Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: DDOS attack please help!
Homework and Emergencies Emergency UNIX and Linux Support DDOS attack please help! Post 302930474 by val riverwalk on Sunday 4th of January 2015 06:01:08 PM
Old 01-04-2015
Wrench
A few alternative thoughts:
  1. Is the server overloaded, so you need to stop the DDOS before it gets to the server? You could potentially throttle concurrent connections upstream at your firewall, assuming you have one upstream of your server.
  2. If you have something less public (for your use only) - you could try security by obscurity, and move the port you've exposed your apache server on (move it from TCP port 80/443 to 90/7443 or something). If it isn't a managed DDOS, the bots won't generally find you again. To use it, the url becomes site:90/path It's an emergency workaround, but probably not a good long-term fix.
Last edited by rbatte1; 01-05-2015 at 09:21 AM.. Reason: Set LIST=a tags to format the list better
 

5 More Discussions You Might Find Interesting

1. Cybersecurity

what is the better way to protect my server from DDos Attack

heloo today i have DDos Attack in my server what is the better way to secure my server from DDos Attack i use CentOS 4&5 i try every firewall and talk to softlayer - iweb i've Tried every possible solutions but I can not find a solution to the problems Give Me The best way plzz (4 Replies)
Discussion started by: a7medo
4 Replies

2. Cybersecurity

Network attack - so what?

In my logs I find entries about attacks on my system. I know IP addresses, I know date and time and I know what they tried to do. So what's the best I can do now? Tell everybody that there are cybercriminals on that network? Write an email to their admin? Anything else? (10 Replies)
Discussion started by: Action
10 Replies

3. Cybersecurity

DDoS Simulation Tools

are there any popular DDoS simulation tools to test my own infrastructure? Anyone tried to setup all these in AWS EC2? (1 Reply)
Discussion started by: boriskong
1 Replies

4. Cybersecurity

DDoS and brute force attack

How to protect DDoS and brute force attack. I want to secure my server and block attacker. (1 Reply)
Discussion started by: romanepo
1 Replies

5. UNIX for Advanced & Expert Users

Anti ddos shell script, is it useful?

Hi guys, just need a opinion from you. I found anti ddos script from github Script What is your opinion about it? Is it usefull? Do you have some similar? I want to protect my servers on all levels, why not in the servers via script. I assume I must fix this script to be useful for me, but... (1 Reply)
Discussion started by: tomislav91
1 Replies

LEARN ABOUT DEBIAN

net::server::proto::ssl

Net::Server::Proto::SSL(3pm)				User Contributed Perl Documentation			      Net::Server::Proto::SSL(3pm)

NAME

       Net::Server::Proto::SSL - Net::Server SSL protocol.

SYNOPSIS

       Until this release, it was preferrable to use the Net::Server::Proto::SSLEAY module.  Recent versions include code that overcomes original
       limitations.

       See Net::Server::Proto.	See Net::Server::Proto::SSLEAY.

	   use base qw(Net::Server::HTTP);
	   main->run(
	       proto => 'ssl',
	       SSL_key_file  => "/path/to/my/file.key",
	       SSL_cert_file => "/path/to/my/file.crt",
	   );

	   # OR

	   sub SSL_key_file  { "/path/to/my/file.key" }
	   sub SSL_cert_file { "/path/to/my/file.crt" }
	   main->run(proto = 'ssl');

	   # OR

	   main->run(
	       port => [443, 8443, "80/tcp"],  # bind to two ssl ports and one tcp
	       proto => "ssl",	     # use ssl as the default
	       ipv  => "*",	     # bind both IPv4 and IPv6 interfaces
	       SSL_key_file  => "/path/to/my/file.key",
	       SSL_cert_file => "/path/to/my/file.crt",
	   );

	   # OR

	   main->run(port => [{
	       port  => "443",
	       proto => "ssl",
	       # ipv => 4, # default - only do IPv4
	       SSL_key_file  => "/path/to/my/file.key",
	       SSL_cert_file => "/path/to/my/file.crt",
	   }, {
	       port  => "8443",
	       proto => "ssl",
	       ipv   => "*", # IPv4 and IPv6
	       SSL_key_file  => "/path/to/my/file2.key", # separate key
	       SSL_cert_file => "/path/to/my/file2.crt", # separate cert

	       SSL_foo => 1, # Any key prefixed with SSL_ passed as a port hashref
			     # key/value will automatically be passed to IO::Socket::SSL
	   }]);

DESCRIPTION

       Protocol module for Net::Server based on IO::Socket::SSL.  This module implements a secure socket layer over tcp (also known as SSL) via
       the IO::Socket::SSL module.  If this module does not work in your situation, please also consider using the SSLEAY protocol
       (Net::Server::Proto::SSLEAY) which interfaces directly with Net::SSLeay.  See Net::Server::Proto.

       If you know that your server will only need IPv4 (which is the default for Net::Server), you can load IO::Socket::SSL in inet4 mode which
       will prevent it from using Socket6 and IO::Socket::INET6 since they would represent additional and unsued overhead.

	   use IO::Socket::SSL qw(inet4);
	   use base qw(Net::Server::Fork);

	   __PACKAGE__->run(proto => "ssl");

PARAMETERS

       In addition to the normal Net::Server parameters, any of the SSL parameters from IO::Socket::SSL may also be specified.	See
       IO::Socket::SSL for information on setting this up.  All arguments prefixed with SSL_ will be passed to the IO::Socket::SSL->configure
       method.

BUGS

       Until version Net::Server version 2, Net::Server::Proto::SSL used the default IO::Socket::SSL::accept method.  This old approach introduces
       a DDOS vulnerability into the server, where the socket is accepted, but the parent server then has to block until the client negotiates the
       SSL connection.	This has now been overcome by overriding the accept method and accepting the SSL negotiation after the parent socket has
       had the chance to go back to listening.

LICENCE

       Distributed under the same terms as Net::Server

THANKS

       Thanks to Vadim for pointing out the IO::Socket::SSL accept was returning objects blessed into the wrong class.

perl v5.14.2							    2012-05-29					      Net::Server::Proto::SSL(3pm)
All times are GMT -4. The time now is 09:03 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy