Protect the server from Flood attacks , Using the property Port Flood Protection In firewall CSF . After doing the necessary settings will be able to determine the number of allowed connections Same time for each IP tries to connect to the server.
So How to Make a flood attack ?
Logically flood attacks are two ways :
first through a specific communication
the second through multiple connections each connection of these connections connect with the provider
Requirements
- Installing firewall CSF last version
- Enabled IPT and works well
- Model IPT_Recent special for IPT
Application
Through edited the configuration file special for CSF it is located in the following path:
root@server:$ nano /etc/csf/csf.conf
We pressing CTRL + W and look for PORTFLOOD we will find the line as follows default :
PORTFLOOD = " "
put inside ” ” Settings that we want ,as in the following example:
PORTFLOOD = "80;tcp;20;10"
80 is the port , TCP is the protocol , 20 is the number of connections allowed at the same time , 10 is time of pause temporarily after the 10 seconds is allowed IP make new contacts
Important note: ipt_recent can count 20 Packets for each Title , So you can change the number of connections from 1 to 20 only
Is there a possibility of adding more than one port ?yes be as follows (Just an example) :
PORTFLOOD = "22;tcp;10;200,21;tcp;15;100,80;tcp;20;5"
Note that when we add a new port we put a comma (,)
In the previous example you choose more than one port are 22, 21 and 80 And you can add more and you can change the number of connections and also change the protocol type, for example, from TCP to UDP after the completion of the edited we save the file : CTRL + X, Y, and then Enter button.
Finally, do not forget to restart CSF with the following command:
root@server:$ csf -r
Thank You ,,
Related Posts:
- How Do I Block An IP Address On Linux Server ?
- How To Flush The Entire Contents Of Memcache Server
- Linux Shutdown Command
- 10 lsof Command Examples
- How To Install Ksplice on CentOS / RedHat
- How To Update Linux Kernel With Ksplice Uptrack
- How To Install Subversion (SVN) Extension Working With PHP 5.3
- How To Setup Iptables Firewall For A Web Server On CentOS
- How Do I Fix “Host is blocked because of many connection error” In MySQL
- How To Start / Shutdown / Reboot Guest Operating Systems With virsh Command On KVM
{ 2 comments… read them below or add one }
I have a question, 20 connections at the same time are not many connections for a unique IP?
Regards
20 is the number of connections allowed at the same time