DDoS Attacks - Something to do with my linux server - suggestions
 

Hello,

I have a CentOS 6.3 dedicated server (unmanaged).

I would like to have an anti-DDoS software or something that helps me with these attacks.

Do you have any ideas ?
Please suggest me.

Here is a good start.

Alex Brinister

thank you very much abrinister !

Well that does not address UDP DOS attacks, which can have unlimited IPs.

Come back if they have that problem.

Is there any better software for ddos protection ?

No, only technique. The worse it is, the worse it gets.

There are different options you can try:
- csf/lfd (firewall)
- apf (firewall)
- mod_evasive for apache
- mod_security for apache

Please let us know how those work out in a DDoS with unlimited IPs. UDP source IP can be forged. Hell, even fail2ban is ineffective; ban a million IPs and they still keep coming...

Of course you should have a firewall, such as Shorewall. But you need to either not piss these guys off, or do more research in the case of the LOIC, et al.

Are you having a problem or just trying to take action against .... ?
Typically, if you are having a true DDOS, it is going to require help beyond what you can achieve with your server (e.g.) firewall. Also, as with most things security related, security is not an application you can install, or a set of firewall rules, but a continual process of monitoring your system and then analyzing and responding to events. Using applications like the ones mentioned in this thread, when properly understood and utilized, can help increase your overall security posture, but in and of themselves do not provide security.

I had some attacks to my previous server.
That's why I am asking for a script or something.

You can only do so much against a DoS at the server level. After a certain point it needs to be addressed upstream at the network routers.

That's what fukawi2 already said in the thread abrinister linked to in his first reply and it's what Noway2 said in the 9th reply. Please read before posting.