[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Denial of service

I agree with the statement about a firewall on the outbound links and  strong host security for your systems as the most imporatant things sys-ads can do to prevent these problems.   After having some of UUNet's West Coast links down last night (I suspect this was due to distributed DOS attacks, but don't know that)  I did a little poking around to see what was available.

http://www.cert.org/advisories/CA-2000-01.html talks about distributed DOS tools.  Has some links to detection tools.
 
 http://www.fbi.gov/nipc/trinoo.htm  Binary for detecting ddos apps.
 
  http://www.washington.edu/People/dad/  Dave Dittrich page.  Has c source for detecting some of the ddos agents as well as articles about them in the Papers/Articles/Reports section.

Wade
 
 

Brian Wolfe wrote:

        The best thing you can do as a service provider is place a firewall on your outbound links and make sure all packets are legit. 2nd. review your own lan to make sure it can't be used as a smurf magnifier.

        Brian Wolfe
        TerraBox.com

On Wed, Feb 09, 2000 at 02:09:41PM +0000, Darren Cook wrote:
> Denial of service attacks are suddenly in the news, with attacks on Yahoo
> and others.
>
> I've thought that there is not much you can do to defend against these
> attacks. Is this the case? What is the best you can do? And if the best
> requires something special, what is the best with a linux firewall and web
> server?
>
> Darren
>
>
> --
> To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

--
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

-- 
Wade Burgett
http://www.burgettsys.com
 
Reply to: