discuss AT lists.opennicproject.org
Subject: Discuss mailing list
List archive
- From: Alex Hanselka <alex AT hanselka.name>
- To: discuss AT lists.opennicproject.org
- Subject: Re: [opennic-discuss] Dos attack?
- Date: Thu, 08 Mar 2012 18:28:46 -0600
Julian doesn't use the script as far as I know, but Jeff wrote it. Other
than that you may have better luck reading the source code and editting
it to your needs :)
On 3/8/2012 6:25 PM, Peter Green wrote:
> As yet it doesn't seem to be adversely effecting the server, the load is
> below 1 and bandwidth seems fine too, but I would like to implement
> something
> like Jeff's script just so as to not let them walk all over my server!
> ;-)
>
> Certainly if Jeff or Julian can help, I will pass on anything I learn to
> those that are interested.
>
> Jeff, Julian, can you help please?
>
> Peter
>
> On Thu, 8 Mar 2012 21:13:10 -0300, Maximi89 wrote:
>
>> 2012/3/8 Peter Green
>>
>>> Hi,
>>>
>>> I am getting this line in my named log about once per second...
>>>
>>> "08-Mar-2012 23:10:30.885 client 212.227.135.196#80: query: isc.org
>>> [1] IN ANY +ED (83.142.229.97)"
>>>
>>> It seems to be an extremely close match to the attack mentioned
>>> here...
>>> http://wiki.opennicproject.org/ddosBlock [2]
>>>
>>> That script seems to be aimed at port 25345 where as my log seems to
>>> show port 80.
>>>
>>> Will Jeff's script help and if so, do I simply run it from crontab
>>> every second?
>>
>> As i know Jeff and Julian use this script, because time ago Julian
>> suffered this attack... so he started to search a solution... because
>> the
>> old script was not working... so Jeff have created this script who
>> help a
>> lot giving a good solution... so i guess you should ask to Jeff or
>> Julian
>> how this works, and then share us how it works :D
>>
>>> I am concerned this may start to impact the websites I am hosting on
>>> that server.
>>>
>>> I have never added this server to the public list, and wonder why it's
>>> being targeted.
>>>
>>> I hope someone can help.
>>>
>>> Peter
>>
>> --
>> Maximiliano Augusto Castañón Araneda
>> Santiago, Chile
>> Linux user # 394821
>>
>> Skype: maximi89
>> MSN: maximi89 AT gmail.com [4]
>> XMPP/Jabber: maximi89 AT gmail.com [5]
>
>
> Links:
> ------
> [1] http://isc.org
> [2] http://wiki.opennicproject.org/ddosBlock
> [3] mailto:peter AT greenpete.co.uk
> [4] mailto:maximi89 AT gmail.com
> [5] mailto:maximi89 AT gmail.com
>
- [opennic-discuss] Dos attack?, Peter Green, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Alex Hanselka, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Maximi89, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Peter Green, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Alex Hanselka, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Peter Green, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Julian DeMarchi, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Peter Green, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Julian DeMarchi, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Peter Green, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Alex Hanselka, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Peter Green, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Jeff Taylor, 03/09/2012
Archive powered by MHonArc 2.6.19.