Webmaster Forum  

Go Back   Webmaster Forum > Web Hosting Forum - Web Hosting - Web Host - Hosting - Managed Hosting - Shared Hosting > Site & Server Administration
Reload this Page What is DDOS attack?
User Name
Password
Register FAQ Members List Calendar Transactions Store Search Today's Posts Mark Forums Read


What is DDOS attack?

Reply
Page 2 of 2 < 1 2
 
Thread Tools Search this Thread Display Modes
  #11  
Old 06-07-2007, 14:37
ichkoguy
Junior Member


Join Date: Jun 2007
Posts: 10
Trader Rating: (0)
Points: 1 (Donate)
5 F$/Referral Refer Friends
ichkoguy is on a distinguished road
Default Re: What is DDOS attack?
a safe way to get rid of ddos is to have a better rated firewall service opted for.. the hackers simply affect our computers. i have also tried this as a part of my research once and was partly successful. so prevention is the best cure for this.
ichkoguy is offline
Reply With Quote
  #12  
Old 08-21-2007, 00:54
Trexhost
Member


Join Date: Aug 2007
Posts: 39
Trader Rating: (0)
Points: 8 (Donate)
5 F$/Referral Refer Friends
Trexhost is on a distinguished road
Default Re: What is DDOS attack?
One way you can help with DDOS outbound attacks is Mod_security on an apache server. You can also put the server behind a hardware and software firewall. A popular software firewall is APF by RF networks, and most D.C's offer Cisco Firewall protection as an additional service which places your ips behind a firewall for further protection. No real way to prevent all DDOS attacks, however, hardware firewalls will begin filtering out ips that are being used in the DDOS keeping damage to a minimum
James
Trexhost is offline
Reply With Quote
  #13  
Old 09-01-2007, 06:29
boebi
Senior Member


Join Date: Aug 2007
Posts: 140
Trader Rating: (0)
Points: 0 (Donate)
5 F$/Referral Refer Friends
boebi is on a distinguished road
Default Re: What is DDOS attack?
what is a ddos?
say your server has a 100mbit connection, hackers will overflow your server with a 500mbit connection resulting in a crash
how to avoid?
its IMPOSSIBLE to avoid it for 100%
you can ofcourse:
make sure your connection is burstable. so you actully use a 100mbit connection, but if someone attacks you it will burst to a 500mbit connection.
and then you can ban the attackers ip adress.
boebi is offline
Reply With Quote
  #14  
Old 09-12-2007, 06:18
numskull
Member

numskull's Avatar

Join Date: Oct 2006
Posts: 88
Trader Rating: (0)
Points: 37 (Donate)
5 F$/Referral Refer Friends
numskull is on a distinguished road
Default
There's a nice read on the topic at http://www.securitydocs.com/library/2616
The part I especially like is
Quote:
Mitigation

Antivirus software – Installing antivirus software with the latest virus definitions will help prevent your system from becoming a DoS zombie. Now, more then ever, this is an important feature that you must have. With lawsuits so prevalent, not having the proper protection can leave you open for downstream liability.

Software updates - Keep your software up to date at all times. This includes antivirus, email clients, and network servers. You also need to keep all network Operating Systems installed with the latest security patches. Microsoft has done a great job with making these patches available for their Windows distributions. Linux has been said to be more secure, but the patches are far more scarce. RedHat is planning on incorporating the NSA's SE Linux kernel into future releases. This will give Mandatory Access Control (MAC) capabilities to the Linux community.

Network protection - Using a combination of firewalls and Intrusion Detection Systems (IDS) can cut down on suspicious traffic and can make the difference between logged annoyance and your job. Firewalls should be set to deny all traffic that is not specifically designed to pass through. Integrating an IDS will warn you when strange traffic is present on your network. This will assist you in finding and stopping attacks.

Network device configuration – Configuring perimeter devices like routers can detect and in some cases prevent DoS attacks. Cisco routers can be configured to actively prevent SYN attacks starting in Cisco IOS 11.3 and higher using the TCP intercept command in global configuration mode.

access-list number {deny | permit} tcp any destination destination-wildcard
ip tcp intercept list access-list-number
ip tcp intercept ? (will give you a good list of other options.)

Cisco routers can prevent Smurf and Fraggle attacks by blocking broadcast traffic. Since Cisco IOS 12.0, this is the default configuration. ACLs or access control lists should also be configured on all interfaces.

no ip directed-broadcast

The Cisco router can also be used to prevent IP spoofing.

ip access-group list in interface
access-list number deny icmp any any redirect
access-list number deny ip 127.0.0.0 0.255.255.255 any
access-list number deny ip 224.0.0.0 31.255.255.255 any
access-list number deny ip host 0.0.0.0 any
See Improving Security on Cisco Routers - www.cisco.com/warp/public/707/21.html

Old Cisco IOS versions are vulnerable to several DoS attacks. The “Black Angels” wrote a program called Cisco Global Exploiter. This is a great software to use when testing the security of your Cisco router version and configuration and can be found at http://www.blackangels.it/Projects/cge.htm

Security is not as mystical as people believe. DoS attacks come in many different types and can be devastating if you don't take the proper precautions. Keep up to date and take steps to secure network nodes. Keeping security in mind can minimize damages, downtime, and save your career.


So, choosing a host make sure all the tips are considered, I also see "Hacker Safe" badges at hosts' sites, the one is at http://www.webhostingbuzz.com/websi..._shared-hosting, I think altogether it may guarantee you server stability.
numskull is offline
Reply With Quote
  #15  
Old 04-18-2008, 03:00
jani83
Senior Member


Join Date: Apr 2008
Posts: 207
Trader Rating: (0)
Points: 4 (Donate)
5 F$/Referral Refer Friends
jani83 is on a distinguished road
Default
denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users. Although the means to, motives for, and targets of a DoS attack may vary, it generally consists of the concerted, malevolent efforts of a person or persons to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely.

Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even DNS root servers.

One common method of attack involves saturating the target (victim) machine with external communications requests, such that it cannot respond to legitimate traffic, or responds so slowly as to be rendered effectively unavailable. In general terms, DoS attacks are implemented by:

* forcing the targeted computer(s) to reset, or consume its resources so that it can no longer provide its intended service; or,
* obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.
jani83 is offline
Reply With Quote
Reply
Page 2 of 2 < 1 2

« Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


Resources : | Advertise at FHF | itextLink.com| Reseller Hosting| TextDot| iNamePros| Any Webmaster| Web Host| Dep3|


All times are GMT -4. The time now is 11:08.

Rules - Contact Us - Refer Friends - PRCheck - Archive - Top

Powered by: vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.