Login or Register to Ask a Question and Join Our Community


Cybersecurity

Stop flood - how ?

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Stop flood - how ?
# 1  
Old 09-01-2010
Error Stop flood - how ?
Hello there,

I want to know what are the ways to monitorize and control/stop flooding on my server, because I am heavily flooded. At this moment I am doing all this manually (when I see that my bandwidth is lowering or some applications are freezing), my main working tool being iptables.But I want something automated .
Another problem : if I am flooded with packets having real ip addresses , with a simple iptables command I cand resolve the problem easily. But, the problem is, in most of the cases, I am flooded with packets with spoofed ip adresses (e.g. 1.2.3.4 ), so the only thing I can do in this situation is to block all incoming packets (which ruins everything).Do you have a solution to this ?
The flood monitorizing (and controlling) tool may be with/without interface, only to be effective.

Thanx,
Adrian
# 2  
Old 09-01-2010
How exactly are you flooded? Is it an DoS attack using SYN flooding? If so, enable SYN Cookies by running
Code:
# echo 1 > /proc/sys/net/ipv4/tcp_syncookies

Is it a break-in attempt against an application like SSH? Then limit the number of connection attempts by matching against a limit (described here; about half-way down the page, search for "limit") or by allowing only a certain number of recent connections (described here).
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. IP Networking

Flood in the inner circle of provider's Internet

The hardware in the inner circle in the provider's network worked incorrectly and therefore there was flood for an hour. They said that it wouldn't repeat again anymore, and that that flood was not in our user network. Is this 100% correct? (As there was no Internet because of that flood we... (1 Reply)
Discussion started by: Xcislav
1 Replies

2. Red Hat

How can I stop this???

I have a user ( and actually me too) getting this messages when the screen is idle, I need help on stopping this messages: 2012 Feb 20 13:30:22 servername Audit: LENGTH: "330" SESSIONID: "339384" ENTRYID: "1" STATEMENT: "1" USERID: "OPS$PT2ADM" USERHOST: "zzzzzzzzzzz" ACTION: "100" RETURNCODE:... (2 Replies)
Discussion started by: 300zxmuro
2 Replies

3. Solaris

Flood Messages in maillog

Hi All, I am getting large number of messages in below file /www/wls8/logs/HOSTS/tswebd01-zd01/maillog/maillog In past 24 hours, it has been increased by near to 1 GB. Can somebody help in finding, from where these messages are being generated and how to I stop them ? Same kind of messages... (11 Replies)
Discussion started by: solaris_1977
11 Replies

4. Solaris

stop - A

I am using solaris x86 with a pc keyboard. i am trying to get to the ok prompt i have tried ctrl-break but it is not working , alt-break will not as well. pls any thought? (4 Replies)
Discussion started by: seyiisq
4 Replies

5. AIX

a process that never stop

Dears all i have an AIX box in which i am facing a problem with a process as below: /usr/dt/bin/dtexec -open 0 -ttprocid and each time i am killing this process with "kill -9" then it run again after a while. any ideas or solutions will be appreciated. (13 Replies)
Discussion started by: TheEngineer
13 Replies

6. Solaris

Stop+A equal

Hi, I have replaced my current Intel PC machine with Solaris 10, it use to have windows XP. I am sure alot of people already done this and i have seen Solaris running smoothly but having keyboard problem. What is the equal keys in a QWERTY keyboard for selection <Stop+A> ? Is there a... (5 Replies)
Discussion started by: tlee
5 Replies

7. UNIX for Advanced & Expert Users

help me stop spammer

Hello, I am hosting a site that someone is bouncing a huge amount of spam off of and I have not been able to find what file they are using to abuse my server. Short of terminating the account and telling my customer to take a hike I am hoping someone can help me find the file that is being... (1 Reply)
Discussion started by: dorpan
1 Replies

8. UNIX for Advanced & Expert Users

how to stop others users to stop viewing what i am doing ?

Hi , I have one question, suppose i am a normal user and when i use 'w' command , it shows who is logged on and what they are doing . Now i want to stop others users to know what i am doing accept the root ? can i do this ? thanks (5 Replies)
Discussion started by: mobile01
5 Replies

9. Filesystems, Disks and Memory

How do I stop this???

Am having trouble trying to stop the process below ... bash# ps -eaf | grep "tape erase" root 29715 1 0 05:16:22 ttyp1 00:00:00 tape erase /dev/rStp0 root 22464 20933 1 03:40:12 ttyp6 00:00:00 grep tape eraseI've tried ... `kill -9 29715` ... but still no luck. Help... (8 Replies)
Discussion started by: Cameron
8 Replies
Login or Register to Ask a Question