ruby-libs ruby-mode ruby-rdoc ruby-irb ruby-ri ruby-docs


Install required development tools to do so:

# yum install openssl-devel zlib-devel \
gcc gcc-c++ make autoconf readline-devel \
curl-devel expat-devel gettext-devel

After that, Download Ruby from: http://www.ruby-lang.org/en/downloads/

Install it:
# ./configure --enable-shared --enable-pthread --prefix=/usr
# make
# make install


Attention: Ruby 1.9.2 now includes RubyGems so there's no need to install it separately. As a matter of fact, if you try doing so you will get an error like:
rubygems-1.3.7/lib/rubygems/source_index.rb:68:in `installed_spec_directories': undefined method `path' for Gem:Module (NoMethodError)

 
Test that everything installed successfully:
$ ruby -v
ruby 1.9.2p0 (2010-08-18 revision 29036) [x86_64-linux]
$ gem --version
1.3.7
Posted by at No comments:

CentOS = yum install ImageMagick

Get the repo: http://dag.wieers.com/rpm/FAQ.php#B

For example, if you are using CentOS 5 32bits or Red Hat Enterprise Linux 5 , you run the command:
# rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm

To install type:
# yum install ImageMagick
Posted by at No comments:
Subscribe to: Posts (Atom)

Followers