how to fight concurrent connection DOS attack to FreeBSD ftpd?
Quan Qiu
jackqq at gmail.com
Sat Nov 24 08:04:56 PST 2007
On Nov 24, 2007 10:34 PM, Zhang Weiwu <zhangweiwu at realss.com> wrote:
> I run a ftp site which is being attacked by someone who issue some 1000
> concurrent connection for downloading as anonymous. How can I fight back?
>
> If ftpd.conf is not the right manual page to read, can you suggest which
> configuration manual to read to fight back this attack? Thanks in advance!
>
Try wrapping your ftpd using inetd. There are some limits to max child
processes and max connections per ip in inetd.conf(5). An example for
vsftpd:
ftp stream tcp nowait/50/10
root /usr/local/libexec/vsftpd vsftpd
Refer to the inetd.conf(5) manpage for more.
--
裘佺 (QIU Quan) <jackqq at gmail.com>
More information about the freebsd-questions
mailing list