I've a few servers running as ssh proxy, someone started to DDOS me, i've installed ddos deflate and apf. The traffic made by ddos downgrade from 10 MB/s to 1 MB/s but it still make my users kick from my servers. My question is: if I make a rule to monitor all my traffic and lock new connections when someone start ddos will work? I mean, lock new connections and keep the others running!
Asked
Active
Viewed 100 times
1 Answers
2
If the DDoS is saturating your bandwidth, there's nothing you can do at the server-level to protect yourself. You'd have to contact whoever your upstream provider is to help mitigate the attack.
That said, 1 MB/s is hardly a DDoS. You could probably use iptables to rate-limit things, but depending on the traffic pattern it could be hard to protect against.
Nathan C
- 14,901
- 4
- 42
- 62
-
Im just using SSH, theres a way to limit it with APF? Max connections pet IP, max package size per IP? – Pedrommone Jun 27 '13 at 18:59