Normally today, the software Firewall (software installed on the Server) can only resist small-scale, simple and low-intensity attacks. However, if you do not have an anti-DDOS Configuration on the Linux Server available, in case the server crashes, it will be very difficult to manipulate.
Join the channel Telegram of the AnonyViet 👉 Link 👈 |
To completely avoid minimizing damage to the lowest level, I recommend that you apply both soft Firewall and Hard Firewall and CDN services such as CloudFlare, Amazon …
Today I would like to introduce to you a temporary emergency solution that relies on Iptables to prevent these attacks immediately.
First stop and create new rules for Iptables:
service apf stop iptables -F
Then download and run the script file to configure the rules against DOS/DDOS attacks:
wget https://anonyviet.com/wp-content/uploads/2016/01/antiDDoS.txt
mv antiDDoS.txt antiDDoS.sh
chmod u+x antiDDoS.sh
./antiDDoS.sh
This is the code compiled by author Ruslan Abuzant [email protected], version 2.0 released under the GNU GPL license. That means you can completely rewrite the rules in the script to match the reality of the server you encounter.
In addition, you can use the following commands for statistics of attacks, which are very useful:
netstat -antp | grep ESTABLISHED
netstat -antp | grep -i sync
netstat --help
Or see some commands to check when the Server is DDOS at show this