how to fight concurrent connection DOS attack to FreeBSD ftpd?
jackqq at gmail.com
Sat Nov 24 08:04:56 PST 2007
On Nov 24, 2007 10:34 PM, Zhang Weiwu <zhangweiwu at realss.com> wrote:
> I run a ftp site which is being attacked by someone who issue some 1000
> concurrent connection for downloading as anonymous. How can I fight back?
> If ftpd.conf is not the right manual page to read, can you suggest which
> configuration manual to read to fight back this attack? Thanks in advance!
Try wrapping your ftpd using inetd. There are some limits to max child
processes and max connections per ip in inetd.conf(5). An example for
ftp stream tcp nowait/50/10
root /usr/local/libexec/vsftpd vsftpd
Refer to the inetd.conf(5) manpage for more.
裘佺 (QIU Quan) <jackqq at gmail.com>
More information about the freebsd-questions