This article makes use of the APF, BFD, DDoS Deflate and RootKit to detect and protect your server from denial-of-service type attacks. To apply those utilities, please follow the instructions below:
The SYN Floods and ICMP DDoS may also be prevented by utilizing the Linux traffic control utility (tc) . To view setup instructions, please see relevant sections of Linux Advanced Routing & Traffic Control HOWTO.
Notes from the users :
Some of the users experienced following errors while starting APF.
bash# apf --start Unable to load iptables module (ip_tables), aborting.
According to Burst and Ryan of r-fx.org, changing the SET_MONOKERN variable in /etc/apf/conf.apf to “1″ will correct the problem.