Date: Tue, 7 Dec 2004 13:13:32 GMT From: "RoyalShells Admin" <sody@royalshells.com> To: freebsd-net@freebsd.org Subject: WATCHING DDOS ATTACKS Message-ID: <1102425212.94706@loyalness.com>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. --bound1102425212 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 7bit Hi, I have problem with D.o.S and DD.o.S attacks. I wonder if someone already wrote/know about a module that works like pop_before_smtp, it watches /var/log/security and if it sees that in the past 30 seconds many packets were received to an IP it unbinds its (ifconfig em0 ip delete), and tracks the list of unbounded IPs, tries to readd the IP again after 5 minutes (for example). Thanks in advance, Sami --bound1102425212--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1102425212.94706>