Results 1 to 2 of 2

Thread: About DDos Attacks

  1. #1
    Registered Member
    Join Date
    Sep 2005
    Posts
    42

    Default About DDos Attacks

    Hello,
    I don`t know how to protect my server againest DDos Attacks?may you help me?

    Thanks
    Abolfazl

  2. #2
    Registered Member
    Join Date
    Jul 2003
    Posts
    278

    Default

    Technically, you can't. Any DDoS of any worth would take your server offline no matter what precautions you put into place on the server itself. All it takes is a simple saturation of your up/downstream and your server will carry no traffic until the attack is done.
    The best thing you can do is to use a datacenter that provides either a hardware firewall that can filter the attack before it enters your network, or uses an upstream filter (like Ev1's FireSlayer).
    Software wise, you could look into mod_evasive, which will help to control the number of httpd connections from a single IP, or scrutinizer, which will do the same but runs at a different level. Some suggest using SYN Cookies, which requests verification of all incoming SYN packets before they are accepted. This violates a few protocols though, and will not help a bandwidth overload if someone decides to actually target you. Tweaking your server to accept low numbers of ICMP packets through a system like APF will help to keep that flooding down... I have mine set to only accept 1 ICMP packet per second, and to drop the rest automatically. Only keeping the ports open that you actually use will help to keep attacks down a bit too, as it will drop all traffic destined for the 'un-used' ports. APF will do this, as well.
    Check out Chirpy's Firewall script. It works a lot like APF, but plugs directly into WHM.
    Don't think that by installing loads of "DDoS Software" on your server that you are safe from it though. As I mentioned, the line to your server will only carry so much traffic, and it's easy these days to overload that line. You'll want a datacenter that can properly filter the attack before it even gets to you. If your Datacenter won't do that, then they're not a very good one to begin with.

Similar Threads

  1. What to do about Ddos attacks to my server?
    By howzit in forum Security
    Replies: 4
    Last Post: 05-16-2012, 12:06 PM
  2. Change Server IP Addresses because of DDOS Attacks
    By CoolMike in forum General Discussion
    Replies: 8
    Last Post: 12-11-2006, 01:10 AM
  3. DDOS Attacks from my Server ...need help
    By Higgins in forum General Discussion
    Replies: 16
    Last Post: 06-08-2005, 05:13 PM
bargain