(09-15-2014, 10:06 AM)TGates Wrote: http://configserver.com/cp/csf.html
I personally have not seen an open source or software based firewall that can block DDOS. Many of the firewall vendors are able to sell their firewalls for thousands of dollars because they write proprietary logic into them that the open source packages don't have.
The only one that may do it is a firewall called "Untangle". It is a very powerful firewall that is commercial but free. The company sells advanced modules if you want them. The thing comes with everything you need to stop a DDOS attack and may do what you want. I have never tested it against a DDOS though.
They have a concept in it called the "bullpen" where bad IPs get blacklisted automatically but it doesn't seem to have the same logic or strength of a commercial firewall. Give it a try. It only takes a few minutes to load.
I will note the same thing I tell everyone - If you are going to run a product like Sentora, you need to seriously consider investing in good firewalls. They are the difference between you being brought down and surviving. If I didn't have my Watchguards in place, my hosting company would not be running right now. A good firewall is worth every penny.
Scott
