[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

DDOS attack

Posted on 2011-09-08
6
Medium Priority
?
326 Views
Last Modified: 2012-05-12
Hey,

Is there anyway to avoid DDoS attack on server? I'm using apache, and have hardware firewall before some servers and software firewalls for some servers where there is not hardware firewall.

Thanks,
0
Comment
Question by:david_php
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 5

Expert Comment

by:zvytas
ID: 36501170
Limiting number of connections is pretty much all you can do.
0
 

Author Comment

by:david_php
ID: 36501246
Limiting number of connections - in apche config?

the source IPs are all different, there is not any fix IP which we can block... and getting thousands of concurrent http requests every few seconds....

I think even though we limit the number of connections, this multitude hits going to create a load on server...and ultimately the server will go slow or down gradually. :$
0
 
LVL 9

Expert Comment

by:davealford
ID: 36501370
There is little you can do as, the traffic will be UDP with forged source IP addresses. If you get a DDOS, contact your provider - they should be able to block the traffic at their end.
0
Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

 
LVL 5

Expert Comment

by:zvytas
ID: 36501381
Yes, in apache config, more info:

http://www.compatdb.org/forums/topic/27244-can-apache-limit-connections/

If you limit number of connections your server will start rejecting connections after the limit is reached. This means your server will not get down so easily.
0
 
LVL 25

Accepted Solution

by:
madunix earned 1500 total points
ID: 36513806
no 100% defense against DoS,  i think using iptables could protect you from  multiple connections coming from one specific IP address,  try to prevent  dos attack by using mod_qos
look @
http://mod-qos.sourceforge.net/
http://www.howtoforge.com/how-to-defend-slowloris-ddos-with-mod_qos-apache2-on-debian-lenny
http://www.fail2ban.org/wiki/index.php/Apache
http://en.wikipedia.org/wiki/Denial-of-service_attack
https://www.owasp.org/index.php/Testing_for_Denial_of_Service


I put my apache behind http://varnish.projects.linpro.no/, which not only protected from DoS, but also accelerated web requests quite a bit. also, iptables helped me iptables -I INPUT -p tcp --dport 80 -m connlimit --connlimit-above 20 --connlimit-mask 40 -j DROP     .... It just limits one host to 20 connections to 80 port, which should not affect non-malicious user, but would render DoS unusable from one host.


Some ISP's with dedicated servers they install a hardware firewall and offer some preventative measures against DDOS attacks...etc. They offer security managed services such as IPS, Firewall, Reporting logs, SSL, DDOS protection..etc  look @ rackspace
http://www.rackspace.com/managed_hosting/services/security/index.php
http://www.rackspace.com/managed_hosting/services/security/ddosmitigation/


check http://hakin9.org/is-ddos-still-a-threat/
I think it's wise to look at dedicated appliances such as cisco fortinet or juniper which are made to detect and defend.
0
 

Author Closing Comment

by:david_php
ID: 36707795
thanks, i just wanted to know if its possible
0

Featured Post

Plesk WordPress Toolkit

Plesk's WordPress Toolkit allows server administrators, resellers and customers to manage their WordPress instances, enabling a variety of development workflows for WordPress admins of all skill levels, from beginners to pros.

See why 2/3 of Plesk servers use it.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
A new hacking trick has emerged leveraging your own helpdesk or support ticketing tools as an easy way to distribute malware.
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question