sarevok9
asked on
Anti-Dos precedures.
My comerades run a web-hosting service....seen here <br />
<A HREF="http://www.l33t.ca">L33t.ca</a><br />
anyways they have been having quite a bit of difficulty from a individual, or possibly a group (im unsure i still have yet to examine the logs) with dos. I know how to deal with syn/ syn/ack based attacks, and other than that ddos is simple enough to deal with, but supposing their using the least likely (icmp ip rebroadcast dos) i was wondering how to deal with an attack like that.
I plan to set a strict set of rules at the router, and i may only allw icmp from trusted networks... only if it comes to that.
thanks for your help.
~sarevok9~
<A HREF="http://www.l33t.ca">L33t.ca</a><br />
anyways they have been having quite a bit of difficulty from a individual, or possibly a group (im unsure i still have yet to examine the logs) with dos. I know how to deal with syn/ syn/ack based attacks, and other than that ddos is simple enough to deal with, but supposing their using the least likely (icmp ip rebroadcast dos) i was wondering how to deal with an attack like that.
I plan to set a strict set of rules at the router, and i may only allw icmp from trusted networks... only if it comes to that.
thanks for your help.
~sarevok9~
What kind of router do you have?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
well we use the razor-team's ddos tracker to stop the mass ddos movement. as for blocking the isp: thats entirely out of the question, if you viewed the site itself you would have noted its a web host and banning the entirety of an isp would not only make us lose customers it would limit current customers potential growth... hence why i am in a bit of a bind. unless i block individual ip's (which are nearly limitless) im out of options m i not?.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.