1 reply to this topic

[dekiss]

Hello
I want to know can I build some kind of program and in what language I should code it and how I implement it to run before someone connects to a Linux server or microsoft IIS server so my server can be protected from flooding.
The program will work in a way it will check connecting IP and if that IP is making a lot of connections in a very short time it will block the IP from connecting for some time.
As I am very new to a programming I am not sure how can I do this. I just want to know in what language should I build this program and how to make it run so it will check for new connections before they connect to my server.
Thanks.

[Alexander]

It'd be more recommended for system purposes to use a scripting language (Perl, BASH, etc.) to check concurrent connections and interface with the server to ban an IP. An example command in BASH can check the amount of concurrent connections to a linux computer (cron can run the script every X minutes):

netstat -anp |awk '/tcp|udp/{gsub(/:.*/,"",$5);print $5}'|sort|uniq -c|sort

Sample output would be:

      8 207.26.124.55
      5 64.4.8.252
      2 0.0.0.0

It simply lists the amount of connections per IP, and then it could be added to iptables or whatnot to prevent it form connecting.

You would need to look at each scripting language and find which one suites you, but note you will need to commit and learn before you can do anything useful with them.