Dmitry Zhukov freeminder

## ddos.conf
### 1: Drop invalid packets ###
/sbin/iptables -t mangle -A PREROUTING -m conntrack --ctstate INVALID -j DROP

### 2: Drop TCP packets that are new and are not SYN ###
/sbin/iptables -t mangle -A PREROUTING -p tcp ! --syn -m conntrack --ctstate NEW -j DROP

### 3: Drop SYN packets with suspicious MSS value ###
/sbin/iptables -t mangle -A PREROUTING -p tcp -m conntrack --ctstate NEW -m tcpmss ! --mss 536:65535 -j DROP

### 4: Block packets with bogus TCP flags ###

## security.conf

    ## Block SQL injections
    set $block_sql_injections 0;
    if ($query_string ~ "union.*select.*\(") {
        set $block_sql_injections 1;
    }

    if ($query_string ~ "union.*all.*select.*") {
        set $block_sql_injections 1;
    }

## zabbix_agent_install.sh
#!/bin/bash -e

if [ "$UID" -ne 0 ]; then
  echo "Please run as root"
  exit 1
fi

# Only run it if we can (ie. on Ubuntu/Debian)
if [ -x /usr/bin/apt-get ]; then
  apt-get update
	### 1: Drop invalid packets ###
	/sbin/iptables -t mangle -A PREROUTING -m conntrack --ctstate INVALID -j DROP

	### 2: Drop TCP packets that are new and are not SYN ###
	/sbin/iptables -t mangle -A PREROUTING -p tcp ! --syn -m conntrack --ctstate NEW -j DROP

	### 3: Drop SYN packets with suspicious MSS value ###
	/sbin/iptables -t mangle -A PREROUTING -p tcp -m conntrack --ctstate NEW -m tcpmss ! --mss 536:65535 -j DROP

	### 4: Block packets with bogus TCP flags ###

	## Block SQL injections
	set $block_sql_injections 0;
	if ($query_string ~ "union.select.\(") {
	set $block_sql_injections 1;
	}

	if ($query_string ~ "union.all.select.*") {
	set $block_sql_injections 1;
	}
	#!/bin/bash -e

	if [ "$UID" -ne 0 ]; then
	echo "Please run as root"
	exit 1
	fi

	# Only run it if we can (ie. on Ubuntu/Debian)
	if [ -x /usr/bin/apt-get ]; then
	apt-get update