Date: Wed, 27 Aug 2003 22:53:19 -0500 (CDT) From: Jamie <jamie@floyd.gnulife.org> To: Mike Hogsett <hogsett@csl.sri.com> Cc: ZaiD Dashti <zaiddashti@hotmail.com> Subject: Re: how to stop the ddos ot dos attack ? Message-ID: <20030827225209.L5040-100000@floyd.gnulife.org> In-Reply-To: <200308280118.h7S1IRFv004838@quarter.csl.sri.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 27 Aug 2003, Mike Hogsett wrote: > > > >i got a DoS attack, how i can stop it ? > > > > > >note: > > > i have a lan network in my home, and DSL connection which is connected > > >to the > > >hub direct, and i have 3 pc's. > > > > > >thanks > > > > > > > I use a firewall which allows a block of DoS IPs from any to any.... also > > can close ports easily. Plus, if you log, you can then monitor the further > > attempts.... > > Unfortunately anything you do at the local end will not prevent bandwidth > from being consumed on your link. Once it hits your local firewall to be > dropped the traffic has already consumed bandwidth on your link. > > This may or may not be a concern. If the DOS is consuming a great deal of > bandwidth than it probably is a concern and you may try contacting the > abuse@ or other support addresses at your ISP and ask if they can filter > this traffic before it hits your link. > > If you do want to consider a local firewall (which is a very good idea > indeed) you may consider using a FreeBSD box in bridging mode between the > DSL link and the local LAN. This FreeBSD box can do layer 3 (IP) > filtering in bridging (layer 2 forwarding) mode. > > Some references : > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.html > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-bridging.html > http://www.freebsd.org/doc/en_US.ISO8859-1/articles/filtering-bridges/article.html > > - Mike > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > If you have a dynamic IP address, you may get by power cycling your DSL modem so you come up with another IP address. It's a cheap shot, but may buy you some time online while you batten up the hatches. - Jamie "A friend is someone who lets you have total freedom to be yourself."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030827225209.L5040-100000>