How to reinforce my node against DoS attacks
Linode tell me there's nothing I/they can do but I am not convinced. As this is my first experience with a DoS attack, I would like to at least make it harder for the attacker in the future but I don't really know where to start.
I'm a programmer not a systems administrator and I could really use some expert advice!
Thanks in advance!
3 Replies
As for the server, I changed the IP, locked down the firewall, installed mod_evasive
I'll see how it goes now, if not I may have to add a third-party like CloudFlare, even if it's just temporary until the attackers get bored.
@ryall:
As for the server, I changed the IP, locked down the firewall, installed
for Apache and installed fail2ban to help block unauthorised SSH. Handily, I asked the systems admin at work to take a look as well and he's monitoring it closely and giving me some more tips. mod_evasive
It isn't quite clear to me from this plus your first post if your node being "closed" was due to upstream steps to alleviate a DOS attack, or just that your node itself couldn't handle the traffic? Which it is makes a big difference on how much control you have.
That's important because while all of the above can be helpful if it's your own node's behavior in response to an attack that is the issue, if the attack is large enough to draw upstream attention (whether Linode or Linode's providers) which most likely results in blackholing the traffic, then odds are that none of the above (aside from the IP change if the attack isn't using DNS) will change that.
– David