DIY Linux DoS HACK – HOWTO Limit your the max number of TCP connections to your Web Server!

I have been reading the following book called, Linux Server Hacks, which shows you many ways you can hack your Linux server so your server doesn’t die.

This actually works since we just had a DoS attack about 5 minutes ago. (It seems like we are getting more and more DoS attacks these days. You can refer to the DDOS Deflate script also)

Here’s HACK #47 I read about last week in my bath room from the book and I just used it to prevent DoS attackers from bringing my precious Quad-CPU dedicated server down.

Enter the following commands and you will limit number of TCP connections to your server to 12 connections per second after 24 connections have been seen. (It means that no matter what, your server will not try to serve more than 12 visitors during one second of period when your server gets digged, farked, stumbled, or whatever)
iptables -t nat -N syn-flood

iptables -t nat -A syn-flood -m limit —limit 12/s —limit-burst 24 -j RETURN

iptables -t nat -A syn-flood -j DROP

iptables -t nat -A PREROUTING -i $EXT_IFACE -d $DEST_IP -p tcp –syn -j syn-flood
I think you can increase the values steadily if your server can handle more. But it seems to have brought our server load from 33.00 somethin’ to under 1.0. Yey!

If you are a hacker, sorry dude. You are gonna have to try a little harder hacking Zedomax since we are hackers too.

P.S. You know what I try to do when I find out where the hackers are coming from, I do a DoS attack back on them. This usually pisses them off enough to DoS me more but I kinda enjoy the battle so bring it on! :p

12 Responses to DIY Linux DoS HACK – HOWTO Limit your the max number of TCP connections to your Web Server!

  1. Studio Equipment says:

    Wow! What an attitude! I would love to shake hands with you. Fix the cockroaches. Guys like me depend on fellows like you to do such things. All the best. I hope that you wipe them out completely!

  2. max says:

    yes, i can’t wipe them out completely but i can limit their strategies to bring sites down… :p

  3. Predrag Stojadinovic says:

    Hi, any idea why Im getting this error message when I try your approach:

    srv098:~$ iptables -t nat -A syn-flood -m limit -limit 12/s -limit-burst 24 -j RETURN
    iptables v1.3.6: Unknown arg `limit’
    Try `iptables -h’ or ‘iptables –help’ for more information.

    THANKS in advance !!!

  4. max says:

    Try this instead, my blog post looks like it won’t let you copy two dashes:

    iptables -t nat -A syn-flood -m limit –limit 12/s –limit-burst 24 -j RETURN

    and you can see the instructions better on our wiki:

    http://zedomax.com/wiki/index.php/Linux/Unix_HOWTOs#HOWTO_Limit_number_of_connections_to_your_server_to_fight_Denial_of_Service_attacks

  5. Predrag Stojadinovic says:

    THANKS for the fast reply. However, now I got:

    srv098:~$ iptables -t nat -A syn-flood -m limit –limit 12/s –limit-burst 24 -j RETURN
    iptables: Invalid argument

  6. max says:

    Hey there,

    Try entering the first line first:

    iptables -t nat -N syn-flood

    You have enter all the lines one at a time and it will work~

    Let me know if you need more help. 🙂

  7. Predrag Stojadinovic says:

    I did the first one before the problematic one ofcourse. However, not Im getting:
    srv098:~$ iptables -t nat -N syn-flood
    iptables: Chain already exists

    No matter what I do Im either getting:
    iptables: Invalid argument
    or
    iptables: Chain already exists

    :(((

  8. max says:

    Oh you know what, I think it’s already working then, it means you already set it.

  9. Predrag Stojadinovic says:

    That would be awesome!

    Is there a way to check it or undo it? (just to know)

    THANKS!

  10. max says:

    I think when you reboot your server, this setting gets resetted. You can put it in a file somewhere so it starts when your server reboots, I forgot how to do this…

  11. GH3 Cheats says:

    That is some crazy stuf and could be useful. I have yet to need such information though. knock on wood.

  12. lalit says:

    plz help to increase my internet speed i have reliance wireless broadband
    during night time the speed is 40kbps(downloading) but during day after 10 am it is 4to5kbps
    how can i incrasemy speed without the permission of my network administrator
    also tell me how to hack my network pc without there permissions

Leave a Reply

Your email address will not be published.


Check out more interesting categories: Blog, DIY, Educational, Entertainment, Hack, Linux, Misc, Ubuntu, Web.


Related News and Resources