Hello,

please is there any tool / script for linux which will block IPs with like 40 connection requests in 10 seconds? or something like that.. I mean so it can eliminate DDoS attack..

----

csf - config server firewall (http://internetlifeforum.com/security-protection/462-tutorial-installing-csf-config-server-firewall-linux/) can do it...


Connection Limit Protection. This option configures iptables to offer more
# protection from DOS attacks against specific ports. It can also be used as a
# way to simply limit resource usage by IP address to specific server services.
# This option limits the number of concurrent new connections per IP address
# that can be made to specific ports
CONNLIMIT = "22;5,80;50"

meaning allow max 5 connections at a time to port 22, maximum 50 at a time to port 80 from one IP, else drop


Port Flood Protection. This option configures iptables to offer protection
# from DOS attacks against specific ports. This option limits the number of
# new connections per time interval that can be made to specific ports
PORTFLOOD = "80;tcp;6000;60"


allow maximum 6000 connections in 60 seconds to a tcp port 80