nanog mailing list archives
Re: Mitigating HTTP DDoS attacks?
From: Mike Lewinski <mike () rockynet com>
Date: Mon, 24 Mar 2008 18:01:42 -0600
Paul Vixie wrote:
i only use or recommend operating systems that have their own host based firewalls. soon that will mean pf (from openbsd but available on freebsd)
pf's tables are nifty too btw :)pfsense, which is FreeBSD + pf, also has a port of snort IDS available. Provided the OP has a signature of the attack he can match on, there's a wholly open-source solution (I know snort can be configured inline to drop packets on a filtering bridge, but of course you've got the problems of half-open connections accumulating as well as the potential for migration to https).
Current thread:
- Mitigating HTTP DDoS attacks? Mike Lyon (Mar 24)
- Re: Mitigating HTTP DDoS attacks? Roland Dobbins (Mar 24)
- Re: Mitigating HTTP DDoS attacks? Tim Yocum (Mar 24)
- Re: Mitigating HTTP DDoS attacks? Roland Dobbins (Mar 24)
- Re: Mitigating HTTP DDoS attacks? Tim Yocum (Mar 24)
- Re: Mitigating HTTP DDoS attacks? Paul Vixie (Mar 24)
- Re: Mitigating HTTP DDoS attacks? Mike Lewinski (Mar 24)
- Re: Mitigating HTTP DDoS attacks? Barney Wolff (Mar 24)
- Re: Mitigating HTTP DDoS attacks? Peter Dambier (Mar 25)
- Re: Mitigating HTTP DDoS attacks? Paul Wall (Mar 25)
- Re: Mitigating HTTP DDoS attacks? Roland Dobbins (Mar 24)
- RE: Mitigating HTTP DDoS attacks? Frank Bulk - iNAME (Mar 24)
- Re: Mitigating HTTP DDoS attacks? Roland Dobbins (Mar 24)
- Re: Mitigating HTTP DDoS attacks? Rodrick Brown (Mar 24)
- Re: Mitigating HTTP DDoS attacks? Steven M. Bellovin (Mar 25)
- RE: Mitigating HTTP DDoS attacks? Darden, Patrick S. (Mar 25)
- <Possible follow-ups>
- Re: Mitigating HTTP DDoS attacks? Roger Marquis (Mar 24)