Han Boetes wrote:
Not so much as a direct reply but more as to share what happened when I
was ddossed a few month ago.
The thing that brought my pc to it's knees was pflog trying to log it
all. Once I found that out I disabled logging and Then I hardly had a
connection because my upload
On Tue, 5 Nov 2002 17:28:18 -0500
jolan [EMAIL PROTECTED] wrote:
On Tue, Nov 05, 2002 at 02:49:42PM +0100, Michiel van Baak wrote:
Anyone who can enlighten me ?
ddos attacks need to be blocked at the router and even then it doesn't
mean you're going to come away from one unscathed.
-
Hi List,
The host that is being attacked, there isn't much you can do about a dDos.
I wonder on the other side what can be done (by pf) to prevent the host
being used as a zombie spawning (spoofed) packets like mad. Anybody a clue?
Sacha
On Wed, Nov 06, 2002 at 12:44:38PM +0100, Sacha Ligthert wrote:
I wonder on the other side what can be done (by pf) to prevent the host
being used as a zombie spawning (spoofed) packets like mad. Anybody a clue?
you can stop spoofed packets from going out by only passing things out
which have
On Wed, 2002-11-06 at 07:13, Daniel Hartmeier wrote:
There's a link to a patch for pf that allows further session limiting on
honeynet.org.
Thanks for the tip. Any plans to include this patch in future releases?
-J.
Thnx all.
The trick with the max states and timeouts works fine.
Michiel
-
From: Daniel Hartmeier [mailto:daniel;benzedrine.cx]
Sent: woensdag 6 november 2002 13:22
To: Sacha Ligthert
Subject: Re: dDoS attacks
On Wed, Nov 06, 2002 at 01:19:53PM +0100, Sacha Ligthert wrote:
Will this patch be added to the main pf devel repository one day?
Have you read
On Wed, Nov 06, 2002 at 08:11:04AM -0500, Jason Dixon wrote:
Ok, I'll refine my question (after reviewing the tarball). Any chance
that the related functionality provided by netfilter (--limit) will be
built into PF in future releases. Obviously, this type of feature still
has its
Michiel van Baak ([EMAIL PROTECTED]) wrote:
I've been spending 3 days searching on google and reading docs/howto's
about pf. But I didn't find any information about how to protect you
server/network against dos and ddos attacks. Anyone who can enlighten
me ?
I'm pretty new to OpenBSD.
On Wed, 2002-11-06 at 08:57, Han Boetes wrote:
firewall stuffed the upload. After that I disabled return-rst I got a
continous stream of 50kb/s and I barely noticed I was ddossed.
So my suggestion would be to put in triggers in pf that would go of at
certain levels that would indicate
On Wed, Nov 06, 2002 at 12:38:33PM +0100, Daniel Hartmeier wrote:
Well, a real distributed DoS attack involves many hosts fully
establishing connections to a service you provide to the public, which
either saturates your uplink or the resources on your server so that
legitimate connections
On Thu, Nov 07, 2002 at 12:38:56AM +0100, Henning Brauer wrote:
real life example: we were target to a DDoS about a year ago - sucked a
total incoming bandwidth of over 1 TByte/s - of course that's far beyond our
gack, I need sleep. It was over 1 GBit/s of course. a TBytes/s would be a
bit much
12 matches
Mail list logo