From owner-freebsd-questions Tue Apr 17 12:38: 2 2001 Delivered-To: freebsd-questions@freebsd.org Received: from smtp.pace.edu (ntutil.pace.edu [205.232.111.9]) by hub.freebsd.org (Postfix) with ESMTP id 638CC37B42C for ; Tue, 17 Apr 2001 12:37:58 -0700 (PDT) (envelope-from js43064n@stmail.pace.edu) Received: from stmail.pace.edu (205.232.111.7:3120) by smtp.pace.edu (LSMTP for Windows NT v1.1b) with SMTP id <0.A889721A@smtp.pace.edu>; Tue, 17 Apr 2001 15:37:56 -0400 Date: Tue, 17 Apr 2001 15:37:49 -0400 Message-Id: <200104171537.AA1657537042@stmail.pace.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii From: "Jonathan Slivko" Reply-To: To: , "Terry Witherspoon" Subject: Re: Avoiding denial of service. X-Mailer: Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Terry, I know this doesn't answer the question directly, but I will pass this little piece of knowledge from my own systems: I have a system that is constantly being DoS'd. But, what I do to combat those DoS' is I have 2 IP's, each from different providers, one of which is hidden which no one knows about. So, if you are DoS'ed, you can log in on the "secret" IP and then bring down the other interface and then sandbag the IP. However, as far as port 800 goes, you might try and talk to your ISP into giving you some kind of active firewalling from their network, just in case that you do get attacked. I hope this helps. -- Jonathan M. Slivko ---------- Original Message ---------------------------------- From: "Terry Witherspoon" Date: Tue, 17 Apr 2001 12:19:19 -0500 > >Hi, > >I've built several name servers running BIND 8.2.3. >I allow SSL connections to port 800 on each where I'm >running a web server. I'd like to avoid denial of >service on the name servers. There are already >DOS attacks in neighboring networks but as yet they've >not hit me. I have been portscanned a couple of times. >I've a Cisco router with an access list for port 800. >What knobs can I change to reduce impact of DOS? I do >not manage the Cisco but the network guy would implement >any acl I ask for. SHould I do something there too? These >are important servers for maybe 10,000 users. > >Thanks for any advice , TW > >_________________________________________________________________ >Get your FREE download of MSN Explorer at http://explorer.msn.com > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > -- ~~~~ Jonathan M. Slivko Systems Administrator, DataSyrge Internet Services Global IRC Operator, AsylumNet IRC Network ~~~~ -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message