Stopping DoS and DDoS attacks?

Discussion in 'Off Topic' started by jtwhite, Sep 6, 2009.

  1. jtwhite

    jtwhite Community Advocate Community Support

    Messages:
    1,381
    Likes Received:
    30
    Trophy Points:
    0
    Well,

    I have a VPS now, and if this were to ever happen, does anybody know the process to stop it?
     
  2. galaxyAbstractor

    galaxyAbstractor Community Advocate Community Support

    Messages:
    5,508
    Likes Received:
    35
    Trophy Points:
    48
    Block the IP for n amount of time if he visits x times in y seconds. If someone visits the page like 10 times per second, then it should be blocked.
     
  3. adamparkzer

    adamparkzer On Extended Leave

    Messages:
    3,745
    Likes Received:
    81
    Trophy Points:
    0
    Aren't these attacks usually done by multiple different IP addresses at the same time?
     
  4. Livewire

    Livewire Abuse Compliance Officer Staff Member

    Messages:
    18,166
    Likes Received:
    215
    Trophy Points:
    63
    Yeah, which is why you'd want a plugin or some other addon to perform the check.

    Kinda difficult to manually block 1000's of IP's if you're really on someone's OMG YOUR SITE MUST NO LONGER ACCEPT CONNECTIONS list.
     
  5. jtwhite

    jtwhite Community Advocate Community Support

    Messages:
    1,381
    Likes Received:
    30
    Trophy Points:
    0
    Any suggestions where to look?
     
  6. masshuu

    masshuu Head of the Geese Community Support Enemy of the State

    Messages:
    2,293
    Likes Received:
    50
    Trophy Points:
    48
    the issue with that is false positives and it actually will work toward the DDos, since the system is putting up extra resources to try to block the attack.

    I used to know a bot herder. 1,000 is small fry. I think his botnet size at the time i knew him was 9,000 nodes.
    9,000 computers trying to load a page twice a second is about 1,000,000 page requests a minute.

    as far as i can tell, theres not much you can do if someone wants your server down
     
    Last edited: Sep 7, 2009
  7. Smith6612

    Smith6612 I ate all of the x10Pizza Community Support

    Messages:
    6,518
    Likes Received:
    48
    Trophy Points:
    48
    Well, as a few people said here, you can use things such as iptables to block people from connecting to the sites. For a DDoS, you'll want the datacenter to take care of those. Even if they are unable to stop things completely, it'll at least leave the site running slow. But honestly, unless you're posting up content that people don't like (4chan and Scientology attacks last year) or you're doing something stupid, I wouldn't worry about a DDoS. DDoS attacks are geared more towards larger sites when it comes down to it.
     

Share This Page