Mailinglist Archive: opensuse-security (232 mails)

< Previous Next >
Re: [suse-security] Under DDoS Attack
  • From: media Formel4 <info@xxxxxxxxxx>
  • Date: Thu, 27 Oct 2005 18:54:31 +0200
  • Message-id: <43610647.8040902@xxxxxxxxxx>
Syv Ritch schrieb:
media Formel4 wrote:

- How can I secure this server and/or stop this attack?


I think that you are looking at wrong point. Preventing a DDOS is not the job of the web server, but the job of the router/firewall. "Real routers/firewalls" will deal easily with these problems.

Sure - but therefore you need your own network environment. I'm talking about a root server. No chance (right now) to place a hardware firewall in front.

- No spoofing of IPs through validation where the packet comes from...
- No fragmented packets
- Limit the number of open/unfinished connections...

Is there a way to set this up with iptables? I know there are things like --limit and --iplimit inside - but that won't help me with the attack which is set by full established HTTP connections which simply don't carry a request...


< Previous Next >
Follow Ups