What is DDOS Deflate?

DDOS Deflate is a lightweight bash script that can be used to protect a server from Distributed Denial of Service (DDOS) attacks. It works by monitoring incoming network connections and identifying and blocking IP addresses that are sending a large number of requests.

One of the key benefits of DDOS Deflate is its simplicity. The script is easy to install and configure, and it requires minimal resources to run. Additionally, DDOS Deflate is compatible with most Linux distributions, making it a versatile option for protecting servers.

Another benefit of DDOS Deflate is its effectiveness in identifying and blocking malicious traffic. The script uses advanced algorithms to detect and block IP addresses that are sending a large number of requests, which can help to mitigate the impact of a DDOS attack.

One limitation of DDOS Deflate is that it is not a complete solution for protecting servers from DDOS attacks. It can only block incoming traffic from IP addresses that are identified as malicious, but it cannot protect against other types of attacks such as SYN flood attacks or UDP floods. Additionally, DDOS Deflate is not actively maintained anymore, so it may not be suitable for newer systems.

Overall, DDOS Deflate is a useful tool for protecting servers from DDOS attacks. Its simplicity and effectiveness make it a great option for small business owners or individuals who need to protect their servers from malicious traffic. However, it is important to note that it is not a complete solution and it is not actively maintained anymore, so it may not be suitable for newer systems.

How to install and uninstall DDoS Deflate on Linux server

DDoS Deflate

(D)DoS Deflate is a lightweight bash shell script designed to assist in the process of blocking a denial of service attack. It utilizes the command below to create a list of IP addresses connected to the server, along with their total number of connections. It is one of the simplest and easiest to install solutions at the software level.

netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

Installation:

Go to below path.

cd /usr/local/src/

Create directory

mkdir ddos

Go to that directory

cd ddos

Get the latest source file using the below link:

wget http://www.inetbase.com/scripts/ddos/install.sh

Install DDOS Deflate

sh install.sh

Edit the configuration file,

/usr/local/ddos/ddos.conf

Start the ddos

/usr/local/ddos/ddos.sh -c

Uninstallation

Download the below file

wget http://www.inetbase.com/scripts/ddos/uninstall.ddos

Check the permission of uninstall.ddos, If it is not 700 then make it using below command.

chmod 0700 uninstall.ddos

Run the below command to uninstall it.
./uninstall.ddos

Note:

• It is possible to whitelist IP addresses, via /usr/local/ddos/ignore.ip.list.
• Simple configuration file: /usr/local/ddos/ddos.conf
• IP addresses are automatically unblocked after a preconfigured time limit (default: 600 seconds)
• The script can run at a chosen frequency via the configuration file (default: 1 minute)
• You can receive email alerts when IP addresses are blocked.