Gavin W. Burris on 15 Mar 2011 06:02:07 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] DoS protection

Linux Journal just had an article on an anti ddos script.  I think it is
really clever, and simple:

On 03/14/2011 01:40 PM, Jeff Bailey wrote:
> Hey all...
> I'm curious as to whether anyone has any input on methods of Denial of Service attack protection, specifically for an exposed DNS server.
> I've been looking at snort and bro, but was wondering what anyone's input would be...  Are there any other options?
> Is this something that can (or "should") be handled more simply by iptables?  One of my potential issues with snort is that it looks like there might be a lot of tuning involved - these will be deployed at customer sites, and I'm not confident that we''ll have the ability to do that tuning for them, nor that they'll have the desire/ability to do it themselves.  I'm hoping to find something that's a little more "plug and play", if such a thing exists.
> Thanks for any input....
> ___________________________________________________________________________
> Philadelphia Linux Users Group         --
> Announcements -
> General Discussion  --

Gavin W. Burris
Senior Systems Programmer
Information Security and Unix Systems
School of Arts and Sciences
University of Pennsylvania
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --