How to prevent the DDOS?

To prevent DDOS, below are the steps:

Setup the machine / network keeping security in mind

Setup a firewall which does Ingress and Egress Filtering at Gateway.

Eg: Steps to Install AFP

bash# wget

bash# tar -zxf apf-current.tar.gz

bash# cd apf-<version number>

bash# ./

Go through the Document in the Apf and configure it as per  your convenience. All configuration is set at conf.apf which is normally located at /etc/apf/conf.apf

Enable Anit-DOS mode in Apf (ie in conf.apf) . Also make sure that your root's cron has an entry

*/8 * * * * root /etc/apf/ad/antidos -a >> /dev/null 2>&1


Install IDS on your gateway/hosts to alert you :



(a) Wget

(b) Untar it

tar -zxvf aide-0.7.tar.gz

(c) cd aide-0.7

(d) Then execute

./configure -with-gnu-regexp

(e) Final steps to install make;make install

(f) Now the real step..To configure AIDE: AIDE stores all its rule sets in the file called aide.conf. Lets ate it get more details on how to configure from man aide.conf

(g) Here  is an example .See below

Here is a sample short aide.conf:

Rule = p+i+u+g+n+s+md5

/etc p+i+u+g

/sbin Rule

/usr/local/apache/conf Rule

/var Rule



In the above configuration  , a rule called "Rule" is set to check permissions (p), inode (i), user (u), group (g), number of links (n), size (s), and md5 checksum (md5). These rules are applied to all files in /bin, /sbin, /var, and /usr/local/apache/conf since they won't change. Files in /etc are checked for changes in only permissions, inode, user, and group because their size may change, but other things shouldn't. Files and directories in /var/spool and /var/log are not checked because those are folders where maximum updation takes place.

(h) After configuration is successfully done, AIDE should be initiated with all these rules.
For that execute aide –init