Mailinglist Archive: opensuse-security (232 mails)

< Previous Next >
Re: [suse-security] Under DDoS Attack
  • From: "Carlos E. R." <robin1.listas@xxxxxxxxxx>
  • Date: Sun, 30 Oct 2005 13:16:40 +0100 (CET)
  • Message-id: <Pine.LNX.4.61.0510301311590.23380@xxxxxxxxxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


The Thursday 2005-10-27 at 18:09 +0200, media Formel4 wrote:

> I don't think that works out. Whenever I might send a FIN - what prevents my
> Apache from being attacked from the same bot after seconds again?

The script would have to do both things, close the connection in apache
and lock the incoming IP. But, if those IPs are spoofed, as you think,
chances are some will seem to come from your real clients sometime. Best
thing would probably be a module in apache for ignoring empty requests.
Is it doable?

What about the MACs, can they be traced? Any matches there? Forgive me if
that's a novice like question.

- --
Cheers,
Carlos Robinson

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Made with pgp4pine 1.76

iD8DBQFDZLmztTMYHG2NR9URAuinAJ4rmdmf58Aa7QAx6RjuYs944Q58qQCdG5wP
8Ge19SbRy4DaVBB2M/jjfDo=
=fbKO
-----END PGP SIGNATURE-----


< Previous Next >
Follow Ups