mailing list archives
Re: any solutions against ddos attack??
From: Jon Kibler <Jon.Kibler () aset com>
Date: Tue, 10 Jun 2008 13:18:52 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Breno BF wrote:
I suggest you take a look at syn-cookies solution. Anyway, you did
not give enough information about what kind of DDOS to we help you.
SYN-cookies only fix one type of DDoS attack: SYN floods. These are in
the real minority these days and would do zero for most of today's DDoS
attacks. Also, they are implemented by default in many/most current *nix
O/Ses (don't know about Windows).
With botnets, protocol-based attacks (like SYN floods) are not as
serious an issue as they were a few years ago. Today, we have to worry
more about bandwidth starvation attacks, for which the only pseudo-cure
is anycast, which leaves TCP-based services still hard to protect.
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC USA
My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Filtered by: TRUSTEM.COM's Email Filtering Service
No Spam. No Viruses. Just Good Clean Email.