Ddos attack tool download to prevent local users from using fsockopen to DDOS attack countermeasures

Reason
Part of the source code of the php script:

Copy the code The code is as follows:

$fp = fsockopen("udp://$ip", $rand, $errno, $errstr, 5);
if( $fp){
fwrite($fp, $out);
fclose($fp);

The fsockopen function in the php script sends a large number of data packets through UDP to external addresses to attack the other party.
Coping
You can disable the fsockopen function through php.ini, and use the Windows 2003 security policy to block the local UDP port.
Disable functions
Find disable_functions and add the function name to be disabled, as in the following example:
passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,pfsockopen,openlog ,syslog,readlink,symlink,popepassthru,stream_socket_server,fsocket,fsockopen
It will take effect after restarting IIS.
Block UDP port
Copy the following colored text to notepad, save it as banudp.bat or any name, double-click to run.
REM Add security policy, name
netsh ipsec static add policy name=My security policy
REM Add IP filter list
netsh ipsec static add filterlist name=Allow list
netsh ipsec static add filterlist name=Deny list
REM Add filter
netsh ipsec static add filter filterlist=allow list srcaddr=me dstaddr=any description=dns access protocol=udp mirrored=yes dstport=53
REM Add filter to IP filter list ( Do not allow others to access)
netsh ipsec static add filter filterlist=deny list srcaddr=any dstaddr=me description=Others can access me any protocol=udp mirrored=yes
REM Add filter operation
netsh ipsec static add filteraction name=can action =permit
netsh ipsec static add filteraction name=Not possible action=block
REM Create a link to specify the IPSec policy, filter list and filter action rule (add the rule to my security policy)
netsh ipsec static add rule name= Allow rule policy=My security policy filterlist=Allow list filteraction=Yes
netsh ipsec static add rule name=Deny rule policy=My security policy filterlist=Deny list filteraction=No
REM Activate my security policy
netsh ipsec static set policy name=my security policy assign=y

The above introduces the DDOS attacker download countermeasures to prevent local users from using fsockopen to DDOS attack, including the content of DDOS attacker download. I hope it will be helpful to friends who are interested in PHP tutorials.