What is DDos attack:
On the Internet, a distributed denial-of-service (DDoS) attack is one in which a multitude of compromised systems attack a single target, thereby causing denial of service for users of the targeted system. The flood of incoming messages to the target system essentially forces it to shut down, thereby denying service to the system to legitimate users.
DDoS-Deflate is a very simple but effective bash script which monitors the numbers of connection made by a particular ip address using 'netstat' command and if the number of connection from a single ip address reaches a particular limit (150 default) it will block that ip address using simple iptables rules for defined time period.
DDoS-Deflate Installation:
Open the terminal and type following command:
open this configuration file and adjust the parameter that suits your environment, in most of the case the default settings are good enough, the configuration parameter that you can set are ...
After installation and setting up the required parameter, run the following command: ddos -c , this will setup the cron job to run the "ddos" command (script) every minute.
Uninstalling DDoS-Deflate:
Uninstalling DDos-Deflate is very simple, open the terminal and type following commands:
On the Internet, a distributed denial-of-service (DDoS) attack is one in which a multitude of compromised systems attack a single target, thereby causing denial of service for users of the targeted system. The flood of incoming messages to the target system essentially forces it to shut down, thereby denying service to the system to legitimate users.
DDoS-Deflate is a very simple but effective bash script which monitors the numbers of connection made by a particular ip address using 'netstat' command and if the number of connection from a single ip address reaches a particular limit (150 default) it will block that ip address using simple iptables rules for defined time period.
DDoS-Deflate Installation:
Open the terminal and type following command:
wget http://www.inetbase.com/scripts/ddos/install.shAfter successful installation, you can find the DDoS-Deflate configuration file at: /usr/local/ddos/ddos.config
chmod 0700 install.sh
./install.sh
open this configuration file and adjust the parameter that suits your environment, in most of the case the default settings are good enough, the configuration parameter that you can set are ...
FREQ=1you can also white-list and permanently unblock (never ban) IP addresses by listing them in /usr/local/ddos/ignore.ip.list file.
NO_OF_CONNECTIONS=150
APF_BAN=1
KILL=1
EMAIL_TO=”admins@foo.com”
BAN_PERIOD=600
After installation and setting up the required parameter, run the following command: ddos -c , this will setup the cron job to run the "ddos" command (script) every minute.
Uninstalling DDoS-Deflate:
Uninstalling DDos-Deflate is very simple, open the terminal and type following commands:
wget http://www.inetbase.com/scripts/ddos/uninstall.ddos
chmod 0700 uninstall.ddos
./uninstall.ddos
1 comments:
I love the idea!
The "ddos -c" came back with an error message. However it appears it is running every minute.
Can you suggest a way to test or confirm it is working?
Post a Comment