Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ddos]

A distributed denial of service attack (DDoS) occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. These systems are compromised by attackers using a variety of methods.

A distributed denial of service attack (DDoS) occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. These systems are compromised by attackers using a variety of methods.

For information on what to do about a DDoS attack that is underway, see How can I stop a currently active DDoS attack?

624 questions
4
votes
1 answer

What does modern DDoS prevention look like from a networking perspective?

I understand that there are network and IP-level mitigations for DDoS attacks, but I'm not clear on how they work in practice. My hope is that this question and answer will help to frame how the core transit routers handle these attacks, and also…
Jesse Adelman
  • 978
  • 5
  • 15
4
votes
0 answers

Mitigating a DDoS attack on a TOR server

Running a political blog over TOR network with a .onion domain name I have been getting DDoS attack, I know how to mitigate an attack on clear net where the packets coming from normal IP addresses, but the case here is different. All connections to…
Salim Aljayousi
  • 341
  • 1
  • 3
4
votes
6 answers

How long do DDoS attacks last?

I realize the answer to this question will vary, which is why I'm asking it. If you've suffered a DDoS attack before - how long did it last? Just trying to get an idea of how long we'll have to continue to wage this battle (going on a couple weeks…
sbuck
  • 391
  • 2
  • 6
  • 16
4
votes
1 answer

Changing PF rules on the fly to mitigate damage of DDoS (OpenBSD 6.4)

This is a two part question, really. Keep in mind that I am a developer not a system admin, but being the only employee in the company, I wear ALL the hats. I have deployed my server with two firewalls running on CARP for load balancing/redundancy…
Miguel
  • 171
  • 4
4
votes
2 answers

What is a good way to detect DoS and DDoS in Fail2Ban?

I am configuring Fail2Ban on my Ubuntu web server to prevent it from being a victim of DoS / DDoS. I don't want to use Cloudflare because I have to route my DNS over and use their SSl cert. Currently, I found a script online that checks for more…
John Doe
  • 323
  • 3
  • 16
4
votes
4 answers

DDoS block source IP at ISP

During a DDoS attack even when you successfully stop it at your datacenter the link between you and your ISP will still be saturated and traffic brought to a halt. In this case what is the best way to communicate to the ISP to block the source IP…
Exocomp
  • 163
  • 10
4
votes
3 answers

I know how to scale my software, but how to prevent downtime because of network outages?

We are running rather large LAMP sites which scale well software wise. We use redundant load balancers in front of a bunch of webservers using MySQL via a proxy in master-slave-slave-slave. We are using a very large US provider. They are not very…
CharlesS
  • 229
  • 1
  • 7
4
votes
2 answers

Will MX records with a longer TTL help mitigate effects of DoS attack?

We have our email hosted at Google Apps, and have our DNS servers for the domain setup at Namecheap. About a month ago our website went down (not a big deal, since it's most just a contact info page), but we were also unable to receive email for…
Peter
  • 41
  • 1
4
votes
3 answers

Can't stop DDOS

I need a little help dealing with ddos. I'm experiencing 1gb ddos attack on my server and I don't know how to stop it. (1gbs is the maximum speed of the server.) I've the following iptables rules: iptables -A INPUT -m state --state…
Orlo
  • 231
  • 1
  • 3
  • 11
4
votes
2 answers

How to prevent DDoS attacks?

I am a creator of a flash game server. I use cloudflare for my site, however the game tcp server cant be protected by CloudFlare. For about 2 months some person DDoSes my game using direct ip. Every VPS/Dedicated server provider instantly null…
user2196536
  • 55
  • 1
  • 1
  • 3
4
votes
1 answer

problems simulating TCP SYN flood

I'm trying to simulate a TCP SYN flood to tune a web server (planning to deploy on AWS). I setup a 'target' VM, disabled iptables and running hping (hping -p 80 -i u1000 -c 1000 -S destaddr) from couple of local 'source' machines (filtering RST in…
Alex I
  • 81
  • 1
  • 3
4
votes
1 answer

How to configure mod_reqtimeout in Apache2

I need to configure mod_reqtimeout in my Apache server v2.2.22 (in a linux machine). Problem is, I have absolutely no clue on how to do it. I checked the Apache site on this module at this link but there was no clear download/configuration details…
Riju Mahna
  • 151
  • 1
  • 1
  • 6
4
votes
1 answer

Windows server 2008, a very small DDoS is able to kill my server

So I have this i7 3.2Ghz 6-core dedicated server running Windows Server 2008, with a 1Gbps internet speed. Everything runs fine and nice, and the machine is strong enough to handle even up to 700 Mbps DoS attacks very easy.. no lag, no…
Reacen
  • 229
  • 2
  • 9
4
votes
1 answer

iptables, what to open on INPUT for wget

I am configuring my iptables. The policy for OUTPUT is ACCEPT. Though INPUT is DROP. I am wondering what I need to open up on INPUT so I can receive responses on outgoing traffic (automatic or manual, i.e. wget), without leaving me vulnerable to…
Menno
  • 159
  • 9
4
votes
2 answers

How Can I Harden the TCP/IP Stack in Windows Server 2008?

I would like to make sure that my Windows 2008 servers are hardened against DDOS attacks. There is a Microsoft Technet article on Hardening the TCP/IP stack, but it was last revised in January 2006. There is another article (somewhat duplicative)…
Adam Brand
  • 6,127
  • 2
  • 30
  • 40
1 2 3
41 42