Severe DosS attack!

Discussion in 'General Business' started by sp0oon, Feb 22, 2009.

0
  1. #1
    Hello everyone,

    For the past three days my website has been offline. I’ve been working with my hosting company to solve the problem. As of now we have installed ddos deflate and it’s already banned 900 ip’s and counting. What are some other things we can do to further prevent this ddos attack?

    We are currently switching my website over to a more powerful VPS server with lighted. Hopefully that will help with the issue. My site is completely handcuffed at the moment. The server OS is linux (debian) Are there any special firewalls we can install on it to further secure it or anything at all we can do to help the situation.

    Fill me in with anything you know. This is the first time I’ve ever had to deal with a DosS attack.
     
    sp0oon, Feb 22, 2009 IP
  2. cveks

    cveks Member

    Messages:
    141
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    28
    #2
    try to change web hosting company
     
    cveks, Feb 22, 2009 IP
  3. Nigel Lew

    Nigel Lew Notable Member

    Messages:
    4,642
    Likes Received:
    406
    Best Answers:
    21
    Trophy Points:
    295
    #3
    It's not exactly helpful to switch hosts, especially after they have had to deal with it all ready.

    Upgrade the server, they should have a plan that includes a proper hardware firewall as well. If you site is worthy of getting Dos'd then you likely need a faster server anyway.

    Also check out mod_evasive perhaps. This stuff is best handled by the folks at the machine really.

    Nigel
     
    Nigel Lew, Feb 22, 2009 IP
  4. cveks

    cveks Member

    Messages:
    141
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    28
    #4
    i dont think that he can upgrade server. thats why switching the host is best thing to do.
     
    cveks, Feb 22, 2009 IP
  5. sp0oon

    sp0oon Peon

    Messages:
    58
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #5
    Yes it's possible to upgrade servers. That is being done right now. Which firewall program do you suggest using? Is mod_evasive the same principal as DosS deflate?
     
    sp0oon, Feb 22, 2009 IP
  6. lavaglobe

    lavaglobe Guest

    Messages:
    26
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #6
    the best ddos protection is to not get ddos'd
    figuring out why somone would do it to you is a good start.
     
    lavaglobe, Feb 22, 2009 IP
  7. JustAStranger

    JustAStranger Guest

    Messages:
    141
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    0
    #7
    It depends if the SERVER or the UPLINK is filled.

    If only your server is overloaded you need a better server or a good firewall infront of it.
    If the uplink is filled you need a better host.
    Think about having 2 hosts, one backup one main.
    If main fails you point your DNS to the backup and within a few minutes you are up again
     
    JustAStranger, Feb 22, 2009 IP
  8. mentos

    mentos Prominent Member

    Messages:
    15,280
    Likes Received:
    473
    Best Answers:
    0
    Trophy Points:
    330
    #8
    From my experience,banning the IP is not a good move coz the attacker can have a lot of option such as using virtual IP to ddos your site.
    The best way is deploy an anti ddos system.If you not capable to develop it then you should purchase the system such s from here http://www.toplayer.com
     
    mentos, Feb 22, 2009 IP
  9. uio

    uio Peon

    Messages:
    24
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #9
    you don't say what kind of ddos you get, icmp udp syn http data....

    there exist different way for protection
     
    uio, Feb 26, 2009 IP