LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 01-06-2002, 01:54 AM   #1
johnlee
Member
 
Registered: Oct 2001
Location: China
Distribution: RedHat 7.0
Posts: 43

Rep: Reputation: 15
How to safe from "DOS" Attack


Hi there,

Dose any one know how to prevent from a "DOS" attack
its very easy for a hacker just open unlimited connections on ssh, http, and hangs deamon or eat up all server 's resources and force server stop responding is there any way to prevent from deniel of service attack I am using Redhat 6.2, 7.0, 7.2

Thanks and Regards,

John Lee
 
Old 01-06-2002, 06:19 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,765
Blog Entries: 54

Rep: Reputation: 2976Reputation: 2976Reputation: 2976Reputation: 2976Reputation: 2976Reputation: 2976Reputation: 2976Reputation: 2976Reputation: 2976Reputation: 2976Reputation: 2976
No one can *prevent* a DoS attack.

Unless you're running SSHd for a shell account box tho, you can use the directives MaxStartups, AllowGroups and AllowUsers to tighten control over handling connection traffic, and if compiled with TCP Wrappers, hosts.(deny|allow) as well. As for Apache it has modules for throttling, and for denying by IP address/range.

Using these options you can finetune daemon behaviour but they won't protect you from a DoS attack, servers are a nice target indeed because they will have to serve to world, and so can't be allowed to have some mechanism fill hosts.deny with lotsa (spoofed) IP addresses, so for this you'll need assistance of your upstream provider to filter packets at the router, or just close the pipe for the duration of the attacks.

Please look at some CERT tips for more info.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
problem with compiling "trinoo" attack tripod1119 Linux - Security 2 05-12-2005 02:25 AM
"syn flood attack" How do I investigate this? oily_rags Suse/Novell 2 04-28-2005 10:29 PM
Cedega from Fat32 (Invalid path "." given for "--use-dos-cwd") bdox Linux - Software 0 03-30-2005 12:24 PM
Cedega and Fat32 (Invalid path "." given for "--use-dos-cwd") bdox Linux - Games 0 03-26-2005 03:48 AM
Preventing local users from "text flooding" a terminal (DoS attack)... khermans Linux - Security 2 09-24-2003 08:56 AM


All times are GMT -5. The time now is 01:16 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration