(D)DoS-Deflate (Effective DoS Protection)

[UltimA]

I thought I'd recommend this.

I've this installed - it works wonders. (Linux / BSD)
I've tested a DoS against my server from another server, the IP was banned within 40 seconds.
It's the most effective DoS protection I've used.
Obviously large scale DDoS can't be prevented without hardware, but this terminates kiddies.

Website:

http://projects.medialayer.com/

Some note points:
- Make sure APF is installed!
- Configure your protection "nano /usr/local/ddos/ddos.conf"

 

[Ghetto]

I thought I'd recommend this.

I've this installed - it works wonders. (Linux / BSD)
I've tested a DoS against my server from another server, the IP was banned within 40 seconds.
It's the most effective DoS protection I've used.
Obviously large scale DDoS can't be prevented without hardware, but this terminates kiddies.

Website:

http://projects.medialayer.com/

Some note points:
- Make sure APF is installed!
- Configure your protection "nano /usr/local/ddos/ddos.conf"

And make sure your own IP is on the whitelist
/usr/local/ddos/ you can find it in this folder.

 

[To0]

Yea I tried this one myself, and it didn't do any good. Had to have some other server side things installed as well as have one of my buddies install some programs for me.

And always make sure you have your max connections per ip limited to XX amount...

 

[To0]

Cisco also sucks and is worthless lol.

 

[UltimA]

DDoS-Deflate is designed to throttle the number of connections allowed.
EG, it will scan every x number of seconds for IP's with over x amount of connections.
If it finds one, it'll ban it and email you.

This is designed to prevent HTTP/Socket floods, but not other types of attack.

For some types of attack, you will require hardcore protection

 

[mario]

i may be not good on this, but i have a friend who works in security systems and his thought was:::

Ddos cannot be prevented as it would very dificult to detect genune users from piss off users

 

[lakshyak]

i may be not good on this, but i have a friend who works in security systems and his thought was:::

True...

 

[Diri]

Ultima used this on our old server, to prevent small attacks, and it worked wonders

 

[pimpinjg]

should go with csf iptables firewall along with lfd its free and easy to use / configure and anyone with basic knowledge of linux can use it if u have it configed right noone can fail logins to ssh more than 5 times or there ip will be blocked (this can be set higher) and it opens on the basic web host manager panels so you can config it from there or ssh i have mine set to within 5 seconds of someone DoSing there ip is dropped and banned for life and also cannot be port sanned / pinged (btw sorry if this is a grave dig on the thread)

 

[sherwood]

sorry to bring this thread back up but i had a question

Does this need APF to work correctly as I prefer to use CSF than APF.

 

[pimpinjg]

sherwood, apf and csf are just iptables front so basicaly the same but csf has a couple more features i personally like.

 

[Jungleboy]

APF with some script changes works wonders for me

 

[SplitIce]

I use APF myself. Never had any (D)DOS problems (not sure if I have been attact or not)

Meh,
SplitIce

 

[Speakup]

(D)DOS is not that strong unless you edit the permissions. Also a program wont protect you against a hard ddos attack you need firewall.

 

[Tango]

DDos Deflate seems to work very well for me, my server IP seems to be prone to small attacks (left over from the person that run the IP before me i think)

I had a site that moved to my server that had a hugh attack for 24 hours and I needed to compile a basic apache build (it broke lol) and raise the hard server limit and max apache process to 4000 to cope with this (still hit 4k) and change the ddos cron to 10 secs.

If you tweak apache to cope with the traffic make sure you have at least 100/100 unmetered port and at least 3GB of ram and a large swapfile.