Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] Annoying DoS

discuss AT

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] Annoying DoS

Chronological Thread 
  • From: Jeff Taylor <shdwdrgn AT>
  • To: discuss AT
  • Subject: Re: [opennic-discuss] Annoying DoS
  • Date: Thu, 18 Oct 2012 00:17:08 -0600

Since it wasn't mentioned yet, the script can be found at
This script will block the typical attacks, however the
attacks we have been seeing over the past week do not get trapped. I've
been planning to add new rules to the script to catch this new attack,
but haven't had a chance yet.

On 10/17/2012 05:47 PM, Brian Koontz wrote:
> On Thu, Oct 18, 2012 at 06:51:52AM +1000, Martin C wrote:
>> I know it was mentioned before on this list, but I can't remember if any
>> IP addresses were mentioned. Anyway, I was watching the logs the other
>> day and noticed one IP doing a lot of lookups for the same domain over
>> and over again (
> Martin, in addition to Jeff's excellent script that Alex
> mentioned, you might also try these iptables rules:
> http://wiki.opennic.glue/IPTablesRulesToBlockDDOSTraffic
> They have been very effective on a couple of servers (including mine)
> in reducing server load. Of course, they do nothing for upstream
> traffic that is still hammering your server, but at some point the ISP
> has to take some responsibility for monitoring their own upstream
> stuff.
> --Brian

Archive powered by MHonArc 2.6.19.

Top of Page