以下代码用来防范流行的DDoS攻击,ARP欺骗,CC攻击,XXS攻击,对输入的恶意代码进行过滤,嵌入到web程序可以很好的防范网络攻击,但如果想要更好的防范网络攻击,还需要更加复杂的配置和更硬核的硬件。
import socket
import struct
import time
import threading
定义一些常量
ARP_PACKET_TYPE = 0x0806
IP_PACKET_TYPE = 0x0800
用于检测 ARP 欺骗的函数
def detect_arp_spoofing():
创建原始套接字
sock = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.ntohs(ARP_PACKET_TYPE))
while True:
packet = sock.recvfrom(65535)
eth_header = packet[0][0:14]
eth = struct.unpack("!6s6sH", eth_header)
if eth[2] == ARP_PACKET_TYPE:
arp_packet = packet[0][14:]
arp_header = struct.unpack("!HHBBH6s4s6s4s", arp_packet[:28])
检查 ARP 应答的合法性
if arp_header[4] == 2:
在此添加验证 MAC 地址和 IP 地址对应关系的逻辑
pass
time.sleep(0.1)
用于检测 DDoS 攻击的函数(简单示例,通过监测短时间内的连接数量)
def detect_ddos():
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.bind(('0.0.0.0', 80))
connection_count = 0
threshold = 100 # 每秒连接数阈值
last_time = time.time()
while True:
sock.listen(5)
client_sock, addr = sock.accept()
connection_count += 1
current_time = time.time()
if current_time - last_time >= 1:
if connection_count > threshold:
print("可能的 DDoS 攻击检测到")
connection_count = 0
last_time = current_time
用于检测 CC 攻击的函数(简单示例,通过监测短时间内对同一资源的请求频率)
def detect_cc():
resource_request_count = {}
threshold = 10 # 每秒对同一资源的请求阈值
last_time = time.time()
while True:
假设这里获取到请求的资源路径
resource_path = "example_resource_path"
if resource_path in resource_request_count:
resource_request_count[resource_path] += 1
else:
resource_request_count[resource_path] = 1
current_time = time.time()
if current_time - last_time >= 1:
for resource, count in resource_request_count.items():
if count > threshold:
print(f"可能的 CC 攻击针对资源 {resource} 检测到")
resource_request_count = {}
last_time = current_time
用于检测 XSS 攻击的函数(简单示例,检查输入中是否存在可疑脚本标签)
def detect_xss(input_string):
suspicious_keywords = ["<script>", "</script>", "<iframe>", "javascript:"]
for keyword in suspicious_keywords:
if keyword in input_string:
print("可能的 XSS 攻击检测到")
创建线程来运行各个检测函数
threads = [
threading.Thread(target=detect_arp_spoofing),
threading.Thread(target=detect_ddos),
threading.Thread(target=detect_cc),
]
for thread in threads:
thread.start()