LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 09-01-2010, 02:40 AM   #1
spiriad
LQ Newbie
 
Registered: Jan 2009
Posts: 6

Rep: Reputation: 0
Exclamation Stop flood - how ?


Hello there,

I want to know what are the ways to monitorize and control/stop flooding on my server, because I am heavily flooded. At this moment I am doing all this manually (when I see that my bandwidth is lowering or some applications are freezing), my main working tool being iptables.But I want something automated .
Another problem : if I am flooded with packets having real ip addresses , with a simple iptables command I cand resolve the problem easily. But, the problem is, in most of the cases, I am flooded with packets with spoofed ip adresses (e.g. 1.2.3.4 ), so the only thing I can do in this situation is to block all incoming packets (which ruins everything).Do you have a solution to this ?
The flood monitorizing (and controlling) tool may be with/without interface, only to be effective.

Thanx,
Adrian
 
Old 09-01-2010, 02:48 AM   #2
corp769
Guru
 
Registered: Apr 2005
Posts: 5,807

Rep: Reputation: 995Reputation: 995Reputation: 995Reputation: 995Reputation: 995Reputation: 995Reputation: 995Reputation: 995
Woah, hold on a second buzz lightyear. What exactly is happening?

First of all, do a "tail -f /var/log/messages" to monitor everything.
If thats not where iptables logs to, then change accordingly.
Secondly, what kind of internet service do you have? If anything, you most likely have a dynamic setup. Poweroff your router for 10-15 minutes and plug that sh*t back in, and hopefully you have a new IP address from your service provider. If not, contact your provider and tell them what type of attacks you have coming in. If you can't do that, then something is definitely going on that you are not telling us about.
 
0 members found this post helpful.
  


Reply

Tags
flood


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to stop arp Denial of service/flood? 4mix Linux - Networking 4 06-13-2013 03:14 AM
anti flood AlexJ Linux - Security 3 12-07-2010 02:01 PM
I got flood.... backroger Linux - Security 2 06-20-2008 10:40 AM
How To Stop a UDP Packet Flood ! murder Linux - Newbie 2 09-19-2005 10:14 AM
ping flood name_in_use450 Linux - Networking 2 08-06-2004 02:57 PM


All times are GMT -5. The time now is 08:36 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration