Server :: Lessen Impact Of Bandwidth Attacks With IPTables Or APF?
Apr 26, 2011
My server has been the repeated victim of bandwidth attacks: any large file on the server is downloaded repeatedly, with the goal of pushing the server over the provider's bandwidth limit. How can I lessen the effect of these kinds of attacks with IPTables or APF? For example, can I set the server to: Is this possible? Is there a more effective way, and can a firewall even do this? My web server is Lighttpd, perhaps I can place such a rule directly in its config?
View 1 Replies
ADVERTISEMENT
Sep 30, 2010
I have a SSH server set up at home listening on port 22. I have hardened the server so it is pretty secure but I want to make it even safer by editing my iptables to rate-limit incoming connections and DROP false login attempts. I have tried these tutorials but I just cant get it to work:[URL]I want the debian-administration.org tutorial to work but when I try to add the first rule in terminal:sudo iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --setI get the following:Bad argument --set'I am new to iptables and I'm not sure if I'm doing something wrong when I try to set it up. I'm using Ubuntu 10.04.1 LTS with iptables v1.4.4.
View 6 Replies
View Related
May 14, 2010
I am trying to limit bandwidth of certain ip addresses on my server. I have been doing hours of reading and not getting very far...
So far I believe the iptables command is:
And now I just need the tc command to read those marks and limit bandwidth, I have a gigabit connection and would like to limit each of these ip addresses to 10mbit in and out.
View 1 Replies
View Related
Sep 4, 2010
I run a dedicated specialty Quake 3 Arena Server.It currently runs a stock Debian 5.05. These are the hardware specifications.
256mb SD Ram
10gb Hard Drive
Intel Celeron
I think I should be getting more speed then I am.I would like to install Ubuntu Server.What version is the most stable, and will provide the best speed?I have to download my server files from the internet. Is this possible without the GUI?Is there anyway to control my server remotely, without any impact on performance, VNC is a huge impact.I want to run a mail server as well, is this possible with out a performance hit?
View 9 Replies
View Related
Mar 1, 2010
I would like to set up a logging system for rtorrent, the only way that i could think of this would be to set up bandwidth moniters in the ip tables but im not sure how to go around this.
View 1 Replies
View Related
Jan 1, 2011
i wanted to do bandwidth management/traffic shaping on my Internet link(have two internet connections), but i have some questions to ask: I want to know how could i for example filter some traffics using tc and iptables (e.g Peer-to-Peer,IM,Download Managers,Flash videos..) i can do filtering for known services like http,ssh,... but since these applications doesn't use one port, i am confused a little bit. I also want to do some bandwidth allocations (based on protocol) thats why i need filtering.
The other question is that currently i am using tc for bandwidth allocation and iptables for marking packets to send to these classes, am i doing it right? I mean it does work, but is it better to use for example "U32" filters for filtering? P.S: i tried to use ClearOS in gateway mode, but it doesn't have bandwidth allocation functionality. Does anyone know if i could do bandwidth allocation in ClearOS/Endian.
View 1 Replies
View Related
Apr 5, 2011
Can I, with only the use of IPTABLES, limit the incoming bandwith for a protocol? We have for example servers that have a FTP and HTTP server running and whenever HTTP has a lot of connections open, the other uploads/downloads get a timeout. I know I can limit the number of connections but prefer to limit on protocol level. Is this possible using IPTABLES and if so, can someone indicate how to proceed or provide a link? If it's not possible can someone point me to the right tool for the job?
View 6 Replies
View Related
May 6, 2011
I am ashamed that I am causing other people troubles, but apparantly my server is involved in attacking the servers of other people.
I have to admit that I am not too familiar with using a CLI, or Linux for that matter, but I have a Debian server running under Plesk 10, which is colocated.
Now I have received messages from the datacenterm which state that my server is involved in brute force attacks.
The messages show a lot of lines like this:
Code:
The only I get from my hoster is to back up all domains and re-install the machine.
I want to resolve this asap, but do not agree with that action for two reasons: the machine just had a fresh re-install 2 months ago, so if it is a flaw in the OS, I will get the same flaw back, and if it is not OS related but due to a domain, I will get the problem back by putting back the backed-up domains.
But now I'm stuck: what steps should I follow to try and find the cause of this evil and make sure that my machine will not bother other machines anymore?
I realize that this probably will be a steep learning-curve, but please bare with me and help me to resolve this.
What have I done so far?
1) There are a number of live sites on this server, either running WordPress or Joomla, I have made sure they are all updated to the latest release.
2) I have manually looked at the source code of the index-files of those sites, haven't seen anything strange, like redirects.
3) I have used online scanners to check all sites for malware, all have been reported back to be clean.
4) I have run the Plesk-version of RKhunter, and that gives me certain warnings which I cannot (or do not) understand:
Code:
Code:
Code:
I received the first report of these attempts about a week ago and immediately changed the Plesk/SSH password to a 200bit password generated with KeePass, hoping that would keep out any evildoers.
View 14 Replies
View Related
Nov 18, 2010
I created a the class like this for shaping the packets with a specified bandwidth rate.....
tc qdisc del dev eth0 root
tc qdisc add dev eth0 root handle 1: htb default 15
tc class add dev eth0 parent 1:0 classid 1:1 htb rate 750kbit ceil 750kbit
tc class add dev eth0 parent 1:1 classid 1:3 htb rate 600kbit ceil 750kbit prio 0
For Our Requirement:-
I dont want to specify the bandwidth rate strictly like this rate750kbit ceil 750kbit,based on whatever speed is coming which should allocate the bandwidth rate for particular class...I need one application for finding the upcoming bandwidth & Is any other method is there for specify the bandwidth rate in a classes.
View 1 Replies
View Related
Dec 15, 2010
I have a server provided dns and sendmail service, dns keeping record for my public servers. I don't want my server to be open dns server, so I just add recursion and forwarders option to named.conf, like: allow-recursion {192.168.x.x/24; 123.123.x.x/28; 127.0.0.0/8;}; forwarders {publicDNSipA; publicDNSipB;}; After restart named, all sendmail user can't mail to other internet account (like xxxxx@gmail.com); but local account is ok
[Code]....
View 3 Replies
View Related
May 10, 2010
I need to create a temporary Filesystem and the only way to do it is to reduce /var and create a new filesystem 3GB size
Code:
df -h
/dev/mapper/VolGroup00-var
9.7G 1.5G 7.8G 16% /var
my question is according to google search I need to umount the filesystem point in order to reduce its size.... so it means I will require that nobody uses the system? since /var logs a lot information?
I also have the option to reduce /root but I think is more complicated.
so what are the precautions in order to reduce /var/?
View 6 Replies
View Related
May 26, 2011
I noticed my Internet slows to a crawl when I'm running bittorrent, but when I look at my torrent app (Transmission), the upload/download speeds are mere kilobytes per second, and my Internet has much higher bandwidth capabilities than that.So I tested it:No torrent running
(ping: 13 ms, down: 11.39 mb/s, up: 2.80 mb/s)
Torrent running
(ping: 752 ms, down: 4.30 mb/s, up: 0.19 mb/s)
[code]....
View 5 Replies
View Related
Jan 27, 2011
I am looking to probably make a home server act as a backup for most of my data but also as a media server. I want to host all my music and videos for the most part on the server and then regardless what computer I'm using I could listen or watch. (Another question would be could I have itunes find my music on the server and play it).
But anyway, from people with home media servers, what kind of bandwidth usage do you go through a month? Comcast (ISP) limits me to 250GB and I'm thinking this is enough for moderate usage, I just want to make sure before I start the project.
View 1 Replies
View Related
Jul 22, 2010
how much bandwidth does the nxserver client use? Some places have reasonably priced mobile broadband but they limit the Gb usage. As I have a server with unlimited bandwidth, I though I could coonnect to it through nxserver and just use the server via the connection...
View 3 Replies
View Related
Mar 27, 2011
I'm getting DDoS attacks on my server, and I need to block all the attacking IPs.But for that I need to know which IPs are attacking me.I was thinking that I should log the bandwidth usage per IP so I can tell which IPs are using excessive bandwidth.How can I achieve this? I'm using Ubuntu 10.10.
View 3 Replies
View Related
Aug 27, 2010
So: On the VPS / Dedicated Server Linux wich 3 users created. How can I limit bandwidth each in a separate? For example first user speed 1 MB. 5 MB second and third 10 MB. Expect some clear answers. Regards, Silviu!
View 5 Replies
View Related
Jan 31, 2010
what are the option in linux to bandwidth control?
View 1 Replies
View Related
May 17, 2010
when the server is getting overloaded with users. At present I run the server mainly as a proxy server with about 100 users. The bandwidth at the data centre is 100Mbps connection with total bandwidth used last month = 17431.16 MB
I would like to add a VPN in future but feel that this might overload the bandwidth as instead of it just being web traffic it will the entire client TCP connections. I would like to monitor this before it gets to the stage where users are complaining but not sure how to gauge whether the proxy is being overloaded. It is used mainly for video traffic.
View 1 Replies
View Related
Jan 27, 2011
I run Debian 64-bit. I host GameServers on my machine. Yesterday, some corrupt files or error in configurations of one of the game-servers caused my whole system to destabilize. On checking, I saw one of the Gameserver's console giving Net_sendpacket spam errors. I disabled that server and things were fine then. It used up more than 100GB of my bandwidth in just 12 hours.
I deleted the server and copied all the files over again to fix that error. Now I want a prevention to this, if just in case it happens again. I want to limit a sub-user's bandwidth in Linux. Like if I want a user only to use 10GB bandwidth per month + not more than 5MB/second. Is there any way to do it?
View 2 Replies
View Related
Dec 29, 2010
I have a server in a data centre, which is supposed to have a 100Mbit line. Peak rates at the moment on my server are in the region of 20Mb, which should be easily handled. Is there anyway I can trace how much more bandwidth is available at any one time or if things are becoming sluggish on the server?
View 4 Replies
View Related
Jul 10, 2011
I want to rent a (root) linux server to run a vpn service on it. I want to allow people to use this vpn.
My questions are as follows:
- What kind of server/service should I rent - dedicated or vps?
- Is one IP-Address enough to connect, say, 100 user? (I plan to run IPsec or OpenVPN, maybe PPTP)
- What Bandwith and/or traffic limits I need to consider to make the service reasonably fast for the users?
- Which Linux-distro should I use? Ubuntu Server, CentOS, FreeBSD, Debian etc?
- How much RAM and HDD space is recommended for such an endevour?
- Any advice on the processor type the server should have?
- Is 100M network ok or better 1000M?
- What means 100Mbps shared bandwidth in contrast to 10Mbps dedicated guaranteed per server?
View 4 Replies
View Related
Apr 23, 2011
How to do bandwidth throttling in Squid server? i wan to set particular bandwidth for particular ip, how to do it in Squid server?
View 1 Replies
View Related
Nov 16, 2010
Here is a mail in /var/mail/root which I received in my server logs [URL] I see same packages downloaded many times again and again. The servers which are upgrading are total 5 (4 virtual machines and one host) so is there a way I can save bandwidth on this sort of setup.
View 2 Replies
View Related
Jan 3, 2011
Is there a way to limit bandwidth mbps on eth0?
CentOS.
Limit either total traffic, or by port/IP, etc.
View 2 Replies
View Related
Jun 17, 2011
I wanted to implement a server for a small network, but am a bit in-experienced. The server that I want to use should be able to do load-balancing (two connections) and also act as firewall/proxy. And also it should be able to do some bandwidth management. The network that its going to serve has two parts. One part of the network should be served, say during day time,and the other during night time. The one that is going to be served at night-time should not have access to internet during day-time, but should have access to, say local mirror-server. I am a bit confused what software/hardware to use. I am planing to use EndianFirewall, but since I don't have experience, don't know if it can do all that I need (?).
View 1 Replies
View Related
Jun 4, 2010
I'm looking for a program that I can use to keep track of how much bandwidth goes to the various computers in my small network.All of the bandwidth goes through my squid server, so the easiest would be to just have a program that can accurately analyze the squid logs and tell me how much bandwidth is going to the different computers.I've tried both "bandwidthd" and "calamaris" I can't figure out how to get either one to actually do anything in Ubuntu.
View 5 Replies
View Related
Feb 15, 2011
I want to monitor the bandwidth used by each user in my proxy server.
View 1 Replies
View Related
Oct 18, 2009
How will I allocate specific bandwidth to clients using squid? I use squid on RHEL5 serer ...
View 1 Replies
View Related
Mar 27, 2010
i Have a Squid Server , i'm Using That for Caching ... i Have 3 Ether on My " Squid Server ". Ether1 : Directly Internet From ISP1 , 2Mbps . Ether2 : Directly Internet From ISP2 , 512 KBps . Ether3 : Connected too LAN . i want All The Files Format with " MP3 , RAR , ZIP , AVI , ... (All Downloads File) " Get From Ether1(ISP1) and WebPages Like " HTML , ASP , CGI , & ... " Get from Ether2(ISP2) i Not Know How to Configure That with My 2 ISP internet.
View 1 Replies
View Related
Jun 28, 2011
I have a UBUNTU server 10.04 LTS with 3 network interfaces (eth0,1,2) which eth0 is connected to my lan and others connected to two different ISPs , I would like to know is there any way to share bandwidth of this two ISP for my LAN , I mean for example if eth1 has X MB bandwidth and eth2 has Y MB bandwidth my clients those who use download manager for downloading file from internet has X+Y MB download and upload bandwidth.I do not want just limiting each user or service to use one of those interfaces I want to share them for all to increasing my internet bandwidth
View 4 Replies
View Related
