07-02-2014
It's hard to use iptables effectively to mitigate an DDOS attack with changing IP addresses.
Most attackers easily change IP addresses; but they forget to change the User Agent string, so it's often easier to block the hackers User Agent string. Did you do any analysis on the UA strings?
Also, if you are using Apache2, there may be an anti-DDOS module, as I recall.
This User Gave Thanks to Neo For This Post:
5 More Discussions You Might Find Interesting
1. Cybersecurity
heloo
today i have DDos Attack in my server
what is the better way to secure my server from DDos Attack
i use CentOS 4&5
i try every firewall and talk to softlayer - iweb i've Tried every possible solutions but I can not find a solution to the problems
Give Me The best way plzz (4 Replies)
Discussion started by: a7medo
4 Replies
2. Cybersecurity
In my logs I find entries about attacks on my system. I know IP addresses, I know date and time and I know what they tried to do. So what's the best I can do now? Tell everybody that there are cybercriminals on that network? Write an email to their admin? Anything else? (10 Replies)
Discussion started by: Action
10 Replies
3. Cybersecurity
are there any popular DDoS simulation tools to test my own infrastructure? Anyone tried to setup all these in AWS EC2? (1 Reply)
Discussion started by: boriskong
1 Replies
4. Cybersecurity
How to protect DDoS and brute force attack.
I want to secure my server and block attacker. (1 Reply)
Discussion started by: romanepo
1 Replies
5. UNIX for Advanced & Expert Users
Hi guys, just need a opinion from you.
I found anti ddos script from github
Script
What is your opinion about it? Is it usefull? Do you have some similar? I want to protect my servers on all levels, why not in the servers via script.
I assume I must fix this script to be useful for me, but... (1 Reply)
Discussion started by: tomislav91
1 Replies
LEARN ABOUT DEBIAN
log::agent::driver::syslog
Agent::Driver::Syslog(3pm) User Contributed Perl Documentation Agent::Driver::Syslog(3pm)
NAME
Log::Agent::Driver::Syslog - syslog logging driver for Log::Agent
SYNOPSIS
use Log::Agent;
require Log::Agent::Driver::Syslog;
my $driver = Log::Agent::Driver::Syslog->make(
-prefix => prefix,
-facility => "user",
-showpid => 1,
-socktype => "unix",
-logopt => "ndelay",
);
logconfig(-driver => $driver);
DESCRIPTION
The syslog logging driver delegates logxxx() operations to syslog() via the Sys::Syslog(3) interface.
The creation routine make() takes the following switches:
"-facility" => facility
Tell syslog() which facility to use (e.g. "user", "auth", "daemon"). Unlike the Sys::Syslog(3) interface, the facility is set once and
for all: every logging message will use the same facility.
If you wish to log something to "auth" for instance, then do so via Sys::Syslog directly: there is no guarantee that the application
will configure its Log::Agent to use syslog anyway!
"-logopt" => syslog options
Specifies logging options, under the form of a string containing zero or more of the words ndelay, cons or nowait.
"-prefix" => prefix
The prefix here is syslog's identification string.
"-showpid" => flag
Set to true to have the PID of the process logged. It is false by default.
"-socktype" => (unix | inet)
Specifies the logging socket type to use. The default behaviour is to use Sys:Syslog's default.
CHANNELS
All the channels go to syslog(), of course.
AUTHOR
Raphael Manfredi <Raphael_Manfredi@pobox.com>
SEE ALSO
Log::Agent::Driver(3), Log::Agent::Channel::Syslog(3).
perl v5.10.0 2002-03-09 Agent::Driver::Syslog(3pm)