[NTLUG:Discuss] DoS attacks
MadHat
madhat at unspecific.com
Thu Jan 23 09:45:22 CST 2003
On Thu, 2003-01-23 at 09:35, Rick Matthews wrote:
> Mike wrote:
> >
> > The best defense mechanism (in the article i'm summarizing
> > here) was to stop responding to bogus requests when the
> > server hits a critical percentage of bogus requests to real
> > requests. That is, IF of last 500 requests, over say 50%
> > are bogus, start acting like you aren't there for bogus
> > requests.
>
> I can improve upon that advice... Stop responding to bogus requests
> when the server is powered up. Of course I think knowing which
> requests are bogus may be part of the problem...
That is the problem to a T. How do you know if a request is valid? How
can you make your box know which requests are valid? Its not an easy
question to answer.
--
MadHat at Unspecific.com
`But I don't want to go among mad people,' Alice remarked.
`Oh, you can't help that,' said the Cat: `we're all mad here...'
-- Lewis Carroll - _Alice's_Adventures_in_Wonderland_
More information about the Discuss
mailing list