I am currently being Ddosed or something like that. How can i stop this? My host is a newbie so am i. Any suggestions and steps that i need to take? I can't login into putty or cpanel either.
Here's the bottom line. If there are open ports on your server, there's really no way to avoid/stop a DDoS attack. Even if you setup stateful packet inspection, the attacker can easily alter the headers to circumvent your counter-measures. Any server accepting connections is vulnerable to a DDoS in some way, shape, or form. To avoid DDoS - stop talking sh*t to people that run botnets, it's just not worth the trouble.
Well, one option is calling the attacker's ISP. It might take a while, and it doesn't actually stop the attack, but it could get them in trouble with the ISP(I'm not sure if DDoS attacks are illegal in the US or not, if they are the person isn't in a good position.)
Could you explain how to obtain the attacker's ISP contact information? And yes, committing DDoS attacks is illegal in the United States.
YOu need to install additional softwares. ISPs just DO NOT care who's being ddosed or who's doing that. Anything can be done is by yourself. APF, CSF etc. may be useful.
If the server has the ability to log who accesses it, it shouldn't be much of a problem. Once you get the IP you can use a tool to find their host name, which should return their ISP. The issue here is that the ISP probably won't really care(you'd have a better chance if the ISP was also providing services to your server. They don't tend to like things like that), so your complaints won't get farther than the person who answers the phone.
JMV290, Most of these people are smart enough to not attack their targets with their own Internet connection. The concept of a DDoS (Distributed Denial of Service) is to attack someone from multiple hosts. The most common method today involves botnets. These large swarms of infected computers are centrally controlled, so unless you penetrate the botnet, there's no way you can obtain the attackers information...
Perhaps it might be time to find a new host as well if they are newbies..? I presume your host is a reselle then, have them contact their provider for help in this matter. What equipment are they using?
Oops, I was basing it off the assumption that the attacker had been to the site before and the OP had done something to piss them off and their IP was in the log from then. If the user had never been to the site, then yeah, that is a problem.
First, how did you check if you're being DDoS'ed? Next, tell us more about your server configuration.
You can get protection but it has to be done at the datacenter and costs a lot. Your host needs to phone up his DC and get them to look into it ASAP.