linuxprovider

Active Member
Mar 4, 2004
28
0
151
egypt
Dear All
Am Really suffering here for ddos attack every week my server under attack
am using APF but now am really wanna get red from it
am looking for a powerfull firewall
I do not know if CSF Could stop this attack like limiting receiving SYN from an ip
or any other policy
another thing .
i have get this rules from forums but am really weak at iptables rules so can any one help my if these rules useful or not . against Dos attack :

iptables -t nat -N syn-flood
iptables -t nat -A syn-flood -m limit --limit 12/s --limit-burst 24 -j RETURN
iptables -t nat -A syn-flood -j DROP
iptables -t nat -A PREROUTING -i eth0 -d (dest ip) -p tcp --syn -j syn-flood


Thanks
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,441
31
473
Go on, have a guess
If you're suffering from a genuine DDOS attack, then you will forever be chasing after it trying to block it using a software firewall on the server. Your only real solution is to have the NOC where your server is hosted enable DDOS protection for your server IP's on their routers. Most reputable datacenters offer that as a free service.

If they won't help, then your next best solution will probably be to move to a different IP subnet if the DDOS is IP targetted. If it is domain targetted, then you're probably looking an losing the affected domain. This type of information can only really be provided by the NOC by analysing their routers.