Date: Sun, 5 Jan 2003 17:04:03 -0700 From: "Sean J. Countryman" <sean@rackoperations.com> To: "FreeBSD Questions" <freebsd-questions@FreeBSD.ORG>, "Michael" <mike@unixhideout.com> Subject: RE: DOS ATTACK. Any Suggestions? Message-ID: <EOELLBCOGJPNEBBJEKDKIEMNEOAA.sean@rackoperations.com> In-Reply-To: <2720.192.168.1.10.1041807203.squirrel@email.unixhideout.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> As soon as my site gets big and i have a >lot of users in irc, some little jealous network comes along and destroys >what i worked on. The last time this happened my ISP shut ME off because >it took out one of their facilities. I think this is your core problem... In all my years working tech support, I've seen that the vast majority of people being DOSed fall into three categories, Child Porn, Spammers, and IRC. If you run IRC, you will be DOSed by some snot nosed script kiddie. You are 100% correct in your assessment of their mentality, they basically find the only place where they can be "the man" is behind a keyboard, the sad thing is most of them don't have the slightest idea about the code behind their tools, they just know how to run them. The only way to get rid of a DOS attack is to either ride it out until they get bored, or contact your host and ask their network engineers to null route the source IP's that are sending to you. You could use IPFW to block those network packets at your kernel level, but by then the packets have already came down the wire to your server and have already affected you. If the network techs can null route the DOS upstream of you, then you should be able to remain online. Good Luck. One last thing, I had some fool trying to DOS me once from his own IP address. I simply portscanned him with Nmap and suddenly he just blinked off line. I guess it scared him sufficiently to go to sleep. - Sean To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?EOELLBCOGJPNEBBJEKDKIEMNEOAA.sean>