As many of you may know, surviving a DDOS attack is very difficult.

Quite simply, there is no easy way to detect and prevent all the connections to your server.

Fortunately, there is a partial solution. I wrote this last night following a sustained 24 hour DOS attack.

–
<?
error_reporting (E_ERROR | E_PARSE | E_WARNING);
ob_start();
system(”/bin/netstat -apn|/bin/grep :80 |/bin/awk ‘{print $5}’|/bin/sort |/bin/cut -d : -f 1″);
$buffered = ob_get_contents();
ob_end_clean();

$ar = explode(”n”,$buffered);

$count = ”;
foreach($ar as $ip){

if($ip != ”){
if($count[$ip] == ”){
$count[$ip] = 1;
} else {
$count[$ip] = $count[$ip] + 1;
}
}
}

// find those with more than 40
foreach($count as $ip=>$num){
if($num >= 10){
if($ip != “127.0.0.1″){
// execute the deny command
print “Ban: ” . $ip . ” with ” . $num . ” connectionsn”;
system(”/sbin/iptables -D INPUT -s $ip -j DROP”);
system(”/sbin/iptables -A INPUT -s $ip -j DROP”);
}
}

}

?>
–

This script, is a simply php script (because I am rubish at perl) that when run every minute from a cron job, simply firewalls off any machine that has more than 10 connections to your webserver.

The result… the DDOS gets nuked.

This script is far from complete, and maybe it could be better… but for now.. it is keeping my servers running!

Marotori have been published again. - A fine example of an extremely rare bag that has been created for us by Seabags

Who said work was boring…

While in Ireland last week I was kindly given one of these mini heli-copters by my parents. Now this is fun!!

Whenever we get the urge , we can take this little beuaty for a spin.   Perfect for  ensuring Stuart gets a hair cut!

Great stress release

I am very very frustrated!!!

I have been trying for 3 days to get Microsofts Provisioning service to install in my domain!    I know M$ this is complex stuff… but pleeeeeeez…

Why should I get stopped because of stupid errors like the software only supporting US English!

What a complete waste of time!

At Marotori, we believe in having a little fun once in a while. - Thats why we have an office Foosball table.

It allows us to ‘de stress’ at least once a day!

Well what can I say…..   I can’t hide the fact…

This posting is a not so subtle attempt to promote ourselves using our blog!

This is what we have to say about ourselves:

“Marotori recognises the importance of key factors that make a difference to your bottom line, such as improved productivity, reduced costs, enhanced customer satisfaction and revenue generation.
With over 10 years of experience in online design, development and information technology, we provide key services to enable your business to succeed online.
At Marotori we provide the best in design and technical advice, ensuring that the solution is the best for your company.”

Excellent, but what does this really mean?

It means that at Marotori;

• we can build you a website that will improve your brand
• simplify your business and in the long term - save you money.
• simplify your online strategy
• provide the best technical advise possible

If you don’t believe us…  why not ask some of our clients?

Or

Event better.. give us a call!

Today… I am happy.

I fired up my laptop this morning - popped onto the Ubuntu website and….

The latest version of Ubuntu is being released tomorrow!!

I have been running the beta for nearly 3 months now so I probably wont see too much difference.. but hey.. I am in a good mood and looking forward to the new distro.

For those of you who dont have a clue about what Ubuntu is, read on:

-

Ubuntu is a community developed operating system that is perfect for laptops, desktops and servers. Whether you use it at home, at school or at work Ubuntu contains all the applications you’ll ever need, from word processing and email applications, to web server software and programming tools.

Ubuntu is and always will be free of charge. You do not pay any licensing fees. You can download, use and share Ubuntu with your friends, family, school or business for absolutely nothing.

We issue a new desktop and server release every six months. That means you’ll always have the the latest and greatest applications that the open source world has to offer.

Ubuntu is designed with security in mind. You get free security updates for at least 18 months on the desktop and server. With the Long Term Support (LTS) version you get three years support on the desktop, and five years on the server. There is no extra fee for the LTS version, we make our very best work available to everyone on the same free terms. Upgrades to new versions of Ubuntu are and always will be free of charge.

-

Now… download.. install have fun!

I have been using network manager for some time now and by and large I love the way it ‘just works’. One thing that has been irritating me is the perceived inability to control my 3g dialup connection.

Fortunately for me, after trawling the net for a while I found this code snippet that seems to do the trick.

The solution is to add your ppp scrip to your interfaces file.

• Step1.
  Make sure you have a valid dialup connection working. (example here)
  It is important to ensure that your chat scripts work and that your dialup does as expected.
• Step 2
  Edit your interfaces filesudo vi /etc/network/interfaces (debian/ubuntu)

  And add this stanza to the end of the file

  iface ppp0 inet ppp
  provider 3g

  In the case above, provider 3G refers to the ppp initialization script located in /etc/ppp/peers/<scriptname>

  Your completed interfaces file will look something like thisauto lo
  iface lo inet loopback

  #—
  auto eth0
  iface eth0 inet dhcp

  auto eth1
  iface eth1 inet dhcp

  auto eth2
  iface eth2 inet dhcp

  auto ath0
  iface ath0 inet dhcp

  auto wlan0
  iface wlan0 inet dhcp

  iface ppp0 inet ppp
  provider 3g
  #—

• Step 3
  Give dbus a quick restart to get Network Manager to pick up the new settingssudo /etc/init.d/dbus restart

  This should cause all your core systems to reload an network manager to restart.

• Step 4
  Click on your netowork manager icon and all going well, you will see a new menu called ‘Dialup Connections’

This seems to have done the trick for me… let me know if there is an easier way to do this!

Plastic soldiers melted into the Alphabet

Link: http://www.olivermunday.com/Fireinthehole.html
Via Boing Boing