RE: DOS ATTACK

From: Jose Nazario (joseat_private)
Date: Mon Oct 28 2002 - 19:21:43 PST

Next message: Jonathan A. Zdziarski: "Apache DoS Module Patch (WAS RE: DOS ATTACK)"

Previous message: Rob Keown: "RE: DOS ATTACK"
In reply to: David Vincent: "RE: DOS ATTACK"
Next in thread: McCammon, Keith: "RE: DOS ATTACK"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 28 Oct 2002, David Vincent wrote:

> add a firewall (such as the wonderful kerio personal firewall -
> http://www.kerio.com) and block that IP from accessing the machine.

work with your service provider to block it as far upstream as possible. a
simple tracepath or prtraceroute [1] will help you see how far your
service provider's network goes back towards that source. firewalling at
your system, once its flooded your bandwidth, is a waste of effort.

1. http://monkey.org/~jose/software/tracepath/

___________________________
jose nazario, ph.d.			joseat_private
					http://www.monkey.org/~jose/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Jonathan A. Zdziarski: "Apache DoS Module Patch (WAS RE: DOS ATTACK)"
Previous message: Rob Keown: "RE: DOS ATTACK"
In reply to: David Vincent: "RE: DOS ATTACK"
Next in thread: McCammon, Keith: "RE: DOS ATTACK"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Oct 28 2002 - 21:27:49 PST