> Hi, > > Thanks for your help. > > After a bit of struggle the problem with my initial attempt turned out > to be a non-documented parameter in the "route add" command of my > router. > > Parameter problem solved, all I had to do was activate the two ethernet > cards in my linux server #1 (IP Forward was already enabled) > and...done! > > Now I have a more complicated issue. Even though my linux servers area > protected from the Slapper worm (OpenSSL updated), my internet link > shows a usage of 50% even when all my servers are down! > > Im assuming it originates from a DoS attack. > > I had IPChains configured to protect my linux server. > > Now I want to use HTB, and it seems HTB requires IPTables. > > Is it possible to use IPTables to prevent or minimize the effect of DoS > attacks ?
Unless your internet connection is 10Mbit or greater, I'd guess that there really is nothing you can do yourself to stop the effect of the worm (i.e. if it is similar to your local network. If your local is 100Mbit or 1Gbit then I doubt you can do anything no matter what :-) In my case I got my ISP to filter all UDP on port 2002 - that's the worm I got. My solution was to actually turn my connection off for 2 days until the filter was in place - they wouldn't do it on the weekend :-( (I suggested they do it for everyone everywhere) I think my ISP has done it at their many connections to the rest of the net also (I'm impressed since they are one of the bigger ISP's in the country - definitely top 10 - probably top 5 :-) Basically, since the data comes to your router no matter what your router does, it will not help your internet connection to filter it. Of course you SHOULD filter it - but it will not stop it from arriving and thus it will use bandwidth. -- -Cheers -Andrew MS ... if only he hadn't been hang gliding! _______________________________________________ Seawolf-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/seawolf-list
