How to Know If You're Being Hit With A DDoS Attack?

DDOS, short for Distributed denial of service attacks plague businesses and websites around the world. A DDoS attack occurs when a target server or website is overwhelmed with communication requests from a botnet or group of attackers. Once the server is no longer able to handle HTTP requests, it goes offline and prevents legitimate users from being able to access the website.
Botnets are typically used in conjunction with a DDoS attack. It takes a considerable amount of resources to take a website offline. In order to be effective, attackers must combine the resources of multiple computers. DDoS attacks typically do not cause damage to a website - they simply make the website inaccessible. There are more malicious uses of DDoS attacks. They are now being used as a way to deter security personnel and cover up fraud. In either case, if you own a website, you should be aware of how to recognize an attack.

How Do You Know If You Are Being HIt With A DDoS Attack?

The most important thing to do is not jump to conclusions. You want to check your router, internet connection, and any other variables that can be affecting your website performance. If you determine that it is not an internet connection problem, the first action you should take is contacting your web hosting provider. They will be able to tell you immediately whether you are being attacked or not.
The United States Computer Readiness Team, or US-CERT, gives a list of symptoms that serve as pointers that your computer resources may be under attack. Here is what they list as the potential signs of a DDoS attack:

• Unusually slow network performance (opening files or accessing websites).
• Unavailability of a particular website.
• Inability to access any website.
• Dramatic increase in the amount of spam you receive in your account.

DDOS attacks can also manifest as problems in the network branches adjacent to the computer system under attack and can serve as a great alert to network administrators. In cases where DDOS attacks are initiated on a very large scale, internet connections in entire geographical areas surrounding the target machines may be affected. To determine if computer resources are under DDOS attack, network administrators can go to the command prompt and attempt to ping outside their network, normally to a website like Google.com. By observing the time and the percentage of packets lost in the ping statistics, a correct diagnosis can be made concerning the state of the network.
The time it takes to transmit 32 bytes of data is normally about 40ms. At the initial stages of a DDoS attack, this may take 800ms. The computer system will eventually respond with a "Request Timed Out". Overall, identifying the initial stages of a DDoS attack early on, it's possible to prevent your computer and network resources from completely being taken offline.
If you are the do-it-yourself type, network administrators can make use of NETSTAT. This allows the administrator to see all the current TCP/IP connections. A large number of TCP/IP connections from the same IP address is usually a good indication of an attack. You can confirm that an attack is in progress when the state of these connections indicates SYN_RECEIVED.
To find out the IP address targeting your network, run the TCPView program or any program that indicates all the current connections on a computer. You can also use the commands found below to do some further research yourself.

• netstat -n -p | grep SYN_REC | sort -u

List all the unique IP addresses of the node that are sending SYN_REC connection status.

• netstat -n -p | grep SYN_REC | awk '{print $5}' | awk -F: '{print $1}'

Calculate and count the number of connections each IP address makes to the server.

• netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

List number of connections connected to the server using TCP or UDP protocol.

• netstat -anp |grep 'tcp|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

List IP address and its connection count that connect to port 80 on the server.

• netstat -plan|grep:80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1

How Do You Stop A DDoS Attack?

This can be tricky for most and nearly impossible without the right combination of hardware, software, and experience. If you happen to fall victim to a DDoS attack, contact your hosting provider immediately. If they are unable to mitigate the attack, there are two options available to you:

1. Subscribe to a DDoS proxy protection service. WIth proxy protection, there is no need to switch from your current host. The DDoS protection provider will simply re-route your DNS settings to point towards their servers to "scrub" the malicious traffic from your pipeline. They will then route the legitimate traffic back to your website.


2. Switch to a web host that provides DDoS protection. This is more a solution for high profile websites, or webmasters that are constantly plagued with DDoS attacks. In this case, moving to a host that specializes in DDoS protection is the best option.

Need server management, please try HostAddon.com

What to Consider for while choosing a VPS Service

When you're first launching a website or web application, you'll have to decide between shared hosting, virtual private server, and a dedicated server. If you're just starting out and shopping around for a hosting service, it may be a scary task. Virtual private servers, or VPS, is a good start if your website requires a lot of resources.


A VPS has restricted CPU and memory usage. Although it limits you from using too much, it also does the same for your neighbors on the same physical machine. It keeps your neighbors from taking up too much of your resources. Developers tend to choose a VPS as a compromise between dedicated servers and shared services.

With a VPS, you'll get root access to the server. You can install whatever software you want. This is a double edged sword. Remember, you can mess up your production system if you incorrectly install software or fail to patch a security update in time.
What's most important when choosing a VPS service? These are several factors to consider.

Should you go with unmanaged or managed?

Having managed servers means you won't have to apply software patches or security upgrades on your own. Having unmanaged servers means you're expected to manage it on your own.
There are companies that are starting to offer managed virtual private servers. Your hosting company will take care of it for you which means more time spent on your own application. This extra service comes with an extra monthly price.

Is there a community with a wiki, vps forum, or documentation?

Not many customers think about the community surrounding a service, but it should be a factor when selecting a VPS company. Undoubtedly, you'll run into issues while setting up software. That's when support documentation on wikis or forums comes in handy. You'll save a lot of time by reading posts. When someone else has had issues setting software up, they usually document how they solved problems. Check out a service's wikis and forums before making any purchasing decision.


What's the service's reputation for support queries?

Do you require priority support? Would you prefer to trade off a lower monthly cost for less hand holding? Many companies have great reputations for support.
One of the most important factors that comes to mind is the quality of support from your VPS service. What's their average response time to customer email? Do they have a support forum? How about a help desk website? These are questions that you should keep in mind when shopping around for a service.

Do the offer the Linux distribution that you prefer?

Some developers prefer CentOS for its rock solid stability. Other developers prefer Ubuntu for its ease of use. Many like Gentoo for its flexibility and customization. Pick a VPS plan which offers the Linux distribution you prefer.
Some VPS services only offer one type of Linux distribution. If that's the case, make sure that distribution matches your choice.
A trending feature with VPSes is hosted distribution images. For example, if you're using the VPS to run Django applications, your hosting provider might have a pre-built Django stack for you. This is handy and will save you time during the setup phase.

Is it within your budget?

This may be important to some developers depending on their price range. A few VPS services offer budget friendly prices. Others are extremely cheap VPS services which comes with low memory rates or less support. Top tier services, which hand hold the server infrastructure, tend to cost more.

When Should You upgrade to VPS Hosting?

Of course, if you are only in the initial phase of starting a business on the internet and your website is new, you can't afford to spend all your money on things you don't need. If your website is new and you don't have a huge budget, the idea of going for dedicated hosting could be a waste of money instead of being an investment. When you are faced with the question of choosing a Linux VPS or Windows VPS, let your IT professionals decide that because whatever effects this choice will have on the performance of your website is more known to them than you.


However, getting a general idea is always of great importance and you should always know some basics of hosting when your professionals are taking crucial decisions for your website. The first thing you would want to know when you are looking for a hosting website is the different types of hosting that exist out there. The major types are three known as dedicated, shared and VPS hosting. The names are pretty self-explanatory where VPS stands for virtual private server and this particular terms needs a little bit of extra explanation for a person to understand it well.

The idea of dedicated server is as easy as knowing that you have a server to host your website which is completely under your control and fully owned by you. Shared hosting means that there is one server resting in some place and various websites from around the world that couldn't afford huge costs of dedicated server are using the resources of this server in a shared environment i.e. they are sharing these resources. VPS is the entry right in the middle of two aforesaid hosting types and it is like a cross-over of both the types of hosting.


So do you think you can afford the costs of a dedicated server when you are in the initial stages of your business? Or is the shared hosting being a help for you in keeping your website up and running all the time? Do you think the shared hosting is making your website slow and a lot of times you find out that the server is down? If you don't fit into dedicated and shared hosting category then you probably need VPS hosting. When you go for VPS hosting you must remember that Linux VPS solution is more affordable than Windows VPS but there are other things to know as well.

When you go for Linux VPS you get certain benefits but along with these benefits come some cons of Linux based VPS as well. While Linux based VPS solution is affordable and quick but it is not suited for larger enterprises and businesses that want a more professional approach towards hosting. Windows VPS is most suited as a professional server solution for larger enterprises and where IT professionals are most interested in keeping a better control in a more graphically rich environment. How your website has been developed and some other factors are also involved in making this choice so professional advice is always highly recommended.

3 Reasons Not To Choose Free Hosting For Your Online Business Blog

 With every online business model, you will need to have a website to give your business a home on the internet. Think of your website as your internet business' virtual storefront that show cases your products and services. You'll need it to give a good first impression when visitors arrive there. You might be tempted to reduce costs and sign up for one of the free sites that you've seen advertised. While they do look good and can be set up very quickly and easily, there are some hidden disadvantages of which you may not be aware.

Free Hosting Offers Limited Plugins And Features

The first reason why you don't want to go for a free Web Hosting is that you will be limited in what you can do with them. The plugins and therefore the features that you can display on your website will be limited. You will not therefore be able to make your website look and feel the way you want it to appear.

Terms And Conditions May Limit What You Can Do With Free Hosting

The second reason you should avoid the free web host is that you'll have to follow certain terms and conditions. This can mean that on some sites you will not be able to include advertising, display affiliate links or carry out commercial activities, which an internet business must do. If you go ahead and set up your site on one of these free options, it is possible that all your effort and work could be lost when they close you down for breaking one of their rules.

Take Control Over Your Online Real Estate So You Will Never Lose It

When you open your account and register a name with the free sites, your domain name will include words that relate to that free site. This does not give the perception of your business being professional. It is possible therefore that visitors will not consider your business in a favorable light.
So, when setting up an internet business, do not choose the free hosting options. Instead, sign up with your own hosting service and register a domain of your choice. When you are deciding on a hosting service look at the reviews and recommendations to make sure that you choose a reputable firm. This will let your web visitors know that you are operating a professional business and want full control over your online real estate.

Advantages and Disadvantages of VPS Hosting

Please read this article before deciding to buy hosting.

VPS hosting is said to be one of the most economical and effective method of internet hosting techniques. VPS hosting means the Virtual Private Server hosting also known as the dynamic hosting VPS hosting offers the user an economic hosting service that is consistent. The VPS hosting offers us a dedicated server, which is having a unique IP address. This will help to increase the security, as there is a dedicated email server reduces the chance of spam blacklisting is reduced. VPS hosting technique offers many more advantages. Like any other service there is few disadvantages too .let us now take a look of the various advantages and disadvantages of VPS hosting.

Advantages :

• In VPS hosting the user will get a partition and he will have the authority of configuring his server and to install other software
• Each VPS can be individually rebooted.
• VPS generally uses Linux- based operating systems .Linux based operating systems are more stable and secure than the windows based operating systems.
• Each VPS server is isolated from others so the risk of data sinking or spamming will not be there. VPS offers a much more security than others
• VPS is  much more stable and offers a consistent service than the shared hosting
• Users can manage multiple websites effectively by using VPS hosting
• Each VPS has its own operating system, the user can configure the operating system and install the desired software in it  
• Virtual private server allows Root level access of the web server. by this the webmaster will have more power

Disadvantages :

• The users should be technically proficient for using VPS hosting. The applications used and the allotment of resources should be in such a way that it helps in the smooth working of the website.
• The hard ware configurations of the VPS are limited as the main server is partitioned and is used by many users. The VPS will have a limited disc space, Random Access Memory (RAM) and central processing time. 
• The VPS supports many applications such as chatting softwares , e commerce forums and other social media widgets  so there is a chance that the traffic is high the webmasters should take care to ensure that  these applications will not affect smooth working of the website

By observing the advantages and disadvantages of the VSP hosting, we can understand that VPS hosting is far better than the shared hosting service. People usually start with a shared hosting service and then migrate to a better hosting service such as the dedicated hosting with the increase in traffic. If you want to migrate from the shared hosting to a better service then the VPS hosting is one of the best option available. 

What actually is Managed Web Hosting?

With the search for a web hosting provider, customers often get baffled between the options and features offered by web hosting companies. However, the most important feature that you should be aware of while choosing web hosting plan is managed web hosting.

What is Managed Hosting?

A managed hosting can be stated as the server operations, maintenance and troubleshooting being taken care by web hosting provider. The Managed Hosting term is specifically used for Dedicated Servers, however, this feature is offered by many web hosting providers on Shared and VPS Hosting plans too.

What are the Managed Hosting Features?
 
Server Monitoring: To maintain server uptime in order to keep your website online for the maximal time, it is very important that the server is monitored round the clock. The server engineers employed by web hosting staff manage this task and monitors server constantly to prohibit suspicious activities on the server, to avoid sudden spikes in CPU usage or protect server from DDos attacks.
 
Troubleshooting: This service includes technical support and assistance by the web hosting provider through a live chat system, ticket system or even telephone. If you need assistance for uploading files on server, walkthrough for performing a task from control panel, a server side error on website, setting up email accounts and configuring emails.etc, you can contact the support team.
 
OS & Software Installation: The hosting provider’s technicians install Operating System and Software required on the server. Normally, OS & Software are pre-installed on the server before server login credentials are provided to customer. However, if you need a 3rd party software or application installed on the server, the support team can take care of it for you on request.
 
Hardware Upgrade & Replacement: Server Hardware needs to be replaced after a long period of online status so this is taken care in managed hosting. Also if there is any issue with Server Hardware, web host providers will replace the server hardware.

Security Audits: Server audit is very important to protect the server for malicious injections, hacking attempts and DDos attacks. The server engineers audit the data uploaded on the server and the software and application versions to keep it updated. If the software or application’s old version usage is continued, it makes server vulnerable.
 
Server Maintenance: Server maintenance or server management includes OS optimization, Database optimization, FSCK’s to check the consistency of file system and security tweaks on the server.
Managed hosting certainly is a good deal as it saves your time and server administrator fees as this is included in services offered by web hosting provider. So if you find a hosting plan relatively costlier than other providers, it is because of the managed hosting service available with the hosting package as you get the benefit of technical support.
 

Cheapest SSL Certificates, securing your website at affordable price

Also known as a Secure Socket Layer, an SSL certificate allows website owners to add a level or encryption between the web server and visitors to the site. Primarily, this encryption aims to secure any data that may be exchanged between the server and the browser used by a visitor. It also aims to maintain the privacy of the visitor to a website. Most websites that allow for online transactions provide their customers with this added layer of protection while the transaction is taking place.

What information do SSL Certificates contain?

Typically, they contain information like the domain name, the location of its server, validity information about the certificate itself and details of the ownership of the certificate.

The Value

SSL certificates act as a certificate of a website's identity and authenticity. Because of the security they provide, they also improve the credibility of an organization. For visitors to the website, they provide security of data that is passed from the visitor's browser to the website, making it inaccessible to others. They also help ensure confidentiality of all shared information. Lastly, they ensure the security of all transactions conducted on the website that has the certificate.

Types of SSLs

When visitors to a website share personal information like credit card details, bank account details, passwords, etc., the onus of ensuring that this information is secure lies on the website. To ensure this security, the website needs to use SSLs, in order to establish a secure connection between a visitor's browser and the website and prevent fraud. Web hosting companies often offer these certificates to clients by way of a value addition to the hosting account.
When signing up for a web hosting account, you should make sure that you get a genuine SSL and not wildcard SSLs, which are not as secure.
Sometimes websites need to create multiple sub-domains and provide security on these multiple sub-domains. This can be done using sub domain SSLs. Sometimes, owners of sub-domains use the SSL of the primary domain user. If the primary domain owner is a different entity than the sub-domain owner, then the SSL is not owned by the owner of the main domain and not person who creates the sub-domain.
Impact of sub-domain SSLs:
· The primary purpose of an SSL is to identify the website ownership. This purpose is defeated since you would not own the certificate.
· As a result, the security of transactions done on the sub-domain may be questionable
· Any SEO value and Google Page Rank would automatically get transferred to the owner of the certificate and your website would lose these benefits.
Does this mean that all sellers of cheap SSL certificates are cheats? Not necessarily. You can ensure the authenticity of the certificate through these simple questions that your web hosting provider should answer.
· Does your website have a dedicated IP address? You would be able to get a dedicated IP address only from hosting companies that sell genuine SSLs.
· Which domain is the SSL issued to? If your web hosting provider is genuine, then the certificate would be issued to your domain.

Choosing SSL Certificates

A thing to note is that the cost should never be the primary concern while choosing an SSL certificate. As long as it's genuine, both cheap and expensive certificates perform the same function. What is of greater importance is that you get a genuine certificate from a genuine web hosting company. Cheap SSL certificates are not bad -- but you need to make sure they are genuine certificates issued to your domain.

How to Test your VPS performance with UnixBench

This UnixBenchmark will test your Virtual Private Server and give you a performance score. It can take up to 10-15 minutes for this test to complete. This test required that you have gcc installed. If you do not simply run # yum install gcc before proceeding.

# wget http://www.vpstutor.com/unixbench-4.1.0-wht.tar.gz
# gunzip -dvc unixbench-4.1.0-wht.tar.gz | tar xvf -
# cd unixbench-4.1.0-wht-2
# make
# ./Run

Once the Benchmark as completed running you will see test results similar to these:
-------------------------------------------------------------------------------------------------------------------------
Start Benchmark Run: Thu Oct 29 20:37:05 MSK 2009
20:37:05 up  1:37,  2 users,  load average: 0.00, 0.00, 0.01

End Benchmark Run: Thu Oct 29 20:53:25 MSK 2009
20:53:25 up  1:53,  2 users,  load average: 11.38, 5.47, 2.91


INDEX VALUES
TEST                                        BASELINE     RESULT      INDEX

Dhrystone 2 using register variables        376783.7  1735954.5       46.1
Double-Precision Whetstone                      83.1     1863.7      224.3
Execl Throughput                               188.3     1180.3       62.7
File Copy 1024 bufsize 2000 maxblocks         2672.0    69872.0      261.5
File Copy 256 bufsize 500 maxblocks           1077.0    22635.0      210.2
File Read 4096 bufsize 8000 maxblocks        15382.0   268863.0      174.8
Pipe-based Context Switching                 15448.6    87268.1       56.5
Pipe Throughput                             111814.6   309839.1       27.7
Process Creation                               569.3     3395.9       59.7
Shell Scripts (8 concurrent)                    44.8      197.6       44.1
System Call Overhead                        114433.5   262217.4       22.9
=========
FINAL SCORE                                                      77.3
------------------------------------------------------------------------------------------------------------------------

For fast VPS Hosting, choose IMH@

What to Look for In A good Web Hosting Company

Almost everybody nowadays has a website for different purposes. Some use it to show off their individual curriculum vitae and portfolio. Charitable organizations go online to spread their good cause. Businesses use the internet to give a boost to their profit. As soon as they determine that they need to have a website, what do they do next?
Searching for a web hosting company that meets the needs is going to take some research. Here are some things that have to be kept in mind when searching.
1. Does the company have a good background?
Before anything else, people who seek for a provider must check the history and size of their target. How many years has the provider been operating the business? Is it a small time business, or a large one that serves millions of internet sites? As of May 2012, there are almost twenty thousand web hosting firms enlisted in the USA. Yet, only a handful of them make it through the initial twelve months. In order to know a host's original date of registration, perform a WhoIs search on their internet domain prior to hiring their services.
2. Is the host server stable?
Percentage of outages or downtime is amongst the most crucial factor that must be checked before enlisting for a service. It does not matter if the website is intended for money-making or not. When there is too much downtime, people will find it hard to visit the site.
The tolerable downtime per month is only 0.1% or approximately forty minutes. Anything more than 1% to 2% suggests that the provider may be going through something. The problem may just be internal. Worse, it can also be as undesirable as hacking threats. Whatever it may be, it is a sign of the need to go forward. Then again, if that only happens for a single month, it could just be bad luck. If that issue is constantly taking place, there will always be other web hosting firms with more desirable uptime scores at a comparable cost.
3. Is the web hosting customer care satisfactory?
A satisfactory customer service is certainly vital in seeing to it that every after-sales issue will be given a solution without delay. For instance, the routine maintenance of the server should ideally be announced to the clients at all times. However, some providers fail to notify their clients, which may just threaten their online businesses. Getting a grasp on the availability of the customer support is essential since this is an area where it is rather simple to lower your expenses.
4. Are there extra features?
What additional features does the provider offer to make their web hosting services much more enticing? Perhaps it is energy-saving techniques, multiple data facilities, periodic data backups or no cost domain privacy. Web hosting firms usually provide a lot more than just servers.

Install rTorrent/ruTorrent Seedbox on Ubuntu VPS

This tutorial will guide you through the installation of libtorrent 0.13.0, rTorrent 0.9, and the ruTorrent Web UI (3.0) on a Debian or Ubuntu system. It has been tested with Debian 6 (x64) and Ubuntu 11.04 (x64).
To begin, access your VPS via SSH and run the following to update your platform and install some needed dependencies:

# apt-get update
# sudo apt-get install subversion build-essential automake libtool libcppunit-dev libcurl3-dev libsigc++-2.0-dev unzip unrar-free curl libncurses-dev
# apt-get install apache2 php5 php5-cli php5-curl

Enable scgi for Apache:

# apt-get install libapache2-mod-scgi
# ln -s /etc/apache2/mods-available/scgi.load /etc/apache2/mods-enabled/scgi.load

Install XMLRPC:

# mkdir /install;cd /install
# svn checkout http://xmlrpc-c.svn.sourceforge.net/svnroot/xmlrpc-c/stable xmlrpc-c
# cd xmlrpc-c
# ./configure --disable-cplusplus
# make
# make install

Intall libtorrent:

# cd /install
# wget http://vps6.net/src/libtorrent-0.13.0.tar.gz
# tar xvf libtorrent-0.13.0.tar.gz
# cd libtorrent-0.13.0
# ./autogen.sh
# ./configure
# make
# make install

Install rTorrent:

# cd /install
# wget http://vps6.net/src/rtorrent-0.9.0.tar.gz
# cd rtorrent-0.9.0
# ./autogen.sh
# ./configure --with-xmlrpc-c
# make
# make install
# ldconfig

Create required directories:

# mkdir /home/seeder1/rtorrent
# mkdir /home/seeder1/rtorrent/.session
# mkdir /home/seeder1/rtorrent/watch
# mkdir /home/seeder1/rtorrent/download

Setup .rtorrent.rc file (rTorrent config):

# cd ~/
# wget http://vps6.net/src/.rtorrent.rc
# cp .rtorrent.rc /home/seeder1/

(Edit the settings in .rtorrent.rc, like max upload/download speed, max connected peers, etc, as needed.)
Install rTorrent:

# cd /install
# wget http://vps6.net/src/rutorrent-3.0.tar.gz
# tar xvf rutorrent-3.0.tar.gz
# mv rutorrent /var/www
# wget http://vps6.net/src/plugins-3.0.tar.gz
# tar xvf plugins-3.0.tar.gz
# mv plugins /var/www/rutorrent
# rm -rf /var/www/rutorrent/plugins/darkpal
# chown -R www-data:www-data /var/www/rutorrent

Secure /rutorrent:

# a2enmod ssl
# a2enmod auth_digest
# a2enmod scgi

# openssl req $@ -new -x509 -days 365 -nodes -out /etc/apache2/apache.pem -keyout /etc/apache2/apache.pem
# chmod 600 /etc/apache2/apache.pem

# htdigest -c /etc/apache2/passwords seedbox seeder1

(Enter a password of your choice when prompted, you will use this to log in to the ruTorrent web UI.)

# cd /etc/apache2/sites-available/
# rm -rf default
# wget http://vps6.net/src/default

# a2ensite default-ssl
# /etc/init.d/apache2 reload

Install screen:

# apt-get install screen

Start rTorrent in a detached shell using screen:

# screen -fa -d -m rtorrent

(To start rtorrent automatically after reboots, add the above command to /etc/rc.local)

Setup is now complete! Access ruTorrent at http://xx.xx.xx.xx/rutorrent/ (replace xx.xx with your server's IP address). You should be greeted with a login prompt, where the username is "seeder1" and the password is the one you set above in the "secure /rutorrent" section.

Need VPS Hosting?