Security Basics mailing list archives

Re: Help to defend from DOS web attacks

From: Jan Heisterkamp <janheisterkamp () web de>
Date: Fri, 26 Oct 2007 12:43:27 -0600

Hi Emanuel,

depending on which flavor of DoS you detected, this article might behelpful for you:

http://www.securityfocus.com/infocus/1729

saludos
Jan
Breno Brand Fernandes schrieb:

Hi Emanuel,
You can't block the attackers IPs, because they often use randomsources. So, you should limit the packets which use SYN flagactiveted, and use some protection like syn cookie that dont let theattack allocate so memory in your gateway.
Att,
Breno Brand Fernandes

----- Original Message ----- From: "Emanuel Marufo" <marufos () gmail com>
To: <security-basics () securityfocus com>
Sent: Thursday, October 25, 2007 11:41 PM
Subject: Help to defend from DOS web attacks
Hello,

Recently somebody attack my web server, and i thinking defend from that.

I readed the next article:
http://www.quadrunner.com/index.php?option=com_content&task=view&id=151&Itemid=2
but i want to know if can config a snort/portsentry to blockattackers ip's.



--
Grupo Ampersand S.A.
IT-Security Consultants & Auditors
Apdo. 924  Escazu 1250
Costa Rica C.A.
Phone: (506)588-0432
ceo_at_ampersanded.com  [corp.]
janheisterkamp_at_web.de [priv.]

Current thread:

Help to defend from DOS web attacks Emanuel Marufo (Oct 26)
- Re: Help to defend from DOS web attacks Guillermo Calvo (Oct 26)
- Re: Help to defend from DOS web attacks Breno Brand Fernandes (Oct 26)
  - Re: Help to defend from DOS web attacks Jan Heisterkamp (Oct 26)