Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Announcements (Altcoins)
Re: Nxt :: descendant of Bitcoin - Updated Information
by
gbeirn
on 30/12/2013, 17:27:12 UTC
Quote from: opticalcarrier on December 30, 2013, 05:00:15 PM
Quote from: klee on December 30, 2013, 04:53:17 PM
Quote from: klee on December 30, 2013, 11:54:17 AM
From my IT guy:

DDoS Deflate is a  bash shell script which purpose is blocking a denial of service attack.

the following installation guide is about cent os .

How to install

1. Login to Cent OS as root
2. run terminal
3. run the following commands
a. "wget http://www.inetbase.com/scripts/ddos/install.sh"
b. "chmod 0700 install.sh"
c. "./install.sh"


Configure

After installing the script the following directories and files
will be created

program directory =/usr/local/ddos
program =/usr/local/ddos/ddos.sh
ignore_ip_list=/usr/local/ddos/ignore.ip.list
cron (scheduller) =/etc/cron.d/ddos.cron
apf ( advanced policy firewall) =/etc/apf/apf
ipt (iptables) =/sbin/iptables

edit configuration file

run the following command on terminal
cd /usr/local/ddos
vi ddos.conf
( to edit the file with vi editor just type "i" , when finished  press escape then ":" "w" "q" and enter )

Configuration file settings

Freq= ( how often the script is executed in minutes )
Ddos - cron ( cron sceduller update )
No_of_connections ( number of connections received before an IP is blocked )
Apf_ban ( 1 means that it will use apf , 0 it will use iptables )
Ban_period ( time in seconds to block an IP )
Email_to ( address to send an email when an IP is blocked )
Kill ( when value is 0 no IP is banned )


In case you get blank IP edit the main script ddos.sh and replace

"netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -nr > $BAD_IP_LIST"

with this one

"netstat -ntu | grep ‘:’ | awk ‘{print $5}’ | sed ‘s/::ffff://’ | cut -f1 -d ‘:’ | sort | uniq -c | sort -nr > $BAD_IP_LIST"
( be sure to keep the command in a single line )


Uninstall  DDos Deflate

1. Login to Cent OS as root
2. run terminal
3. run the following commands
a. "wget http://www.inetbase.com/scripts/ddos/uninstall.sh"
b. "chmod 0700 uninstall.sh"
c. "./uninstall.sh"


can you verify with your IT guy how that DDOS prevention works?  Cause Im not certain yet if that will help us, as I thought the DDOS we were seeing was a specialized protocol that worked well above OSI layers 4/5.  I thought the DDOS attacks we were seeing were well into the cient protocol operation.  IF that is the case then Im not sure this DDOS thing you have will help.

Can an expert who has analyzed the DDoS attacks comment here?  Please let us know what your IT guy says.  If this is viable then we all really need to go figure out how to make this work on our particular distros on our VPSs

Yes I would like to know this as well. If if does, I can deploy it on my VPSs