Linux Today: Linux News On Internet Time.

More on LinuxToday

Howto block DDOS attacks on Ubuntu

Feb 27, 2009, 07:34 (1 Talkback[s])

WEBINAR: On-demand webcast

How to Boost Database Development Productivity on Linux, Docker, and Kubernetes with Microsoft SQL Server 2017 REGISTER >

"Here is an explanation of what this configuration file will do :

"If an IP made 250 NEW connections in 1 hour time it will send an email to The same happend after 400 connections. After 500 new connections in 1h period, PSAD will block the IP for the next 12 hours. Of course you can ajust that to your needs... Remember that we only log IP that made at least 5 connection in the last 5 seconds so it's improbable to block a legitimate user... 'Packets' are not real packets, they are simply the number of time the IP appears in /var/log/syslog."

Complete Story

Related Stories: