Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 8th October 2008, 16:05
badgerbox76 badgerbox76 is offline
Senior Member
 
Join Date: Feb 2006
Posts: 178
Thanks: 6
Thanked 1 Time in 1 Post
Default Am I experiencing a DOS attack?

Am I experiencing a DOS attack? The server becomes unresponsive and I know I don't have this many users connected. How do I prevent this type of attack?
Code:
root@hostname:~# ss
State      Recv-Q Send-Q                                             Local Address:Port                                                 Peer Address:Port
ESTAB      475    0                                           ::ffff:192.168.1.110:www                                          ::ffff:79.139.63.103:2068
ESTAB      463    0                                           ::ffff:192.168.1.110:www                                           ::ffff:83.94.155.31:2065
CLOSE-WAIT 372    0                                           ::ffff:192.168.1.110:www                                         ::ffff:89.240.206.158:57448
CLOSE-WAIT 381    0                                           ::ffff:192.168.1.110:www                                           ::ffff:193.113.48.7:51342
ESTAB      0      75504                                       ::ffff:192.168.1.110:www                                        ::ffff:142.161.248.176:51260
ESTAB      0      86140                                       ::ffff:192.168.1.110:www                                          ::ffff:128.2.185.188:1748
CLOSE-WAIT 0      11584                                       ::ffff:192.168.1.110:www                                           ::ffff:74.64.124.62:62928
CLOSE-WAIT 470    0                                           ::ffff:192.168.1.110:www                                            ::ffff:68.2.73.173:62010
CLOSE-WAIT 1      0                                           ::ffff:192.168.1.110:www                                          ::ffff:220.255.7.198:20197
FIN-WAIT-1 0      80241                                       ::ffff:192.168.1.110:www                                          ::ffff:65.12.142.245:afmbackup
CLOSE-WAIT 528    0                                           ::ffff:192.168.1.110:www                                         ::ffff:68.148.202.248:1660
ESTAB      0      68056                                       ::ffff:192.168.1.110:www                                           ::ffff:194.83.36.52:49059
ESTAB      545    0                                           ::ffff:192.168.1.110:www                                           ::ffff:84.63.93.153:64783
CLOSE-WAIT 507    0                                           ::ffff:192.168.1.110:www                                         ::ffff:116.64.150.132:4514
ESTAB      469    0                                           ::ffff:192.168.1.110:www                                            ::ffff:203.153.6.4:1895
CLOSE-WAIT 305    0                                           ::ffff:192.168.1.110:www                                            ::ffff:24.28.89.76:3570
CLOSE-WAIT 464    0                                           ::ffff:192.168.1.110:www                                          ::ffff:72.252.127.22:3091
CLOSE-WAIT 372    0                                           ::ffff:192.168.1.110:www                                           ::ffff:74.64.124.62:63111
FIN-WAIT-1 0      39441                                       ::ffff:192.168.1.110:www                                          ::ffff:65.12.142.245:2807
ESTAB      0      46720                                       ::ffff:192.168.1.110:www                                          ::ffff:60.54.196.173:28626
ESTAB      701    0                                           ::ffff:192.168.1.110:www                                           ::ffff:89.103.41.64:4741
ESTAB      482    0                                           ::ffff:192.168.1.110:www                                        ::ffff:149.254.200.236:37457
ESTAB      0      17520                                       ::ffff:192.168.1.110:www                                          ::ffff:60.54.196.173:28631
ESTAB      0      18980                                       ::ffff:192.168.1.110:www                                          ::ffff:60.54.196.173:28616
SYN-SENT   0      1                                                  192.168.1.110:40678                                                 216.39.53.3:smtp
ESTAB      0      20440                                       ::ffff:192.168.1.110:www                                          ::ffff:60.54.196.173:28618
CLOSE-WAIT 372    0                                           ::ffff:192.168.1.110:www                                         ::ffff:89.240.206.158:57652
ESTAB      0      21900                                       ::ffff:192.168.1.110:www                                          ::ffff:60.54.196.173:28620
ESTAB      469    0                                           ::ffff:192.168.1.110:www                                         ::ffff:76.127.242.143:11409
ESTAB      459    0                                           ::ffff:192.168.1.110:www                                            ::ffff:208.82.3.15:14284
ESTAB      0      13140                                       ::ffff:192.168.1.110:www                                          ::ffff:60.54.196.173:28622
CLOSE-WAIT 470    0                                           ::ffff:192.168.1.110:www                                            ::ffff:68.0.221.11:51526
CLOSE-WAIT 507    0                                           ::ffff:192.168.1.110:www                                         ::ffff:116.64.150.132:4812
ESTAB      0      79860                                       ::ffff:192.168.1.110:www                                           ::ffff:219.78.5.124:3498
CLOSE-WAIT 528    0                                           ::ffff:192.168.1.110:www                                         ::ffff:68.148.202.248:1595
ESTAB      0      21900                                       ::ffff:192.168.1.110:www                                          ::ffff:60.54.196.173:28613
ESTAB      0      11680                                       ::ffff:192.168.1.110:www                                          ::ffff:60.54.196.173:28614
ESTAB      507    0                                           ::ffff:192.168.1.110:www                                          ::ffff:90.217.180.71:4237
ESTAB      277    0                                           ::ffff:192.168.1.110:www                                         ::ffff:213.156.52.124:19314
ESTAB      0      84680                                       ::ffff:192.168.1.110:www                                          ::ffff:79.77.109.169:1318
CLOSE-WAIT 461    0                                           ::ffff:192.168.1.110:www                                           ::ffff:61.68.157.24:51318
CLOSE-WAIT 470    0                                           ::ffff:192.168.1.110:www                                           ::ffff:76.172.123.0:1376
ESTAB      701    0                                           ::ffff:192.168.1.110:www                                           ::ffff:89.103.41.64:4793
ESTAB      701    0                                           ::ffff:192.168.1.110:www                                           ::ffff:89.103.41.64:4795
CLOSE-WAIT 268    0                                           ::ffff:192.168.1.110:www                                           ::ffff:59.93.32.166:62319
ESTAB      701    0                                           ::ffff:192.168.1.110:www                                           ::ffff:89.103.41.64:4797
CLOSE-WAIT 483    0                                           ::ffff:192.168.1.110:www                                        ::ffff:149.254.200.236:43881
ESTAB      698    0                                           ::ffff:192.168.1.110:www                                           ::ffff:89.103.41.64:4799
CLOSE-WAIT 0      11264                                       ::ffff:192.168.1.110:www                                          ::ffff:74.240.108.93:62590
ESTAB      477    0                                           ::ffff:192.168.1.110:www                                            ::ffff:89.54.154.7:1557
ESTAB      701    0                                           ::ffff:192.168.1.110:www                                           ::ffff:89.103.41.64:4787
ESTAB      459    0                                           ::ffff:192.168.1.110:www                                            ::ffff:208.82.3.15:18658
ESTAB      545    0                                           ::ffff:192.168.1.110:www                                         ::ffff:213.156.52.124:18792
ESTAB      701    0                                           ::ffff:192.168.1.110:www                                           ::ffff:89.103.41.64:4789
CLOSE-WAIT 371    0                                           ::ffff:192.168.1.110:www                                          ::ffff:12.34.128.226:18426
ESTAB      701    0                                           ::ffff:192.168.1.110:www                                           ::ffff:89.103.41.64:4791
CLOSE-WAIT 470    0                                           ::ffff:192.168.1.110:www                                          ::ffff:90.217.180.71:3219
ESTAB      0      352                                         ::ffff:192.168.1.110:ssh                                          ::ffff:12.34.128.226:17912
ESTAB      0      35040                                       ::ffff:192.168.1.110:www                                           ::ffff:67.225.3.200:4732
CLOSE-WAIT 470    0                                           ::ffff:192.168.1.110:www                                         ::ffff:69.137.139.125:2347
CLOSE-WAIT 470    0                                           ::ffff:192.168.1.110:www                                            ::ffff:82.29.20.19:1857
CLOSE-WAIT 268    0                                           ::ffff:192.168.1.110:www                                           ::ffff:59.93.32.166:62339
CLOSE-WAIT 345    0                                           ::ffff:192.168.1.110:www                                         ::ffff:221.253.237.13:49787
CLOSE-WAIT 0      11680                                       ::ffff:192.168.1.110:www                                         ::ffff:68.148.202.248:1472
CLOSE-WAIT 470    0                                           ::ffff:192.168.1.110:www                                           ::ffff:79.68.169.80:50139
ESTAB      751    0                                           ::ffff:192.168.1.110:www                                           ::ffff:89.103.41.64:4729
ESTAB      701    0                                           ::ffff:192.168.1.110:www                                           ::ffff:89.103.41.64:4734
CLOSE-WAIT 470    0                                           ::ffff:192.168.1.110:www                                           ::ffff:76.172.123.0:1191
ESTAB      701    0                                           ::ffff:192.168.1.110:www                                           ::ffff:89.103.41.64:4725
CLOSE-WAIT 371    0                                           ::ffff:192.168.1.110:www                                          ::ffff:12.34.128.226:20025
CLOSE-WAIT 470    0                                           ::ffff:192.168.1.110:www                                           ::ffff:98.165.45.40:61144
CLOSE-WAIT 508    0                                           ::ffff:192.168.1.110:www                                          ::ffff:24.57.132.242:63049
CLOSE-WAIT 508    0                                           ::ffff:192.168.1.110:www                                          ::ffff:92.234.69.193:2157
ESTAB      507    0                                           ::ffff:192.168.1.110:www                                         ::ffff:89.201.134.154:1749
CLOSE-WAIT 546    0                                           ::ffff:192.168.1.110:www                                         ::ffff:213.156.52.124:16347
CLOSE-WAIT 316    0                                           ::ffff:192.168.1.110:www                                           ::ffff:74.64.124.62:62988
ESTAB      469    0                                           ::ffff:192.168.1.110:www                                           ::ffff:96.224.59.37:50657
ESTAB      0      84216                                       ::ffff:192.168.1.110:www                                         ::ffff:142.177.181.95:61048
CLOSE-WAIT 0      11680                                       ::ffff:192.168.1.110:www                                            ::ffff:68.2.73.173:61892
ESTAB      487    0                                           ::ffff:192.168.1.110:www                                          ::ffff:91.12.239.201:1798
ESTAB      501    0                                           ::ffff:192.168.1.110:www                                         ::ffff:24.118.227.122:3035
ESTAB      469    0                                           ::ffff:192.168.1.110:www                                          ::ffff:85.139.184.56:47668
ESTAB      469    0                                           ::ffff:192.168.1.110:www                                         ::ffff:76.127.242.143:10040
CLOSE-WAIT 546    0                                           ::ffff:192.168.1.110:www                                         ::ffff:213.156.52.124:14830
ESTAB      0      67160                                       ::ffff:192.168.1.110:www                                          ::ffff:202.30.18.218:3820
CLOSE-WAIT 281    0                                           ::ffff:192.168.1.110:www                                            ::ffff:68.2.73.173:61919
root@hostname:~#
Reply With Quote
Sponsored Links
  #2  
Old 8th October 2008, 16:35
marpada marpada is offline
Senior Member
 
Join Date: Sep 2008
Posts: 139
Thanks: 2
Thanked 14 Times in 14 Posts
Default

There are some useful apache modules to defend from a DDOS, like mod_evasive. There are also some iptables tricks to limit the rate of connections per second.
________
MONTANA MEDICAL MARIJUANA DISPENSARY
________
DOES IOLITE VAPORIZER COME WITH BUTANE

Last edited by marpada; 13th May 2011 at 01:46.
Reply With Quote
  #3  
Old 9th October 2008, 23:17
badgerbox76 badgerbox76 is offline
Senior Member
 
Join Date: Feb 2006
Posts: 178
Thanks: 6
Thanked 1 Time in 1 Post
Default

Done.

I fallowed the instructions in this guild.

http://advosys.ca/viewpoints/2006/08...ive-in-ubuntu/

btw
Code:
en2mod
did not work for me and I could not fine the package by running
Code:
apt-get install en2mod
but
Code:
a2enmod
did the trick and I was able to activated the mod. Time to sit back and see what happens with the server now.
Reply With Quote
  #4  
Old 10th October 2008, 00:59
marpada marpada is offline
Senior Member
 
Join Date: Sep 2008
Posts: 139
Thanks: 2
Thanked 14 Times in 14 Posts
Default

Don't forget to also check ssh port or any other service you have running!
________
MOTORCYCLE TIRES
________
AMERICA'S NEXT TOP MODEL FORUM

Last edited by marpada; 13th May 2011 at 01:47.
Reply With Quote
  #5  
Old 10th October 2008, 08:38
badgerbox76 badgerbox76 is offline
Senior Member
 
Join Date: Feb 2006
Posts: 178
Thanks: 6
Thanked 1 Time in 1 Post
Default

Installed the mod and I am still getting these crazy logs even in the middle of the night. I know I would normally only have 1 to 5 people on at any even time.

What should I do know?

Code:
State       Recv-Q Send-Q                                                                     Local Address:Port                                                                         Peer Address:Port
ESTAB       0      23460                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:11136
LAST-ACK    0      11041                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:5765
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:50059
ESTAB       435    0                                                                   ::ffff:192.168.1.110:www                                                                    ::ffff:74.61.44.58:59617
LAST-ACK    0      11041                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:50318
CLOSE-WAIT  268    0                                                                   ::ffff:192.168.1.110:www                                                                     ::ffff:78.3.26.66:20113
ESTAB       435    0                                                                   ::ffff:192.168.1.110:www                                                                    ::ffff:74.61.44.58:59619
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:57751
CLOSE-WAIT  0      11680                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:98.100.167.210:61379
ESTAB       0      69504                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:15.203.169.106:61914
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:41878
ESTAB       0      52                                                                  ::ffff:192.168.1.110:ssh                                                                    ::ffff:192.168.1.1:1142
LAST-ACK    0      11041                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:48537
ESTAB       0      94900                                                               ::ffff:192.168.1.110:www                                                                  ::ffff:70.101.18.121:61654
ESTAB       822    0                                                                   ::ffff:192.168.1.110:www                                                                    ::ffff:74.61.44.58:59597
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:60834
CLOSE-WAIT  821    0                                                                   ::ffff:192.168.1.110:www                                                                    ::ffff:74.61.44.58:59592
CLOSE-WAIT  823    0                                                                   ::ffff:192.168.1.110:www                                                                    ::ffff:74.61.44.58:59594
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:26020
LAST-ACK    0      11041                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:1452
ESTAB       0      86880                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:78.159.102.134:35464
ESTAB       822    0                                                                   ::ffff:192.168.1.110:www                                                                    ::ffff:74.61.44.58:59613
SYN-SENT    0      1                                                                          192.168.1.110:36763                                                                         10.11.12.13:ipp
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:61110
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:1978
ESTAB       0      24840                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:54207
LAST-ACK    0      11041                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:8380
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:53442
ESTAB       0      92160                                                               ::ffff:192.168.1.110:www                                                                  ::ffff:75.41.112.238:53810
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:31169
LAST-ACK    0      11041                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:35530
LAST-ACK    0      11041                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:13000
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:2255
LAST-ACK    0      11041                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:7122
ESTAB       0      94656                                                               ::ffff:192.168.1.110:www                                                                  ::ffff:98.18.130.160:61094
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:20182
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:61398
ESTAB       470    0                                                                   ::ffff:192.168.1.110:www                                                                  ::ffff:140.32.16.101:11464
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:50393
LAST-ACK    0      11041                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:39137
ESTAB       299    0                                                                   ::ffff:192.168.1.110:www                                                                   ::ffff:66.249.71.46:59698
ESTAB       0      80300                                                               ::ffff:192.168.1.110:www                                                                  ::ffff:79.77.109.169:1321
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:56043
ESTAB       0      75920                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:72.186.212.182:50292
ESTAB       0      74460                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:24.185.104.128:2298
ESTAB       0      86140                                                               ::ffff:192.168.1.110:www                                                                  ::ffff:24.222.98.129:57749
LAST-ACK    0      11681                                                               ::ffff:192.168.1.110:www                                                                  ::ffff:24.237.96.120:1629
LAST-ACK    0      11681                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:98.100.167.210:61350
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:59377
ESTAB       666    0                                                                   ::ffff:192.168.1.110:www                                                                   ::ffff:75.9.168.191:64088
ESTAB       267    0                                                                   ::ffff:192.168.1.110:www                                                                     ::ffff:78.3.26.66:20249
ESTAB       440    0                                                                   ::ffff:192.168.1.110:www                                                                  ::ffff:202.7.197.250:42617
LAST-ACK    0      11041                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:18693
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:6405
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:5640
CLOSE-WAIT  690    0                                                                   ::ffff:192.168.1.110:www                                                                   ::ffff:75.9.168.191:64085
CLOSE-WAIT  667    0                                                                   ::ffff:192.168.1.110:www                                                                   ::ffff:75.9.168.191:64084
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:35859
CLOSE-WAIT  268    0                                                                   ::ffff:192.168.1.110:www                                                                     ::ffff:78.3.26.66:23823
LAST-ACK    0      11041                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:35611
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:14873
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:64290
ESTAB       316    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:45089
ESTAB       0      80640                                                               ::ffff:192.168.1.110:www                                                                  ::ffff:76.66.164.158:1049
ESTAB       0      81312                                                               ::ffff:192.168.1.110:www                                                                  ::ffff:76.226.103.63:1754
ESTAB       0      69000                                                               ::ffff:192.168.1.110:www                                                                  ::ffff:152.39.64.148:52380
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:2091
ESTAB       0      55024                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:63.246.251.128:59618
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:20009
ESTAB       392    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:134.173.215.67:64851
LAST-ACK    0      11041                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:20781
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:13100
LAST-ACK    0      11041                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:15666
ESTAB       0      73000                                                               ::ffff:192.168.1.110:www                                                                  ::ffff:84.244.206.83:4123
CLOSE-WAIT  268    0                                                                   ::ffff:192.168.1.110:www                                                                     ::ffff:78.3.26.66:23851
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:21563
CLOSE-WAIT  0      11040                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:58172
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:50243
CLOSE-WAIT  0      11040                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:48960
ESTAB       316    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:16192
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:12103
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:58440
LAST-ACK    0      11041                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:10829
ESTAB       392    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:134.173.215.67:64815
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:1361
CLOSE-WAIT  268    0                                                                   ::ffff:192.168.1.110:www                                                                     ::ffff:78.3.26.66:26703
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:60759
LAST-ACK    0      590                                                                 ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:25172
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:16472
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:45663
ESTAB       0      73000                                                               ::ffff:192.168.1.110:www                                                                   ::ffff:67.161.29.78:62417
ESTAB       642    0                                                                   ::ffff:192.168.1.110:www                                                                  ::ffff:58.69.243.154:39183
ESTAB       642    0                                                                   ::ffff:192.168.1.110:www                                                                  ::ffff:58.69.243.154:39941
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:7291
LAST-ACK    0      11041                                                               ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:32123
CLOSE-WAIT  317    0                                                                   ::ffff:192.168.1.110:www                                                                 ::ffff:210.212.58.170:35193
Reply With Quote
  #6  
Old 11th October 2008, 00:07
marpada marpada is offline
Senior Member
 
Join Date: Sep 2008
Posts: 139
Thanks: 2
Thanked 14 Times in 14 Posts
 
Default

I think that mod_evasive don't reject the conection (TCP SYN packets) but the banned client gets a 403 Access Denied Error.
If you don't want they can even open a coonection you may use a iptable rule with limit rate (I think you can even configure mod_evasive to start the rule automatically)

There are a few examples in
http://www.cyberciti.biz/tips/howto-...n-attacks.html
________
CRITICAL ILLNESS INSURANCE FORUM
________
Fix ps3

Last edited by marpada; 13th May 2011 at 01:47.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Denial Of Service attack detected! Nareau Server Operation 3 24th June 2009 12:22
mod_evasive & svn (webdav) (or preventing DoS) Karel Server Operation 0 4th August 2008 11:52
Spam attack on one specific domain steowimmy Installation/Configuration 2 14th November 2006 21:12
System attack message from logcheck Hagforce Server Operation 6 30th August 2006 16:07
Isp Says Dos Attack Being Conducted ZebraCobra Server Operation 3 20th December 2005 16:18


All times are GMT +2. The time now is 15:58.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.