52ky 发表于 2022-9-15 13:36:59

预防PHP-DDOS攻击木马

DedeCMS安全漏洞形成网站被上传恶意脚本的事件,入/侵者可利用恶意脚本对外发送大量数据包,严峻占用CPU资源与服务器带宽,此类攻击通常流量高达数十甚至近百M,经查是黑客利用了用户网站漏洞,上传了最新的PHP编写的d/dos攻击木马程序形成的,此攻击程序利用了UDP协议,带宽耗用非常惊人,简直会将全面机器地点的带宽竭尽,对全面网络影响非常大,为管理此问题服务器手艺运行以下补丁程序。发现的恶意脚本文件有等等?大多数被上传的脚本会集在plus、data、data/cache三个目录下,请仔细检测三个目录下最近是不是有被上传文件。?相关此安全漏洞的更多信息和手动修复方法,请查阅DedeCMS官方说明1.下载udp.rar2.解压后双击udp.bat即可自动创建安全规则。若要核实安全规则是不是创建成功,您可点击开始-程序-管理工具-本地安全策略-IP安全策略,若存在“DropUDP”则表明安全策略创建成功,若您是Linux主机,请使用iptables自行创建相关规则。本资料共包括以下附件:
udp\udpdeny\chgdns.vbs
udp\udpdeny\udp.bat
udp\udpdeny\udp.ipsec

(DedeCMS security flaws cause malicious scripts to be uploaded to the website. Intruders/intruders can use malicious scripts to send a large number of data packets, seriously occupying CPU resources and server bandwidth. Such attacks usually have a traffic volume of tens or even nearly a hundred M. Hackers took advantage of user website vulnerabilities and uploaded the latest d/dos attack Trojan program written in PHP. This attack program uses the UDP protocol, and the bandwidth consumption is very alarming. The impact is very high, run the following patch for server technology to manage this issue. Are there any malicious script files found, etc.? Most of the uploaded scripts are collected in the three directories of plus, data, and data/cache. Please carefully check whether there are recently uploaded files in the three directories. ?For more information about this security vulnerability and manual repair methods, please refer to the official instructions of DedeCMS 1. Download udp.rar2. After decompression, double-click udp.bat to automatically create security rules. To check whether the security rule is created successfully, you can click Start-Programs-Administrative Tools-Local Security Policy-IP Security Policy, if there is "DropUDP", it means the security policy was created successfully, if you are a Linux host, please use iptables Create relevant rules. This document includes the following attachments:
udp\udpdeny\chgdns.vbs
udp\udpdeny\udp.bat
udp\udpdeny\udp.ipsec)




页: [1]
查看完整版本: 预防PHP-DDOS攻击木马