how to stop the ddos ot dos attack ?
Mike Hogsett
hogsett at csl.sri.com
Wed Aug 27 18:18:30 PDT 2003
> >i got a DoS attack, how i can stop it ?
> >
> >note:
> > i have a lan network in my home, and DSL connection which is connected
> >to the
> >hub direct, and i have 3 pc's.
> >
> >thanks
> >
>
> I use a firewall which allows a block of DoS IPs from any to any.... also
> can close ports easily. Plus, if you log, you can then monitor the further
> attempts....
Unfortunately anything you do at the local end will not prevent bandwidth
from being consumed on your link. Once it hits your local firewall to be
dropped the traffic has already consumed bandwidth on your link.
This may or may not be a concern. If the DOS is consuming a great deal of
bandwidth than it probably is a concern and you may try contacting the
abuse@ or other support addresses at your ISP and ask if they can filter
this traffic before it hits your link.
If you do want to consider a local firewall (which is a very good idea
indeed) you may consider using a FreeBSD box in bridging mode between the
DSL link and the local LAN. This FreeBSD box can do layer 3 (IP)
filtering in bridging (layer 2 forwarding) mode.
Some references :
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.html
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-bridging.html
http://www.freebsd.org/doc/en_US.ISO8859-1/articles/filtering-bridges/article.html
- Mike
More information about the freebsd-questions
mailing list