Quote:
Originally Posted by Meandes
VOXrr, 1. otherwise
2. yes
3. yes
|
Thanks
Well, you have a few options, but they're largely dependent on your host's willingness to help, and your budget.
At a basic level, you could set up firewall rules through iptables.
Monitor the traffic, and if you see patterns linking to the attack, apply rules to drop them. At the very least, this should lessen the load on the applications you're running, since they're being 'hit' less.
That said, if you're getting a multi-gbit attack on a 100mbit port, you're a bit stuck.
In that case, politely ask your provider what services they can offer to help you. Be aware that they might not be so helpful.
In the event that the attacks are continuous, relentless, and your host isn't helping, it'll be time to jump ships to another provider.
I've had experience with Awknet's filtering on a budget, and it seemed to work well for me. YMMV.