Find the answer to your Linux question:
Results 1 to 8 of 8
Hello, Im new here, great forum! I was just wondering what software you guys use to secure your machines from (D)Dos attacks? I use : tcpdump mod_evasive dos deflate APF ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    SXR
    SXR is offline
    Just Joined!
    Join Date
    Sep 2007
    Location
    Netherlands
    Posts
    13

    DDOS protection


    Hello,

    Im new here, great forum! I was just wondering what software you guys use to secure your machines from (D)Dos attacks?
    I use :

    tcpdump
    mod_evasive
    dos deflate
    APF
    iptables

    Tcpdump to sniff out packages and identify that this is a attack and then ban that IP. I run it with a flag so it doesnt do a DNS lookup , just gives me the IP.

    Just wondering what you guys are using.


    Thanks!
    SXR

  2. #2
    SXR
    SXR is offline
    Just Joined!
    Join Date
    Sep 2007
    Location
    Netherlands
    Posts
    13
    I did and thats not reallly a solution for me. Is there any software that will give me a chance on stopping a attack?

  3. #3
    oz
    oz is offline
    forum.guy
    Join Date
    May 2004
    Location
    arch linux
    Posts
    18,733
    Quote Originally Posted by SXR View Post
    I did and thats not reallly a solution for me. Is there any software that will give me a chance on stopping a attack?
    Hi, SXR

    Just so you'll know, I've deleted the post that you are responding too because it was spam only.
    oz

  4. #4
    SXR
    SXR is offline
    Just Joined!
    Join Date
    Sep 2007
    Location
    Netherlands
    Posts
    13
    Hello,

    Thanks. you make this forum a even better place to be.

    Bye,
    SXR

  5. #5
    oz
    oz is offline
    forum.guy
    Join Date
    May 2004
    Location
    arch linux
    Posts
    18,733
    Quote Originally Posted by SXR View Post
    Hello,

    Thanks. you make this forum a even better place to be.

    Bye,
    SXR
    Thanks!

    You've probably already read it, but here's a short guide that might help somewhat with your security concerns:

    http://www.linuxforums.org/forum/lin...-security.html

    I don't personally run any security software, but I'm not at high risk so don't feel the need for it.

    Let us know how it goes for you.
    oz

  6. #6
    SXR
    SXR is offline
    Just Joined!
    Join Date
    Sep 2007
    Location
    Netherlands
    Posts
    13
    Hey,

    Thanks alot for the tips. Recently, I had another attack on one of my company's servers. According to the DC the attacks were coming from untraceble IP adresses. But I quickly started tcpdump via SSH and sniffed the IP out on port 80. Then banned that IP on the server, and the DC banned it on the router. Sweet Im looking at a shared firewall aswell, as some added security.

    Thanks for the warm welcome on this forum , i'll definately stick around here

    SXR

  7. #7
    Just Joined!
    Join Date
    Oct 2007
    Posts
    22
    I use Snort. Depending on your network setup, Snort can be run as either an IDS or an inline IPS.

  8. #8
    SXR
    SXR is offline
    Just Joined!
    Join Date
    Sep 2007
    Location
    Netherlands
    Posts
    13
    Thanks for the tip , ill look into Snort.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •