Eskimo North


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Latest DoS attacks - Need better inetd




     This post is technical in nature.  I am seeking assistance from those of
you know are knowledgable in the Linux/Unix and might know where to obtain
software that will solve a particular problem.

     For several months now; ever since I replaced the phpbb2 forums with the
harder for the spammers to spam phpbb3, we've been hit with numerous types of
denial of service attacks and as we've been able to discover what they were
I've installed various defenses.

     Now the latest is taking the form of rapid connections to inetd launched
services; most frequently ftp, and that leaves me with a quandry; I can either
choke them with the existing inetd to where it doesn't bring the server down
but it also prevents legitimate users from connecting during such an attack.

     What I really need is a capability similar to what a module that I
recently installed in the Apache web server provides; the ability to limit
connections on a "per originating IP" basis; so that we can limit connections
from a given IP to say 3 per second but still allow 100 per second globally, so
that it limits to a safe value the server can handle, but does so in a way that
won't stop legitimate connections from being serviced.

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
 Eskimo North Linux Friendly Internet Access, Shell Accounts, and Hosting.
   Knowledgable human assistance, not telephone trees or script readers.
 See our web site: http://www.eskimo.com/ (206) 812-0051 or (800) 246-6874.