Mailinglist Archive: opensuse-security (232 mails)

< Previous Next >
Re: [suse-security] Under DDoS Attack
  • From: Rainer Duffner <rainer@xxxxxxxxxxxxxxx>
  • Date: Thu, 27 Oct 2005 21:26:18 +0200
  • Message-id: <436129DA.2070800@xxxxxxxxxxxxxxx>
media Formel4 wrote:


88.111.75.8

As you can see: They've got not much in common...

I'm still not sure that they aren't spoofed. During the last hours I blocked more than 6000 IPs and per minute the count raises by 30 - 40...



What firewall is in front of that host?
I'd try to setup a reverse-proxy infront of it, together with an OpenBSD packetfilter.
The key to fending-off a DDoS-attacks is to have more resources than the attacker - both bandwidth and raw processing power.

If you don't have these resources, you can also just go home and wait till it's over because with so many zombies, the attacker can just flood you "conventionally" until your upstream provider is fed-up enough with it so that he just disconnects your system....




cheers,
Rainer












< Previous Next >
List Navigation
Follow Ups