Daniel Ribeiro barata0

## prevent-too-many-connections-from-a-single-host.sh
# Reference: http://security.stackexchange.com/questions/42618/how-to-protect-tomcat-7-against-slowloris-attack


# Use firewall rules to prevent too many connections from a single host. This will mitigate run-of-the-mill Denial of Service attacks but not distributed ones (DDoS).

# Here is an example of an iptables command which can be used to limit the number of concurrent connections that can be established to port 80 from a single client host:

iptables -A INPUT -p tcp --syn --dport 80 -m connlimit --connlimit-above 50 -j REJECT

# This would, however, have side-effects if many users were legitimately connecting from a single IP (e.g. mega-proxy), so the number of connections would need to be tuned reasonably - dependant on the traffic expected.
	# Reference: http://security.stackexchange.com/questions/42618/how-to-protect-tomcat-7-against-slowloris-attack


	# Use firewall rules to prevent too many connections from a single host. This will mitigate run-of-the-mill Denial of Service attacks but not distributed ones (DDoS).

	# Here is an example of an iptables command which can be used to limit the number of concurrent connections that can be established to port 80 from a single client host:

	iptables -A INPUT -p tcp --syn --dport 80 -m connlimit --connlimit-above 50 -j REJECT

	# This would, however, have side-effects if many users were legitimately connecting from a single IP (e.g. mega-proxy), so the number of connections would need to be tuned reasonably - dependant on the traffic expected.