StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
text
Body
copied!<p>Whatever you do against DoS-Attacks, think if what you do may actually increase the the load required to handle malicious or unwanted requests!</p> <p>If you are using Linux then you should read this article:<br> <a href="http://linuxgazette.net/137/takefuji.html" rel="nofollow noreferrer">Rule-based DoS attacks prevention shell script</a> (from Linux Gazette) It has the following topics:</p> <ul> <li>How to detect DoS attacks from /var/log/secure file</li> <li>How to reduce redundant detected IPs from the temporary file</li> <li>How to activate /sbin/iptables</li> <li>How to install the proposed shell script</li> </ul> <p>Applying this without properly restricting the number of blocked IPs in iptables may intro a DoS-Vulnerability by increasing the requiered resources to handel unsolicited requests. To reduces that risk use <a href="http://ipset.netfilter.org/ipset.man.html" rel="nofollow noreferrer">ipset</a> to match IP-Addresses in iptables.</p> <p>Also, read about <a href="http://hostingfu.com/article/ssh-dictionary-attack-prevention-with-iptables" rel="nofollow noreferrer">ssh dictionary attack prevention using iptables</a>. (enabling iptables with stateful firewalling as suggested here does not protect against most DoS-Attacks against but may actually <em>ease</em> DoS-Attacks that pollute your RAM with useless state info.)</p> <p>New to Linux? read the <a href="http://www.ibm.com/developerworks/linux/library/l-roadmap5/" rel="nofollow noreferrer">Windows-to-Linux roadmap: Part 5. Linux logging</a> of IBM.</p> <p>Good Luck!</p>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload