Han Boetes wrote:
Not so much as a direct reply but more as to share what happened when I
was ddossed a few month ago.
The thing that brought my pc to it's knees was pflog trying to log it
all. Once I found that out I disabled logging and Then I hardly had a
connection because my upload
On Tue, 5 Nov 2002 17:28:18 -0500
jolan [EMAIL PROTECTED] wrote:
On Tue, Nov 05, 2002 at 02:49:42PM +0100, Michiel van Baak wrote:
Anyone who can enlighten me ?
ddos attacks need to be blocked at the router and even then it doesn't
mean you're going to come away from one unscathed
Hi List,
The host that is being attacked, there isn't much you can do about a dDos.
I wonder on the other side what can be done (by pf) to prevent the host
being used as a zombie spawning (spoofed) packets like mad. Anybody a clue?
Sacha
On Wed, Nov 06, 2002 at 12:44:38PM +0100, Sacha Ligthert wrote:
I wonder on the other side what can be done (by pf) to prevent the host
being used as a zombie spawning (spoofed) packets like mad. Anybody a clue?
you can stop spoofed packets from going out by only passing things out
which have
On Wed, 2002-11-06 at 07:13, Daniel Hartmeier wrote:
There's a link to a patch for pf that allows further session limiting on
honeynet.org.
Thanks for the tip. Any plans to include this patch in future releases?
-J.
Thnx all.
The trick with the max states and timeouts works fine.
Michiel
-
From: Daniel Hartmeier [mailto:daniel;benzedrine.cx]
Sent: woensdag 6 november 2002 13:22
To: Sacha Ligthert
Subject: Re: dDoS attacks
On Wed, Nov 06, 2002 at 01:19:53PM +0100, Sacha Ligthert wrote:
Will this patch be added to the main pf devel repository one day?
Have you read
On Wed, Nov 06, 2002 at 08:11:04AM -0500, Jason Dixon wrote:
Ok, I'll refine my question (after reviewing the tarball). Any chance
that the related functionality provided by netfilter (--limit) will be
built into PF in future releases. Obviously, this type of feature still
has its
Michiel van Baak ([EMAIL PROTECTED]) wrote:
I've been spending 3 days searching on google and reading docs/howto's
about pf. But I didn't find any information about how to protect you
server/network against dos and ddos attacks. Anyone who can enlighten
me ?
I'm pretty new to OpenBSD
On Wed, 2002-11-06 at 08:57, Han Boetes wrote:
firewall stuffed the upload. After that I disabled return-rst I got a
continous stream of 50kb/s and I barely noticed I was ddossed.
So my suggestion would be to put in triggers in pf that would go of at
certain levels that would indicate
On Wed, Nov 06, 2002 at 12:38:33PM +0100, Daniel Hartmeier wrote:
Well, a real distributed DoS attack involves many hosts fully
establishing connections to a service you provide to the public, which
either saturates your uplink or the resources on your server so that
legitimate connections
On Thu, Nov 07, 2002 at 12:38:56AM +0100, Henning Brauer wrote:
real life example: we were target to a DDoS about a year ago - sucked a
total incoming bandwidth of over 1 TByte/s - of course that's far beyond our
gack, I need sleep. It was over 1 GBit/s of course. a TBytes/s would be a
bit much
12 matches
Mail list logo