Jump to content

Existing user? Sign In
Sign In

Remember me Not recommended on shared computers

Forgot your password?

Debian 6 / Apache2 - Protection against Slowloris attacks

By Coniesan,
March 17, 2014 in Operating Systems

Recommended Posts

Enthusiast

Coniesan 92

Posted March 17, 2014

- Share

Posted March 17, 2014

Hey @ all

For that people who are using Debian 6 and Apache could this be very nice!

People who are using nginx, you are normaly safe, but if you fuck your configs up, slowloris can be a problem for you, too

1. What is slowloris?

Slowloris is a perl script, which allows you to open hundreds of sessions on your webserver and hold them open!

So your webserver crashes if it reaches ~700 connections at the same time

2. How to fix it?

1. Download and extract the mod

wget ftp://ftp.monshouwer.eu/pub/linux/mod_antiloris/mod_antiloris-0.4.tar.bz2
tar -jxvvf mod_antiloris-0.4.tar.bz2
cd mod_antiloris-0.4/

2. Install the compile kit:

apt-get install gcc apache2-threaded-dev

3. compile mod_antiloris

/usr/bin/apxs2 -i -c mod_antiloris.c

4. import the mod to apache

echo "LoadModule antiloris_module /usr/lib/apache2/modules/mod_antiloris.so" > /etc/apache2/mods-available/antiloris.load
a2enmod antiloris

5. restart it

/etc/init.d/apache2 restart

I hope you enjoy it!

Kind regards

7

Link to comment

Share on other sites

2 weeks later...

Top Posters In This Topic

1
1
1
1

Popular Days

Top Posters In This Topic

Sphinx² 1 post
DasKuchen 1 post
Coniesan 1 post
alexrafapt 1 post

Popular Days

Popular Posts

Coniesan

March 17, 2014

Hey @ all For that people who are using Debian 6 and Apache could this be very nice! People who are using nginx, you are normaly safe, but if you fuck your configs up, slowloris can be a problem for

Sphinx²

March 26, 2014

Or use Nginx Kind regards Sphinx

alexrafapt

Newbie

alexrafapt 0

Posted March 26, 2014

- Share

Posted March 26, 2014

Good!

Link to comment

Share on other sites

Apprentice

Sphinx² 23

Posted March 26, 2014

- Share

Posted March 26, 2014

Or use Nginx

Kind regards

Sphinx

1

Link to comment

Share on other sites

3 weeks later...

DasKuchen

Explorer

DasKuchen 11

Posted April 14, 2014

- Share

Posted April 14, 2014

I think you have to write:

cd /mod_antiloris-0.4

Instead of

cd mod_antiloris-0.4/

Link to comment

Share on other sites

Go to topic listing

Announcements

M2Dev Conference

Similar Content
- 10
  [Client Error]Client Aborts after login
  By kieranFMT2
  Started May 26, 2015
- 2
  [HELP] Client Syserr Error ant client exit
  By leo2993
  Started September 16, 2015
- 1
  i have CH1 error & db and client error
  By mazage
  Started July 24, 2014
- 3
  Error Novaline Client compile Error
  By forcetraeger
  Started February 21, 2015
- 2
  Metin2 40250 client error
  By ZiuZitsu
  Started November 28, 2014
- 3
  Metin2 Client Error
  By ZiuZitsu
  Started January 29, 2015
- 7
  Metin2 Naga Queen Error Mob Sysr and client
  By kieranFMT2
  Started February 21, 2015
- 3
  Metin2 SwitchBOT[In Client] ERROR
  By [SA]Vlad
  Started February 25, 2018
- 1
  Error Client metin2
  By xabugas123
  Started February 29, 2020
Similar Content
- 8
  
  [C++] Two-Stage Pack Security (First stage)
  
  By blaxis
  Started February 16
- 3
  
  [EXPLOIT] Metin2 Chat Link Exploit
  
  By Abel(Tiger)
  Started January 20
- 10
  
  Use Ninja instead of Make
  
  By Gurgarath
  Started January 16, 2023
- 11
  
  Keeping your FreeBSD up to date
  
  By Shogun
  Started May 2, 2014
- 10
  
  FreeBSD Gnome2 Installation + Remote Connect
  
  By Mehti
  Started March 8, 2014
Similar Content
- 8
  
  [C++] Two-Stage Pack Security (First stage)
  
  By blaxis
  Started February 16
- 3
  
  [EXPLOIT] Metin2 Chat Link Exploit
  
  By Abel(Tiger)
  Started January 20
- 10
  
  Use Ninja instead of Make
  
  By Gurgarath
  Started January 16, 2023
- 11
  
  Keeping your FreeBSD up to date
  
  By Shogun
  Started May 2, 2014
- 10
  
  FreeBSD Gnome2 Installation + Remote Connect
  
  By Mehti
  Started March 8, 2014
Tags
- 8
  
  [C++] Two-Stage Pack Security (First stage)
  
  By blaxis
  Started February 16
- 3
  
  [EXPLOIT] Metin2 Chat Link Exploit
  
  By Abel(Tiger)
  Started January 20
- 10
  
  Use Ninja instead of Make
  
  By Gurgarath
  Started January 16, 2023
- 11
  
  Keeping your FreeBSD up to date
  
  By Shogun
  Started May 2, 2014
- 10
  
  FreeBSD Gnome2 Installation + Remote Connect
  
  By Mehti
  Started March 8, 2014
- 8
  
  How to install a KDE desktop on FreeBSD ?
  
  By Grantix
  Started March 8, 2014
- 0
  
  Login Message and Weather - Clean and Shiny!
  
  By megatixos
  Started July 5, 2017
- 0
  
  How to reset the root password on FreeBSD ?
  
  By Pablo Escopăr
  Started October 19, 2017
- 0
  
  MySQL Backup Script + SSH
  
  By Karbust
  Started July 26, 2018
Activity
1. 11
  
  Metin2 Closed Beta Content (2003-2004)
  
  Thanks for the reply. I found a Korean Metin2 private server group and joined. Here's the link of the cafe: A live Korean group for Metin2, they're playing on local server And i found more Metin2 cafe's: https://cafe.naver.com/dongseokson https://cafe.naver.com/lmetin2sub https://cafe.naver.com/elley https://cafe.naver.com/metin2l https://cafe.naver.com/metinp https://cafe.naver.com/metintow https://cafe.naver.com/metincafe daum cafes: https://cafe.daum.net/metin2 https://cafe.daum.net/metin2love2 https://cafe.daum.net/metin24 https://cafe.daum.net/m2cafe Edit: I found a live Korean LOL! He read my message on naver but he didnt respond to me :(((. I think he is a YMIR personal because he has many topics on announcement channel. I typed back but i do not think he will respond F. Edit2: And if you want research something, use DeepL for translating. This is so good and im using this while searching something. Use daum and naver for searching too. Its like Google search engine on Korea.
  
  2 hours ago in Metin2
2. 11
  Metin2 Closed Beta Content (2003-2004)
  
  Thank you for your contribution! It has now occurred to me just how much information was available on the topic, but hidden away from the most of us simply because we haven't been blessed with speaking Korean. It would be nice if we could somehow archive everything properly within M2Dev's wiki. Having everything translated would be the cherry on top. Nonetheless, I feel that the assets of these early Metin2 clients might still be around, buried somewhere on some Korean forum. The ruliweb page had two download links that maybe could lead us somewhere: METIN II Beta Client 최신버젼 다운로드(서버1): ftp://211.39.150.71/pub/MetinII0_0_1.exe METIN II Beta Client 최신버젼 다운로드(서버2): ftp://211.105.222.13/pub/MetinII0_0_1.exe The "MetinII0_0_1.exe" filename might be a starting point? Another thing I'm planning to do is to crawl the Korean IPv4 space for public FTP servers and check whether there are any resources hosted there. It's quite a long shot, but might be worth it. Lastly, I have a feeling that the original kraizy/2014 YMIR leak could contain these assets. To my knowledge sadly, SVN doesn't really locally store anything but the latest revision, but who knows.
  
  1
  
  2 hours ago in Metin2
3. 2
  
  Official Cube window does not open
  
  push [Hidden Content] problem
  
  3 hours ago in Community Support - Questions & Answers
4. 0
  Football Ground
  
  Once I planned to create a football map, but the idea was scrapped in the early stages. I'm handing over the map to you in an incomplete form (perhaps it will serve as a basis for someone to create their own football ground). Download: [Hidden Content]
  
  3
  
  5 hours ago in Maps
5. 11
  Metin2 Closed Beta Content (2003-2004)
  
  Beta maps, Map1 and Map2 Minimaps on game (not sure but %80 i think) Warrior old wait animation
  
  2
  
  5 hours ago in Metin2
6. 1
  
  United/Club/Midgard serverfiles?
  
  Hi, This is not for sharing.
  
  5 hours ago in File Requests
7. 2
  
  Official Cube window does not open
  
  help pls @ Mali
  
  6 hours ago in Community Support - Questions & Answers
8. 0
  
  Error compile binary Zentoria2
  
  Helo guys, i have a problem with binary Zentoria2. This is the only error i get, and no one know the answer for this error . Can someone help me please ? include and lib are good .
  
  7 hours ago in Community Support - Questions & Answers
9. 11
  Metin2 Closed Beta Content (2003-2004)
  
  Thanks for the reply. Yes, this is a early concept but they did a beta process and hired like 500 people on korea. When I read, theyre said "This game is so bad" many times on comments. After that, they changed the game and did 3.closed beta process with a different content. (Like 2004 February). [1-2.Closed beta process is this game i shared. (2003 version)] Sorry for bad english. Edit: I found 2.closed beta process started on 2003 July. They removed the PCBANG thing on 2005, because theyre did the game free to play.
  
  1
  
  8 hours ago in Metin2
Recently Browsing
- No registered users viewing this page.

×

Create New...

Important Information

Terms of Use / Privacy Policy / Guidelines / We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.