how to stop the ddos ot dos attack ?
Jamie
jamie at floyd.gnulife.org
Wed Aug 27 20:53:01 PDT 2003
On Wed, 27 Aug 2003, Mike Hogsett wrote:
>
> > >i got a DoS attack, how i can stop it ?
> > >
> > >note:
> > > i have a lan network in my home, and DSL connection which is connected
> > >to the
> > >hub direct, and i have 3 pc's.
> > >
> > >thanks
> > >
> >
> > I use a firewall which allows a block of DoS IPs from any to any.... also
> > can close ports easily. Plus, if you log, you can then monitor the further
> > attempts....
>
> Unfortunately anything you do at the local end will not prevent bandwidth
> from being consumed on your link. Once it hits your local firewall to be
> dropped the traffic has already consumed bandwidth on your link.
>
> This may or may not be a concern. If the DOS is consuming a great deal of
> bandwidth than it probably is a concern and you may try contacting the
> abuse@ or other support addresses at your ISP and ask if they can filter
> this traffic before it hits your link.
>
> If you do want to consider a local firewall (which is a very good idea
> indeed) you may consider using a FreeBSD box in bridging mode between the
> DSL link and the local LAN. This FreeBSD box can do layer 3 (IP)
> filtering in bridging (layer 2 forwarding) mode.
>
> Some references :
> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.html
> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-bridging.html
> http://www.freebsd.org/doc/en_US.ISO8859-1/articles/filtering-bridges/article.html
>
> - Mike
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
If you have a dynamic IP address, you may get by power cycling your DSL
modem so you come up with another IP address. It's a cheap shot, but may
buy you some time online while you batten up the hatches.
- Jamie
"A friend is someone who lets you have total freedom to be yourself."
More information about the freebsd-questions
mailing list