Link to home
Start Free TrialLog in
Avatar of sarevok9
sarevok9

asked on

Anti-Dos precedures.

My comerades run a web-hosting service....seen here <br />
<A HREF="http://www.l33t.ca">L33t.ca</a><br />
anyways they have been having quite a bit of difficulty from a individual, or possibly a group (im unsure i still have yet to examine the logs) with dos.  I know how to deal with syn/ syn/ack based attacks, and other than that ddos is simple enough to deal with,  but supposing their using the least likely (icmp ip rebroadcast dos) i was wondering how to deal with an attack like that.
I plan to set a strict set of rules at the router, and i may only allw icmp from trusted networks... only if it comes to that.

thanks for your help.
~sarevok9~
 
Avatar of Les Moore
Les Moore
Flag of United States of America image
What kind of router do you have?
ASKER CERTIFIED SOLUTION
Avatar of SunBow
SunBow
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of sarevok9
sarevok9

ASKER

well we use the razor-team's ddos tracker to stop the mass ddos movement.  as for blocking the isp:  thats entirely out of the question,  if you viewed the site itself you would have noted its a web host and banning the entirety of an isp would not only make us lose customers it would limit current customers potential growth... hence why i am in a bit of a bind.  unless i block individual ip's (which are nearly limitless) im out of options m i not?.
SOLUTION
Avatar of ViRoy
ViRoy
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of cduke250
cduke250
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial