ArioS wrote:
Dear,
is it possible for squid to limit conn ? since two days ago, i got DoS
on my network to some sites (spamhaul / uribl etc). the trojan send
hundred request / sec to the host. it was take down my proxy (running
out of file descriptor). any possible way to avoid it ?
i tried to use acl to deny destinition host / ip... it was useless cause
proxy still accept request.. now i just manual monitoring then block the
ip using iptables.. anyone can help me ?
Firewall! ... oh good you already did that.
Unless you have access to the infected machine, thats probably all you
are able to do. If the PC is not a client of yours and you know the IP
you could try some back-tracking and report them to their ISP, see if
that helps.
Amos
