This entry was posted on Wednesday, February 13th, 2008 at 8:10 pm and is filed under Linux Shell, Cpanel/WHM, Servers, ddos. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Hoaxblog.com
Everything is hoax!
Blogroll
DDOS has become a real headache for me in these days. Everyday, around 40% of the load with a good amount of bandwidth is being licked by these lame attackers. From starting i m using the ddos deflate a well known ddos protector to all the server admin. This ddos protector uses “netstat” to find out the connections on the server and ban them for a period of time using a firewall automatically. Whats the main disadvantage of this protector is its not a real time protection, and for running netstat it creates a good amount of load on the server. More Importantly, this ddos protector just bans the ip at a certain ideatically. In lots of cases you may find this that, ddos deflate has banned someone who is not really doing ddos on your server. So if you are trying to fetch for a best ddos protector for a loaded server, specifically for a hosting service, then definitely ddos deflate wont be a good choice without any modification.
When a real time syn flood protector concerns, then the first one comes, is Cisco Guard or that typo firewall software. They uses some artificial techniques to determine the syn flooding and filter the requests. Its good, but in lots of cases when more pure attacks are in effect, it wont perform the best too. Though, it may reduce the load on the server by filtering a good amount of ddos traffic. But i have found that, most of the DC don’t provide this service to buy. Its only available to use for 24 hours so. Moreover, for not having it available in market to buy directly from vendor, no individual businessman going to have it by paying too.
As runtime filtering is not possible without a big artificial intelligence, thats why i m really thinking to modify the ddos deflate to its best. According to my inspection certain modification on this script can make it more perfect and better in lots of ways. But one of the disadvantage of taking high load will kept alive as we cant proceed without checking or analysing the traffic details. Though, the modified ddos deflate should work fine in lots of cases when loaded dedicated boxes concern. My main motive is to make the protector ban the IPs who are estabilished means alive in the network and basically using http protocol. I m also working on it to make it more simple and working faster in the network. I will definitely be posting the download when i m done with the project and tested it in my network 
It should be more perfect comparing from both side i explained
Leave a Reply