Monday, May 9, 2011

DDOS Attack prevention on Linux server.

DDOS Attack prevention on Linux server.

It will show you count.

netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

Get output to file.
netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1     | grep "." > test123

Install and configure APF firewall.
wget http://www.rfxn.com/downloads/apf-current.tar.gz
tar xzvf apf-current.tar.gz

Add IP list to deny file.
cat test123 >> /etc/apf/deny_hosts.rules

Save the list.
/etc/apf/apf -r

Restart the firewall
/etc/init.d/apf restart
Stopping APF:                                              [  OK  ]
Starting APF:                                              [  OK  ]


OR

Solution I am Using.

USE THIRD PARTY SERVICE. Move your DNS to this.
i.e. http://cloudflare.com/
Cloud Flare is blocking exact threats which is HITING to website.
There is many fetures, please check the site.



Wednesday, May 4, 2011

Security for Linux Server.

All the Security for Linux Server.

1. Firewall APF/Iptables
   * Block the all ports which is unnecessary open on server.
   * There is Spammer Database will be add IP pool  in firewall.
2. Change SSH port
3. Update and scans for rootkits, backdoor and possible local exploits. wrong permissions for /usr/bin and     system commands, hidden files, suspicious strings in kernel modules, and special tests for Linux. With some
tools.  Check Malware and malicious scripts.
4. Mail Security:
  * Spamming: if your Application is sending mails more than 100-200 mails in day.
    then you need Proper Mail server setup. else your server Ip will get block in spam list.
  * Check SPF records for domain.
5. Add Google webmaster tool for all our Website/Domain which is use. It will quick detect Malware and if there is Malicious scripts. It will notified if there is any hidden scripts running script or attack on our code.






Copy From blog:
http://shriikant.blogspot.com/2011/05/security-for-linux-server.html