DDOS help
#1

guys from 3-4 days i am observing someone try to DDOS my server
as i am using VPS.but someone continously DDOS the server and server turn off.
i searched many anti-ddos but didnt find a better result.
any help!
Reply
#2

What is he actually doing? What exactly is happening to the server? From the sounds of it, I doubt it's a ddos.
Reply
#3

actually my friend is testing DDOS continously on my server i told him to stop but he is continously doing i told him not to do.he told me he want RCON and files of my server then he stop .guys i am in problem .he is shutting down my server!
Reply
#4

Quote:
Originally Posted by Samp_India
Посмотреть сообщение
Well,I know two.But when the cable is full with shit packages your service will stay down,Its Simple as that.

1) http://deflate.medialayer.com/ It Helps with layer7 attacks.btw you will need a beast CPU too.It only helps to minimize the effects of DoS against your server by DROPPING connections at layer 2.That original script has bugs.

Use the more updated version:

https://github.com/ess/citadel

This script is a must have for protection of script kiddies, but it still does have some flaws, but all in all, works quite well.

It's a basic tool you can use for blocking IPs with excessive amount of connections. You can specify how many connections a single IP can make to your server before DDoS deflate will ban that IP address using iptables or APF. and it doesn't consume memory.It does helps agains dos'es and also some ddoses. But it won't protect you fully against ddoses,IMO.It helps with HTTP Floods like POST/GET/HEAD floods and really small SYN floods.But better to use Nginx. Because under ~500 different ip addressses what spam to server, ddos deflate work very hard.I recommend to use ipset + iptraf + tcpdump + iptables + ACL (provider level); It's helps. All other methods do not help if they are strong.

2)http://www.snort.org/ SNORT is a very nice tool, but it's not specifically intended to defend against DDoS from what I understand.But People often use it with pfsense and other solutions. It alone can't do all that much.


There is no magic software that can defend against DDOS attacks. If they're sending you more traffic than what fits into your pipe, your pipe is full. Period.

IMO, The only true defense against massive DDoS attacks is bigger pipes.Since Most attacks these days are simply traffic based saturation vectors.
4char.
Reply
#5

Quote:
Originally Posted by PrinXe
Посмотреть сообщение
actually my friend is testing DDOS continously on my server i told him to stop but he is continously doing i told him not to do.he told me he want RCON and files of my server then he stop .guys i am in problem .he is shutting down my server!
If he is actually performing DDoS attacks and you know who he is, you can report him to your local authorities as it is against the law.
Reply
#6

Quote:
Originally Posted by Infinity
Посмотреть сообщение
If he is actually performing DDoS attacks and you know who he is, you can report him to your local authorities as it is against the law.
That is correct, however local authorities generally do not tend to take any action at all about these attacks unless the attacks are on a federal agency.
They simply tell the ISP to take action, which in most cases they dont.
At most they'll send him a letter asking him to stop.
(Which fails to deter most people from doing it)
Reply
#7

You just have to find a DDoS protected host

like OVH, Dzeasyweb, or GameServers
Reply
#8

That is what you get for a $5 server.
Reply
#9

If it's from one IP you could try dropping it through iptables (use iftop to check for incoming connections)
Reply
#10

make a support ticket and have your ip changed
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)