In recent years, with the Trojan horse, virus increasingly rampant, the internet denial of service attacks and the frequency of attack traffic also increased rapidly, in the attack mode, attack technology and the attack resources are maturing, the anti-denial service related hardware and software products have also been a significant development. Today's IDC market has basically been to the lack of effective denial of service attack defense means will not be able to operate a stable IDC business situation.
But there are a wide range of denial of service defense products, the price difference is also very large, from hundreds of yuan installed on the target server to protect a single server software firewall to tens of thousands of or even a hundred thousand of Yuan trillion, gigabit hardware firewall, including the emergence of the provision of hardware firewall program and help customers DIY hardware firewall benefits of alternative solutions, etc. , customers are often at a loss, especially for DIY hardware firewalls used by the relevant technology, defense capabilities and so do not understand, so that it is often at a loss when the choice.
Recently, my computer room continued to suffer from DDoS attacks, also suffered the same troubles, in the installation of a variety of soft defenses can not be effective defense, hard to withstand the price too high, so the internet search a DIY hardware firewall site, holding to try the mentality, download the firewall provided by its core, according to the requirements of the corresponding hardware , after the installation configuration, finally resolved the DDoS attacks have been bothering me, now put the DIY firewall installation and setup process record as follows, I hope to help more and I encounter the problems of the friends of the early resolution.
The first step: Prepare the firewall hardware platform
In accordance with the requirements of the DIY firewall website, I have prepared the following hardware:
1, a computer, I chose the bottom of the original in Taobao Amoy to the IBM ThinkCentre S50 quasi system. This is my original cost of 760 yuan to Amoy. The quasi-system comes with an Intel gigabit NIC that is used to connect to the extranet.
2, CPU one, I use is used to match the IBM ThinkCentre S50 P4 2.4G cpu.400 yuan.
3, memory one. I'm using a 1G RAM.
4, 128M DOM electronic disk one. I am using PQI electronic disk, no electronic disk to use the hard drive, the capacity of the >128m can be. Note: The electronic disk or hard drive is to be installed to the master location of the IDE1 connected to the motherboard, please refer to the documentation for the motherboard you are using.
5, one network card. Used to connect the intranet, because S50 has brought a gigabit NIC used to connect the network, because there is no better card on hand, just use a 8139 of the network card to connect the intranet.
6. Burn a piece of disc. Used to burn the kernel installation files downloaded from the Web site.
7, burning a CD-ROM.
Installed firewall hardware platform: Two network ports are used for one intranet (the 8139 on the left), an external network (the following that S50 with the Intel Gigabit Network card).
In this way, the firewall hardware platform is completely Ann built.