Server Under Some Attacks.Help Needed Please!!

B

badboyz

Verified User
Joined
Aug 7, 2007
Messages
5
Hello,

I have a linux server. And my problem is the server loads fine but the sites which are hosted on it do not work. they are not loading at all. My HTTPD also loads on high and sites goes down when it happens.But it comes back after few hours and same problem happens again.

Anyone please help me with this?

Thanks
 
Are you sure you're being attacked by something? Did this just start suddenly happening, or do you usually get a lot of hits to your websites?

I'd first check out Apache Usage/Error logs and see exactly what's going on.
 
it just started to happen 1 week before.
And how to check out Apache Usage/Error logs
 
Apache error_log is located in /var/log/httpd directory :) To check the usage - you can use server-status for that (you need to enable it into httpd.conf file (/etc/httpd/conf/httpd.conf).
 
I just found out that it is a SYN attacks.

Can someone help me To install something on server or do something about it?Because i really want my server to be fixed
 
badboyz said:
I just found out that it is a SYN attacks.

Can someone help me To install something on server or do something about it?Because i really want my server to be fixed
Click to expand...

proberly being a total noob here or its just cause its late here but whats SYN attacks?
 
SYN, TCP connection request, attack is a common type of DDoS attack. A sender transmits some connections that cannot be completed. This causes the connection queues to fill up.

If you get this >100 - you're probably experiencing SYN attack:
Code: 
netstat -n | grep SYN | grep :80 | wc -l
 
i installed all software yu said

but that person still attacking me with that SYN.
:(
 
This is where FreeBSD outweights a RH server. You can control the connection and drop SYN attacks like a bad habbit. And FreeBSD outperforms any RH box when it comes to massive number of attacks (connections) to the server. A FreeBSD boxes handles these type of attacks with ease while a RH box will puke and load up as high as possible. RH simply cannot handle huge number of connections.

FreeBSD all the way man and is EXACTLY why we would never go back to any RedHat distro.
 
do you have APF installed?

If not you should really get some kind of firewall installed asap.
 
You must log in or register to reply here.
Back
Top