DDOS

[lazydj98 at gmail.com (Joshua Smith)]

I like tarpitting connections. Has it's own issues, but still fun

-Josh

On Apr 22, 2010, at 3:37 AM, Karl Bailey <karlrobertbailey at googlemail.com 
> wrote:

> We had a recent pen test that highlighted allot of problems on our  
> infrastructure with DoS, things like slowaris causing issues, I've  
> been considering using iptables to limit the number of connections  
> from a single IP ... not allot of help with a DDoS, but would have  
> saved us allot of grief as the pen testing all came from 3 IP  
> addresses, is there something a little cleverererer iptables can do  
> around dropping bad traffic?
>
> Regards
> Karl
>
> On Tue, Apr 20, 2010 at 10:36 PM, Geoff Shukin <shukin at gsenterprises.biz 
> > wrote:
> Hi!
>
> I am curious to know what folks are doing to combat the issue of  
> DDOS attacks.  I have heard about solutions from Arbor and TopLayer  
> but wonder if they are effective.  Are there any other suggestions  
> out there in PaulDotCom land?
>
> We have seen DDOS attacks against one of our websites (using a  
> combination of ICMP, TCP SYN and UDP flood attacks). Firewall stops  
> the attacks in that the web servers are ok but the firewall falls  
> over with 100% CPU.
>
> Thanks
>
> Geoff
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100422/c63ec2fa/attachment.htm