Attacker IPs
Hello
Thanks for your attention. I am using a cload to prevent DDOs attacks on my site and it is supposed just I see the IP of my cload on my server but when I check it with netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n I see many strange IPs and when I Google them I find they are attacker IPs. - I am using centos web panel (CWP). Now I wonder: - Why they come to my site directly and do not go through the cload to prevent them? (I do not think they have my IP, I have used 2 different cloads) - I ban them manually, can it becomes an auto action? - Are they doing Slowris attack on my site? (Because I receive for example 335 load average and database error sometime or even 3 times a day with low bandwith) - Is it a good job to ban the most famous attacker IPs ? If yes how can I get the list? Thanks |
Please post your thread in only one forum. Posting a single thread in the most relevant forum will make it easier for members to help you and will keep the discussion in one place. This thread is being closed because it is a duplicate.
https://www.linuxquestions.org/quest...ad-4175633884/ |
Sorry
I didn't do it on purpose. |
OK no problem, see if the other thread gets any replies. :) Hopefully.
|
Quote:
|
There are many IP blacklists available if you google for them.
|
All times are GMT -5. The time now is 06:39 PM. |