Jul 01 2009

[Linux, FreeBSD] Using netstat and ipfw to manually detect and blacklist DOSers on FreeBSD

Category: Articles,Linux administrationFractalizeR @ 1:22 pm

This is just an addition to my this article with some corrections needed if you use FreeBSD.

netstat command should look like

netstat -ntu -f inet| awk '{print $5}' | cut -d. -f1-4 | sort | uniq -c | sort -nr|more

And firewall IP blocking command should be

ipfw add deny all from xxx.xxx.xxx.xxx to any in

Tags: , , ,


Jul 30 2008

[Linux] Installing automatic protection from DoS and DDoS attacks to your server

Category: Articles,Linux administrationFractalizeR @ 3:11 pm

During several months server I was responsible for was under DDoS attack, that almost flooded it. Due to lacking Linux skills, I almost lost my hope in protecting it by myself and started to think about paying some specialist to protect my server.

But suddenly, I found a miraculos and VERY easy to install and use solutuons I want to share with you today.

Continue reading “[Linux] Installing automatic protection from DoS and DDoS attacks to your server”

Tags: , , , , , ,


Jul 23 2008

[Linux] Using netstat and iptables to manually detect and blacklist DOSers

Category: Articles,Linux administrationFractalizeR @ 8:35 pm

If you suspect, that your server is flooded, the first thing you need to do is to issue the following command:
netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -nr

This will show you IP addresses  (second column) and the total number of connections from each (first one). If you see, that you have too many connections from some IP address, you can block it by issueing the following command:

Continue reading “[Linux] Using netstat and iptables to manually detect and blacklist DOSers”

Tags: , , , ,