DOS prevention

J. Wade Michaelis jwade at userfriendlytech.net
Mon Mar 18 14:19:49 CDT 2013


I have a CentOS web server that has recently been brought to a halt on two
separate occasions.  Checking the access.log, it appears that it was a
Denial of Service (DOS) attack (hundreds of HTTP requests in a very short
time, all from a single IP address).

I want to prevent these types of attacks from bringing the server to its
knees.  We have a hardware firewall (SonicWall) in place, but it isn't
quite new enough to run the firmware that allows rate-limiting.

I have found a number of tutorials that show how to do this type of thing
with IPTABLES.  Is there a better solution?

Supposing I go with IPTABLES, do I need to include rules to allow FTP and
SSH (the only other services on the server)?

Would any of you be willing to assist me with this?

Thanks,
~ j.
jwade at userfriendlytech.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kclug.org/pipermail/kclug/attachments/20130318/1321d7ea/attachment.html>


More information about the KCLUG mailing list