Security Basics mailing list archives
Re: Help to defend from DOS web attacks
From: Jan Heisterkamp <janheisterkamp () web de>
Date: Fri, 26 Oct 2007 12:43:27 -0600
Hi Emanuel,depending on which flavor of DoS you detected, this article might be helpful for you:
http://www.securityfocus.com/infocus/1729 saludos Jan Breno Brand Fernandes schrieb:
Hi Emanuel,You can't block the attackers IPs, because they often use random sources. So, you should limit the packets which use SYN flag activeted, and use some protection like syn cookie that dont let the attack allocate so memory in your gateway.Att, Breno Brand Fernandes ----- Original Message ----- From: "Emanuel Marufo" <marufos () gmail com> To: <security-basics () securityfocus com> Sent: Thursday, October 25, 2007 11:41 PM Subject: Help to defend from DOS web attacksHello, Recently somebody attack my web server, and i thinking defend from that. I readed the next article:http://www.quadrunner.com/index.php?option=com_content&task=view&id=151&Itemid=2but i want to know if can config a snort/portsentry to block attackers ip's.
-- Grupo Ampersand S.A. IT-Security Consultants & Auditors Apdo. 924 Escazu 1250 Costa Rica C.A. Phone: (506)588-0432 ceo_at_ampersanded.com [corp.] janheisterkamp_at_web.de [priv.]
Current thread:
- Help to defend from DOS web attacks Emanuel Marufo (Oct 26)
- Re: Help to defend from DOS web attacks Guillermo Calvo (Oct 26)
- Re: Help to defend from DOS web attacks Breno Brand Fernandes (Oct 26)
- Re: Help to defend from DOS web attacks Jan Heisterkamp (Oct 26)