Christ Schlacta wrote: > I'm aware of, but have never tried a technique called tarpitting that > is supposed to be very useful in your situation.
tarpitting a DDOS attack against a legitimate website takes the site offline. The TARPIT target is available in xtables-addons and it is easy to construct an action to invoke it: Assuming shorewall-perl.... /etc/shorewall/actions: Tarpit /etc/shorewall/action.Tarpit <empty file> /etc/shorewall/Tarpit: use Shorewall::Chains; add_rule $chainref, "-p tcp -j TARPIT"; /etc/shorewall/rules Tarpit net ... tcp 80 - ... -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users