Knowledgebase

I'm under a Syn Flooding attack from single IP

Posted by Professor 0110, 04-12-2009, 09:03 PM
Hi everyone, My website has been under a constant Syn Flood DoS attack for the past few days. However, the attack originates from a single IP address that changes every few hours (Possibly a syn flood script with IP spoofing capabilities). The Syn Flood attack isn't creating any spike whatsoever in my usage graphs, however, its still rather annoying. What firewall should I use to combat the DoS attack? Thanks.
Posted by Host Our Web, 04-12-2009, 09:14 PM
a simple google search got these. http://pikt.org/pikt/samples/iptable...grams.cfg.html http://www.cyberciti.biz/tips/howto-...n-attacks.html Also you may want to consider a host that protects against these sort of attacks.
Posted by hexahost, 04-13-2009, 02:01 AM
Use APF / CSF firewall. That would help you to easilly block the IP you want.
Posted by Deem3n®, 04-13-2009, 09:11 AM
You can try to write a script that will analyse the firewall logs or netstat activity and place the most active IPs to blacklist
Posted by JSHosts, 04-13-2009, 09:13 AM
If you're using Linux, I'd recommend APF with DoS-Deflate. APF: http://www.rfxn.com/projects/advanced-policy-firewall/ DoS-Deflate: http://deflate.medialayer.com/


Was this answer helpful?

Add to Favourites Add to Favourites

Print this Article Print this Article
Also Read
HostingLite/HiYaCorp (Views: 619)
PHP 5 + cPanel + MySQL + SSH (Views: 913)
Found a Server Management Service for OVH VPS, Shall I go with them? (Views: 629)
workarounds in h-sphere (Views: 532)
DIYhosting 4 month review (Views: 610)


Language:

Client Menu

 

Client Login

Email

Password

Remember Me

Search



  
 

Clients

Hosting

VPS Hosting

About Us

Contact Us

Copyright © 2015 DC International LLC in partnership with Bragin IT Solutions Inc. - All Rights Reserved.