-
February 20th, 2006, 01:13 AM
#11
the pipe is still full and the DoS is still effective.
Not necessarily.... DoS isn't just filling a pipe...
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
February 20th, 2006, 01:52 AM
#12
Of course it isn't... But enabling syncookies for example is not going to completely alleviate the effects of a syn flood. You still have to deal with the loss of bandwith. And on what is most likely a 3 meg line at most.... THis could be considerable. SOmeone is obviously after him for some reason.
This is why I suggest talking to the provider. If you can take care of the attack upstream via some sort of filter....
-
February 20th, 2006, 03:07 AM
#13
DoS can be caused by a system issue.... It's not all about filling a pipe... a DDoS is but a DoS is a denial of service... There's other ways of denying service than just filling a pipe....
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
February 21st, 2006, 01:34 AM
#14
MadAxe, may I suggest you build yourself a Linux gateway and implement IPtables? There are tons of resources and HOWTO's out there that will help you understand the basics. Then there are a plethora of home-grown scripts that allow you to do traffic shaping, QoS, rate-limiting and SYN protection. You could grab any Pentium class machine and add two NIC cards and enable IP forwarding through the IPtables firewall. With this design you will not only have more flexibility on stopping the attacks but you'll learn some kick-ass networking skills too
The existing hardware can be attached like so:
---- INTERNET -----
|
|
LINUX
FIREWALL
|
|
LINKSYS (RTR / SWITCH / WIFI)
| \
| \
PC PC
Here are some great resources:
- FrozenTux IPTables Tutorial
- Clarke Connect Home Edition (this baby runs off a CD, has Intrusion Prevention, Anti-Spam, VPN, Content Filtering and a Firewall)
- Lutewall is really cool and easy to use too...
Finally, search AntiOnline for some of the members' tutorials on building a firewall as they are very helpful as well.
Hope this helps you in dealing with your problem.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|