I have been reading the following book called, Linux Server Hacks, which shows you many ways you can hack your Linux server so your server doesn’t die.
This actually works since we just had a DoS attack about 5 minutes ago. (It seems like we are getting more and more DoS attacks these days. You can refer to the DDOS Deflate script also)
Here’s HACK #47 I read about last week in my bath room from the book and I just used it to prevent DoS attackers from bringing my precious Quad-CPU dedicated server down.
Enter the following commands and you will limit number of TCP connections to your server to 12 connections per second after 24 connections have been seen. (It means that no matter what, your server will not try to serve more than 12 visitors during one second of period when your server gets digged, farked, stumbled, or whatever)
iptables -t nat -N syn-flood
iptables -t nat -A syn-flood -m limit —limit 12/s —limit-burst 24 -j RETURN
iptables -t nat -A syn-flood -j DROP
iptables -t nat -A PREROUTING -i $EXT_IFACE -d $DEST_IP -p tcp –syn -j syn-flood
I think you can increase the values steadily if your server can handle more. But it seems to have brought our server load from 33.00 somethin’ to under 1.0. Yey!
If you are a hacker, sorry dude. You are gonna have to try a little harder hacking Zedomax since we are hackers too.
P.S. You know what I try to do when I find out where the hackers are coming from, I do a DoS attack back on them. This usually pisses them off enough to DoS me more but I kinda enjoy the battle so bring it on! :p