• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!
  • 2026 staff recruitment is open! Check it out and consider applying!

Programmer [Security - Linux] Paying 50 USD for this job (PayPal)

kito2

kito2

www.masteria.net
Joined
Mar 9, 2009
Messages
3,764
Solutions
1
Reaction score
227
Location
Chile, Santiago
Preview:

http://otland.net/f16/linux-windows-port-80-attacks-crashing-your-website-103054/#post1033438
Linux + Windows port 80 attacks - Crashing your website.

Hello everyone, I use Linux and noticed that a friend know how to attack a website and crash it, he said that are floods attack.
And some times it lags the OT and also he can crash it.

And it just crash tibia websites, anyone knows how to fix this?
Click to expand...

Solutions:
1) http://otland.net/f138/firewalling-part-1-a-24270/
2) http://otland.net/f138/some-protecion-against-ddos-22908/

But I can't make them works...

What I need:

-Those "protections against DDOS" (1 and 2).
-Firewall or iptables, I don't know, I just want to have lot of security.
-Auto ban IP that is sending too many packets.

I will pay 50 USD to anyone that makes this job for me.
 
You cant protection ddos ;s for that you must buy very good dedicated server.
 
You are better off contracting people who's job it is to secure *nix networks. For protection from people with botnets or larger forces then pissed teenagers in a basement, you will need hardware. You should contact your host, or start to invest in your own hosting network at home. Collapser is a great example of this, learn from them
 
You need system administrator, not programmer.
You can PM me with more info about OS and I can check the server then and protect it somehow (full protection - impossible, high protection - hardware).
 
Install lighttpd or nginx = resource bound attacks are very uneffective.
Set iptables with limit of connections per IP, you can make a ban out of this, but ehm, people can always just get very unlucky for a sec :p.
 
offtopic : statik your spamming like crazy dude lol

@thread
yeah ddos is hard to secure from the only thing you can do is make your security the strongest as possible so it does not affect you
 
Yes, I've noticed that after I added a UTF-32 title I double post all the time for some unknown reason. But well I have changed it back to something else :).

The only thing that help against a REAL ddos is to get a better line. The goal of a real ddos is simply to block out the line entierly. And no real traffic will pass through to the server.
 
Don Daniello said:
You need system administrator, not programmer.
You can PM me with more info about OS and I can check the server then and protect it somehow (full protection - impossible, high protection - hardware).
Click to expand...

There wasn't a tag for system administrator, the closest was a programmer xD
I will PM you, thanks.

stian said:
Install lighttpd or nginx = resource bound attacks are very uneffective.
Set iptables with limit of connections per IP, you can make a ban out of this, but ehm, people can always just get very unlucky for a sec :p.
Click to expand...

I have been looking a guide to do this, but can't find anything that helps.
 
Follow my tutorial, and uninstall apache to get lighttpd.

Conn limits can be done using:
iptables -A INPUT -m recent --name FLOOD_CONN --update --seconds 3 --hitcount 20 -j DROP
iptables -A INPUT -m state --state NEW -m recent --name FLOOD_CONN --set -j ACCEPT

If a IP opens more then 20 connections over 3 sec (on ANY port), it will simply be dropped.
 
Code: 
Bad argument `name'
Try `iptables -h' or 'iptables --help' for more information.

Yes i'm newbi x] Stian help. Please.
 
stian said:
Follow my tutorial, and uninstall apache to get lighttpd.

Conn limits can be done using:
iptables -A INPUT -m recent --name FLOOD_CONN --update --seconds 3 --hitcount 20 -j DROP
iptables -A INPUT -m state --state NEW -m recent --name FLOOD_CONN --set -j ACCEPT

If a IP opens more then 20 connections over 3 sec (on ANY port), it will simply be dropped.
Click to expand...

Didn't work to me, same error as bolero.

Anyways, it wouldn't lag the server?
 
Ok, here is a version that shouldn't require the --name option (it's in a module)

iptables -N conn-flood
iptables -I INPUT 1 -p tcp –syn -j conn-flood
iptables -A conn-flood -m limit –limit 7/s –limit-burst 20 -j RETURN
iptables -A conn-flood -j DROP
iptables -A INPUT -p icmp -m limit --limit 1/s --limit-burst 1 -j ACCEPT
iptables -A INPUT -p icmp -j DROP
Click to expand...

IP's are limited to 7 connections / sec, and overall 20 open. You can likely reduce these without causing lag. With 3/sec website will lag a bit if you got lots of images and css files.

You can also use this, it's the same as above only without the --name tag, but it should work the same. Note that you can still use the icmp from the previous.
iptables -I INPUT -p tcp -m state --state NEW,ESTABLISHED -m recent --set -j ACCEPT
iptables -I INPUT -p tcp -m state --state NEW -m recent --update --seconds 3 --hitcount 20 -j DROP
Click to expand...
 
Last edited:
Code: 
root@199:~# apt-get install iptables
Reading package lists... Done
Building dependency tree
Reading state information... Done
iptables is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@199:~# iptables -N conn-flood
root@199:~# iptables -I INPUT 1 -i -p tcp --syn -j conn-flood
Bad argument `tcp'
Try `iptables -h' or 'iptables --help' for more information.

Aff's >.<! Help stian! You are the best in linux =]!
 

Similar threads

Stellow
Hoster Pay-Per-Hour Tibia Hosting (No VPS, No Setup, No Compilation) - Try for FREE
Replies
12
Views
756
Mapperforfun
Mapperforfun
Back
Top