How to prevent a ddos attack

       

September 4, 2009 Server Administration

Tech tipsComputer Tricks

The shared hosting one of the biggest problems is the DDoS attack. In many moments of the server at once began to wonder seponasa, the percentage of memory usage started to grow rapidly until it came to 100%. Until then, no problems with server load. Since one of the load started to rise until the machine has not froze. The server was down. Command, which I will write down I realized that it is possible that the server under DDoS attack.

netstat -plan|grep :80|awk {‘print $4′}|cut -d: -f 1|sort|uniq -c|sort -nk 1

Soon I went to finding solutions that would be ideal to protect against DDoS attacks. And if I was next to the computer using iptables I managed to block some IP addresses from which the attack came.

One view of the IP address was standing on the list when I’m knocking dmesg. Displaying looked something like this:

TCP: Treason uncloaked! Peer 86.158.133.209:61164/80 shrinks window 351785724517862251. Repaired.

In this case the one IP address is repeated many times and I suspected that it could be one of the causes.

Finally I reached a decision by the server I set up a very nice addition to iptables. It is the CSF and LFD.

Now I will explain how to set the CSF on your server.

wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

Next, test whether you have the required iptables modules:

perl /etc/csf/csftest.pl
When you have completed installation of CSF-a need to configure it, if you have Cpanel you will find it under the Plugins ConfigServer Security & Firewall, and if you use webmin you explain how to install the module for it.
In webmin modules go to the option install new modules, module, and look at the location / etc / CSF / csfwebmin.tgz, install the module and get the following instructions: 
The following modules have been successfully installed and added to your access control list: 
ConfigServer Security & Firewall in / etc/webmin-1.470/csf (32 kB) under category System.
And that is one way to secure your server from a ddos attack.
Share and Enjoy:
  • Print
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks
  • blogmarks
  • Fark
  • LinkedIn
  • MSN Reporter
  • MySpace
  • Reddit
  • Socialogs
  • StumbleUpon
  • Technorati
  • Twitter
  • Yahoo! Bookmarks
  • Yahoo! Buzz

Tags:

Comments (2)

 

  1. exn says:
    September 6, 2009 at 8:15 pm

    and what it is and what it do ?
    I have a good tool , look guys !! it’s cfs and lsd :P

    :/

  2. SkyRider says:
    September 10, 2009 at 12:14 am

    ahahaha are you so stupid or what ? go play tetris :)

Leave a Reply