LinuxQuestions.org
Help answer threads with 0 replies.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Iptables for protect OpenVPN server from DOS attacks
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-19-2015, 04:13 AM   #1
klandestin0
LQ Newbie
 
Registered: Aug 2015
Posts: 1

Rep: Reputation: Disabled
Iptables for protect OpenVPN server from DOS attacks

Good morning.

I have an OpenVPN server in a debian 8.1
openVPN daemon is listening in tcp/443 port.

I have detected that if a OpenVPN user run a script to initiate multiple openVPN connections ( DOS attack for tcp/443 port) the script can crash OpenVPN service in the server.

I tested this with a simple script. when i run attack, i can see hundreds of tcp/443 connections with netstat from same source ip.

netstat -putan | grep 443 | awk '{print $5}' | cut -d ":" -f1 | sort | uniq -c
743 X.X.X.X

where 743 is the number of connections 443/tcp from same ip.

I would like to know how i can protect from this attack with a iptables rules.

I have applied this iptables rule to limit connections

/sbin/iptables -I INPUT -p tcp --syn --dport 443 -m connlimit --connlimit-above 20 -j REJECT --reject-with tcp-reset

But when i run script again i see in netstat that there are again hundreds of connections ( in SYN_RECV, ESTABLISHED, TIME WAIT and FIN_WAIT2 state) from same source ip.

I am newbie with iptables.

Thanks!
 
Old 08-19-2015, 07:51 AM   #2
lazydog
Senior Member
Contributing Member
 
Registered: Dec 2003
Location: The Key Stone State
Distribution: CentOS Sabayon and now Gentoo
Posts: 1,249
Blog Entries: 3

Rep: Reputation: 194Reputation: 194
Where are you running your script from? You need to run the script from outside your firewall.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: How to protect SSH server from brute force attacks using fail2ban LXer Syndicated Linux News 0 12-21-2014 02:15 AM
How to protect my PC from targeted attacks? saurisen Linux - Security 8 08-21-2013 09:03 PM
Is blocking a subnet with iptables on the router a good way to protect a server? damgar Linux - Security 6 06-11-2012 03:40 PM
HOWTO protect from VPN attacks? akakwangkyu Linux - Security 1 06-02-2011 12:14 AM
How to protect LVS director server with IPTABLES yaw55555 Linux - Networking 0 04-10-2009 04:21 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:34 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration