rsyslog
vi /etc/rsyslog.d/50-default.conf
增加一行
auth,authpriv.* (client ip)sudo systemctl restart rsyslog
- 可以下指令查看514是否有監聽中。
ss -tunelp | grep 51410.29 Slow HTTP Denial of Service Attack (Slowloris)
站長日誌 109.10.29 弱點掃描偵測到Slow HTTP Denial of Service Attack弱點一隻 Server-Specific Recommendations Applying the above steps to the HTTP servers tested in the previous article indicates the following server-specific settings: Apache Using the < Limit > and < LimitExcept > directives to drop requests with methods not supported by the URL alone won’t help, because Apache waits for the entire request to complete before applying these directives. Therefore, use these parameters in conjunction with the LimitRequestFields , LimitRequestFieldSize , LimitRequestBody , LimitRequestLine , LimitXMLRequestBody directives as appropriate. For example, it is unlikely that your web app requires an 8190 byte header, or an unlimited body size, or 100 headers per request, as most default configurations have. Set reasonable TimeOut and KeepAliveTimeOut directive values. The default value of 300 seconds for TimeOut is overkill for most situations. ListenBackLog ’s default value of 511 cou
留言
張貼留言