Prevent DDOS Attack on Windows VPS
Posted by Will Kruss on 28 April 2016 06:10 PM
|
|
Guide to address how to prevent your VPS from being used in a DDOS attack. This affects all versions of Windows DNS. This article will address how to prevent your VPS from being used in a DDOS attack. This affects all versions of Windows DNS (2003/2008/2012).
1. Your DNS Server is used for your VPS to resolve external domains If you have installed the DNS server on your Windows VPS that has forwarders turned on, you must configure the Windows Firewall to stop outside users from using your DNS server. All you need to do is modify the DNS TCP/UDP Incoming firewall rules on the Scope tab, and add any IPs you want to be able to access the DNS server: Important: If you are joining other servers to a Windows Active Directory domain, you will need to make sure that you are adding the other server’s IP addresses to the “Remote IP Address” section. You can verify that the DNS server is open to being used in an attack by using the "nslookup" command. On your own computer (not on the VPS) open a command prompt and type:
(where 203.143.X.X is the IP address of your VPS). If it is secure it will look like this: C:\Windows\system32>nslookup DNS request timed out. DNS request timed out. DNS request timed out.
In this case you MUST turn off DNS forwarding, and cannot use the DNS server to resolve external domains. It can only provide information on the domains that it hosts to the public. To turn off forwarding:
| |
|