Re: Bug in the wiki

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jul 6, 2022 at 12:26 PM Frank Myhr <fmyhr@xxxxxxxxxxx> wrote:
> * I agree that your modifications will counter a single-ip ping flood
> attack. Whether that attack is significant compared with, say, DDoS ping
> floods or attacks against other services, will depend on the particulars
> of your installation. If the single-ip ping flood *is* a big concern, it
> may be better to use a different ruleset construction with icmp in a
> dedicated chain.

The discussion about netfilter/conntrack approach is really not at my
level, but regarding the attack scenario, It's more of a total packets
issue.

If each source is allowed to send unlimited (let's say 100) packets,
then the attack could ramp at 100*5 packets per second, so after 60
minute could be at 1.8M packets/s.

This limits the reach of my knowledge about any of this :D I just
tried to get this configuration working for me.

Thanks



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux