Date: Mon, 24 May 1999 08:39:26 +0200 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: Michael Richards <026809r@dragon.acadiau.ca> Cc: Brett Glass <brett@lariat.org>, freebsd-security@FreeBSD.ORG Subject: Re: Denial of service attack from "imagelock.com" Message-ID: <11146.927527966@critter.freebsd.dk> In-Reply-To: Your message of "Mon, 24 May 1999 02:00:12 -0300." <Pine.GSO.4.05.9905240157240.20631-100000@dragon>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.GSO.4.05.9905240157240.20631-100000@dragon>, Michael Richards writes: >On Sun, 23 May 1999, Brett Glass wrote: > >> The Webmasters on this list may want to look over their logs to see >> if they've been hit and not known it. grep your logs for imagelock.com; >> if you find that they're abusing your server, you may want to firewall >I noticed we were hit by them this evening. 1250 requests in a few >minutes. Since we're not running a firewall, is there a recommended method >of filtering such people out? I think I did it with apache, but I'm >wondering if there is a better method. Add a blackhole route to them: route add -net <IP> -netmask <MASK> 127.0.0.1 -blackhole -- Poul-Henning Kamp FreeBSD coreteam member phk@FreeBSD.ORG "Real hackers run -current on their laptop." FreeBSD -- It will take a long time before progress goes too far! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?11146.927527966>