Eskimo North


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

DoS Attacks / Firewall




     Between booting servers and routers, I spent most of this weekend
rebuilding a firewall to try to keep the lastest and greatest at bay.

     An old friend, the smurf attack, has come back in slightly modified form,
which required really changing the packet filtering stratedgy to stop.

     There is the distinct possibility that I may have inadvertantly blocked
legitimate applications, there is no way for me to know for example, what
people may have coded in CGI's or PHP.

     Particularly, the changes focused on UDP and ICMP.  It will no longer be
possible to ping or traceroute from outside into our servers because of the
abusive of ICMP made it necessary to block echo requests amoung others.

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
 Eskimo North Linux Friendly Internet Access, Shell Accounts, and Hosting.
   Knowledgable human assistance, not telephone trees or script readers.
 See our web site: http://www.eskimo.com/ (206) 812-0051 or (800) 246-6874.