Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Have you used (D)DoS Deflate ?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Have you used (D)DoS Deflate ?

rahulksrahulks Member
edited February 2013 in Reviews

http://deflate.medialayer.com/

was it usefull to you? does it consume much ram ?

Comments

  • OxideOxide Member
    edited February 2013

    It's a basic tool you can use for blocking IPs with excessive amount of connections. You can specify how many connections a single IP can make to your server before DDoS deflate will ban that IP address using iptables or APF.

    It doesn't consume memory.

  • It does helps agains dos'es and also some ddoses. But it won't protect you fully against ddoses.

  • i heard... only Hardware protections can actually do the job right?

  • dearroydearroy Member, Host Rep

    @rahulks said: only Hardware protections can actually do the job right?

    Yes, that's ACTUALLY the only way.

  • It's help with HTTP flood only. But better to use Nginx. Because under ~500 different ip addressses what spam to server, ddos deflate work very hard.

    I recommend to use ipset + iptraf + tcpdump + iptables + ACL (provider level); It's helps. All other methods do not help if they are strong

  • Seems like a pretty simple script.
    Should be lightweight

  • Helps with layer7 attacks, but layer2 mitigation is best at the protocol layer.

  • We used it ans it helped with a lot of the floods.

  • jarjar Patron Provider, Top Host, Veteran
    edited February 2013

    Well I didn't quite realize what this thing was until today. Very handy little script. A little flawed but easily fixed. Another drawn out script that could be done with iptables rules alone, but since I have this little problem of VirtPanel overwriting my input chain, this thing saved me from writing a script and setting up a cron right as I was about to go to dinner. Had a client get a little DOS attack, pushed load from 0.4 to 20. Better web server configuration would have helped, but it's his VPS, and this thing did the trick regardless. So it certainly has it's purpose.

    As for resource consumption, not even noticeable. If this were a real DDOS and it was all hitting the node directly, I'm quite confident it would bring the node down at the same pace as the DDOS itself would without external mitigation.

    Thanked by 1Xaki
  • NexusNexus Member
    edited February 2013

    That original script is bugged up the ass.

    Use the more updated version:

    https://github.com/ess/citadel

    This script is a must have for protection of script kiddies, but it still does have some flaws, but all in all, works quite well.

    One of the main reasons why linux > windows.

Sign In or Register to comment.