| Randall A Sindlinger on 14 Mar 2011 11:03:32 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] DoS protection |
OSSEC, maybe? http://www.ossec.net/ not sure that piece fits in this puzzle... -Randall On Mon, Mar 14, 2011 at 12:40:41PM -0500, Jeff Bailey wrote: > Hey all... > > I'm curious as to whether anyone has any input on methods of Denial of Service attack protection, specifically for an exposed DNS server. > > I've been looking at snort and bro, but was wondering what anyone's input would be... Are there any other options? > > Is this something that can (or "should") be handled more simply by iptables? One of my potential issues with snort is that it looks like there might be a lot of tuning involved - these will be deployed at customer sites, and I'm not confident that we''ll have the ability to do that tuning for them, nor that they'll have the desire/ability to do it themselves. I'm hoping to find something that's a little more "plug and play", if such a thing exists. > > Thanks for any input.... > > ___________________________________________________________________________ > Philadelphia Linux Users Group -- http://www.phillylinux.org > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug > ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug