Mitigating HTTP DDoS attacks?

Peter Dambier peter at peter-dambier.de
Tue Mar 25 08:22:33 UTC 2008


> On Mon, Mar 24, 2008 at 11:34:58PM +0000, Paul Vixie wrote:
>> i only use or recommend operating systems that have their own host based
>> firewalls.  

That was exactly my problem.

Barney Wolff wrote:
> What finally broke was doing a table list, possibly because the
> command prints in sorted order.  

Happened to me too.

First step: Borrowed "sort.c" from Minix.

Next step: Large swap file.

Finally: changed the distribution.

sort is one the biggest hidden problems. There are broken sorts around,
I guess some of the problems are character set specific. There is no
more EBCDIC but UTF-8 and UTF-16 are even worse.

Related to sort, you may have more than enough memory or swap but your
process wont get it.

You can avoid sorting by looking into the "/proc" files.

proc2pl might get you ideas, from the ISAON tools on

http://iason.site.voila.fr/

You might even sort or grep the output and you can always do that
on a machine that is not your router.

Kind regards
Peter

-- 
Peter and Karin Dambier
Cesidian Root - Radice Cesidiana
Rimbacher Strasse 16
D-69509 Moerlenbach-Bonsweiher
+49(6209)795-816 (Telekom)
+49(6252)750-308 (VoIP: sipgate.de)
mail: peter at peter-dambier.de
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/
http://www.cesidianroot.com/



More information about the NANOG mailing list