guys, im running red5 server and it use port 1935 which is being flooded by tcp connections and red5 service is going down as well. i need some tips/assistance to stop portflood. im using CSF on my linux cPanel server.
CSF won't do anything if the attack is coming from a botnet, which it likely is. Since you don't have a hardware firewall, the only thing you can do right now is close that port until the attack stops. The services on that port may not work while you have the port closed, but at least the rest of the server will work.
csf has portflood protection as well. # Port Flood Protection. This option configures iptables to offer protection # from DOS attacks against specific ports. This option limits the number of # connections per time interval that new connections can be made to specific # ports # # This feature does not work on servers that do not have the iptables module # ipt_recent loaded. Typically, this will be with MONOLITHIC kernels. VPS # server admins should check with their VPS host provider that the iptables # module is included # # For further information and syntax refer to the Port Flood section of the csf # readme.txt # # Note: Run /etc/csf/csftest.pl to check whether this option will function on # this server PORTFLOOD = ""