PaulDotCom mailing list archives
DDOS
From: karlrobertbailey at googlemail.com (Karl Bailey)
Date: Thu, 22 Apr 2010 08:37:51 +0100
We had a recent pen test that highlighted allot of problems on our infrastructure with DoS, things like slowaris causing issues, I've been considering using iptables to limit the number of connections from a single IP ... not allot of help with a DDoS, but would have saved us allot of grief as the pen testing all came from 3 IP addresses, is there something a little cleverererer iptables can do around dropping bad traffic? Regards Karl On Tue, Apr 20, 2010 at 10:36 PM, Geoff Shukin <shukin at gsenterprises.biz>wrote:
Hi! I am curious to know what folks are doing to combat the issue of DDOS attacks. I have heard about solutions from Arbor and TopLayer but wonder if they are effective. Are there any other suggestions out there in PaulDotCom land? We have seen DDOS attacks against one of our websites (using a combination of ICMP, TCP SYN and UDP flood attacks). Firewall stops the attacks in that the web servers are ok but the firewall falls over with 100% CPU. Thanks Geoff _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100422/ec47af5c/attachment.htm