DDoS filter
Posted by fakrulalam
|
DDoS filter September 21, 2011 03:01PM |
Registered: 12 years ago Posts: 5 |
Hi,
My web server is under DDoS attack. I have install nginx and redirect all the traffic to my original web server. Still I am getting lots of TCP session.
94.158.91.127 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
88.2.127.24 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
124.122.153.186 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
85.101.102.58 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
187.59.24.228 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
124.122.153.186 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
190.57.224.162 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
189.152.225.239 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
186.145.137.186 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
123.222.210.201 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
80.174.35.179 - - [22/Sep/2011:00:38:00 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
195.182.194.186 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
85.238.115.216 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
91.147.226.122 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
140.125.41.37 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
46.203.195.137 - - [22/Sep/2011:00:38:06 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
87.244.135.4 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
123.222.210.201 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
41.218.195.209 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "http://www.rambler.ru/" "Yandex/2.01.000 (compatible; Win16; Dyatel; Z)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
187.111.203.34 - - [22/Sep/2011:00:38:08 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
91.221.210.179 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
92.47.175.14 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
88.2.127.24 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
Is there any we that I can drop GET / HTTP/1.0 from nginx and bad traffic will not forward to my web server.
My web server is under DDoS attack. I have install nginx and redirect all the traffic to my original web server. Still I am getting lots of TCP session.
94.158.91.127 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
88.2.127.24 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
124.122.153.186 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
85.101.102.58 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
187.59.24.228 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
124.122.153.186 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
190.57.224.162 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
189.152.225.239 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
186.145.137.186 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
123.222.210.201 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
80.174.35.179 - - [22/Sep/2011:00:38:00 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
195.182.194.186 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
85.238.115.216 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
91.147.226.122 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
140.125.41.37 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
46.203.195.137 - - [22/Sep/2011:00:38:06 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
87.244.135.4 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
123.222.210.201 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
41.218.195.209 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "http://www.rambler.ru/" "Yandex/2.01.000 (compatible; Win16; Dyatel; Z)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
187.111.203.34 - - [22/Sep/2011:00:38:08 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
91.221.210.179 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
92.47.175.14 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
88.2.127.24 - - [22/Sep/2011:00:38:09 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
202.4.96.6 - - [22/Sep/2011:00:38:10 +0600] "GET / HTTP/1.0" 200 43632 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)"
Is there any we that I can drop GET / HTTP/1.0 from nginx and bad traffic will not forward to my web server.
|
Re: DDoS filter December 16, 2011 10:00AM |
Registered: 12 years ago Posts: 3 |
Sorry, only registered users may post in this forum.
Online Users
Guests:
327
Record Number of Users:
8
on April 13, 2023
Record Number of Guests:
421
on December 02, 2018
This forum is powered by Phorum.
 |
 |
 |
 |
|