On Mon, Mar 24, 2008 at 11:34:58PM +, Paul Vixie wrote:
i only use or recommend operating systems that have their own host based
firewalls.
That was exactly my problem.
Barney Wolff wrote:
What finally broke was doing a table list, possibly because the
command prints in sorted order.
: Monday, March 24, 2008 6:02 PM
To: NANOG
Subject: Mitigating HTTP DDoS attacks?
Howdy all,
So, i'm kind of new to this so please deal with my ignorance. But,
what is common practice these days for HTTP DDoS mitigation during an
attack? You can of course route every offending ip address to null0
On Mon, 24 Mar 2008 23:13:25 -0400
Rodrick Brown [EMAIL PROTECTED] wrote:
They're a few companies that specialize in DDOS protection type
services one company that comes to mind is Prolexic and their IPN
infrastructure protection service. Prolexic will basically absorbs all
attacks filter
On 3/25/08, Peter Dambier [EMAIL PROTECTED] wrote:
proc2pl might get you ideas, from the ISAON tools on
You know, for the last year or two I've heard you go on and on about IASON.
A few months ago I actually did download it and the only thing I can find in
it is an assortment of scripts to
Howdy all,
So, i'm kind of new to this so please deal with my ignorance. But,
what is common practice these days for HTTP DDoS mitigation during an
attack? You can of course route every offending ip address to null0 at
your border. But, if it's a botnet or trojan or something, It's coming
from
On Mar 25, 2008, at 5:02 AM, Mike Lyon wrote:
Any input would be greatly appreciated.
There are devices available today from different vendors (including
Cisco, full disclosure) which are intelligent DDoS-'scrubbers' and
which can deal with more sophisticated types of attacks at
On Mon, Mar 24, 2008 at 5:18 PM, Roland Dobbins [EMAIL PROTECTED] wrote:
There are devices available today from different vendors (including
Cisco, full disclosure) which are intelligent DDoS-'scrubbers' and
which can deal with more sophisticated types of attacks at layer-7,
including
On Mar 25, 2008, at 6:18 AM, Tim Yocum wrote:
If you're running Apache, you may also investigate mod_evasive, and in
the case of exploits, mod_security.
mod_evasive and mod_security are definitely recommended, good point.
And a good relationship with your peers/upstreams/customers/vendors
[EMAIL PROTECTED] (Mike Lyon) writes:
So, i'm kind of new to this so please deal with my ignorance.
:-). on the internet, everybody's new to everything since it's all
changing every day. if anybody grumps at you for your ignorance, or
says i can't type that into an IOS prompt then the fault
Paul Vixie wrote:
i only use or recommend operating systems that have their own host based
firewalls. soon that will mean pf (from openbsd but available on freebsd)
pf's tables are nifty too btw :)
pfsense, which is FreeBSD + pf, also has a port of snort IDS available.
Provided the OP has
On Mon, Mar 24, 2008 at 11:34:58PM +, Paul Vixie wrote:
i only use or recommend operating systems that have their own host based
firewalls. soon that will mean pf (from openbsd but available on freebsd)
but right now that means ipfw. ipfw has a table construct which uses a
data
case,
it's reactive.
Frank
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mike
Lyon
Sent: Monday, March 24, 2008 5:02 PM
To: NANOG
Subject: Mitigating HTTP DDoS attacks?
Howdy all,
So, i'm kind of new to this so please deal with my ignorance
On Mar 25, 2008, at 8:10 AM, Frank Bulk - iNAME wrote:
In any case, it's reactive.
Several SPs (quite a few, actually) are offering DDoS mitigation
services based upon a variety of tools and techniques, and with
various pricing models. Some provide the service for their own
Mike Lyon wrote:
So, i'm kind of new to this so please deal with my ignorance. But,
what is common practice these days for HTTP DDoS mitigation during an
attack? You can of course route every offending ip address to null0 at
your border. But, if it's a botnet or trojan or something, It's coming
On Mon, Mar 24, 2008 at 6:02 PM, Mike Lyon [EMAIL PROTECTED] wrote:
Howdy all,
So, i'm kind of new to this so please deal with my ignorance. But,
what is common practice these days for HTTP DDoS mitigation during an
attack? You can of course route every offending ip address to null0 at
15 matches
Mail list logo
