Mitigating HTTP DDoS attacks?
Mike Lewinski
mike at rockynet.com
Tue Mar 25 00:01:42 UTC 2008
Paul Vixie wrote:
> i only use or recommend operating systems that have their own host based
> firewalls. soon that will mean pf (from openbsd but available on freebsd)
pf's tables are nifty too btw :)
pfsense, which is FreeBSD + pf, also has a port of snort IDS available.
Provided the OP has a signature of the attack he can match on, there's a
wholly open-source solution (I know snort can be configured inline to
drop packets on a filtering bridge, but of course you've got the
problems of half-open connections accumulating as well as the potential
for migration to https).
More information about the NANOG
mailing list