0

I had originally asked this question on https://networkengineering.stackexchange.com/ but was redirected here.

This is an informational question and I am not facing any DDoS attack of any sort. I was reading about DDoS attacks lately and there are quite a few online resources that give general info about DDoS defence techniques. I have a kind of a reverse question.

Suppose I receive a report that my server is contributing to DDoS attack on some xyz website. How do I verify this locally, at my end? And how to troubleshoot this? Is there a way to check how my server is contributing to this attack? like is it sending SYN flood or DNS amplification etc or is it a part of a wider botnet?

ik005
  • 11
  • 1
  • Which web server are you using? And what os? – Algo7 Apr 20 '20 at 16:37
  • Aviv, a Linux (RHEL) based Apache webserver. Just FYI, I am not facing any DDoS. It's more of an informational type question. – ik005 Apr 25 '20 at 14:09
  • Is it Apache2 or some other flavor of Apache? Maybe you can give the rate-limiting module a shot. – Algo7 Apr 25 '20 at 18:39

0 Answers0