Re: How to prevent from simple DoS?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Nov 21, 2007 1:09 PM, Sam Testuser <toximoron_x2@xxxxxxxxxxx> wrote:
> This sounds like a serious issue and the links/hints I have seen
> in this thread do not seem to acknowledge this fact.
>
> If it's a single IP address, then you can block it with the tool of
> your choice. That's obvious. But in a DDoS setting, your apache server
> is as dead as the parrot in Monthy Python. And what's worse:
> No logfile documenting the silent death. Just an impressive amount
> of connections in netstat. You can try to nail the attacking
> clients with mod_forensic, but it won't help you much.

DDoS is a read herring as far as I'm concerned.

If you have an attacker with a significant DDoS network there is
NOTHING you can do to stop them. They can simply send junk down the
line to tie up your network connection. No tool can prevent that.

>
>
> http://httpd.apache.org/docs/trunk/misc/security_tips.html#dos
> is a nice list of hints for general use, but regarding the attack
> in question, it sounds like a collection of spare time activities
> while you watch your server die.

A well-configured server (without third-party modules) plus a
well-configured firewall can withstand essentially all DoS attacks
where the attacker has resources proportional to the server.

> Under the line: If you are facing this sort of attack, then you are
> in serious trouble and there is little apache can do for you.

If the attacker has more resources than you do (a DDoS, for example),
then yes, you are screwed. But that is true for essentially any
network server.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux