How it is stopped

There are existing tools that combat DoS attacks. We use dos-deflate to combat the dos-attack launched by VM2. The tool tracks and monitors all the IP addresses making connections to the server by using the netstat command. Whenever it detects the number of connections from a single node exceeding certain pretest limits which are defined in the configuration file, the script will automatically block that IP address. After installing the tool, the server becomes accessible again as shown in the following figure: