From owner-freebsd-questions@FreeBSD.ORG  Mon Mar 15 19:51:01 2010
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A9DB81065670
	for <freebsd-questions@freebsd.org>;
	Mon, 15 Mar 2010 19:51:01 +0000 (UTC) (envelope-from bogdan@pgn.ro)
Received: from mail-bw0-f216.google.com (mail-bw0-f216.google.com
	[209.85.218.216])
	by mx1.freebsd.org (Postfix) with ESMTP id 48BF78FC1B
	for <freebsd-questions@freebsd.org>;
	Mon, 15 Mar 2010 19:51:00 +0000 (UTC)
Received: by bwz8 with SMTP id 8so3299288bwz.3
	for <freebsd-questions@freebsd.org>;
	Mon, 15 Mar 2010 12:50:59 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.204.9.153 with SMTP id l25mr5254665bkl.208.1268682659608; Mon, 
	15 Mar 2010 12:50:59 -0700 (PDT)
Date: Mon, 15 Mar 2010 21:50:59 +0200
Message-ID: <c81e6afd1003151250kd0c0375ya5e69b9731a96b84@mail.gmail.com>
From: Bogdan Webb <bogdan@pgn.ro>
To: freebsd-questions@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Subject: Info on DOS mitigation, kernel configuration for DOS mitigation
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Mar 2010 19:51:01 -0000

Hello everyone!

First of all i would like to apologize to anyone who finds my appeal a lazy
man's choice, actually it's indeed lazy but it's the best way to get an
answer from a valid source. My problem is a potential DOS/DDOS... i know a
forever talked about issue... i've already searched the freebsd's mailing
lists and found some mitigation techniques, to bad that google ain't that
familiar with FreeBSD, and searchin' for guides is a pain... I recall
finding a mitigation technique that involved bandwidth shaping and other ...
I'm using a FreeBSD 7.2-p7 with ipfw and upon testing the rules in those
guides it alerted me that bandwidth modules weren't included in the bsd's
kernel... Anyway could anyone provide me with a good BSD walk trough for DOS
mitigation and if needed kernel modules and kernel module integration, mabe
other firewall (but with extended howto..) ... (basically anything regarded
to floods)

Thanks in advance!