Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

bad ddos attack over 200 ips

Discussion in 'General Discussion' started by perfect-games, Oct 26, 2005.

  1. perfect-games

    perfect-games Well-Known Member

    Joined:
    Nov 11, 2004
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    alberta
    hi , i have big problem with ddos and who ever doing this i unable to ping point the ip and block it via roughter.

    i tryied installing apf but when i run apf --start
    i unable to access my sites or server

    please help how can i block ips

    or how can i run apf and still get access to my server.

    any suggestions ?

    and if any one needs root access to solve this please be my guest as i unable to do anything


    thanks

    steve
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,470
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    The only realistic way to block a true DDOS attack is to do so using a router product that includes such protection. Many of the large popular datacenters offers such protection these days. I would suggest contacting your NOC. By the time the traffic has reached the server, it's too late really.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    4
    Trophy Points:
    193
    Location:
    Minneapolis, MN
    Installing APF is not a prime solution for your problem. I suggest hiring a sys admin to fix this probelm for you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Zaf

    Zaf Well-Known Member

    Joined:
    Aug 22, 2005
    Messages:
    117
    Likes Received:
    0
    Trophy Points:
    166
    This little script might help a bit to get you over this DDoS problem:

    Installation:
    wget http://www.inetbase.com/scripts/ddos/install.ddos
    chmod 0755 install.ddos
    ./install.ddos

    If you dont like what it is doing you can even uninstall it cleanly.

    Uninstallation:
    wget http://www.inetbase.com/scripts/ddos/uninstall.ddos
    chmod 0755 uninstall.ddos
    ./uninstall.ddos


    Briefly, this script counts the number of tcp & udp connections made to your server from various unique ips. It blocks the ips exceeding N connections (100 by default). It uses APF by default, but can be configured to use iptables from the config file. It auto unbans the ip after 500 secs by default and you may change that too. This script auto adds itself as a cron and runs every 5 mins and you may even change the cron file which is /etc/cron.d/ddos.cron to run every minute if you are heavily DoSed at this moment.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice