Server under DDOS attack HELP

Server under DDOS attack HELP

[Kev]

hi,

for the 5th time today my server is under a DDOS attack :( how can i
stop this ??? what i block all ICMP communication ?????

plz help.....



------- 
Web Hosting at a cheap price, starting at $1 per month with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

Re: Server under DDOS attack HELP

[James Turnbull]

[-- Attachment #1: Type: text/plain, Size: 434 bytes --]

Kev wrote:

>hi,
>
>for the 5th time today my server is under a DDOS attack :( how can i
>stop this ??? what i block all ICMP communication ?????
>
>plz help.....
>
>  
>
Kev

What sort of attack is this?  What are you seeing in your firewall logs?

To restrict all incoming new and established state ICMP traffic you can 
do something like:

iptables -A INPUT -p icmp -m state --state NEW,ESTABLISHED,RELATED -j DROP

Regards

James

[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/x-pkcs7-signature, Size: 2801 bytes --]

Re[2]: Server under DDOS attack HELP

[Kev]

>
>What sort of attack is this?  What are you seeing in your firewall logs?
>
>To restrict all incoming new and established state ICMP traffic you can 
>do something like:
>
>iptables -A INPUT -p icmp -m state --state NEW,ESTABLISHED,RELATED -j DROP
>

i cant even SSH to see whats going on..... its with my ISP they told me
its under a DDOS attack and some one trying to loin in via SSH....

if i block all icmp would that help ?


------- 
Web Hosting at a cheap price, starting at $1 per month with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

Re: Server under DDOS attack HELP

[James Turnbull]

[-- Attachment #1: Type: text/plain, Size: 428 bytes --]

Kev wrote:

>i cant even SSH to see whats going on..... its with my ISP they told me
>its under a DDOS attack and some one trying to loin in via SSH....
>
>if i block all icmp would that help ?
>
>
>  
>
If it's your ISP they should be working on fixing the problem too but 
maybe it might help.  Depends on the nature of the DDOS attack.  You 
need more information from your ISP before you can make any calls.

Regards

James

[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/x-pkcs7-signature, Size: 2801 bytes --]

Re[2]: Server under DDOS attack HELP

[Kev]

>>
>If it's your ISP they should be working on fixing the problem too but 
>maybe it might help.  Depends on the nature of the DDOS attack.  You 
>need more information from your ISP before you can make any calls.

yeah Jemes, i just ask them to tell me really whats going on with a full
description,

thanks for you help

------- 
Web Hosting at a cheap price, starting at $1 per month with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net