topic Re: Linux DDOS Patch in Operating System - Linux

Linux DDOS Patch

Duffs — Mon, 20 Jul 2009 09:01:29 GMT

Hi,

Due to increased vulnerabilities of DDOS attacks I have been trying to find a security patch for my named servers that might hopefully help counteract against such as attack.

I am running Red Hat release 7.1 but cannot find anything on the web or RH website. Can anybody help me by recommending a patch that might be useful?

Rgds,
D

Re: Linux DDOS Patch

Michal Kapalka (mikap) — Mon, 20 Jul 2009 09:27:08 GMT

hi,

redhat 7.1 is very old, but the main question is which version of DNS server do you use ??

mikap

Re: Linux DDOS Patch

Duffs — Mon, 20 Jul 2009 09:39:25 GMT

Hi,

# rpm -qa|grep bind
bind-utils-9.2.1-0.70
ypbind-1.7-6
bind-9.2.1-0.70

Rgds,
D

Re: Linux DDOS Patch

Michal Kapalka (mikap) — Mon, 20 Jul 2009 11:39:59 GMT

hi,

current bind version is on this web site :

https://www.isc.org/downloadables/11

if i would be in your position, the next step will install a new linux ( centos 5.3 ) with the newest bund in th repository and make a new DNS server activate firewall and open only the most used ports, SSH and DNS.

mikap

PS : redhat 7.1 is around 8 years old.

Re: Linux DDOS Patch

macosta — Mon, 20 Jul 2009 22:16:30 GMT

There isn't a simple patch to install to make you DDOS-resistant. DDOS can happen anywhere from your CPU/memory being over-taxed to your upstream network provider being starved of bandwidth. You need a LOT of bandwidth to handle a typical DDOS.

Do a web search for ddos-resistant hosting providers.