Linode Forum :: Defending against Denial of Service attacks

Linode Forum https://forum.linode.com/

Defending against Denial of Service attacks https://forum.linode.com/viewtopic.php?f=19&t=986	Page 1 of 1

Author:	jsalloum [ Tue Jun 29, 2004 11:24 am ]
Post subject:	Defending against Denial of Service attacks
After last night's DDoS attack at the HE datacenter, I'm a bit curious about what I should install on my linode to protect against such an attack. I've been reading up on the packet flow rate options in iptables, but I wondered if anyone could recommend a really good tutorial/HOWTO/example of what an ideal iptables firewall setup to defend against DDoS would be. A lot of the documentation is very abstract--detailing every possible option you could implement with the software. Something that broke it down down more concretely for those of us that are learning about it would be ideal. I've already got an iptablesrocks.org setup in place (that seems to be working nicely), but I need to pay attention to the DDoS side of things for those ports that are open... Thanks in advance for your help! j.

Author:	caker [ Tue Jun 29, 2004 1:10 pm ]
Post subject:
DoS attacks that don't fill our bandwidth capacity (at the switch) only render the Linode and the host that Linode is on inaccessible. A few things had to happen to affect everyone like it did last night. It has more to do with the networking hardware than your configuration. DoS attacks are best handled either on my end or upstream. Of course, what you can do is not attrack DoS attacks in the first place, which I doubt you would -Chris

Author:	You_Wish [ Tue Jun 29, 2004 8:31 pm ]
Post subject:	Caker were these attacks coming from the linode or going to
Caker were these attacks coming from the linode or going to it. If they were coming from is there any way to check if they are coming from ours. I love my linode and dont want to a part of that parade.

Author:	caker [ Tue Jun 29, 2004 9:05 pm ]
Post subject:
It was going TO a Linode (not yours). If it was coming FROM, that would be a clearer case of abuse. -Chris

Author:	efc [ Thu Jul 01, 2004 4:43 am ]
Post subject:
You could always install some additional apache modules to help - mod_dosevasive, mod_throttle, and mod_security. A few searches on WHT throws up some good info regarding these modules. They are not a perfect solution, but may help somewhat against attacks.

Page 1 of 1	All times are UTC-04:00
Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/