im just wondering how do you block DDos? ive read a lot of companies closing down because of DDos.. including Dalnet server... ( IIRC )..
the best way is to work with your ISP to filter them out after identifying your enemy
IDS won't help much as your internet pipe might be congested by then...
using Netflow for detection and CEF (for Cisco stuff, sorry not Linux related) can help...applying ACLs and/or Null routing would block it...
then documenting and tracing the attackers follow...mostly compromised machines with bots/RATS
:)
-- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
