Frequent UDP TCP DDOS attacks

Support for security such as Firewalls and securing linux
Post Reply
ruan.jones
Posts: 1
Joined: 2018/09/16 09:49:15

Frequent UDP TCP DDOS attacks

Post by ruan.jones » 2018/09/16 09:58:02

We are recently facing frequent DDOS attacks on our shared and reseller hosting servers located in ASIA and US. We are a hosting company having these servers hosted in a Datacenter. Types of attacks we are receiving is shared below:-

https://prnt.sc/kuog0a
https://prnt.sc/kuog39
https://prnt.sc/kuog6g


All these servers are with Linux CenTOS with following components:-

CentOS 7.5
kernel : 3.10.0-714.10.2.lve1.5.17.1.el7.x86_64
CloudLinux release 7.5 (Viktor Gorbatko)
cPanel/WHM

My Questions are:-

1. Is it the content/websites we are hosting causing the issue?

2. Are there any tools we can use to scan such type of vulnerable websites or content?

3. What else can be done to secure from such kind of attacks?

4. How to determine the source?

User avatar
avij
Retired Moderator
Posts: 3046
Joined: 2010/12/01 19:25:52
Location: Helsinki, Finland
Contact:

Re: Frequent UDP TCP DDOS attacks

Post by avij » 2018/09/16 12:35:08

There's very little you can do about this. You should drop the malicious traffic, ie. make sure you are not sending any "UDP port xyz is unreachable" traffic in return.

In the case of memcached traffic, you could try to contact the abuse/helpdesk address of the organization that is sending the traffic and ask them to firewall away their memcached instances. It would be in their interests in any case.

As for the content/websites question, perhaps there is someone who is irritated by that content and wants to cause problems for you.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Frequent UDP TCP DDOS attacks

Post by TrevorH » 2018/09/16 14:15:28

kernel : 3.10.0-714.10.2.lve1.5.17.1.el7.x86_64
Also, that's not CentOS.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

Post Reply