PaulDotCom mailing list archives
DDOS
From: bcg at struxural.com (Ben Greenfield)
Date: Thu, 22 Apr 2010 11:21:16 -0400
Just for clarification, are you saying that on a recent pentest the testers performed DoS attacks? Or just that they uncovered potential vulnerabilities that create a greater exposure to DoS attacks? If so, did you know in advance that an active DoS attack would be include as part of the testing scope? It's just not standard operating procedure in my world to perform a DoS on a pentest, and in fact it's extremely taboo. The only time we would ever perform DoS style attacks on a pentest is if the client explicitly asked us to, and those requests are usually just to help do load testing. On Thu, Apr 22, 2010 at 3:37 AM, Karl Bailey <karlrobertbailey at googlemail.com> wrote:
We had a recent pen test that highlighted allot of problems on our infrastructure with DoS, things like slowaris causing issues, I've been considering using iptables to limit the number of connections from a single IP ... not allot of help with a DDoS, but would have saved us allot of grief as the pen testing all came from 3 IP addresses, is there something a little cleverererer iptables can do around dropping bad traffic? Regards Karl On Tue, Apr 20, 2010 at 10:36 PM, Geoff Shukin <shukin at gsenterprises.biz> wrote:Hi! I am curious to know what folks are doing to combat the issue of DDOS attacks.? I have heard about solutions from Arbor and TopLayer but wonder if they are effective.? Are there any other suggestions out there in PaulDotCom land? We have seen DDOS attacks against one of our websites (using a combination of ICMP, TCP SYN and UDP flood attacks). Firewall stops the attacks in that the web servers are ok but the firewall falls over with 100% CPU. Thanks Geoff _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-- -- Benjamin C. Greenfield, CISSP bcg [at] struxural.com Domains and Hosting for Less from Struxural: http://www.struxural.com