New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
If anyones got a custom/private KVM abuse script - I'll pay you for a copy and keep it exclusive just for me - no distribution.
The problem is performance - I have something for DDoS detection (Inbound), IO detection and BW abuse (Outbound) but the redirect over iptables adds considerable load even on high end systems once your combined KVMs use more than ~500Mbit BW and/or high PPS. Second solution via tcpdump scripts is not fully reliable and of questionable legality in EU.
IIRC tom (@TinyTunnel_Tom) has one he was working on?
@TinyTunnel_Tom
Yep, still closed currently ironing out a few bugs,
Hardware firewall for Network/SMTP/DDoS and a few homemade scripts for CPU and I/O abuse?
To lessen the load, another thing you can do is limit the BW of the connection via libvirt. Anything over that limit should be detected by whichever anti-ddos / abuse scripts you have.