nu exista nici o metoda decat cea prin limitarea traficului ( SYN ), cea
mai simpla metoda pe un linux, fiind cea pe care ai spus-o chiar tu:
iptables.
SYN in principiu este un bit din pachetul TCP, care indica initierea
unei conexiuni TCP, deci nu este nici un tip de serviciu.
---
Bogdan Velcea
Network Administrator
Romania Data Systems
http://www.rdsnet.ro
Privileged/Confidential Information may be contained in this message. If
you are not the addressee indicated in this message (or responsible for
delivery of the message to such person), you may not copy or deliver this
message to anyone. In such a case, you should destroy this message and
kindly notify the sender by reply e-mail.
On Wed, 6 Jun 2001, George Mihalcea wrote:
>
> Daca te floodeaza cineva cu pachete syn pe portul 80, in afara de a bloca
> pachetele prin firewall, e vreo alta metoda de a te proteja?
> Stiu ca in iptables e o optiune prin care poti limita rata pachetelor syn pe
> secunda, dar nu cred ca asta e solutia.
> Si inca ceva: care este tipul de serviciu ('type of service') (S=0x ...)
> normal la un pachet syn normal pe portul 80? Ca in loguri la mine vad ca
> am: 0x60, 0x00, 0x02, 0x70, 0xC0, 0x6E, 0x2C, 0x82, 0x10, 0x1D.
> Multumesc.
>
>
> ---
> Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
> unsubscribe from this list.
>
---
Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
unsubscribe from this list.
