Re: Help to defend from DOS web attacks
- From: Jan Heisterkamp <janheisterkamp@xxxxxx>
- Date: Fri, 26 Oct 2007 12:43:27 -0600
Hi Emanuel,
depending on which flavor of DoS you detected, this article might be helpful for you:
http://www.securityfocus.com/infocus/1729
saludos
Jan
Breno Brand Fernandes schrieb:
Hi Emanuel,
You can't block the attackers IPs, because they often use random sources. So, you should limit the packets which use SYN flag activeted, and use some protection like syn cookie that dont let the attack allocate so memory in your gateway.
Att,
Breno Brand Fernandes
----- Original Message ----- From: "Emanuel Marufo" <marufos@xxxxxxxxx>
To: <security-basics@xxxxxxxxxxxxxxxxx>
Sent: Thursday, October 25, 2007 11:41 PM
Subject: Help to defend from DOS web attacks
Hello,
Recently somebody attack my web server, and i thinking defend from that.
I readed the next article:
http://www.quadrunner.com/index.php?option=com_content&task=view&id=151&Itemid=2
but i want to know if can config a snort/portsentry to block attackers ip's.
--
Grupo Ampersand S.A.
IT-Security Consultants & Auditors
Apdo. 924 Escazu 1250
Costa Rica C.A.
Phone: (506)588-0432
ceo_at_ampersanded.com [corp.]
janheisterkamp_at_web.de [priv.]
- References:
- Help to defend from DOS web attacks
- From: Emanuel Marufo
- Re: Help to defend from DOS web attacks
- From: Breno Brand Fernandes
- Help to defend from DOS web attacks
- Prev by Date: RE: LAN issue
- Next by Date: RE: DMZ - Question
- Previous by thread: Re: Help to defend from DOS web attacks
- Next by thread: Website\Tool listing version numbers of sec tools ?
- Index(es):
