Wednesday, October 26, 2011

A-ddos - Kernel solution to prevent ddos attack

A-ddos - Kernel solution to prevent ddos attack


a-ddos is a kernel patch in order to prevent DDos attack at the low-hardware-level. It works well on a netbridge.


DDos is short for distributed denial-of-service,it becomes a serious threat nowadays. There hasn't been a perfect solution yet. a-ddos uses 512M(128M in current version) memory to keep tracks of every ipv4 address and a kernel-level timmer to record connections pre-second. While under attack, only the available IPs are allowed to be connected to the server.


Highlighted features
Fast
In order to determine every connection, only one memory-access is needed.


Stable
The implementation is simple and fast, while under syn-flood attack a-ddos takes less than 10% cpu time to handle.


Flexible
It's easy to extend the memory usage, nevertheless 4G/8 bit = 512MB can handle the whole IPV4 space!


Download
http://code.google.com/p/a-ddos/downloads/list


Read more:
http://code.google.com/p/a-ddos/wiki/PreviewWiki

No comments: