Welcome, Guest. Please login or register.
Did you miss your activation email?
Thursday 28 November 2024, 09:36:59 am

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  does endian community 2.4.1 or 2.5.1 include ddos and sync flood?
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: does endian community 2.4.1 or 2.5.1 include ddos and sync flood?  (Read 13007 times)
hntri
Jr. Member
*
Offline Offline

Posts: 3


« on: Wednesday 08 February 2012, 02:29:23 am »

hi all

i'm newbies.i try to find endian community moduln guides.
but i can't find it.

i have 2 questions. could someone support me.

- does endian community support ddos,sync flood,icmp protect? how can i active that rules?
- does endia  community support full snort in line(IPS). how to use it in endian....

thanks for your advise!

P/s: sorry about my bad english.
Logged
endianupdate
Full Member
***
Offline Offline

Posts: 53


« Reply #1 on: Wednesday 08 February 2012, 08:25:33 am »

Endian Firewall does not have an option in the web interface to set these options directly, you can enable the 'Intrusion Prevention' service, select your Snort policies and set them to Drop (the default is Alert only) but these will not deal directly with DDOS attacks.

Iptables can be used to block some DDOS attacks but you will need to SSH in to the Endian Firewall to enter these as it cannot be done through the web interface.

e.g. to limit the amout of tcp connections per minute to a web server :
iptables -A INPUT -p tcp --dport 80 -m limit --limit 25/minute --limit-burst 100 -j ACCEPT

e.g. to limit the number of syn connections per second
iptables -A INPUT -p tcp --syn -m limit --limit 1/s --limit-burst 4 -j ACCEPT

Hope this helps
Logged
hntri
Jr. Member
*
Offline Offline

Posts: 3


« Reply #2 on: Wednesday 08 February 2012, 05:55:20 pm »

thank for your support.

i know that rules for iptables ( search by google) and some script for iptables.but i dont k ow where i edit it in iptables config.because iptables of endian have a lot of rules(sorry i'm a newbies in unix.i only use window base).

could you give me some fearture or some solutions of endian iptables. and could you give me guide for config endian protect ddos and sync flood( and full snort rules for ddos protect)

thabks for your advise.and i sorry about i have alot of questions .

 
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.063 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com