search
HomeBackend DevelopmentPHP TutorialMethods to prevent local users from using fsockopen to carry out DDOS attacks in IIS environment
Methods to prevent local users from using fsockopen to carry out DDOS attacks in IIS environment
WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB
WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB
Jul 25, 2016 am 09:05 AM
  2. /*
  3. from: http://bbs.it-home.org
  4. date: 2013/2/17
  5. */
  6. $fp = fsockopen("udp://$ip ", $rand, $errno, $errstr, 5);
  7. if($fp){
  8. fwrite($fp, $out);
  9. fclose($fp);
  10. ?>
Copy code

In response to this situation, you can modify php.ini, disable the fsockopen function, and use the Windows 2003 security policy to block the local UDP port.

1), disable function Find disable_functions and add the function name to be disabled, as in the following example:

  2. passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,pfsockopen,openlog,
  3. syslog,readlink,symlink,popepassthru,stream_socket_server,fsocket , fsockopen
Copy the code

and it will take effect after restarting IIS.

2), block UDP port Copy it to Notepad, save it as a bat file with any name, and double-click to run it.

  3. REM Add security policy, name

  4. netsh ipsec static add policy name=My security policy

  5. REM Add IP filter list

  6. netsh ipsec static add filterlist name=allow list
  7. netsh ipsec static add filterlist name=deny list

  8. REM Add filter to IP filter list (allow Internet access)

  9. netsh ipsec static add filter filterlist=allow list srcaddr= me dstaddr=any description=dns access protocol=udp mirrored=yes dstport=53

  10. REM Add filter to IP filter list (not allowing others to access)

  11. netsh ipsec static add filter filterlist=deny List srcaddr=any dstaddr=me description=Others to access me any protocol=udp mirrored=yes

  12. REM Add filter action

  13. netsh ipsec static add filteraction name=Can action=permit
  14. netsh ipsec static add filteraction name=No action=block

  15. @REM http://bbs.it-home.org

  16. REM Creates a link specifying IPSec policy, filter list and rules for filter actions ( Add rules to my security policy)
  17. netsh ipsec static add rule name=allow rule policy=my security policy filterlist=allow list filteraction=ok
  18. netsh ipsec static add rule name=deny rule policy=my security policy filterlist=deny List filteraction=Not possible

  19. REM Activate my security policy

  20. netsh ipsec static set policy name=My security policy assign=y
Copy code


Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Related Article
Working with Flash Session Data in LaravelWorking with Flash Session Data in LaravelMar 12, 2025 pm 05:08 PM

Laravel simplifies handling temporary session data using its intuitive flash methods. This is perfect for displaying brief messages, alerts, or notifications within your application. Data persists only for the subsequent request by default: $request-

Build a React App With a Laravel Back End: Part 2, ReactBuild a React App With a Laravel Back End: Part 2, ReactMar 04, 2025 am 09:33 AM

This is the second and final part of the series on building a React application with a Laravel back-end. In the first part of the series, we created a RESTful API using Laravel for a basic product-listing application. In this tutorial, we will be dev

cURL in PHP: How to Use the PHP cURL Extension in REST APIscURL in PHP: How to Use the PHP cURL Extension in REST APIsMar 14, 2025 am 11:42 AM

The PHP Client URL (cURL) extension is a powerful tool for developers, enabling seamless interaction with remote servers and REST APIs. By leveraging libcurl, a well-respected multi-protocol file transfer library, PHP cURL facilitates efficient execution of various network protocols, including HTTP, HTTPS, and FTP. This extension offers granular control over HTTP requests, supports multiple concurrent operations, and provides built-in security features.

Simplified HTTP Response Mocking in Laravel TestsSimplified HTTP Response Mocking in Laravel TestsMar 12, 2025 pm 05:09 PM

Laravel provides concise HTTP response simulation syntax, simplifying HTTP interaction testing. This approach significantly reduces code redundancy while making your test simulation more intuitive. The basic implementation provides a variety of response type shortcuts: use Illuminate\Support\Facades\Http; Http::fake([ 'google.com' => 'Hello World', 'github.com' => ['foo' => 'bar'], 'forge.laravel.com' =>

12 Best PHP Chat Scripts on CodeCanyon12 Best PHP Chat Scripts on CodeCanyonMar 13, 2025 pm 12:08 PM

Do you want to provide real-time, instant solutions to your customers' most pressing problems? Live chat lets you have real-time conversations with customers and resolve their problems instantly. It allows you to provide faster service to your custom

Notifications in LaravelNotifications in LaravelMar 04, 2025 am 09:22 AM

In this article, we're going to explore the notification system in the Laravel web framework. The notification system in Laravel allows you to send notifications to users over different channels. Today, we'll discuss how you can send notifications ov

Explain the concept of late static binding in PHP.Explain the concept of late static binding in PHP.Mar 21, 2025 pm 01:33 PM

Article discusses late static binding (LSB) in PHP, introduced in PHP 5.3, allowing runtime resolution of static method calls for more flexible inheritance.Main issue: LSB vs. traditional polymorphism; LSB's practical applications and potential perfo

PHP Logging: Best Practices for PHP Log AnalysisPHP Logging: Best Practices for PHP Log AnalysisMar 10, 2025 pm 02:32 PM

PHP logging is essential for monitoring and debugging web applications, as well as capturing critical events, errors, and runtime behavior. It provides valuable insights into system performance, helps identify issues, and supports faster troubleshoot

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Show More

Hot Article

Repo: How To Revive Teammates
1 months agoBy尊渡假赌尊渡假赌尊渡假赌
R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
2 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
Hello Kitty Island Adventure: How To Get Giant Seeds
1 months agoBy尊渡假赌尊渡假赌尊渡假赌
How Long Does It Take To Beat Split Fiction?
4 weeks agoByDDD
R.E.P.O. Save File Location: Where Is It & How to Protect It?
4 weeks agoByDDD
Show More

Hot Tools

Dreamweaver Mac version

Dreamweaver Mac version

Visual web development tools

MinGW - Minimalist GNU for Windows

MinGW - Minimalist GNU for Windows

This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.

MantisBT

MantisBT

Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.

Atom editor mac version download

Atom editor mac version download

The most popular open source editor

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

Show More

Hot Topics

Where is the login entrance for gmail email?
7366
15
Java Tutorial
1628
14
CakePHP Tutorial
1354
52
Laravel Tutorial
1266
25
PHP Tutorial
1214
29
Show More