Help!! network traffic limit function of iptables didn't work effectively to repel DoS attack.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi!
    To defend DoS attack,iptables implement rate-limit function. Today I used a DoS-type attack tool to syn-flood the targeted machine, the CPU load of the machine rised sharply to 90%. Then I add a iptables limit rule in which limit rate is 3/min, but the result was dissapointed for the load of CPU was still 90%. So I deduced that traffic limit function could't repel DoS attack effectively.  If somebody is interested in my experiment, I can mail him my hacker software.

B.T.W
   The DoS tool I used is run on Windows platform. 


cheers
Feng Xian
            fxian_2003@mails1.hust.edu.cn
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux