How to stop Geo DOS-DDOS ATTACKS

Improve security of your Artica server, all discuss about security news and how to fight against hackers/Spammers

Re: How to stop Geo DOS-DDOS ATTACKS

New postby Friend7 » Wed Dec 14, 2011 6:23 pm

WARNING!: Prevent-SR-Attack

It seems to be that there is a new threat out there since last week.

Some Asian H@ckers have innovated a new method based on Server-Response.
In Short: They use the Server-Response to h@ck-back servers.

I was very skeptical about it and I did not believe it that it could be a real threat.

Unfortunately, I was very wrong. Its new method works! They crack-a-server from 12 to 24 hours.
It is not the old Dictionary-attack.

I do not have more information about it
but its method could spread all over the internet soon or later.

So, you’d better get firewalled your main ports.

Step #1
Protect Artica’s Console Port by using a “non standart port”
Protect SSH Port by using a non standart port

Step #2
You may also need to firewall ssh and Artica’s Console ports by updating iptables.

Usually, server must accept connections from your LAN or other remote WAN sites only for admin purposes.

-A INPUT -s your_ip -p tcp --dport SSH_Port -j ACCEPT

If you do not know your external ip, just click this link:

http://www.ip-lookup.net/

Iptables tutorials: http://www.cyberciti.biz/faq/category/iptables/

Remember the “Tip and Trick”: your server must not response anything from Control Ports.

Another tip: Block Asian Countries.
Best Regards,
Friend7
 
Posts: 2373
Joined: Sun Feb 06, 2011 3:41 pm
Artica servers number: 1
Linux System: Debian
Technical skills: A newbee

Re: How to stop Geo DOS-DDOS ATTACKS

New postby Friend7 » Wed Dec 21, 2011 1:10 am

Severe H/\cking activity
58.250.100.186
200.63.19.244

Sp/\mmer - {Huge-Sp/\m}

74.63.231.123
NetRange: 74.63.192.0 - 74.63.255.255
Best Regards,
Friend7
 
Posts: 2373
Joined: Sun Feb 06, 2011 3:41 pm
Artica servers number: 1
Linux System: Debian
Technical skills: A newbee

Previous

Return to Security

Who is online

Users browsing this forum: No registered users and 1 guest

cron