discuss AT lists.opennicproject.org
Subject: Discuss mailing list
List archive
- From: Peter Green <peter AT greenpete.co.uk>
- To: <discuss AT lists.opennicproject.org>
- Subject: Re: [opennic-discuss] Dos attack?
- Date: Fri, 09 Mar 2012 00:31:41 +0000
- Mail-reply-to: <peter AT greenpete.co.uk>
Yes, I am looking at the code now, but I have only rudimentary skills with
shell scripts so a little guidance would be gratefully received ;-)
If not, I will 'have a go'!
Peter
On Thu, 08 Mar 2012 18:28:46 -0600, Alex Hanselka wrote:
Julian doesn't use the script as far as I know, but Jeff wrote it. Other
than that you may have better luck reading the source code and editting
it to your needs :)
On 3/8/2012 6:25 PM, Peter Green wrote:
As yet it doesn't seem to be adversely effecting the server, the load
is below 1 and bandwidth seems fine too, but I would like to implement
something like Jeff's script just so as to not let them walk all over
my server! ;-) Certainly if Jeff or Julian can help, I will pass on
anything I learn to those that are interested. Jeff, Julian, can you
help please? Peter On Thu, 8 Mar 2012 21:13:10 -0300, Maximi89 wrote:
2012/3/8 Peter GreenLinks: ------ [1] http://isc.org [4] [2]
Hi, I am getting this line in my named log about once per second...As i know Jeff and Julian use this script, because time ago Julian
"08-Mar-2012 23:10:30.885 client 212.227.135.196#80: query: isc.org
[1] IN ANY +ED (83.142.229.97)" It seems to be an extremely close
match to the attack mentioned here...
http://wiki.opennicproject.org/ddosBlock [1] [2] That script seems
to be aimed at port 25345 where as my log seems to show port 80.
Will Jeff's script help and if so, do I simply run it from crontab
every second?
suffered this attack... so he started to search a solution... because
the old script was not working... so Jeff have created this script
who help a lot giving a good solution... so i guess you should ask to
Jeff or Julian how this works, and then share us how it works :D
I am concerned this may start to impact the websites I am hosting-- Maximiliano Augusto Castañón Araneda Santiago, Chile Linux user
on that server. I have never added this server to the public list,
and wonder why it's being targeted. I hope someone can help. Peter
# 394821 Skype: maximi89 MSN: maximi89 AT gmail.com [2] [4] XMPP/Jabber:
maximi89 AT gmail.com [3] [5]
http://wiki.opennicproject.org/ddosBlock [5] [3]
mailto:peter AT greenpete.co.uk [6] [4] mailto:maximi89 AT gmail.com [7] [5]
mailto:maximi89 AT gmail.com [8]
Links:
------
[1] http://wiki.opennicproject.org/ddosBlock
[2] mailto:maximi89 AT gmail.com
[3] mailto:maximi89 AT gmail.com
[4] http://isc.org
[5] http://wiki.opennicproject.org/ddosBlock
[6] mailto:peter AT greenpete.co.uk
[7] mailto:maximi89 AT gmail.com
[8] mailto:maximi89 AT gmail.com
- [opennic-discuss] Dos attack?, Peter Green, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Alex Hanselka, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Maximi89, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Peter Green, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Alex Hanselka, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Peter Green, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Julian DeMarchi, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Peter Green, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Julian DeMarchi, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Peter Green, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Alex Hanselka, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Peter Green, 03/08/2012
- Re: [opennic-discuss] Dos attack?, Jeff Taylor, 03/09/2012
Archive powered by MHonArc 2.6.19.