Results 1 to 14 of 14
Thread: Ddos attack
-
11-16-2008, 03:27 PM #1Junior Guru Wannabe
- Join Date
- Sep 2008
- Posts
- 71
Ddos attack
Hello all my friends !
This week some hackers ( n00b ) attack my site with ddos attack and pc zombies...
i have installed and configured fail2ban but it has yielded no results
the server surchauffe and be DOWN always...
So it's very urgent if you have a solution for me , to block these n00b !!!
-
11-16-2008, 03:34 PM #2Newbie
- Join Date
- Sep 2008
- Posts
- 29
Have you tried using apf or csf?
-
11-16-2008, 03:38 PM #3Junior Guru Wannabe
- Join Date
- Sep 2008
- Posts
- 71
What is this ?
apf or csf
-
11-16-2008, 03:40 PM #4gigenoc-jim Guest
Config security firewall
here is how you can install ithttp://www.webhostingresourcekit.com/308.html
-
11-16-2008, 03:49 PM #5Junior Guru Wannabe
- Join Date
- Sep 2008
- Posts
- 71
What do you think about IPTABLES ?
-
11-16-2008, 05:10 PM #6Junior Guru Wannabe
- Join Date
- Mar 2008
- Posts
- 78
APF and CSF are intended to help your server ride out attacks.
Iptables without good rules is not going to help you at all.
-
11-16-2008, 05:24 PM #7Junior Guru Wannabe
- Join Date
- May 2007
- Posts
- 73
What servercenter are you on ?
-
11-16-2008, 05:47 PM #8Junior Guru Wannabe
- Join Date
- Sep 2008
- Posts
- 71
www.leaseweb.com
-
11-16-2008, 07:59 PM #9the ground beneath my feet
- Join Date
- Feb 2006
- Posts
- 1,107
Quote:
Originally Posted by xbox360
APF and CSF are intended to help your server ride out attacks.
Iptables without good rules is not going to help you at all.
APF and CSF won't really do crap when you're just facing brute force bandwidth floods.
__________________http://www.combatarms.us - first person shooter community
-
11-16-2008, 08:11 PM #10Aspiring Evangelist
- Join Date
- Dec 2006
- Posts
- 445
Quote:
Originally Posted by IPv6
APF and CSF won't really do crap when you're just facing brute force bandwidth floods.
True, before APF/CSF works, the traffic already reached your server .. and your line is full.
-
11-16-2008, 08:27 PM #11Web Hosting Master
- Join Date
- Jan 2005
- Posts
- 2,203
Can you paste the entries from domain access logs?
__________________
Proud customer of Softlayer
-
11-16-2008, 09:30 PM #12Junior Guru Wannabe
- Join Date
- Apr 2008
- Posts
- 87
i add a ip to the iptables reject list if any IP has more than 31 connection to my appache server.
seemed to help the stop appache server from stop responding.
__________________Build1UServer.com - Step by step on how to build your own 1U rackmount server on a budget.
-
11-16-2008, 09:42 PM #13Web Hosting Master
- Join Date
- Jan 2005
- Posts
- 2,203
Quote:
Originally Posted by 111111z
i add a ip to the iptables reject list if any IP has more than 31 connection to my appache server.
seemed to help the stop appache server from stop responding.
That will ban many ips, browsers open many connections to download images, text, css, javascript on a page.
__________________
Proud customer of Softlayer
-
11-17-2008, 01:48 AM #14******* Unleaded
- Join Date
- Feb 2004
- Posts
- 3,849
Quote:
Originally Posted by HD Fanatic
That will ban many ips, browsers open many connections to download images, text, css, javascript on a page.
Not most legitimate browsers with out of the box installs. IE used to limit itself to 2 connections per host name. Firefox is a bigger offender, but certainly not 31 connections.