Get Paid to Participate - up to $1 per post!     Twitter     Facebook     Google+
Hosting Discussion
 

Hosting Discussion > Web Hosting Forums > Hardware and Server Configuration > DdoS Deflate A Simple Protection Against DDoS Attacks
forgot password?



Reply


Old
  Post #1 (permalink)   10-18-2011, 11:40 PM
HD Addict
 
Join Date: Oct 2011
Posts: 177

Status: Bullten is offline
What Is DDoS Deflate:-

(D)DoS Deflate is a lightweight bash shell script designed to assist in the process of blocking a denial of service attack. It utilizes the command below to create a list of IP addresses connected to the server, along with their total number of connections.

netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

How To Install (D)DoS Deflate :-

wget http://www.inetbase.com/scripts/ddos/install.sh
chmod 0700 install.sh
./install.sh

How To UnInstall (D)DoS Deflate :-

wget http://www.inetbase.com/scripts/ddos/uninstall.ddos
chmod 0700 uninstall.ddos
./uninstall.ddos

How To Check The Number Of Connected Ips:-

sh /usr/local/ddos/ddos.sh

How To Edit Configuration File:-

vi /usr/local/ddos/ddos.conf

How To Restart DDos Deflate:-

sh /usr/local/ddos/ddos.sh -c
 
 
 


Old
  Post #2 (permalink)   10-19-2011, 12:07 AM
HD Wizard
 
Join Date: Mar 2005
Location: Atlanta, GA
Posts: 2,264

Status: handsonhosting is offline
Looks like a straight forward script to modify IPTables on the server and block through that configuration, and then unblock after a certain amount of time.

All servers should have a form of Firewall installed on them to start with, so the dDOS script shouldn't normally be needed (unless you're not running a software firewall such as KISS, CSF or APF/BFD.

Since it's modifying IPTables, just be sure to list your own IP number in the list so that you don't get blocked out of your own server.
__________________
Emerson Nogueira
http://www.HandsOnWebHosting.com
cPanel Web Hosting, Domain Registration, Managed VPS Servers
 
 


Old
  Post #3 (permalink)   10-19-2011, 05:49 PM
HD Addict
 
Join Date: Oct 2011
Posts: 177

Status: Bullten is offline
Well the one who have expertise in managing server can not even use third part firewall to monitor the traffic and all. they can simply use iptables and work accordingly.

Using this software too the process become automated like the other firewall but it comes handy sometimes.
 
 
 


Old
  Post #4 (permalink)   10-21-2011, 12:09 AM
HD Addict
 
Join Date: Nov 2010
Posts: 146

Status: hostloc is offline
It's good script, especially when you don't have a pre-configured system management software.
__________________
Hosting Reviews | Hosting Coupon
Find the most suitable web hosting for your site
 
 
 


Old
  Post #5 (permalink)   11-01-2011, 11:26 AM
HD Newbie
 
Join Date: Aug 2006
Posts: 47

Status: XHIServices is offline
Thanks for the tutorial, combined with mod_security and a good firewall such as apf or csf it will probably prevent small ddos attacks
 
 
 


Old
  Post #6 (permalink)   01-03-2012, 10:19 AM
HD Master
 
Join Date: Dec 2011
Location: Florida
Posts: 274
Send a message via Skype™ to SolidShellSecur

Status: SolidShellSecur is offline
I've never seen dDoS deflate really work at all. The best that can be done is good IPTable rules and kernel tuning. Other then that, trying to drop a dDoS on the software level is pointless and everyone seems to think that the software level is where dropping dDoS is at. Software level is for dropping very small dDoS but mostly DoS.
__________________
SolidShellSecurity.com. Providing Quality Support, Secure Hosting and Amazing Services.
STAY ALERT! Sign up for our security mailing list and always know when threats come out.
 
 


Old
  Post #7 (permalink)   01-03-2012, 06:29 PM
HD Addict
 
Join Date: Dec 2011
Posts: 142

Status: storminternet is offline
I don't think there is better tool other than hardware firewall to fight against ddos attack. Software firewall and other applications are not much effective against ddos.
__________________
UK-Professional Web Hosting
Web Hosting Solutions | Cloud Hosting | Dedicated Servers
Lifetime Hosting
ISPA Award Winner:2013-Best SME Hosting | 2014-Best Dedicated Hosting
 
 
 


Old
  Post #8 (permalink)   01-04-2012, 01:28 PM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 5,157
Send a message via MSN to easyhostmedia

Status: easyhostmedia is offline
i use csf, mod security, ddos deflate, linux malware and a couple others on all my servers, so i dare my servers are well covered
__________________
Terry Robertson - CEO The Easyhost Media Group
Niceday Hosting - Affordable Hosting
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 
 


Old
  Post #9 (permalink)   01-05-2012, 12:04 PM
HD Amateur
 
Join Date: Sep 2011
Location: England
Posts: 52
Send a message via MSN to PeterKelly Send a message via Yahoo to PeterKelly

Status: PeterKelly is offline
When a DDOS attack is pummeling your server, there are very few ways of successfully mitigating the attack as the attackers will often have a vast amount of machines, and associated IP's that they can work from with a large quantity of bandwidth.

Having a software firewall although might provide a minimum amount of protection with barring certain individuals from using services on your server. A software firewall still accepts the connection directly to the server, therefore flooding the port, increasing loading times or even flatlining the port and not really protecting from a DDOS attack.

A hardware firewall however can help towards mitigating an attack. Many firewalls now come inbuilt with load balancers, and have the ability to withstand hundreds of thousands of connections. The firewalls if configured properly can also attempt to mitigate an on going DDOS attack. However, the bandwidth that the firewall can take is still limited by its hardware. So is still not guaranteed to successfully block a DDOS attack.

To this day there is no way of guaranteeing 100% that you are protected from a large DDOS attack which takes up the bandwidth of the incoming pipe, the only thing we can do take is to take as many precautions as practically and financially viable to help avoid a complete blackout.
__________________
Peter Kelly - Want to get in touch? Contact me via the info on my profile.
PK-Host - Shared, Resellers & ShoutCAST Servers.
cPBackup - Ensure your WHM accounts are backed up safely and automatically.
 
 


Old
  Post #10 (permalink)   01-05-2012, 12:19 PM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 5,157
Send a message via MSN to easyhostmedia

Status: easyhostmedia is offline
Quote:
Originally Posted by PK-Host View Post
When a DDOS attack is pummeling your server, there are very few ways of successfully mitigating the attack as the attackers will often have a vast amount of machines, and associated IP's that they can work from with a large quantity of bandwidth.
only professional DDOS attackers will be this prepared, not all DDOS attackers will have this sort of set up
__________________
Terry Robertson - CEO The Easyhost Media Group
Niceday Hosting - Affordable Hosting
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 
 


Old
  Post #11 (permalink)   01-05-2012, 01:01 PM
HD Addict
 
Join Date: Oct 2011
Posts: 177

Status: Bullten is offline
Well to this i would say use hardware firewall or software firewall none of them will help you to stop ddos but some preventions can be taken to mitigate its effect.

This can also help you when you are ddosed

Installing Haproxy For Load Balancing And Protecting Apache

Just change timeout http-request 5s to 1s in configuration file when you are ddosed ...

Last edited by Bullten : 01-05-2012 at 01:03 PM.
 
 
 


Old
  Post #12 (permalink)   01-05-2012, 01:24 PM
HD Amateur
 
Join Date: Sep 2011
Location: England
Posts: 52
Send a message via MSN to PeterKelly Send a message via Yahoo to PeterKelly

Status: PeterKelly is offline
Quote:
Originally Posted by easyhostmedia View Post
only professional DDOS attackers will be this prepared, not all DDOS attackers will have this sort of set up
That is true, however if you keep upto date with the latest news you will have seen a sharp rise in these types of attacks in recent months. So if companies do indeed require constant availability extensive measures may be something to look into.
__________________
Peter Kelly - Want to get in touch? Contact me via the info on my profile.
PK-Host - Shared, Resellers & ShoutCAST Servers.
cPBackup - Ensure your WHM accounts are backed up safely and automatically.
 
 
 
Reply

Thread Tools

New Post New Post   Old Post Old Post
Posting Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Sponsored By: