Results 1 to 10 of 10
-
03-19-2012, 06:02 AM #1New Member
- Join Date
- Mar 2012
- Location
- Delhi- India
- Posts
- 3
How to protect vps node from attacker
Hello everyone,
Can you teach me more how to harden my security? To prevent ddos and bruteforce attacks for my solusvm node?
Thanks in advance!
-
03-19-2012, 09:23 AM #2Aspiring Evangelist
- Join Date
- Aug 2010
- Location
- Prague, Czech Republic
- Posts
- 404
As you may know, security is a process. There's no one action you can do to make your server secure. It's a complex of measures. As concerns DDoS, there're various types of attacks, so there're different ways of mitigating it.
█ Supportex.Net server management, full range of services. EU-based outsourced company. Since 1998.
█ Outstanding quality for high performance projects; clustering and high-availability solutions, DDoS protection.
█ Cisco/Juniper network management & deployment assistance. Network design and monitoring.
-
03-19-2012, 11:48 AM #3Disabled
- Join Date
- Mar 2012
- Posts
- 71
As no.1 advice update your OS frequently to prevent some new exploits.
-
08-15-2013, 01:54 PM #4Temporarily Suspended
- Join Date
- Jan 2010
- Location
- Europe
- Posts
- 372
-
08-16-2013, 01:46 AM #5Web Hosting Master
- Join Date
- Jan 2008
- Posts
- 1,204
Even server is fully updated it can be attacked. You can use Hardware firewall for your server for addition DDoS protection.
Without Hardware firewall, you can use software firewall to block all unwanted ports and restrict other necessary ports to limited IP addresses but this will provide you limited protection against DDoS.|| Web Hosting Blog - Web Hosting security & latest web hosting industry Announcements
|| Web Hosting Discussion - A Web Hosting community
-
08-16-2013, 11:05 AM #6Disabled
- Join Date
- Aug 2012
- Posts
- 3,105
CSF is the firewall script you use on your solusvm slaves, and it offers great DDoS and brute force attack protection. It does more than just protect you from DDOS. It offers spam protection as well.
-
08-16-2013, 09:46 PM #7Junior Guru
- Join Date
- Jul 2012
- Posts
- 188
I kind of think you can be misleading with this kind of post - CSF will only protect you until the port/NIC/on the box is maxed, this is the absolute upper limit, if the node only has 1gbps worth of bandwidth to it, this is all the entire node can accept. Further I don't see how this provides spam protection.
OP: You can rate limit IP's inbound to the node IP with iptables but in order to be protected from DDoS you will need to have your datacenter or a third party mitigation provider do mitigation for you.
-
08-17-2013, 01:54 PM #8Newbie
- Join Date
- Oct 2011
- Location
- Ontario, California
- Posts
- 21
are your nodes part of a vlan? do you have the administration restricted to a single IP?
-
08-17-2013, 01:58 PM #9dd if=/dev/null of=/dev/sda
- Join Date
- Aug 2010
- Location
- Belgium
- Posts
- 657
How to protect vps node from attacker
Euhm, fail2ban will probably be best for you. It scans access logs and error logs for failed logins.
There are plenty of tutorials on the internet to install it on CentOS.
What some are saying here is untrue, software on the server self cannot save you from a DDoS, take it from me. Once your line is 'full' you're done.
If you're getting massive Layer 4 attacks then you're better off getting protection - Layer 7 *can* be addressed from the server self, but generally, protection is for appliances if you're hosting serious content.█ AssetGateway
█ Skype da_arco
-
08-17-2013, 03:35 PM #10Junior Guru Wannabe
- Join Date
- Jun 2009
- Posts
- 66
Installation and proper Configuration of ConfigServer Firewall(CSF):A Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers.
Installation and proper rule-configuration of ModSecurity:Open source web application firewall which runs as an Apache module and uses specific rules.It can prevent major Hacking Techniques such as XSS, Remote File Inclusion, SQL Injection and more.
Important Kernel Tweaks to prevent Networking misconfiguration and security holes such as SYN-Flood ,ICMP Flood and more.
Installation of ClamAV Antivirus along with RKHunter for RootKits and Tripwire for Intrusion Detection.
Mod_Evasive for Apache, to prevent Ddos Attacks.Freelancer Linux System Administrator
www.hirekostas.com
Similar Threads
-
VPS Node Management + 24/7 Live Chat Support + Ticket Support = $249 per month/node!
By hiabhilash in forum Systems Management OffersReplies: 0Last Post: 10-22-2010, 08:28 AM -
VPS Node Management + 24/7 Live Chat Support + Ticket Support = $249 per month/node!
By hiabhilash in forum Systems Management OffersReplies: 0Last Post: 06-23-2010, 04:05 AM -
VPS.NET: VPS Cloud hosting w/ scalable node technology. Build VPS to fit your specs!!
By lweeks in forum VPS Hosting OffersReplies: 0Last Post: 05-17-2010, 01:11 PM -
VPS.NET: VPS Cloud hosting w/ scalable node technology. Build VPS to fit your specs!!
By lweeks in forum VPS Hosting OffersReplies: 0Last Post: 01-25-2010, 01:18 PM -
Attacker.NET : New VPS Management Plans ... 50% OFF Limited offer
By AttackerNET in forum Systems Management OffersReplies: 0Last Post: 08-31-2009, 09:13 AM