Re: [SLE] Firewall is getting hammered...help
From: js (fyrbrds_at_netscape.net)
Date: 09/29/03
- Previous message: Trey Gruel: "Re: [SLE] 9.0 coming tomorrow (Sep. 30)? BEWARE"
- In reply to: gary: "Re: [SLE] Firewall is getting hammered...help"
- Next in thread: Stephen: "Re: [SLE] Firewall is getting hammered...help"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 29 Sep 2003 22:55:19 +0200 To: "suse-linux-e@suse.com" <suse-linux-e@suse.com>
gary wrote:
>
> from the C/L
>
> iptables -A INPUT -s worse.IP.Addresses -d 0/0 --proto all -j DROP
>
> set it, and forget it.
>
>
This will only help him so much. Those packets will still keep hitting
his firewall and taking up processing time and bandwidth. It will keep
the packets from clogging up his internal network, but will do nothing
for internal-to-external throughput. If you are getting so many that
your external bandwidth is being eaten up you should contact your isp
and have them track the main offenders to their sources because this
would most likely be a coordinated DOS attack. 10,000 a day won't
qualify, since depending on your config you might get that many per
second in *real* DOS attack, but you have to decide what is cripling for
your network.
JS
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
- Previous message: Trey Gruel: "Re: [SLE] 9.0 coming tomorrow (Sep. 30)? BEWARE"
- In reply to: gary: "Re: [SLE] Firewall is getting hammered...help"
- Next in thread: Stephen: "Re: [SLE] Firewall is getting hammered...help"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
