Results 1 to 13 of 13
  1. #1
    Join Date
    Jul 2008
    Posts
    17

    Question Best Security Against Botnet Attacks?

    Can anybody suggest best security against botnet attacks?

    What sort of security configuration should be done against these botnet attacks?

  2. #2
    Join Date
    Dec 2005
    Posts
    3,077
    What kind of environment is your server being used in?

    Web Hosting?
    VPS?

  3. #3
    Join Date
    Mar 2009
    Location
    /usr/bin/perl
    Posts
    971
    The best solution on a budget is a tipping point firewall. A tipping point firewall works such that hosts that exceed a certain number of requests within a certain timeframe are bumped to an "abusers" table, and all packets from those hosts are automatically dropped as soon as they hit the firewall until that host expires from the "abusers" table.

    If you're getting huge attacks you'll need to look into a datacenter that has a DDoS mitigation appliance.
    Ask me about CloudCentrum (coming soon) -- The complete, turn-key cloud software solution

  4. #4
    Join Date
    Feb 2007
    Location
    Florida
    Posts
    1,930
    I'm not an expert by any means but I've read some great write-ups on people who rent a low-end dedicated server and put it in front of their main server as a proxy that all traffic has to go through.

    I'm fairly certain that there are a few free applications out there that will monitor traffic and filter out the bogus traffic. It's not the cheapest option, but downtime gets expensive.
    -Joe @ Secure Dragon LLC.
    + OpenVZ Powered by Wyvern | KVM | cPanel Hosting | Backup VPSs | LowEndBoxes | DDOS Protection
    + Florida | Colorado | Illinois | California | Oregon | Georgia | New Jersey | Arizona | Texas

  5. #5
    Join Date
    Nov 2004
    Location
    Australia
    Posts
    1,683
    Some basic server hardening goes a long way - there's TCP hardening steps you can take as well;

    Also, make sure you have enough CPU. Consider using MPM prefork instead of suphp.

    And finally, the best and most important tip - don't annoy people! (and don't host users who might annoy blackhats!). Might not seem like a significant tip, but trust me, it's key!

  6. #6
    Join Date
    Jul 2008
    Posts
    17
    I need the Security on one of my personal VPS Server On Quadcore dedicated server . Which as CentOS , cPanel.

    So whats the best security against botnet attacks?

  7. #7
    Join Date
    Feb 2007
    Location
    Florida
    Posts
    1,930
    When people reply to threads they usually provide answers to questions.
    -Joe @ Secure Dragon LLC.
    + OpenVZ Powered by Wyvern | KVM | cPanel Hosting | Backup VPSs | LowEndBoxes | DDOS Protection
    + Florida | Colorado | Illinois | California | Oregon | Georgia | New Jersey | Arizona | Texas

  8. #8
    Quote Originally Posted by SarKarRaj View Post
    I need the Security on one of my personal VPS Server On Quadcore dedicated server . Which as CentOS , cPanel.

    So whats the best security against botnet attacks?
    Well, can you tell us anything about what security you already have in place? Are you using csf or any firewall, Iptable rules on your vps? Also, since it is a vps, can you get your host to verify that the node/cluster is secure and hasn't had any attempts or recent security compromises?

    There's just so many factors to take into consideration and Cpanel being thrown into the mix complicates things, so you need to make sure that this is secure as well.

    You may want to give this link a look - http://blog.eukhost.com/webhosting/b...rity-measures/
    Keith Mitchell,Dedicated & Virtual Server Engineer,Hosting.com
    Check out my Technical Blog - Keithdmitchell.com

  9. #9
    Join Date
    Jul 2005
    Posts
    445
    Quote Originally Posted by brianoz View Post
    And finally, the best and most important tip - don't annoy people! (and don't host users who might annoy blackhats!). Might not seem like a significant tip, but trust me, it's key!
    Amen to that! Best advice ever.

  10. #10
    Join Date
    Feb 2007
    Location
    Florida
    Posts
    1,930
    Software based security will not stop/mitigate a heavy DDOS attack for very long if as all. You're only real option for maximum uptime is a hardware solution.
    -Joe @ Secure Dragon LLC.
    + OpenVZ Powered by Wyvern | KVM | cPanel Hosting | Backup VPSs | LowEndBoxes | DDOS Protection
    + Florida | Colorado | Illinois | California | Oregon | Georgia | New Jersey | Arizona | Texas

  11. #11
    Join Date
    Jun 2008
    Location
    India
    Posts
    129
    i agreed with joe....if your dc got and any nice firewall setps there then they can easliy maintain it more than your software firewall does..But always better to have a sw firewall in your system........

  12. #12
    Join Date
    Jun 2006
    Location
    NYC
    Posts
    1,446
    99% of firewalls are useless against HTTP-based DDoS attacks and TippingPoint is absolutely one of the worst devices for catching complex attacks. If all you have are normal ICMP floods, then that's great. Although, if you have complex attacks then most firewalls will leave you wishing you'd have done further research

    In all honesty, if you're going to buy your own hardware solution, you can't go wrong with Intruguard/RioRey. Both will provide good filtering but there isn't a perfect out-of-the-box solution. There are several devices out there but just because they are branded for "ddos" protection doesn't mean they will catch anything.

    My Linksys router here on my desk says DDoS protection but whether it would hold up to more than 10k PPS is doubtful. Most DDoS attacks range upwards to 50k PPS on average. Some go as high as 800k+ PPS. Although, if you want an 'average/above means' ddos protection solution then check out Riorey if you have $5-10k lying around. If you want something really cheap, then go with a Juniper Netscreen.

    If you want something that is scalable or large scale then I'd recommend hiring a company that specializes in DDoS protection on a large scale. Once you pass 100Mbps/300k PPS worth of protection, it's cheaper to find a DDoS protection provider than buy your own equipment. Unless you intend to protect an enterprise or datacenter.
    FiberPeer.Com | | REAL DDoS Protection | Cloud Hosting | VPS | Dedicated Servers | High Bandwidth Hosting | 1Gbps-10Gbps Unmetered
    FiberPeer DDoS Mitigation | ethProxy Upgraded! | 14-Years Experience | Emergency 24/7 Support
    Visit us @ www.fiberpeer.com

  13. #13
    @ServerOrigin: Very good post, thank you!

Similar Threads

  1. Mod security rules and hacking attacks
    By glace in forum Hosting Security and Technology
    Replies: 7
    Last Post: 11-15-2007, 07:59 PM
  2. The security of a vps? DDos attacks?
    By TBSite in forum VPS Hosting
    Replies: 3
    Last Post: 03-05-2007, 12:01 PM
  3. Security Alert - Major MS Word Exploit Found Causing Large Attacks
    By TradeViceroy in forum Web Hosting Lounge
    Replies: 1
    Last Post: 12-06-2006, 06:38 AM
  4. DDOS attacks? Is there a security company to help prevent?
    By ebizcraftsman in forum Web Hosting
    Replies: 11
    Last Post: 12-17-2004, 12:42 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •