06月10, 2012

利用dnspod防止VPS遭DDOS攻击

这段时间我在linode上的vps一直在受到DDOS的攻击,导致博客经常不能访问,给大家带来的不便表示歉意。

linode为了避免DDOS对其他vps的伤害,一旦VPS受到攻击后,会将当前VPS的路由设置为空,让其不能正常访问,并且会发下面的邮件提醒:

Hello,

We've identified an inbound denial-of-service (DoS) attack targeting an IP address assigned to your Linode (106.187.55.234). As the attack was large enough to negatively impact our network and subsequently the service of other Linodes, we've null routed your IP address for a minimum of 24 hours.

After the 24 hour period has expired, we will inspect the traffic once again to see if the attack is still occurring. If the attack had subsided at that time, the null route will be removed and connectivity to your Linode's IP address will be restored.

Regards, Les

经过对日志的追查,发现都是来自国外的IP,比如:德国、印度、韩国什么的。

刚开始以为是对IP的攻击,所以有次将博客搬到了屈屈的vps上,但是攻击并没有停止,导致屈屈的vps也挂了一次,对此表示抱歉。

前几天又有同学在qwrap群里报我的博客不能访问,我行我素 同学给了一个方案,利用dnspod将分别对国内外的IP进行解析,试了下果真可以。

目前运行了2天,虽然还会收到流量报警邮件,但基本还访问正常。

Your Linode, welefen, has exceeded the notification threshold (5) for inbound traffic rate by averaging 383.39 Mb/s for the last 2 hours. The dashboard for this Linode is located at: [https://manager.linode.com/<wbrlinodes/dashboard/welefen](https://manager.linode.com/linodes/dashboard/welefen)>

This is an automated message, please do not respond to this email. If you have questions, please open a support ticket.

You can view or change your alert thresholds under the "Settings" tab of the Linode Manager.

This is not meant as a warning or a representation that you are misusing your resources. We encourage you to modify the thresholds based on your own individual needs.

You may access the members' site at [https://manager.linode.com/](https://manager.linode.com/).

Linode: linode115421

在此感谢 我行我素 和 dnspod.cn,目前我已经将多个域名的DNS解析转移到了dnspod上,建议大家可以去试试。

本文链接:http://welefen.com/post/use-dnspod-to-avoid-ddos-attack-on-vps.html

-- EOF --

Comments

评论加载中...

注:如果长时间无法加载,请针对 disq.us | disquscdn.com | disqus.com 启用代理。