The way to prevent ddos attacks

Filed in Centos 0 comments

Preventing DDOS Attacks Simple Methods

To prevent DDos attacks you should install some kind of third party programs.There are other programs that can Defend against DDOs Attacks such Dos_Deflate that their method is to count the number of total connections of each ip address and preventing them from accessing your server in specific ammount of time.

DOS_Defalte Can Help you protect your Server from DDos Attacks

Dos_Deflate is a shell programĀ  that can ban the ips that have reached the specific amount of connections you specified and also they will be banned until the time you have specified in the configuration of Dos_deflate shell program.

Dos_Deflate Installation Guide:

To install first ssh to your server
downloadit to your server

wget http://www.inetbase.com/scripts/ddos/install.sh

then run this by

sh install.sh

cd /usr/local/ddos/;./ddos.sh
sh /usr/local/ddos/ddos.sh [/cc]
then you can edit the config by

nano /usr/local/ddos/ddos.conf

Dos_Deflate Configration Guide:

Email Notifier

you can configure dos_defalte to email you and make you notified of whicdh ips have been banned or had more connection than limit that you specified.just go down and assign an email infront of the equal sign in quotation.

EMAIL_TO=”your_email@domain.com”

Frequncy Check

you can configure to test ip connections how much in miniute.let say if you had it configured 5 then by deviding 60 to 5 this means that dos_defalte will be ran every 12 seconds.have this variable configured with between 3 to 5 times per minute that is the best configration.

FREQ=5

Specify the number of maximum connection of each ip address

you can specify how many connections will define a bad ip address to be blocked fro myuor server.it depends on your apache timeout and other ports such as ftp that is a connection hungry.I recommand you configure dos_defalte to test only prot 80 that is mostly subject to DDOS attacks and provide between 100 to 200 connections.all the value you would define is mostly depends on your other configration factors of your server.

NO_OF_CONNECTIONS=

APF Ban Variable in Dos_Deflate

If you have APF installd change this value to 1,otherwise to have iptables to drop ips assign this variable the 0 value

APF_BAN=0

Killor Not,Test Mode or Active mode

you can configure to bann those suspicous ips or not, this will help you to have dos_deflate in testing mode for debuging purpuoses .to have it enabled to ban ip addresses have it 1,otherwise change it to 0

KILL=1

Define How much time bad ipaddress to be banned with dos_deflate

with this option you can define the time that an ip addresss that has beenknown as bad ip address to be banned from accessign to the server.Ideal times are between 300 to 1200 miniute period.

BAN_PERIOD=700

Related posts:

  1. how To find the attacks of so many sync request?
Posted by voshka   @   7 February 2010 0 comments

Share This Post

RSS Digg Twitter StumbleUpon Delicious Technorati

0 Comments

Add Comment
No comments yet. Be the first to leave a comment !
Leave a Comment

Previous Post
« Next Post
»
© 2009 - 2012 Woshka's Experiences Powered by Wordpress
CrossBlock designed by DeltaManual.Com  |  In conjunction with Web Hosting   |   Web Hosting   |   Reverse phone