Bag Biz Bed DIY Laptop Mattress Net Ring Sleep Travel
« USB Gadgets, USB Gadgets, USB Gadgets!
Zink Camera and Printer together »

DIY Linux DoS HACK – HOWTO Limit your the max number of TCP connections to your Web Server!

by max on Monday, December 3rd, 2007
Comments
ReTweet This!

I have been reading the following book called, Linux Server Hacks, which shows you many ways you can hack your Linux server so your server doesn’t die.

This actually works since we just had a DoS attack about 5 minutes ago. (It seems like we are getting more and more DoS attacks these days. You can refer to the DDOS Deflate script also)

Here’s HACK #47 I read about last week in my bath room from the book and I just used it to prevent DoS attackers from bringing my precious Quad-CPU dedicated server down.

Enter the following commands and you will limit number of TCP connections to your server to 12 connections per second after 24 connections have been seen. (It means that no matter what, your server will not try to serve more than 12 visitors during one second of period when your server gets digged, farked, stumbled, or whatever)
iptables -t nat -N syn-flood

iptables -t nat -A syn-flood -m limit —limit 12/s —limit-burst 24 -j RETURN

iptables -t nat -A syn-flood -j DROP

iptables -t nat -A PREROUTING -i $EXT_IFACE -d $DEST_IP -p tcp –syn -j syn-flood
I think you can increase the values steadily if your server can handle more. But it seems to have brought our server load from 33.00 somethin’ to under 1.0. Yey!

If you are a hacker, sorry dude. You are gonna have to try a little harder hacking Zedomax since we are hackers too.

P.S. You know what I try to do when I find out where the hackers are coming from, I do a DoS attack back on them. This usually pisses them off enough to DoS me more but I kinda enjoy the battle so bring it on! :p

Rate

1 Star2 Stars3 Stars4 Stars5 Stars
Loading ... Loading ...

Tags: , , , , , , , , , , , , , , , , , , , , , , , , ,
Categories: Blog, Computer, DIY, Educational, Entertainment, Hack, Linux, Misc, Ubuntu, Web.
ad ad
ad ad


20,000 GPS POI's $9.99

Related News and Resources

Other Interesting News From Our Friends

  • Wow! What an attitude! I would love to shake hands with you. Fix the cockroaches. Guys like me depend on fellows like you to do such things. All the best. I hope that you wipe them out completely!
  • max
    yes, i can't wipe them out completely but i can limit their strategies to bring sites down... :p
  • Predrag Stojadinovic
    Hi, any idea why Im getting this error message when I try your approach:

    srv098:~$ iptables -t nat -A syn-flood -m limit -limit 12/s -limit-burst 24 -j RETURN
    iptables v1.3.6: Unknown arg `limit'
    Try `iptables -h' or 'iptables --help' for more information.

    THANKS in advance !!!
  • max
    Try this instead, my blog post looks like it won't let you copy two dashes:

    iptables -t nat -A syn-flood -m limit --limit 12/s --limit-burst 24 -j RETURN

    and you can see the instructions better on our wiki:

    http://zedomax.com/wiki/index.php/Linux/Unix_HO...
  • Predrag Stojadinovic
    THANKS for the fast reply. However, now I got:

    srv098:~$ iptables -t nat -A syn-flood -m limit --limit 12/s --limit-burst 24 -j RETURN
    iptables: Invalid argument
  • max
    Hey there,

    Try entering the first line first:

    iptables -t nat -N syn-flood


    You have enter all the lines one at a time and it will work~

    Let me know if you need more help. :)
  • Predrag Stojadinovic
    I did the first one before the problematic one ofcourse. However, not Im getting:
    srv098:~$ iptables -t nat -N syn-flood
    iptables: Chain already exists

    No matter what I do Im either getting:
    iptables: Invalid argument
    or
    iptables: Chain already exists

    :(((
  • max
    Oh you know what, I think it's already working then, it means you already set it.
  • Predrag Stojadinovic
    That would be awesome!

    Is there a way to check it or undo it? (just to know)

    THANKS!
  • max
    I think when you reboot your server, this setting gets resetted. You can put it in a file somewhere so it starts when your server reboots, I forgot how to do this...
  • That is some crazy stuf and could be useful. I have yet to need such information though. knock on wood.
  • lalit
    plz help to increase my internet speed i have reliance wireless broadband
    during night time the speed is 40kbps(downloading) but during day after 10 am it is 4to5kbps
    how can i incrasemy speed without the permission of my network administrator
    also tell me how to hack my network pc without there permissions
blog comments powered by Disqus
If you like this post then please subscribe to my full feed RSS.

You can also subscribe by E-mail by filling out your name and E-mail below:

Name: Email:


Got a new hack, DIY, howto, or gadget? Tip us here.

Try Goohack to find a new Hack:

Top Rated Posts

Featured Sites From Zedomax Blog Network

Bag Blog rss
  1. Fendi ‘Chef Boston – Rose Zucca’ Satchel
  3. Rehearsal Python Satchel, Marine
  4. Calvin Klein Waxed Satchel
  5. Marshmellow Morning After Bag
  6. Wave Sequin Clutch Bag
  7. Rainbow Snake Hinge Wallet
  8. Woodstock Large Shoulder Bag
  9. Marc Jacobs Large Flat Case
  10. Guess Lulin – Croco Stamped Patent Top Handle Bag
zbiz rss
  1. Power of Blogging!
  2. It’s all about Focus!
  3. Future of YouTube!
  4. Kicking Yourself in the Butt!
  5. New Business Cards!
  6. BingoCameras.com – SCAM?
  7. How to Make Money from Telemarketers!
  8. How to Write Better Adwords Ads!
  9. 2153835600 STOP CALLING ME!
  10. Accidental Millionaire Review!
bed rss
  1. Victoria Headboard
  2. Peanuts Good Grief Twin Bell Alarm Clock
  3. DIY: Christmas Ornaments
  4. Portable Furniture Box From Isis Design
  5. IKEA SARITA Curtains
  6. BedBunker For Keeping Guns and also a Boxspring Alternative!
  7. Inflatable Beer Bucket
  8. Mathmos Soft Lighting Mini Lamp
  9. Robotic Alarm Clock
  10. Contemporary Chocolate Headboard
green rss
  1. The LightCap 300
  2. A Remote With No Batteries
  3. The Ionic Bulb
  4. Starbucks Switches to LED Lighting
  5. mPower Emergency Illuminator
  6. Leaf Personal Light
  7. Eco Friendly Laptop Sleeves!
  8. Sprint Unveils Eco-friendly Packaging
  9. The Eco Nightlight
  10. YoGen Hand-Powered Portable Gadget Charger
laptop rss
  1. USB Powered Xmas Tree
  2. Acer launches Aspire AS1410
  3. Older netbooks won’t get Google OS
  4. USB battery charger
  5. How’s your driving?
  6. Photo frame and printer
  7. Dell launches the Adamo XPS
  8. Asus announce the Eee PC 1201N
  9. Details of the Lenovo Thinkpad X100e
  10. Take your drums with you
mattress rss
  1. King Top Modular Coil Mattress from Handy Living
  3. Plushy Pet Bed
  4. Axiom I Memory Foam Sleep Sofa Mattress
  5. Southern Textiles Fitted Mattress Pad – Queen
  6. Trump Mar-a-Lago Verona Panel Bed
  7. Trump Home Westchester Queen Size Hawthorne Poster Bed
  8. Tiffany Half-Canopy Open Toe Iron Bed
  9. Stone County Ironworks Rushton Cal King Bed
  10. Canopy 1.5” Hypoallergenic Memory Foam Mattress Topper
znet rss
  1. Unemployment Rates Just Went Up in the US!
  2. Google Chrome Operating System Coming Soon!
  3. Where to get Flu Shots on GoogleMaps!
  4. Google Adds Page Previews Option to Search Results!
  5. Inside the Works of Deceptive Facebook Advertising!
  6. YouTube Down!
  7. Apple and AT&T Hit with 2 Class Action Lawsuits!
  8. Google Adds Live Music to Search!
  9. Google’s PowerMeter Hits UK Residents!
  10. GoogleMaps Navigation Beta!
ring rss
  1. Brangelina’s Ring
  2. Elizabeth and James Ring | Across the Hand Diamond Ring
  3. David Yurman Rings | David Yurman Faceted Gold Albion Split-Shank Ring
  4. Paul Morelli Rings | Paul Morelli Stackable Rings
  5. Lagos Rings | Lagos Passion Amethyst Ring
  6. JudeFrances Rings | JudeFrances Jewelry Florentine Ring
  7. Evil Eye Ring with Diamond
  8. 1 Carat Tanzanite and Iolite Sterling Silver Ring
  9. John Hardy ‘Bamboo’ Sterling Silver Ring
  10. 4 3/4 Carat Sapphire Sterling Silver Ring
sleep rss
  1. Sundial Cannon Alarm Clock
  2. The Wrestling Bell Alarm Clock
  3. The Robolamp
  4. Hermes 8 Day Spiral Boule Clock
  5. Scary Mummy Sleep Eye Mask
  6. Lightsleeper to be Offered by Boots
  7. Pillo 1 Eco-Luxe Neck Pillow
  8. The Sleep Box from Russia
  9. WWE Smackdown Alarm Clock
  10. Celebrities Sleep for a The Homeless this Christmas
travel rss
  1. Eiffel Tower Celebrates 120th Birthday with Lightshows!
  2. Amazing Mud Skyscrapers in Yemen!
  3. Travel Router Review!
  4. Fashionable Leather Travel Bag!
  5. Places to Go in San Francisco!
  6. Places to go in Bangkok!
  7. Travel DIY – How to Book Cheap Flights!
  8. The Luxury Hotels
  9. Europe Travel Info?
  10. WORLD TIME FOR TRAVEL