Page 1 of 1

Frequent UDP TCP DDOS attacks

Posted: 2018/09/16 09:58:02
by ruan.jones
We are recently facing frequent DDOS attacks on our shared and reseller hosting servers located in ASIA and US. We are a hosting company having these servers hosted in a Datacenter. Types of attacks we are receiving is shared below:-

All these servers are with Linux CenTOS with following components:-

CentOS 7.5
kernel : 3.10.0-714.10.2.lve1.5.17.1.el7.x86_64
CloudLinux release 7.5 (Viktor Gorbatko)

My Questions are:-

1. Is it the content/websites we are hosting causing the issue?

2. Are there any tools we can use to scan such type of vulnerable websites or content?

3. What else can be done to secure from such kind of attacks?

4. How to determine the source?

Re: Frequent UDP TCP DDOS attacks

Posted: 2018/09/16 12:35:08
by avij
There's very little you can do about this. You should drop the malicious traffic, ie. make sure you are not sending any "UDP port xyz is unreachable" traffic in return.

In the case of memcached traffic, you could try to contact the abuse/helpdesk address of the organization that is sending the traffic and ask them to firewall away their memcached instances. It would be in their interests in any case.

As for the content/websites question, perhaps there is someone who is irritated by that content and wants to cause problems for you.

Re: Frequent UDP TCP DDOS attacks

Posted: 2018/09/16 14:15:28
by TrevorH
kernel : 3.10.0-714.10.2.lve1.5.17.1.el7.x86_64
Also, that's not CentOS.