sudo apt update && sudo apt install iptables ipset netfilter-persistent ipset-persistent nftables git -y && git clone https://github.com/yuk1c/antiddos && cd antiddos && sudo bash antiddos-yuki && cd ..
- TCP SYN Flood
- TCP SYN src-port <1024
- TCP ACK Flood
- TCP SYN-ACK Flood/TCP Reflection
- TCP STOMP Attack
- TCP RST Flood
- TCP FIN Flood
- Spoofed attacks
- UDP Flood
- ICMP Flood & PoD
- GREIP, ESP, AH, IGMP Floods
- Many sophisticated TCP attacks
- HANDSHAKE & Slowloris attacks
- Simple HTTP Flood with high requests volume
- Amplification DDoS
- IP Malformed Header attack
- IP Invalid Fragmentation attacks
- SNMP-Based attacks
- Potential IPv6 simple attacks
- BitTorrent Amplification blocking
- SIP scanning blocking
- SSLv2/SSLv3 HTTPS blocking
- HTTP Trace method blocking
- FTP SITE EXEC blocking
- SQLi blocking
- Advanced spoofing blocking
- SSH/oVPN... whitelisting
cd ~/antiddos && git pull && sudo bash antiddos-yuki && cd
– Make sure you're under DDoS
sudo dmesg > dmesg.txt && sudo tcpdump -c 5000 -n -w capture_of_ddos.pcap
– Then send these files to @yuk1meow (telegram).
– Finally, the attack will be patched, if possible.
- You should buy a protected server because this DDoS Attack type can't be blocked normally on the server side.
- As a temporary solution, you can set lower rate limits. It will help a bit.
- Ubuntu 20.04–23.04
- Restart your server and contact me via Telegram (@yuk1meow).
- You use another antiDDoS script (uninstall it)
- You use a modified kernel (install the official kernel)
- You use complicated routing (don't use the script)
- You use it on a router
- You use it with VPN
sudo iptables-nft -A INPUT -p [tcp/udp] -m multiport --dports [port,port...] (max – 15 ports) -j ACCEPT
Example: sudo iptables-nft -A INPUT -p tcp -m multiport --dports 1194 -j ACCEPT (will allow tcp to 1194)
sudo netfilter-persistent save
Then try to increase the limit for ACK and ACK-PSH packets.