On Wed, 27 Aug 2003, Mike Hogsett wrote:

>
> > >i got a DoS attack, how i can stop it ?
> > >
> > >note:
> > >    i have a lan network in my home, and DSL connection which is connected
> > >to the
> > >hub direct, and i have 3 pc's.
> > >
> > >thanks
> > >
> >
> > I use a firewall which allows a block of DoS IPs from any to any.... also
> > can close ports easily. Plus, if you log, you can then monitor the further
> > attempts....
>
> Unfortunately anything you do at the local end will not prevent bandwidth
> from being consumed on your link.  Once it hits your local firewall to be
> dropped the traffic has already consumed bandwidth on your link.
>
> This may or may not be a concern.  If the DOS is consuming a great deal of
> bandwidth than it probably is a concern and you may try contacting the
> abuse@ or other support addresses at your ISP and ask if they can filter
> this traffic before it hits your link.
>
> If you do want to consider a local firewall (which is a very good idea
> indeed) you may consider using a FreeBSD box in bridging mode between the
> DSL link and the local LAN.  This FreeBSD box can do layer 3 (IP)
> filtering in bridging (layer 2 forwarding) mode.
>
> Some references :
>      http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.html
>      http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-bridging.html
>      
> http://www.freebsd.org/doc/en_US.ISO8859-1/articles/filtering-bridges/article.html
>
>  - Mike
>
> _______________________________________________
> [EMAIL PROTECTED] mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
>


   If you have a dynamic IP address, you may get by power cycling your DSL
modem so you come up with another IP address. It's a cheap shot, but may
buy you some time online while you batten up the hatches.


   - Jamie



"A friend is someone who lets you have total freedom to be yourself."

_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to