how to respond to possible attacks

Siraj Shaikh siraj.shaikh at
Sat Mar 8 23:11:08 UTC 2008

On 08/03/2008, Robin Becker <robin at> wrote:
> Sorry if this is too off topic, but I would like to find out what to do
> when you suspect a possible dos attack on your system. I know there are
> many experienced sysadmins here.
> Although my system (freebsd 6.0/apache 2.0.x) did in fact hold up, what
> steps should I be taking? The originating ip doesn't seem to be reverse
> mappable.
> --


Are you only interested in finding out about the source of these
attacks, have you got some firewall configured? Is there any
particular service being targeted, what kind of packets are coming

Also, making sure if the same ip is targetting any other hosts on your
network, or any previous attempts at probing this machine or other

More information about the freebsd-questions mailing list