DdoS Deflate A Simple Protection Against DDoS Attacks

[Bullten]

What Is DDoS Deflate:-

(D)DoS Deflate is a lightweight bash shell script designed to assist in the process of blocking a denial of service attack. It utilizes the command below to create a list of IP addresses connected to the server, along with their total number of connections.

netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

How To Install (D)DoS Deflate :-

wget http://www.inetbase.com/scripts/ddos/install.sh
chmod 0700 install.sh
./install.sh

How To UnInstall (D)DoS Deflate :-

wget http://www.inetbase.com/scripts/ddos/uninstall.ddos
chmod 0700 uninstall.ddos
./uninstall.ddos

How To Check The Number Of Connected Ips:-

sh /usr/local/ddos/ddos.sh

How To Edit Configuration File:-

vi /usr/local/ddos/ddos.conf

How To Restart DDos Deflate:-

sh /usr/local/ddos/ddos.sh -c

 

[handsonhosting]

Looks like a straight forward script to modify IPTables on the server and block through that configuration, and then unblock after a certain amount of time.

All servers should have a form of Firewall installed on them to start with, so the dDOS script shouldn't normally be needed (unless you're not running a software firewall such as KISS, CSF or APF/BFD.

Since it's modifying IPTables, just be sure to list your own IP number in the list so that you don't get blocked out of your own server.

 

[Bullten]

Well the one who have expertise in managing server can not even use third part firewall to monitor the traffic and all. they can simply use iptables and work accordingly.

Using this software too the process become automated like the other firewall but it comes handy sometimes.

 

[hostloc]

It's good script, especially when you don't have a pre-configured system management software.

 

[XHIServices]

Thanks for the tutorial, combined with mod_security and a good firewall such as apf or csf it will probably prevent small ddos attacks

 

[SolidShellSecur]

I've never seen dDoS deflate really work at all. The best that can be done is good IPTable rules and kernel tuning. Other then that, trying to drop a dDoS on the software level is pointless and everyone seems to think that the software level is where dropping dDoS is at. Software level is for dropping very small dDoS but mostly DoS.

 

[storminternet]

I don't think there is better tool other than hardware firewall to fight against ddos attack. Software firewall and other applications are not much effective against ddos.

 

[easyhostmedia]

i use csf, mod security, ddos deflate, linux malware and a couple others on all my servers, so i dare my servers are well covered

 

[PeterKelly]

When a DDOS attack is pummeling your server, there are very few ways of successfully mitigating the attack as the attackers will often have a vast amount of machines, and associated IP's that they can work from with a large quantity of bandwidth.

Having a software firewall although might provide a minimum amount of protection with barring certain individuals from using services on your server. A software firewall still accepts the connection directly to the server, therefore flooding the port, increasing loading times or even flatlining the port and not really protecting from a DDOS attack.

A hardware firewall however can help towards mitigating an attack. Many firewalls now come inbuilt with load balancers, and have the ability to withstand hundreds of thousands of connections. The firewalls if configured properly can also attempt to mitigate an on going DDOS attack. However, the bandwidth that the firewall can take is still limited by its hardware. So is still not guaranteed to successfully block a DDOS attack.

To this day there is no way of guaranteeing 100% that you are protected from a large DDOS attack which takes up the bandwidth of the incoming pipe, the only thing we can do take is to take as many precautions as practically and financially viable to help avoid a complete blackout.

 

[easyhostmedia]

When a DDOS attack is pummeling your server, there are very few ways of successfully mitigating the attack as the attackers will often have a vast amount of machines, and associated IP's that they can work from with a large quantity of bandwidth.

only professional DDOS attackers will be this prepared, not all DDOS attackers will have this sort of set up

 

[Bullten]

Well to this i would say use hardware firewall or software firewall none of them will help you to stop ddos but some preventions can be taken to mitigate its effect.

This can also help you when you are ddosed

http://www.hostingdiscussion.com/ha...haproxy-load-balancing-protecting-apache.html

Just change timeout http-request 5s to 1s in configuration file when you are ddosed ...

 

[PeterKelly]

only professional DDOS attackers will be this prepared, not all DDOS attackers will have this sort of set up

That is true, however if you keep upto date with the latest news you will have seen a sharp rise in these types of attacks in recent months. So if companies do indeed require constant availability extensive measures may be something to look into.