how to respond to possible attacks
Siraj Shaikh
siraj.shaikh at gmail.com
Sat Mar 8 23:11:08 UTC 2008
On 08/03/2008, Robin Becker <robin at reportlab.com> wrote:
> Sorry if this is too off topic, but I would like to find out what to do
> when you suspect a possible dos attack on your system. I know there are
> many experienced sysadmins here.
> Although my system (freebsd 6.0/apache 2.0.x) did in fact hold up, what
> steps should I be taking? The originating ip doesn't seem to be reverse
> mappable.
> --
Robin
Are you only interested in finding out about the source of these
attacks, have you got some firewall configured? Is there any
particular service being targeted, what kind of packets are coming
through?
Also, making sure if the same ip is targetting any other hosts on your
network, or any previous attempts at probing this machine or other
hosts.
More information about the freebsd-questions
mailing list