Last month my server have been ddos by someone, so that I have search on the internet and see how can I prevent it. It’s juz very simple, as u know the linux firewall “iptable”. u can wirte a shell script monitoring the netstats and check whether an IP address have how many connections in this peroid. If there are more than X(u can set a variable on it) connections, the ip address will be ban for X minutes by iptables. Moreover, if there is any ip address has been banned, a email will sent to your administrator account, and I have tested by myself, it works! That’s a great shell script!

Checking how many connections does those IP address

If there are someone been banned, an email will be received

Testing the function:P 123.203.109.188 is my IP address and trying to hack DrKn(Kenny)’s Server 😛