From owner-freebsd-security  Mon Jul 29 11:10:29 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E1CD837B400
	for <security@FreeBSD.ORG>; Mon, 29 Jul 2002 11:10:25 -0700 (PDT)
Received: from mail.fpsn.net (mail.fpsn.net [63.224.69.57])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3F76C43E4A
	for <security@FreeBSD.ORG>; Mon, 29 Jul 2002 11:10:25 -0700 (PDT)
	(envelope-from cfaber@fpsn.net)
Received: from fpsn.net (unixgr.com [63.224.69.60])
	(authenticated)
	by mail.fpsn.net (8.11.6/8.11.6) with ESMTP id g6TIAKp10330;
	Mon, 29 Jul 2002 12:10:20 -0600 (MDT)
Message-ID: <3D4584DA.190EEB9C@fpsn.net>
Date: Mon, 29 Jul 2002 12:09:30 -0600
From: Colin Faber <cfaber@fpsn.net>
Organization: fpsn.net, Inc. (http://www.fpsn.net)
X-Mailer: Mozilla 4.78 [en] (Windows NT 5.0; U)
X-Accept-Language: en
MIME-Version: 1.0
To: Cyrus <cyrus@odsource.com>
Cc: security@FreeBSD.ORG
Subject: Re: counter apache DoS attacks?
References: <20020729050402.Q47608-100000@odsource.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

ipfw add deny tcp from <ip/mask> to any 80

;-)


Cyrus wrote:
> 
> Several people get their jollies off by having differnet servers
> infinitely request my main page thousands of times each therefore shooting
> my memory to poo and a lot of bandwidth. But my problem is the memory, not
> the bandwidth. I've looked through mod_throttle and such, not for me. Is
> there anything out there that can automatically detect and take an action
> for this type of attack? I dunno...like use route on the offenders IP and
> such. But for it to do this automatically. Anyone have any suggestions?
> Thanks in advance.
> 
> -Cyrus
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message

-- 
Colin Faber
(303) 736-5160
fpsn.net, Inc.

* Black holes are where God divided by zero. *

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message