Linux Harbour

DDoS (Distributed Denial of Service) attack is a nightmare of system admins. It makes your internet services or systems are out of service at the end by producing a lot of service requests.

Apache module mod_evasive

mod_evasive is a good Apache module to provide some protection to Apache servers from DDoS attacks. It becomes a package in main section of Debian repos from Lenny.

Installation of mod_evasive on Lenny

To install mod_evasive for Apache 2 on Debian Lenny, simply run aptitude install as following.

# aptitude install libapache2-mod-evasive

During package installation, Apache service will be restarted on your system, and mod_evasive is already enabled.

You may add additional parameters for mod_evasive, edit /etc/apache2/mods-available/mod-evasive.load file, and add the following lines.

<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 5
DOSSiteCount 100
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 600
</IfModule>
 

Debian GNU/Linux 5.0 (Lenny) becomes stable version on Valentine Day. We upgraded old stable 4.0 Etch server remotely and successfully.

Summary of upgrading procedures:

1. Update list of apt sources to Lenny release.
2. Use aptitude to update local list of available packages.
3. Use aptitude to upgrade apt, dpkg and aptitude first.
4. Use UUID insteads of old IDE device names to identify root filesystem for grub and filesystem table.
5. Use aptitude to do full upgrade.
6. Reboot the system.
7. Use aptitude to do package upgrades if any.