|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [suse-security] Under DDoS Attack
From: Carlos E. R. (robin1.listas
tiscali.es)
Date: Sun Oct 30 2005 - 06:16:40 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The Thursday 2005-10-27 at 18:09 +0200, media Formel4 wrote:
> I don't think that works out. Whenever I might send a FIN - what prevents my
> Apache from being attacked from the same bot after seconds again?
The script would have to do both things, close the connection in apache
and lock the incoming IP. But, if those IPs are spoofed, as you think,
chances are some will seem to come from your real clients sometime. Best
thing would probably be a module in apache for ignoring empty requests.
Is it doable?
What about the MACs, can they be traced? Any matches there? Forgive me if
that's a novice like question.
- --
Cheers,
Carlos Robinson
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Made with pgp4pine 1.76
iD8DBQFDZLmztTMYHG2NR9URAuinAJ4rmdmf58Aa7QAx6RjuYs944Q58qQCdG5wP
8Ge19SbRy4DaVBB2M/jjfDo=
=fbKO
-----END PGP SIGNATURE-----
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]