If you server is under ddos attack, please harden sysctl.conf and install apf ,ddos deflate.
==================
Hardening of sysctl.conf
servertechs# nano -w /etc/sysctl.confAdd this to the /etc/sysctl.conf
# Enable IP spoofing protection, turn on Source Address Verification==================
net.ipv4.conf.all.rp_filter = 1
# Enable TCP SYN Cookie Protection
net.ipv4.tcp_syncookies = 1
Add the below code in /etc/rc.local and restart network
for f in /proc/sys/net/ipv4/conf/*/rp_filter;
do echo 1 > done
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
Installation DDoS Deflate
This works with apf to block ips , ensure that you have apf installed on the server.
Installation:
wget http://www.inetbase.com/scripts/ddos/install.sh
chmod 0700 install.sh
./install.sh
No comments:
Post a Comment
Thank you for your comment. Will try to react as soon as possible.
Regards,
Networ King