DOS attack tracing
Elmar K. Bins
elmi at 4ever.de
Wed May 11 06:58:11 UTC 2005
richard at o-matrix.org (Richard) wrote:
> Ethernet to the primary upstream. I think that the lesson is _always_ use a
> router powerful enough to handle all ingress traffic at wire rate. Without
> access to the router, there is nothing you can do. So we are going to switch
> out the router.
If you are mostly concerned about not being able to use the router console
during attacks, you may change the CPU scheduling a bit. A brief
"scheduler allocate 60000 2000" has helped me a lot there. The box
stays manageable.
This does of course not help you with the router "going dead" in regard to
packet forwarding...
Yours,
Elmi.
--
"Begehe nur nicht den Fehler, Meinung durch Sachverstand zu substituieren."
(PLemken, <bu6o7e$e6v0p$2 at ID-31.news.uni-berlin.de>)
--------------------------------------------------------------[ ELMI-RIPE ]---
More information about the NANOG
mailing list