I have been reading the following book called, Linux Server Hacks, which shows you many ways you can hack your Linux server so your server doesn’t die.

This actually works since we just had a DoS attack about 5 minutes ago. (It seems like we are getting more and more DoS attacks these days. You can refer to the DDOS Deflate script also)

Here’s HACK #47 I read about last week in my bath room from the book and I just used it to prevent DoS attackers from bringing my precious Quad-CPU dedicated server down.

Enter the following commands and you will limit number of TCP connections to your server to 12 connections per second after 24 connections have been seen. (It means that no matter what, your server will not try to serve more than 12 visitors during one second of period when your server gets digged, farked, stumbled, or whatever)
iptables -t nat -N syn-flood

iptables -t nat -A syn-flood -m limit —limit 12/s —limit-burst 24 -j RETURN

iptables -t nat -A syn-flood -j DROP

iptables -t nat -A PREROUTING -i $EXT_IFACE -d $DEST_IP -p tcp –syn -j syn-flood
I think you can increase the values steadily if your server can handle more. But it seems to have brought our server load from 33.00 somethin’ to under 1.0. Yey!

If you are a hacker, sorry dude. You are gonna have to try a little harder hacking Zedomax since we are hackers too.

P.S. You know what I try to do when I find out where the hackers are coming from, I do a DoS attack back on them. This usually pisses them off enough to DoS me more but I kinda enjoy the battle so bring it on! :p

Here’s HOW TO fight/stop DoS(Denial of Service) Attacks using open source code (D)DoS-Deflate!

Recently, Zedomax.com has been receiving DoS(DenialOfService) attacks from various different sources.

We first thought it was too much traffic but it turns out it was some type of DoS attack. How did we find that out?

Well, after we installed a free open-source (D)DoS-Deflate, a free script that installs easily on your linux server.

This thing basically tracks which IPs are sending DoS pings and block them out automatically.

Well, after we thought it was just too much traffic and uninstall it, the hackers came back.

I am some of you hackers are reading this.

Maybe if you can crack this DoS script, you might be able to DoS us again.

P.S. When I used to work at Comfile Technology in Korea, I accidently developed this Lantronix X-Port that could be hooked up to ANY DHCP network and permanently bring down the network. Well…it just happened by accident. Maybe I can sell it as a internet security test tool for web servers…

Here’s simple instructions to (D)DoS-Deflate and prevent AND stop DoS attacks!
(You need shell access, most likely you will only have this on a dedicated server and I know Dreamhost and some hosts let you access shell)

“My server went from 44.0 Load to less than 1.0 Load instantly in about 5 minutes since installation.” I know a lot of you probably fighting the same thing and manually controlling the firewall but this thing makes that automatic.

Installation

# wget http://www.inetbase.com/scripts/ddos/install.sh
# sh install.sh

Uninstalling

# wget http://www.inetbase.com/scripts/ddos/uninstall.ddos
# sh uninstall.ddos