Results 1 to 10 of 10
  1. #1
    Join Date
    Mar 2012
    Location
    Delhi- India
    Posts
    3

    How to protect vps node from attacker

    Hello everyone,

    Can you teach me more how to harden my security? To prevent ddos and bruteforce attacks for my solusvm node?

    Thanks in advance!

  2. #2
    Join Date
    Aug 2010
    Location
    Prague, Czech Republic
    Posts
    404
    As you may know, security is a process. There's no one action you can do to make your server secure. It's a complex of measures. As concerns DDoS, there're various types of attacks, so there're different ways of mitigating it.
    Supportex.Net server management, full range of services. EU-based outsourced company. Since 1998.
    Outstanding quality for high performance projects; clustering and high-availability solutions, DDoS protection.
    Cisco/Juniper network management & deployment assistance. Network design and monitoring.

  3. #3
    As no.1 advice update your OS frequently to prevent some new exploits.

  4. #4
    Join Date
    Jan 2010
    Location
    Europe
    Posts
    372
    Quote Originally Posted by SiteServing View Post
    As no.1 advice update your OS frequently to prevent some new exploits.
    How do you update your OS please?

  5. #5
    Quote Originally Posted by SiteServing View Post
    As no.1 advice update your OS frequently to prevent some new exploits.
    Even server is fully updated it can be attacked. You can use Hardware firewall for your server for addition DDoS protection.

    Without Hardware firewall, you can use software firewall to block all unwanted ports and restrict other necessary ports to limited IP addresses but this will provide you limited protection against DDoS.
    || Web Hosting Blog - Web Hosting security & latest web hosting industry Announcements
    || Web Hosting Discussion - A Web Hosting community

  6. #6
    CSF is the firewall script you use on your solusvm slaves, and it offers great DDoS and brute force attack protection. It does more than just protect you from DDOS. It offers spam protection as well.

  7. #7
    Join Date
    Jul 2012
    Posts
    188
    Quote Originally Posted by BestServerSupport View Post
    CSF is the firewall script you use on your solusvm slaves, and it offers great DDoS and brute force attack protection. It does more than just protect you from DDOS. It offers spam protection as well.
    I kind of think you can be misleading with this kind of post - CSF will only protect you until the port/NIC/on the box is maxed, this is the absolute upper limit, if the node only has 1gbps worth of bandwidth to it, this is all the entire node can accept. Further I don't see how this provides spam protection.

    OP: You can rate limit IP's inbound to the node IP with iptables but in order to be protected from DDoS you will need to have your datacenter or a third party mitigation provider do mitigation for you.

  8. #8
    Join Date
    Oct 2011
    Location
    Ontario, California
    Posts
    21
    are your nodes part of a vlan? do you have the administration restricted to a single IP?

  9. #9
    Join Date
    Aug 2010
    Location
    Belgium
    Posts
    657

    How to protect vps node from attacker

    Euhm, fail2ban will probably be best for you. It scans access logs and error logs for failed logins.

    There are plenty of tutorials on the internet to install it on CentOS.

    What some are saying here is untrue, software on the server self cannot save you from a DDoS, take it from me. Once your line is 'full' you're done.

    If you're getting massive Layer 4 attacks then you're better off getting protection - Layer 7 *can* be addressed from the server self, but generally, protection is for appliances if you're hosting serious content.
    AssetGateway
    █ Skype da_arco

  10. #10
    Join Date
    Jun 2009
    Posts
    66
    Installation and proper Configuration of ConfigServer Firewall(CSF):A Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers.
    Installation and proper rule-configuration of ModSecurity:Open source web application firewall which runs as an Apache module and uses specific rules.It can prevent major Hacking Techniques such as XSS, Remote File Inclusion, SQL Injection and more.
    Important Kernel Tweaks to prevent Networking misconfiguration and security holes such as SYN-Flood ,ICMP Flood and more.
    Installation of ClamAV Antivirus along with RKHunter for RootKits and Tripwire for Intrusion Detection.
    Mod_Evasive for Apache, to prevent Ddos Attacks.
    Freelancer Linux System Administrator
    www.hirekostas.com

Similar Threads

  1. Replies: 0
    Last Post: 10-22-2010, 08:28 AM
  2. Replies: 0
    Last Post: 06-23-2010, 04:05 AM
  3. Replies: 0
    Last Post: 05-17-2010, 01:11 PM
  4. Replies: 0
    Last Post: 01-25-2010, 01:18 PM
  5. Attacker.NET : New VPS Management Plans ... 50% OFF Limited offer
    By AttackerNET in forum Systems Management Offers
    Replies: 0
    Last Post: 08-31-2009, 09:13 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •