Date: Thu, 17 May 2007 23:15:27 +0300 From: "Abdullah Ibn Hamad Al-Marri" <almarrie@gmail.com> To: freebsd-pf@freebsd.org Subject: Best way to decrease DDoS with pf. Message-ID: <499c70c0705171315v3fcfe29fyfc046971c143e9d3@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hello, This isn't bandwidth issue, but filling the network buffer more than anything else, so there are no more free sockets, and I can't connect to the server via ssh, it's not syn as well. But mass connect to IRC server with small bw, and the server isn't lagged at all. Rate: 245,919 Packets Per Second What is the best way to deal with such DDoS? These msgs in in the ircd which I read when I'm opering up. *** Notice -- throttled connections from 86.213.48.25 (3 in 1 seconds) for 2 minutes (offense 1) *** Notice -- throttled connections from 189.12.134.86 (3 in 5 seconds) for 2 minutes (offense 1) *** Notice -- throttled connections from 80.98.165.210 (3 in 2 seconds) for 5 minutes (offense 2) *** Notice -- throttled connections from 85.66.74.255 (3 in 3 seconds) for 2 minutes (offense 1) *** Notice -- throttled connections from 81.0.97.75 (3 in 9 seconds) for 2 minutes (offense 1) *** Notice -- throttled connections from 86.213.48.25 (3 in 1 seconds) for 2 minutes (offense 1) -- Regards, -Abdullah Ibn Hamad Al-Marri Arab Portal http://www.WeArab.Net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?499c70c0705171315v3fcfe29fyfc046971c143e9d3>