16 Nov
2004
16 Nov
'04
19:40
On Sunday 14 November 2004 02:03, Dana Hudes wrote:
yes that's a reasonable approach on Linux but you have to construct solutions in a modular fashion. Certainly "firewall rule" is an option (but you can't just stick it in there and leave it forever, it has to be aged out at some point)
Just ignoring (firewalling) incoming traffic is not going to keep your webserver on the net, when bandwidth is depleted. A firewall rule on your side is not going to stop a DDoS attack if it is saturating your connection (a coordinated attack from a few hundred zombies probably will be sufficient). Now how is such an automated tool supposed to contact your uplink provider and filter out this traffic, before it can clog your connection? Arjen