I am using DDOS Deflate
[url]
I have a problem with NO_OF_CONNECTIONS.
The default is 150
For example, if a website has 200 thumbnails in one page, then the user will get banned.
But in my case, each time a user have only 1 connection(He only access 1 flv file each time).
So, is that safe for me to decrease the number to 20.
I can see a lot of IP having more than 80 connections, which I think they are ddos attack.
i have problem when using ddos deflate for ddos protection in my server,
i get this message,
Quote:
Banned the following ip addresses on Tue Aug 4 13:12:37 WIT 2009
67.21.44.60 with 4011 connections
ddos deflate is blocking my server ip, what's wrong?
: 67.21.44.60 not real my server ip just for sample
i opened up my email only to get spamming with over 600 email's from my server. I dont think my server is being DDOS'd but this is strange. And there seems to be a bug.. its saying BANNED NUMBER of Number and not, "ip here with X numbers f connections: The emails consist of:
Quote:
Banned the following ip addresses on Fri Oct 23 14:35:01 CDT 2009
250 with 250 connections
Quote:
Banned the following ip addresses on Fri Oct 23 12:58:01 CDT 2009
363 with 363 connections
Quote:
Banned the following ip addresses on Fri Oct 23 12:38:01 CDT 2009
253 with 253 connections
Quote:
Banned the following ip addresses on Fri Oct 23 09:12:01 CDT 2009
162 with 162 connections
Anyone else had this problem before? It seems my server is trying to ban itself since 162 is what i believe to be my server ip with that amount of connections. It started @ 9am and still going on now. I checked my CSF log and its showing my server is trying to PING some outside ip address @ 224.0.0.251
A couple of days ago I was having load issues and and my host looked at my issue and added apf 0.9.6 rev2 with ddos deflate, and the load has gone down. I have a question though, when APF_BAN=1 and ban period is minutes BAN_PERIOD=1800 why does my deny.hosts have 2 day old bans?
View 2 Replies View RelatedJust wondering if anyone is running both of these applications. Am I wrong in thinking that running them both would be redundant?
View 11 Replies View RelatedI'm having a problem with mails on my server. I configured csf and ddos deflate to send a mail to "root" when some ip is blocked. I made .forward in /root dir with my mail but I still don't recieve an email when an ip is blocked by csf or ddos deflate
P.S Mails with webmail clients are working fine
it seems people tell Dos Deflate is the best basic antiddos script and tons of webhosts use it.
I think its ratter old and it doesnt work for anything these days. Why do hosts still run it? And why isnt there a better alternative?
I used Deflate some years ago and I got problems. And tried then after some years again and nothing changed, the same basic old script which counts connections and ban IPs.
The think with Deflate is that if you have a high limit, lets say ban with 150 connections per IPs, its absolutely worthless for attacks, since you are letting already 150 connections per IP.
And if you lower it at least me got with tons of problems banning real visitors. Even over 150 I had complaints about real visitors on a server telling the server blocks him. Dont ask me how someone has 150 connections to a servers but I got complaints from multiples people over the world the 1 month i had it running over a 2 years ago.
I also see a really big problem with it. Allot of ISP share IPs between users. So its really possible you get 200 connections from the same IP and they are different users. Banning an IP based on the connections you can probably shutdown a full IPS and their visitors. I wish there was a better solution but using a high value like 300 or 500 doesnt make sense in a Dos attack. And if you use a low value you start to get into problems.
We agree it will not work with distributed attacks but I dont think it can even work with single attacks since besides connection count it doesnt seem to be any more analisys behaviour.
The way I would make a script like that. Is to check all traffic and IPS all the time. And mark IPs that always access a server ass good ones. The newer the IP the more suspicious. On a attack this way real visitors would still pass but attackers will not as they are new ips. You can also match then the number of times its connecting, how long, etc.
I found this ddos deflate like script but made and optimized for csf i used it and it seems to work great, any one else there useing it,? its called csfprotect, anyone else using this script and its working good at blocking ips,
View 4 Replies View RelatedI use deflate to prevent ddos attack.
But after I start deflate, I still keep seeing a lot of connection from certain IP.
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
87 218.86.252.158
363 219.150.191.62
501 60.216.238.212
I want to block those IPs permanently.
How can I do that.
I have no intention of trying to make some video/file sharing website.
Some people might recognize me as being somewhat cynical in my replies to the people who post these sorts of messages.
What I'm curious about is, after having occasionally told people "You'll make significantly more money throwing the money you intend to waste on this project into a traditional investment..." I still see new people every week asking for the same help.
Now, I understand very few people are going to give up their dream and just throw in the towel because some random guy says their dream is stupid, they are stupid, and may god have mercy on their soul...
But, I don't (always) necessarily try to dissuade people from starting this sort of project simply to be a prick.
What I'd like to find out is if there are any people out there who've created a successful video/file sharing website who'd like to help others out...
Like, what advice they would have for people who want to get into starting a similar site.
How much bandwidth does your site use?
What's the URL?
How are you making money from the site?
How long did it take for your site to make a profit?
etc etc...
Alternatively, if you've tried to start a video/file sharing website and given up on those plans...
Why did you end up giving up?
What problems did you run into?
We have found that we need to limit the amount of cpu uage by users on our video share server. On this server we currently have 20 users on a sharred plan. Thought that the obvious BW usage would be the biggest challenge, as it turns out we havent gone over the 2 TB that we have.
We have come up with an encoding process that uses the 264 codec and gives us excellent results in terms of quality but is very cpu intensive to the point of really slowing down the server when 10 or more users simutaneously are encoding their videos.
Can someone suggest a script that would allows us to limit the file size in terms of MB/GB that each user could upload per month.
So for example a client pays 10.00 per month and we wanted to limit their uploads to a total of 900 MB per month vs the client that is paying 50.00 per month who would have the ability to upload say 8 GB per month.
Cento 5
c-panel
Dual Quad Core 2.0 ghz
6Mb Ram
1TB HDD
2 TB of BW
I currently have an existing web hosting package with a web host. However, I need to supplement that with a file hosting service for my users.
I'm estimating that I will need about 2Gb disk space, and approximately 30~40Gb of traffic monthly. This will just be plain static file hosting. I don't need any scripts, databases, etc.
I'm planning to setup a server ONLY for hosting of static binary files varying from few KB to few MB in size.
I've seen some of the litespeedtech performance benchmarks, which you can find here: [url]
From the "small static file" benchmark chart, i can see that IIS6 beats lighttpd in this test.
So i'm wondering does the IIS6 really have better performance at file hosting than lighttpd.
Actually it does not matter which operating system i will be using at this server, since i will use it only for file serving. With lots of concurrent connections. Possibly thousands of connections.
I need some feedbacks on this, so i can decide, IIS or lighttpd.
Few more bucks for win2k3 won't be an issue here, if it's performance is better than lighttpd for this kind of use.
how to setup Nginx webserver on a cpanel server to serve static contents,
say /images folder from every domains hosted on the server so that Apache's load will decrease?
floodkoruma is a script which securing our servers from syn floods. But I couldnt understand our connection lost from server on that screen. Last screen is it.
last log messages
Jul 7 19:41:27 server filelimits: Increasing file system limits succeeded
Jul 7 19:42:25 server kernel: printk: 234 messages suppressed.
Jul 7 19:42:30 server kernel: printk: 1026977 messages suppressed.
Jul 7 19:49:42 server syslogd 1.4.1: restart.
Jul 7 19:49:42 server syslog: syslogd startup succeeded
as you can see I rebooted from apc server. But before it
Jul 7 19:42:30 server kernel: printk: 1026977 messages suppressed.
I'm building a kind of a file sharing site also with video conversions ( convert a full DVD to flash and stream) and if i can find more ideas, even more features. It won't be free (i'm not sure which way to go though, subscription-based or pay per bandwidth + storage) and it will support download managers. I'm not sure which way to go : Joyent or dedicated servers with RAIDs. If i distribute files over servers, and a users wants the files to be converted to flv etc., it will increase the server load, ( and if i put a lot of users in 1 server it will increase the load even more) so it won't be very good.
So i thought SAN for this, but couldn't find any hosts serving it ( especially for a reasonable price ). Joyent is close enough (Amazon S3 is very very expensive), but although bandwidth and storage prices seem good, server power is low ( and very expensive if higher ) Which way should i go?
I'm planning to buy a share hosting support media streaming, encoding and decode the video file like youtube, likeclub.com. or others
View 3 Replies View RelatedWhat command line do you use to detect account storing music/video?
What command line do you search for file that is greater than 1MB?
Apache 2.2.22
I may be making something here too complicated but a friend downloaded a largish video file via my very basic web server.
Trying to interpret the data I am getting different figures, which one is correct or am I reading it wrongly.
carole [10/Nov/2013:17:55:21 +0000] "GET /cwgl/files/vidlink/videos/vid01.ts.mpg HTTP/1.1" 200 2879608
carole [10/Nov/2013:17:56:07 +0000] "GET /cwgl/files/vidlink/videos/vid01.ts.mpg HTTP/1.1" 200 1902255
carole [10/Nov/2013:18:11:41 +0000] "GET /cwgl/files/vidlink/videos/vid01.ts.mpg HTTP/1.1" 206 357
carole [10/Nov/2013:18:11:49 +0000] "GET /cwgl/files/vidlink/videos/vid01.ts.mpg HTTP/1.1" 206 5317289
carole [10/Nov/2013:18:16:38 +0000] "GET /cwgl/files/vidlink/videos/vid01.ts.mpg HTTP/1.1" 200 1834235652
200 totals = 1839017515
File properties on Ubuntu 2.0 GB (1,971,322,880 bytes)
server-status
1-0319210/3/3_ 82.6457740190482630.01880.001880.00 ip72-197-68-158.sd.sd.cox.net3lanesNULL
The other_vhost_access file says 1839017515
Ubuntu file properties says 2.0 GB (1,971,322,880 bytes)
Apache server-status says 1880.00
I have been trying to enable server-wide compression using deflate.My server is running a fresh install of plesk panel 11 installed over a fresh centos 6 64. The configs and settings (aside from files I mention) have not been changed at all from default.
I have created a new file in /etc/httpf/conf.d/deflate.conf This file is being included when Apache is restarted, so that's definitely working and the html doc compresses. But not matter what I do (I have tried every combination Google would find) css and js files will not compress. At my previous workplace we also used a Plesk server and nobody could ever get compression working there either.
my current servers are part of this mess with Alphared:
[url]
what I'm looking for:
static content main server:
average cpu, average ram
15-20gb data tops, but could use a fast drive
need about 6tb/m of higher quality bandwidth
2 machine cluster for forums
only thing on this will be vBulletin forums.
current database is about 6gb (~7 million posts)
averaging about 800 members active per 15 mins
this isn't for a business, so it all comes out of my pocket. however, after the $#@! with Alphared I do recognize the importance of a good host and I am willing to put money toward that as needed. however, my goal is in the $600-$800/m range for everything.
is that price range doable? if not, what is a reasonable price for what I'm asking? and can anyone recommend reliable hosts (especially one that can correctly setup the cluster for the forums).
Q: Does one need to have more than one ISP (outside) static IP address to host its own mail and web server?
Or will one static IP with port forwarding to two different machines (one mail and other web server) be good enough?
What would happen if one wants to host two websites on one machine (web server) and have webmail to access emails (presumably via port 80) on another (mail server)?
My only concern is I guess my ASA 5505 won't support more than one assigned static IP or am I wrong?
I have a few questions regarding (D)Dos Deflate:
How many " Connections " should I set it at before (D)Dos Deflate starts blacklisting and banning IP Addresses? It is set at 150. Should I make it 10?
Should APF Firewall be installed for this to be more effecfive? ( Note, I'm don't know much about Linux and this isn't installed. )
Number of seconds the banned ip should remain in blacklist? It is a at 600 by default. Shouldn't this be infinite?
Quote:
##### frequency in minutes for running the script
##### Caution: Every time this setting is changed, run the script with --cron
##### option so that the new frequency takes effect
FREQ=1
We are going to launch Video Tours service for real-estate companies.
The video files will be stored on the server and shown by request.
What kind of server should we use for this task?
Are there any specific requirements to the server and the network?
1-i have CSF installed and thinking to install DOS-Deflate 0.6 but not sure if any Conflect between CSF and DOS-Deflate 0.6. Any Idea..
2- How Safe to use Kloxo for one Domain for personal use ..
I would like to stream from my home theatre PC over the internet via my linux server. I have a dedicated server with CentOS 5.2, it's main function is to host a vbulletin forum but I would also like to stream video from my HTPC and offer it to my members.
Does anyone know of any software that can achieve this?
I am having an Audio/Video website where I am giving facility to the users to watch online videos and use Audio Service, also with a download feature (It is not Live service)
Now I am very much concern where to get started from, currently I have hosted a website with hostgator on a trial basis as it is shared so it took me 30 minutes to upload a 20-25mb files and I checked on youtube I uploaded a 13mb file only in 4 minutes, is it because of fast servers?must be! (and yeh with same speed, same internet connection, so internet speed not an issue here)
Here are the details.
New website so not sure what will be the traffic like, could be like hundreds of users (not thousands I think) initially per month.
Data to be uploaded aprox 200GB
Video files can be like 15-20MB (or 20-30 minutes)
Audio (3-5MB files)
Target users (Could be from anywhere, europe or u.s mainly)
Now do I need a streaming server or dedicated server with streaming service from the provider? Any fast streaming service I could get under $100?
What of servers are used by hosts offering packages with this type of support?
I've read that streaming can be made via web server and streaming media server. The first type has only one advantage and this is that it allows to utilize existing infrastructure, while the second type offers more effective network throughput and (what's more important for me as an end-user) allows for better video and audio quality and support of the advanced features.
Now looking at the hosting plans how do I tell which type of server is used by the host?
I'm interested in this particular plan
[url]
I made a thread about this in programming as I was trying to figure it out but I ended up tweaking dos deflate a lil and got it working. Tried and tested as well during low bandwidth syn flood. Keep in mind if you are having massive syn attacks then most of it will have to be filtered on the network level. I have filtering from staminus on my server, this is just for the low bandwidth stuff that gets through.
Syn-deflate is just a name I came up with as it is based on dos-deflate, only a few changed features. I dont know how medialayer would feel about me modifying their script this way I know they got lisence and copywrite on it. Guess I will talk to them about that before any official release.
especially about the csf version.
So I always have used some dos deflate features to monitor dos in my servers, just the netstat command. This one:
Code:
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
Today, got a syn flood coming through, low bandwidth, etc. Each ip connecting under the tracking limit for csf. So I tweaked the netstat command a lil bit and I was able to see what ips were sending syn and how many times.
Like this:
Code:
netstat -ntu | grep SYN_RECV | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -nr
So I figured it would be very handy to ban ips sending over so many SYN_RECV connections at once. So I took dos deflate and tweaked it a lil. Made this to work with csf. Only problem on csf is there is no unban command, only whitelist so I just had it do csf -d again on the unban command, This would give an error and would not unban the ip but you really dont need to unban it so soon.
With apf it works perfectly on unbanning. Works just like dos deflate but bans syn flooders not connection flooders. You could even use this along with dos deflate. I am using it along side of csf and the connection tracking feature no problem.
I plan on releasing some what of an official version too along with some other tools to monitor and stop dos. So whoever is interested or can offer some advice let me know.
For those who wanna give it a try:
For the CSF version:
To install:
Code:
wget[url]
To uninstall
Code:
wget [url]
For the Apf and Generic Iptables version:
To install
Code:
wget [url]
To uninstall
Code:
wget [url]
uninstall.synd ; ./uninstall.synd
I didnt get to try the apf version out much but have used the csf version all day with no issues
Note to makers of dos-deflate: Im not too keen on all this licensing stuff or what I am supposed to do when I modify someone else script so let me know what I need to do to keep from making anyone mad.
I want to make a Audio and Video Streaming Server using LAMP. I am running Redhat and have latest version of PHP, MySQL and Apache.
what i need to make such a server? I dont want to buy anything all things should be OpenSource.
My website provides streaming videos of live events through a third party software called Sopcast.
Currently i have hosted it on a shared server which cannot high CPU load when an event occurs. The hosting company takes down my website.
I am looking for need a solution by which thousand of visitors can watch the video at any given time. The streaming videos are not hosted on my website. I need a dedicated server that can manage high CPU load.