HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
cancel
Showing results for 
Search instead for 
Did you mean: 

Linux DDOS Patch

 
Duffs
Regular Advisor

Linux DDOS Patch

Hi,

Due to increased vulnerabilities of DDOS attacks I have been trying to find a security patch for my named servers that might hopefully help counteract against such as attack.

I am running Red Hat release 7.1 but cannot find anything on the web or RH website. Can anybody help me by recommending a patch that might be useful?

Rgds,
D
4 REPLIES
Michal Kapalka (mikap)
Honored Contributor

Re: Linux DDOS Patch

hi,

redhat 7.1 is very old, but the main question is which version of DNS server do you use ??

mikap
Duffs
Regular Advisor

Re: Linux DDOS Patch

Hi,

# rpm -qa|grep bind
bind-utils-9.2.1-0.70
ypbind-1.7-6
bind-9.2.1-0.70

Rgds,
D
Michal Kapalka (mikap)
Honored Contributor

Re: Linux DDOS Patch

hi,

current bind version is on this web site :

https://www.isc.org/downloadables/11

if i would be in your position, the next step will install a new linux ( centos 5.3 ) with the newest bund in th repository and make a new DNS server activate firewall and open only the most used ports, SSH and DNS.

mikap

PS : redhat 7.1 is around 8 years old.
macosta
Trusted Contributor

Re: Linux DDOS Patch

There isn't a simple patch to install to make you DDOS-resistant. DDOS can happen anywhere from your CPU/memory being over-taxed to your upstream network provider being starved of bandwidth. You need a LOT of bandwidth to handle a typical DDOS.

Do a web search for ddos-resistant hosting providers.