How to safe from "DOS" Attack
 

Hi there,

Dose any one know how to prevent from a "DOS" attack
its very easy for a hacker just open unlimited connections on ssh, http, and hangs deamon or eat up all server 's resources and force server stop responding is there any way to prevent from deniel of service attack I am using Redhat 6.2, 7.0, 7.2

Thanks and Regards,

John Lee

No one can *prevent* a DoS attack.

Unless you're running SSHd for a shell account box tho, you can use the directives MaxStartups, AllowGroups and AllowUsers to tighten control over handling connection traffic, and if compiled with TCP Wrappers, hosts.(deny|allow) as well. As for Apache it has modules for throttling, and for denying by IP address/range.

Using these options you can finetune daemon behaviour but they won't protect you from a DoS attack, servers are a nice target indeed because they will have to serve to world, and so can't be allowed to have some mechanism fill hosts.deny with lotsa (spoofed) IP addresses, so for this you'll need assistance of your upstream provider to filter packets at the router, or just close the pipe for the duration of the attacks.

Please look at some CERT tips for more info.