Re: dos attack solution or not
From: SysAdm (me_at_here.com)
Date: 06/28/04
- Next message: SysAdm: "Re: dos attack solution or not"
- Previous message: \: "Re: do firewalls really work?"
- In reply to: Duane Arnold: "Re: dos attack solution or not"
- Next in thread: Duane Arnold: "Re: dos attack solution or not"
- Reply: Duane Arnold: "Re: dos attack solution or not"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 28 Jun 2004 19:22:46 +0000 (UTC)
Duane Arnold <notme@notme.com> wrote in
news:Xns95163E3255B8notmenotmecoml@204.127.204.17:
> "aha" <c> wrote in news:40dfc386$0$124$1b2cd167@news.wanadoo.nl:
>
>> a dos attack happens when 1000's pc sends out 1000's calls for
>> connection request ,why can a firewall
>> not count the number of req from a ip number to the server and grant
>> only one req every 20 sec or so ?
>> this way the server is shielded from the attacker.
>>
>> or is this way to simple,
>> abe
>
> I don't know. To me, just setting a network FW to not respond to pings
> may be a viable solution. Or the ability to set rules on a FW
> appliance to block the IP for a certain amount of time would be viable
> also.
>
> Duane :)
>
ping floods are one of the easiest things to rate-limit for ISPs and
besides, pings are a fairly lame dDos. dDos attacks tend to be based on
service ports these days (either existing or freshly installed).
blocking the source IP for a timelimit is also a potential nightmare as
the source IP in a dDos attack is usually a zombie.
SysAdm
- Next message: SysAdm: "Re: dos attack solution or not"
- Previous message: \: "Re: do firewalls really work?"
- In reply to: Duane Arnold: "Re: dos attack solution or not"
- Next in thread: Duane Arnold: "Re: dos attack solution or not"
- Reply: Duane Arnold: "Re: dos attack solution or not"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
