From owner-freebsd-questions  Mon Sep 25  7:57:21 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from mgw1.MEIway.com (mgw1.meiway.com [212.73.210.75])
	by hub.freebsd.org (Postfix) with ESMTP id 9E97837B424
	for <freebsd-questions@freebsd.org>; Mon, 25 Sep 2000 07:57:11 -0700 (PDT)
Received: from mail.Go2France.com (ms1.meiway.com [212.73.210.73])
	by mgw1.MEIway.com (Postfix Relay Hub) with ESMTP id E76F36A905
	for <freebsd-questions@freebsd.org>; Mon, 25 Sep 2000 16:57:09 +0200 (CEST)
Received: from sv.Go2France.com [212.73.210.79] by mail.Go2France.com with ESMTP
  (SMTPD32-6.04) id A8A74B000086; Mon, 25 Sep 2000 17:00:55 +0200
Message-Id: <5.0.0.25.0.20000925165301.08232d40@mail.Go2France.com>
X-Sender: lconrad%Go2France.com@mail.Go2France.com
X-Mailer: QUALCOMM Windows Eudora Version 5.0
Date: Mon, 25 Sep 2000 16:57:42 +0200
To: freebsd-questions@freebsd.org
From: Len Conrad <lconrad@Go2France.com>
Subject: Re: question
In-Reply-To: <39CF6209.5AAD0F8D@reif.cncdsl.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


>I have searched extensively for info on this subject and
>have found nothing. I admin a server

server of what?

>which gets allot of bad requests

request for what?

>I asked a real Unix guru about the problem and he recommended
>using tar pitting. The idea is that every time a bad request
>is generated by an I.P. the time the server takes to respond is
>increased.
>Example:
>Bad request #1. server answers with 401 error in 1 second
>Bad request #1. server answers with 401 error in 2 seconds
>Bad request #1. server answers with 401 error in 4 seconds
>
>This sounds like the perfect answer to many problems with
>a variety of server attacks. The problem is I can only find
>info on the subject relating to spam mail and sendmail.

www.postfix.org, configuration, UCE, tarpitting is supported, and you 
might also look at other UCE defenses, plus perhaps set up a 
relay-onlyh mail hub to front-end short-circuit this crap before it 
gets to your mailbox server.

IMGate in my sig is a FreeBSD/postfix gateway playing just this for 
Imail, but the approach is not tied any brand of mail server.

Len


http://BIND8NT.MEIway.com: ISC BIND 8.2.2 p5  installable binary for NT4
http://IMGate.MEIway.com:  Build free, hi-perf, anti-spam mail gateways



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message