I can see 3 technologies which could mitigate the risk of this kind of
dos:
Traffic shaping
IDS
Firewall
Traffic shaping could help reduce the likelihood of this kind of attack.
I only know little about dedicated product (packeteer, floodgate) and
products partially implementing traffic shaping
I don't know about configuration of the various IDSes, but I'm sure that with
a product that uses event correlation, setting a threshold for maximum number
of requests to a domain or URL per time slice would be possible. And if the
threshold is reached, you could block further connections fro
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yeah I am going to go out on a limb and be contrary. What you are
saying is not exactly clear to me but I am going to give it a shot
anyway
Can't an ids look at the actual payload instead of the url & layer 3
- - layer 4 info?
Are you talking about