Date: Fri, 10 Jan 2003 12:04:09 -0800 From: Terry Lambert <tlambert2@mindspring.com> To: nbari@unixmexico.com Cc: freebsd-isp@freebsd.org Subject: Re: DOS attack Message-ID: <3E1F2739.7BBFB04F@mindspring.com> References: <10497.148.243.246.5.1042225375.squirrel@mail.unixmexico.com>
next in thread | previous in thread | raw e-mail | index | archive | help
nbari@unixmexico.com wrote: > Hi was victim of a DOS attack, my server was out for about 5 hours, > services like web and email where down. > > I am using round robind dns for a load balancing, but this only help for > my web services, any idea on how can i make a redundant service for web > and email services? something like mysql does with his replication > function? SMTP is handled via MX records in your DNS; just set up backup mail exchangers. POP3/IMAP4 is problematic. The data there has locality on the server, and there's no way, short of storing you data in a shared storage area, to guarantee accessability from more than one front end server. One possible approach is to use a small proxy, and when the proxy server is DDOS'ed, just switch over to a different proxy server. This works better for IMAP (persistant connections) than for POP3 (new conection on each download attempt). In any implementation, your "real" back end servers should only be reachable from the fornt end servers, so that a DDOS on one back end server does not starve a bunch of front end servers. The typical way this is handled is by buying a load balancer and configuring it to act as a "circuit breaker". This assumes that the load balancer knows how to shed load properly, such that it won't livelock, and can't be overwhelmed (e.g. RED-queuing, etc.). > I don't want to use hardware only software Looks like you are going to be spending money on rack space and PCs doing no useful work, other than running proxies. You can get an IMAP4 proxy from the Cyrus project; there are POP3 proxies out there (search for them), or you can write your own. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E1F2739.7BBFB04F>