{"id":476,"date":"2013-11-09T06:49:39","date_gmt":"2013-11-09T05:49:39","guid":{"rendered":"http:\/\/www.netnea.com\/cms\/?page_id=476"},"modified":"2013-11-09T06:54:12","modified_gmt":"2013-11-09T05:54:12","slug":"flying-frog-anti-ddos-script","status":"publish","type":"page","link":"https:\/\/www.netnea.com\/cms\/flying-frog-anti-ddos-script\/","title":{"rendered":"Flying Frog Anti DDoS Script"},"content":{"rendered":"<p>Flying-Frog is a script that monitors connections and application sessions in order to support application level DDoS defense. Especially request delaying \/ slowloris type \/ connection starvation attacks.<\/p>\n<p>Flying-Frog is a ruby script with the following features:<\/p>\n<ul>\n<li>Monitor TCP connections<\/li>\n<li>Check the number of connections from an individual source IP<\/li>\n<li>Run GeoIP on client IPs<\/li>\n<li>Watch application logs and identify authenticated sessions and thus authenticated client IPs<\/li>\n<li>Report client IPs exceeding connection limits; ready to ban client IP via fail2ban<\/li>\n<li>Configurable limits are: number of connections per client, duration of individual connection<\/li>\n<li>Limits can be adjusted for server ports, client GeoIP origin, authenticated or not.<\/li>\n<\/ul>\n<p>In the real world, this allows you to shut out slowloris and friends with tight limits, but allow your local clients and clients with successful logins to profit from wider limits.<\/p>\n<p>Here is the script, ready for download:<\/p>\n<p><a href=\"http:\/\/www.netnea.com\/files\/flying-frog.rb\" title=\"Flying Frog Script\">flying-frog.rb<\/a> &#8211; the script<br \/>\n<a href=\"http:\/\/www.netnea.com\/files\/flying-frog.conf\" title=\"Flying Frog Config\">flying-frog.conf<\/a> &#8211; example config file<\/p>\n<p>netnea.com provides this script as is. No warranty is included.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Flying-Frog is a script that monitors connections and application sessions in order to support application level DDoS defense. Especially request delaying \/ slowloris type \/ connection starvation attacks. Flying-Frog is a ruby script with the following features: Monitor TCP connections Check the number of connections from an individual source IP Run GeoIP on client IPs [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"open","template":"","meta":{"footnotes":""},"class_list":["post-476","page","type-page","status-publish","czr-hentry"],"_links":{"self":[{"href":"https:\/\/www.netnea.com\/cms\/wp-json\/wp\/v2\/pages\/476","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.netnea.com\/cms\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.netnea.com\/cms\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.netnea.com\/cms\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.netnea.com\/cms\/wp-json\/wp\/v2\/comments?post=476"}],"version-history":[{"count":3,"href":"https:\/\/www.netnea.com\/cms\/wp-json\/wp\/v2\/pages\/476\/revisions"}],"predecessor-version":[{"id":479,"href":"https:\/\/www.netnea.com\/cms\/wp-json\/wp\/v2\/pages\/476\/revisions\/479"}],"wp:attachment":[{"href":"https:\/\/www.netnea.com\/cms\/wp-json\/wp\/v2\/media?parent=476"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}