{"id":394,"date":"2020-11-07T23:28:07","date_gmt":"2020-11-07T19:58:07","guid":{"rendered":"https:\/\/fakhry.ir\/?p=394"},"modified":"2020-11-07T23:28:09","modified_gmt":"2020-11-07T19:58:09","slug":"%d8%ac%d9%84%d9%88%da%af%db%8c%d8%b1%db%8c-%d8%a7%d8%b2-%d8%ad%d9%85%d9%84%d8%a7%d8%aa-dos-%d8%af%d8%b1-%d8%b1%d9%88%d8%aa%d8%b1-%d8%a8%d9%88%d8%b1%d8%af-%d9%87%d8%a7%db%8c-%d9%85%db%8c%da%a9%d8%b1","status":"publish","type":"post","link":"https:\/\/fakhry.ir\/?p=394","title":{"rendered":"\u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0627\u0632 \u062d\u0645\u0644\u0627\u062a DoS \u062f\u0631 \u0631\u0648\u062a\u0631 \u0628\u0648\u0631\u062f \u0647\u0627\u06cc \u0645\u06cc\u06a9\u0631\u0648\u062a\u06cc\u06a9"},"content":{"rendered":"\n<p>(DoS (Denial of Service: \u0646\u0648\u0639\u06cc \u062d\u0645\u0644\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0628\u0627\u0639\u062b \u0627\u0641\u0632\u0627\u06cc\u0634 \u0628\u0627\u0631 \u0628\u0631 \u0631\u0648\u06cc \u0631\u0648\u062a\u0631 \u06cc\u0627 \u0633\u0631\u0648\u0631 \u0645\u06cc\u0634\u0648\u062f \u0628\u0647 \u0627\u06cc\u0646 \u0645\u0639\u0646\u06cc \u06a9\u0647 \u0645\u0635\u0631\u0641 \u0633\u06cc \u067e\u06cc \u06cc\u0648 \u0628\u0647 100% \u0645\u06cc\u0631\u0633\u062f \u0648 \u0633\u0631\u0648\u0631 \u06cc\u0627 \u0631\u0648\u062a\u0631 \u062a\u0648\u0633\u0637 time out \u0627\u0632 \u062f\u0633\u062a\u0631\u0633 \u062e\u0627\u0631\u062c \u0645\u06cc\u0634\u0648\u062f.\u06cc\u0627 \u0628\u0637\u0648\u0631 \u06a9\u0644 \u062a\u0645\u0627\u0645 \u0639\u0645\u0644\u06cc\u0627\u062a\u0647\u0627\u06cc\u06cc \u06a9\u0647 \u0645\u06cc\u062a\u0648\u0646\u0646\u062f \u0631\u0648\u06cc \u0645\u0635\u0631\u0641 \u0633\u06cc \u067e\u06cc \u06cc\u0648 \u062a\u0627\u062b\u06cc\u0631 \u0628\u0630\u0627\u0631\u0646\u062f \u0645\u062b\u0644 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0648 \u0644\u0627\u06af\u06cc\u0646\u06af \u06a9\u0647 \u0645\u06cc\u062a\u0648\u0646\u0646\u062f \u0628\u0627\u0639\u062b overload \u0631\u0648\u062a\u0631 \u0628\u0634\u0648\u0646\u062f \u0627\u06af\u0631 \u062a\u0639\u062f\u0627\u062f \u0628\u0633\u06cc\u0627\u0631 \u0628\u0627\u0644\u0627\u06cc\u06cc packet \u062f\u0631 \u062b\u0627\u0646\u06cc\u0647 \u0628\u0647 \u0631\u0648\u062a\u0631 \u0628\u0631\u0633\u0647.<br><strong>\u0627\u0647\u062f\u0627\u0641:\u0628\u0647 \u0637\u0648\u0631 \u06a9\u0644\u06cc \u0627\u0646\u062c\u0627\u0645 \u0627\u06cc\u0646 \u062d\u0645\u0644\u0647 \u0628\u0631\u0627\u06cc \u0627\u0647\u062f\u0627\u0641 \u0632\u06cc\u0631 \u0635\u0648\u0631\u062a \u0645\u06cc\u200c\u06af\u06cc\u0631\u062f:<\/strong><\/p>\n\n\n\n<ul><li>\u067e\u0627\u06cc\u06cc\u0646 \u0622\u0648\u0631\u062f\u0646 \u0633\u0631\u0639\u062a \u0648 \u06a9\u06cc\u0641\u06cc\u062a \u0633\u0631\u0648\u06cc\u0633\u200c\u062f\u0647\u06cc \u0634\u0628\u06a9\u0647<\/li><li>\u0627\u0632 \u062f\u0633\u062a\u0631\u0633 \u062e\u0627\u0631\u062c \u06a9\u0631\u062f\u0646 \u0648\u0628\u200c\u0633\u0627\u06cc\u062a \u0645\u0648\u0631\u062f \u0646\u0638\u0631<\/li><li>\u0642\u0637\u0639 \u062f\u0633\u062a\u0631\u0633\u06cc \u062a\u0645\u0627\u0645 \u0648\u0628\u200c\u0633\u0627\u06cc\u062a\u200c\u0647\u0627 (\u0628\u0627 \u062d\u0645\u0644\u0647 \u0628\u0647 name server\u0647\u0627)<\/li><li>\u0627\u0641\u0632\u0627\u06cc\u0634 \u062a\u0639\u062f\u0627\u062f \u0647\u0631\u0632\u0646\u0627\u0645\u0647\u200c\u0647\u0627 (\u06a9\u0647 \u0628\u0647 \u0628\u0645\u0628 \u0627\u06cc\u0645\u06cc\u0644\u06cc \u0646\u06cc\u0632 \u0645\u0639\u0631\u0648\u0641 \u0627\u0633\u062a)<\/li><\/ul>\n\n\n\n<p>\u0644\u0627\u0632\u0645 \u0628\u0647 \u0630\u06a9\u0631 \u0627\u0633\u062a \u06a9\u0647 \u0627\u06cc\u0646 \u062d\u0645\u0644\u0647 \u0641\u0642\u0637 \u0645\u062e\u062a\u0635 \u0628\u0647 \u0633\u0631\u0648\u0631\u0647\u0627 \u0646\u06cc\u0633\u062a \u0648 \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u06cc\u06a9 \u0634\u0628\u06a9\u0647 \u0648 \u06cc\u0627 \u062d\u062a\u06cc \u0631\u0648\u062a\u0631 \u0646\u06cc\u0632 \u0645\u0648\u0631\u062f \u062d\u0645\u0644\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u062f \u0648 \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u06a9\u0627\u0631 \u0628\u062e\u0634 \u0639\u0645\u062f\u0647\u200c\u0627\u06cc \u0627\u0632 \u0627\u06cc\u0646\u062a\u0631\u0646\u062a \u0631\u0627 \u0645\u062e\u062a\u0644 \u06a9\u0646\u062f (\u0647\u0645\u0627\u0646\u0637\u0648\u0631 \u06a9\u0647 \u062f\u0631 \u0637\u0648\u0644 \u062a\u0627\u0631\u06cc\u062e \u06f2\u0628\u0627\u0631 \u0627\u06cc\u0646\u062a\u0631\u0646\u062a \u06a9\u0644 \u062f\u0646\u06cc\u0627 \u0628\u0627 \u0627\u06cc\u0646 \u062d\u0645\u0644\u0647 \u0645\u062e\u062a\u0644 \u0634\u062f\u0647\u200c\u0627\u0633\u062a).<\/p>\n\n\n\n<p><strong>SYN flood:<\/strong> \u0646\u0648\u0639\u06cc \u0627\u0632 \u062d\u0645\u0644\u0647 Dos \u0627\u0633\u062a \u06a9\u0647 \u062d\u0645\u0644\u0647 \u06a9\u0646\u0646\u062f\u0647 \u062c\u0627\u0646\u0634\u06cc\u0646\u06cc \u0627\u0632 \u062f\u0631\u062e\u0648\u0627\u0633\u062a\u0647\u0627\u06cc syn \u0631\u0648 \u062f\u0631 \u062a\u0644\u0627\u0634 \u0628\u0647 \u0645\u0635\u0631\u0641 \u0645\u0646\u0627\u0628\u0639 \u0628\u062f\u0648\u0646 \u062f\u0631 \u0646\u0638\u0631 \u06af\u0631\u0641\u062a\u0646 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0645\u062c\u0627\u0632 \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u0647\u062f\u0641 \u0645\u06cc\u0641\u0631\u0633\u062a\u0647.<\/p>\n\n\n\n<p><strong>Syn cookies:<\/strong> \u06cc\u06a9 \u062a\u06a9\u0646\u06cc\u06a9 \u06a9\u0644\u06cc\u062f\u06cc \u062f\u0631 \u062f\u0641\u0627\u0639 \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u062d\u0645\u0644\u0627\u062a dos \u0645\u06cc\u0628\u0627\u0634\u062f.\u0627\u0633\u0627\u0633 \u06a9\u0627\u0631 \u0627\u0646 \u0628\u0631 \u0627\u0633\u0627\u0633 \u0635\u0641 \u0628\u0646\u062f\u06cc \u0634\u0645\u0627\u0631\u0647 TCP \u0633\u0631\u0648\u0631\u0647\u0627 \u0627\u0633\u062a \u0628\u0647 \u0627\u06cc\u0646 \u0635\u0648\u0631\u062a \u06a9\u0647 syn coockie \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u062f\u0647 \u0647\u0646\u06af\u0627\u0645\u06cc \u06a9\u0647 \u0635\u0641 syn \u067e\u0631 \u0645\u06cc\u0634\u0647 \u0633\u0631\u0648\u0631 \u0627\u0632 \u0627\u062a\u0635\u0627\u0644 \u06a9\u0627\u0646\u06a9\u0634\u0646\u0647\u0627 \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u06a9\u0646\u0647.<\/p>\n\n\n\n<h3>\u0646\u062d\u0648\u0647 \u062a\u0634\u062e\u06cc\u0635:<\/h3>\n\n\n\n<p>\u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u06a9\u062f\u0647\u0627\u06cc CLI \u0632\u06cc\u0631 \u0645\u06cc\u062a\u0648\u0646\u06cc\u062f \u0646\u0648\u0639 \u062d\u0645\u0644\u0647 \u0631\u0648 \u062a\u0634\u062e\u06cc\u0635 \u0628\u062f\u06cc\u062f.\u0627\u06af\u0631 \u0627\u062a\u0635\u0627\u0644\u0627\u062a \u0628\u0633\u06cc\u0627\u0631 \u0632\u06cc\u0627\u062f\u06cc \u0628\u0647 \u0633\u0631\u0648\u0631 \u0634\u0645\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 syn \u0641\u0631\u0633\u062a\u0627\u062f\u0647 \u0634\u062f\u0647 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">\/ip firewall connection print<\/pre>\n\n\n\n<p>\u0627\u06af\u0631 \u067e\u06a9\u062a\u0647\u0627\u06cc \u0632\u06cc\u0627\u062f\u06cc \u0628\u0647 \u0634\u0628\u06a9\u0647 \u0634\u0645\u0627 \u0648\u0627\u0631\u062f \u0645\u06cc\u0634\u0648\u062f:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">\/interface monitor-traffic ether3<\/pre>\n\n\n\n<p>\u0627\u06af\u0631 \u0645\u0635\u0631\u0641 \u0633\u06cc \u067e\u06cc \u06cc\u0648 \u0634\u0645\u0627 100% \u0627\u0633\u062a:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">\/system resource monitor<\/pre>\n\n\n\n<p>\u0627\u06af\u0631 \u0627\u062a\u0635\u0627\u0644\u0627\u062a \u0628\u0633\u06cc\u0627\u0631 \u0632\u06cc\u0627\u062f \u0645\u0634\u06a9\u0648\u06a9\u06cc \u0628\u0647 \u0633\u0631\u0648\u0631 \u062e\u0648\u062f \u062f\u0627\u0631\u06cc\u062f:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">\/tool torch<\/pre>\n\n\n\n<h3>\u0646\u062d\u0648\u0647 \u0645\u062d\u0627\u0641\u0638\u062a \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u0627\u06cc\u0646 \u062d\u0645\u0644\u0627\u062a:<\/h3>\n\n\n\n<p><strong>\u0646\u062d\u0648\u0647 \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u06a9\u0627\u0646\u06a9\u0634\u0646 \u0647\u0627:<\/strong><br>\u0627\u06cc \u067e\u06cc \u0627\u062f\u0631\u0633\u06cc \u0631\u0648 \u06a9\u0647 \u06a9\u0627\u0646\u06a9\u0634\u0646\u0647\u0627\u06cc \u0632\u06cc\u0627\u062f\u06cc \u0628\u0647 \u0633\u0631\u0648\u0631 \u0634\u0645\u0627 \u0632\u062f\u0647 \u0628\u0647 \u0628\u0644\u06a9 \u0644\u06cc\u0633\u062a \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">\/ip firewall filter add chain=input protocol=tcp connection-limit=LIMIT,32 action=add-src-to-address-list address-list=blocked-addr address-list-timeout=1d<\/pre>\n\n\n\n<p>\u0628\u0647 \u0627\u06cc\u0646 \u0646\u06a9\u062a\u0647 \u062a\u0648\u062c\u0647 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u062f \u06a9\u0647 \u062a\u0639\u062f\u0627\u062f \u0627\u062a\u0635\u0627\u0644\u0627\u062a \u0631\u0648 \u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0627\u062a\u0635\u0627\u0644\u0627\u062a \u0645\u062e\u062a\u0644\u0641 \u2026,http,p2p,torrent \u0645\u062d\u062f\u0648\u062f \u06a9\u0646\u06cc\u062f.<\/p>\n\n\n\n<p><strong>\u0639\u0645\u0644\u06cc\u0627\u062a tarpit:<\/strong><br>\u0631\u0648\u062a\u0631 \u0634\u0645\u0627 \u0645\u06cc\u062a\u0648\u0646\u0647 \u0628\u0627 \u062f\u0633\u062a\u0648\u0631 \u0632\u06cc\u0631 \u0628\u0647 \u0633\u0627\u062f\u06af\u06cc \u067e\u06a9\u062a\u0647\u0627\u06cc \u062d\u0645\u0644\u0647 \u06a9\u0646\u0646\u062f\u0647 \u0631\u0648 drop \u06a9\u0646\u0647 \u0648 \u0627\u062a\u0635\u0627\u0644\u0627\u062a \u0631\u0648 \u0646\u06af\u0647 \u062f\u0627\u0631\u0647 \u062a\u0627 \u0628\u0647 \u0627\u0647\u0633\u062a\u06af\u06cc \u0628\u0647 \u0627\u0635\u0637\u0644\u0627\u062d \u062d\u0645\u0644\u0647 \u0631\u0648 \u0628\u062e\u0648\u0627\u0628\u0648\u0646\u0647:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">\/ip firewall filter add chain=input protocol=tcp src-address-list=blocked-addr  connection-limit=3,32 action=tarpit \/ip firewall filter add chain=forward protocol=tcp tcp-flags=syn connection-state=new  action=jump jump-target=SYN-Protect comment=\"SYN Flood protect\" disabled=yes \/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn limit=400,5 connection-state=new  action=accept comment=\"\" disabled=no \/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn connection-state=new  action=drop comment=\"\" disabled=no<\/pre>\n\n\n\n<p>\u0642\u0631\u0627\u0631 \u062f\u0627\u062f\u0646 syn=400 \u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u0641\u0642\u0637 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u0627\u0633\u062a\u0627\u0646\u0647 \u0627\u0633\u062a \u062c\u0647\u062a drop \u06a9\u0631\u062f\u0646 \u067e\u06a9\u062a\u0647\u0627\u06cc syn.<\/p>\n\n\n\n<h3>\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u06a9\u0646\u06cc\u06a9 SYN coockies:<\/h3>\n\n\n\n<p><strong>\u0628\u0631\u0627\u06cc \u0645\u06cc\u06a9\u0631\u0648\u062a\u06cc\u06a9 \u0648\u0631\u0698\u0646 6:<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">\/ip settings set tcp-syncookies=yes<\/pre>\n\n\n\n<p>\u0628\u0631\u0627\u06cc \u0645\u06cc\u06a9\u0631\u0648\u062a\u06cc\u06a9 \u0647\u0627\u06cc \u0648\u0631\u0698\u0646\u0647\u0627\u06cc \u0642\u062f\u06cc\u0645\u06cc \u062a\u0631:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">\/ip firewall connection tracking set tcp-syncookie=yes<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>(DoS (Denial of Service: \u0646\u0648\u0639\u06cc \u062d\u0645\u0644\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0628\u0627\u0639\u062b \u0627\u0641\u0632\u0627\u06cc\u0634 \u0628\u0627\u0631 \u0628\u0631 \u0631\u0648\u06cc \u0631\u0648\u062a\u0631 \u06cc\u0627 \u0633\u0631\u0648\u0631 \u0645\u06cc\u0634\u0648\u062f \u0628\u0647 \u0627\u06cc\u0646 \u0645\u0639\u0646\u06cc \u06a9\u0647 \u0645\u0635\u0631\u0641 \u0633\u06cc \u067e\u06cc \u06cc\u0648 \u0628\u0647 100% \u0645\u06cc\u0631\u0633\u062f \u0648 \u0633\u0631\u0648\u0631 \u06cc\u0627 \u0631\u0648\u062a\u0631 \u062a\u0648\u0633\u0637 time out \u0627\u0632 \u062f\u0633\u062a\u0631\u0633 \u062e\u0627\u0631\u062c \u0645\u06cc\u0634\u0648\u062f.\u06cc\u0627 \u0628\u0637\u0648\u0631 \u06a9\u0644 \u062a\u0645\u0627\u0645 \u0639\u0645\u0644\u06cc\u0627\u062a\u0647\u0627\u06cc\u06cc \u06a9\u0647 \u0645\u06cc\u062a\u0648\u0646\u0646\u062f \u0631\u0648\u06cc \u0645\u0635\u0631\u0641 \u0633\u06cc \u067e\u06cc \u06cc\u0648 \u062a\u0627\u062b\u06cc\u0631 \u0628\u0630\u0627\u0631\u0646\u062f \u0645\u062b\u0644 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0648&hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[8,15],"tags":[],"_links":{"self":[{"href":"https:\/\/fakhry.ir\/index.php?rest_route=\/wp\/v2\/posts\/394"}],"collection":[{"href":"https:\/\/fakhry.ir\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fakhry.ir\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fakhry.ir\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/fakhry.ir\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=394"}],"version-history":[{"count":1,"href":"https:\/\/fakhry.ir\/index.php?rest_route=\/wp\/v2\/posts\/394\/revisions"}],"predecessor-version":[{"id":395,"href":"https:\/\/fakhry.ir\/index.php?rest_route=\/wp\/v2\/posts\/394\/revisions\/395"}],"wp:attachment":[{"href":"https:\/\/fakhry.ir\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=394"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fakhry.ir\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=394"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fakhry.ir\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=394"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}