1

I am have today a dedicated server with these specs:

Intel Core i5 750, 2x120GB (ssd + raid), Windows Server 2008 Web, 200Mbps Network, 24 Gb DD3

And I would like to know what are the best thing I can do to prevent a DDoS Attack, since I know this will be a real threat by the importance of the files that will be archived in it.

Today I have apache listening port 80 and RDC listening port 3389. But the security is beeing made only by Windows Firewall.

So, any thoughts on what would be good to prevent from DDoS attacks?

2 Answers2

0

Make sure you keep your system up to date. Apache recently patched a nasty DoS condition. Also you should test for SSL DDoS. To help mitigate this issue disable SSL renegotiation and consider using a light weight SSL cipher suite.

If DDoS is still a problem consider look at Cisco's Anti-DDoS hardware.

Rook
  • 2,727
0

One word: Nothing. Point.

A DDoS must either be dealt with with enough hardware (hard) or by making things easer for the hardware - but as you don't run a router in fron that you have control over, you are already finished.

One thing you can do is get rid of Apache and use IIS - which is more efficient so the server can handle more.

DDOS protection normally works by the routers diverting the traffic away - but again, you talk of a single server, not even a load balancer in front.

tombull89
  • 2,954
  • 8
  • 42
  • 52
TomTom
  • 52,109
  • 7
  • 59
  • 142