[ILUG-BOM] How can I secure my server from DoS attack ?
neel.hjs at gmail.com
Wed Jun 24 20:50:01 IST 2009
On Wed, Jun 24, 2009 at 12:46 PM, Neelesh Gurjar <neel.hjs at gmail.com> wrote:
> Neelesh Gurjar <neel.hjs at gmail.com>
>> > Hi,
>> > I have a web server which has CentOS Linux 2.6.18-028stab059.6-ent
>> > and Apache 1.3.37 running on it.
>> > 2 days back I got one script to test DoS attack on website. It is called
>> > slowloris.pl from http://ha.ckers.org/slowloris/
>> > I run that script against my server and it worked. It stopped my website
>> > for
>> > some time. That time all other services like SSH were working fine.
>> > Can anybody suggests any configuration changes at Apache and OS/Kernel
>> > level
>> > to prevent from this type of attack ?
>> > Currently I am using following settings:
>> > Timeout 300
>> > KeepAlive On
>> > MaxKeepAliveRequests 100
>> > KeepAliveTimeout 5
>> > MinSpareServers 5
>> > MaxSpareServers 10
>> > StartServers 5
>> > MaxClients 150
>> > MaxRequestsPerChild 0
>> > Then Kernel settings are like :
>> > tcp_keepalive_time 7200
>> > tcp_keepalive_time 9
>> > tcp_keepalive_intvl 75
>> > tcp_syn_retries 5
>> > tcp_synack_retries 5
>> > tcp_fin_timeout 60
>> mod_evasive, formerly known as mod_dosevasive is a Apache module that
>> provides evasive maneuvers action in the event of an HTTP DoS or DDoS
>> (Denial of Service) attack or brute force attack at the web server. When
>> possible attacks are detected, mod_evasive will block the traffic from the
>> source for a specific duration of time, while reports abuses via email and
>> syslog facilities. Or administrators can configure mod_evasive to talk to
>> iptables, ipchains, firewalls, routers, and etc. to build a comprehensive
>> DDOS prevention system for the high traffic busy web server.
>> Else, for Apache 1.3.x,
I got one more suggetion from suggetion from ISP people to use
http://www.configserver.com/cp/csf.html as it is intigrated with Cpanel.
Have anybody used this tool before ? Any idea regarding this tool please...
More information about the Linuxers