Hello Every Body,
I have one problem i wana block Denial of Service Attack (DoS) on Fedora Core 4 any body wana help me
I shall be very greatful to him/her.
Thanx..................
Denial of Service Attack (DoS)
-
- Naik
- Posts: 53
- Joined: Wed Jan 04, 2006 3:51 pm
- Location: Quetta, Pakistan
- Contact:
salam:
Get your firewall up & set it to high security. if still getting dosd get an ids up, on running services supply rules to check connection to those services and deny access to any attempting dos attack, or even better click here:
http://www.cert.org/tech_tips/denial_of_service.html
Get your firewall up & set it to high security. if still getting dosd get an ids up, on running services supply rules to check connection to those services and deny access to any attempting dos attack, or even better click here:
http://www.cert.org/tech_tips/denial_of_service.html
I think, therefore i am!
-
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
- Contact:
Re:
Dear 5851820,
Salam,
Edit your /etc/sysconfig/iptables and add following code !!
Change the IP to the IP from whick you are getting attacks !!
Best Regards.
Salam,
Edit your /etc/sysconfig/iptables and add following code !!
Code: Select all
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1311 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
## DNS Server ##
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 53 -j ACCEPT --syn
-A RH-Firewall-1-INPUT -p udp -m udp --dport 53 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp -s 0/0 -d 0/0 --sport 53 -j ACCEPT
## End DNS ##
#Block malicious system
-A RH-Firewall-1-INPUT -p tcp -m tcp -s [b]IP[/b] -j DROP
-A OUTPUT -d 70.86.76.34 -j DROP
#-A RH-FireWall-1-INPUT -p tcp -m tcp -d [b]IP[/b]/32 -j DROP
COMMIT
Best Regards.
Farrukh Ahmed