I found the article I was reading before about a tarpitting solution that doesn't simply take the website offline.
http://www.secureworks.com/research/threats/ddos/ Tom Eastep wrote: > Christ Schlacta wrote: >> I'm aware of, but have never tried a technique called tarpitting that >> is supposed to be very useful in your situation. > > tarpitting a DDOS attack against a legitimate website takes the site > offline. > > The TARPIT target is available in xtables-addons and it is easy to > construct an action to invoke it: > > Assuming shorewall-perl.... > > /etc/shorewall/actions: > > Tarpit > > /etc/shorewall/action.Tarpit > > <empty file> > > /etc/shorewall/Tarpit: > > use Shorewall::Chains; > > add_rule $chainref, "-p tcp -j TARPIT"; > > /etc/shorewall/rules > > Tarpit net ... tcp 80 - ... > > -Tom > > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------------ > Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day > trial. Simplify your report design, integration and deployment - and focus on > what you do best, core application coding. Discover what's new with > Crystal Reports now. http://p.sf.net/sfu/bobj-july > > > ------------------------------------------------------------------------ > > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
