Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: [suse-security] Under DDoS Attack
From: Carlos E. R. (robin1.listastiscali.es)
Date: Sun Oct 30 2005 - 06:16:40 CST
-----BEGIN PGP SIGNED MESSAGE-----
The Thursday 2005-10-27 at 18:09 +0200, media Formel4 wrote:
> I don't think that works out. Whenever I might send a FIN - what prevents my
> Apache from being attacked from the same bot after seconds again?
The script would have to do both things, close the connection in apache
and lock the incoming IP. But, if those IPs are spoofed, as you think,
chances are some will seem to come from your real clients sometime. Best
thing would probably be a module in apache for ignoring empty requests.
Is it doable?
What about the MACs, can they be traced? Any matches there? Forgive me if
that's a novice like question.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Made with pgp4pine 1.76
-----END PGP SIGNATURE-----
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here