Re: how to fight concurrent connection DOS attack to FreeBSD ftpd?

JD Bronson Sat, 24 Nov 2007 07:50:00 -0800

At 10:34 PM 11/24/2007 +0800, Zhang Weiwu wrote:

Dear all


I run a ftp site which is being attacked by someone who issue some 1000
concurrent connection for downloading as anonymous. How can I fight back?


how about controlling access via pf?
you can limit the number of connections from the SAME IP and/or
number of connections from the SAME IP over a given time...

Or just block the IP and be done with it?

We use this method for controlling attacks on SSH port 22 but itcould also be used for any type of needed control.


the items of value under pf are:
max-src-conn
max-src-conn-rate
flush
flush global

hth

-JD

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: how to fight concurrent connection DOS attack to FreeBSD ftpd?

Advertising

Reply via email to