Home page logo

basics logo Security Basics mailing list archives

Re: Help to defend from DOS web attacks
From: Jan Heisterkamp <janheisterkamp () web de>
Date: Fri, 26 Oct 2007 12:43:27 -0600

Hi Emanuel,

depending on which flavor of DoS you detected, this article might be helpful for you:

Breno Brand Fernandes schrieb:
Hi Emanuel,
You can't block the attackers IPs, because they often use random sources. So, you should limit the packets which use SYN flag activeted, and use some protection like syn cookie that dont let the attack allocate so memory in your gateway.

Breno Brand Fernandes

----- Original Message ----- From: "Emanuel Marufo" <marufos () gmail com>
To: <security-basics () securityfocus com>
Sent: Thursday, October 25, 2007 11:41 PM
Subject: Help to defend from DOS web attacks


Recently somebody attack my web server, and i thinking defend from that.

I readed the next article:

but i want to know if can config a snort/portsentry to block attackers ip's.

Grupo Ampersand S.A.
IT-Security Consultants & Auditors
Apdo. 924  Escazu 1250
Costa Rica C.A.
Phone: (506)588-0432
ceo_at_ampersanded.com  [corp.]
janheisterkamp_at_web.de [priv.]

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]