Mitigating HTTP DDoS attacks?
Peter Dambier
peter at peter-dambier.de
Tue Mar 25 08:22:33 UTC 2008
> On Mon, Mar 24, 2008 at 11:34:58PM +0000, Paul Vixie wrote:
>> i only use or recommend operating systems that have their own host based
>> firewalls.
That was exactly my problem.
Barney Wolff wrote:
> What finally broke was doing a table list, possibly because the
> command prints in sorted order.
Happened to me too.
First step: Borrowed "sort.c" from Minix.
Next step: Large swap file.
Finally: changed the distribution.
sort is one the biggest hidden problems. There are broken sorts around,
I guess some of the problems are character set specific. There is no
more EBCDIC but UTF-8 and UTF-16 are even worse.
Related to sort, you may have more than enough memory or swap but your
process wont get it.
You can avoid sorting by looking into the "/proc" files.
proc2pl might get you ideas, from the ISAON tools on
http://iason.site.voila.fr/
You might even sort or grep the output and you can always do that
on a machine that is not your router.
Kind regards
Peter
--
Peter and Karin Dambier
Cesidian Root - Radice Cesidiana
Rimbacher Strasse 16
D-69509 Moerlenbach-Bonsweiher
+49(6209)795-816 (Telekom)
+49(6252)750-308 (VoIP: sipgate.de)
mail: peter at peter-dambier.de
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/
http://www.cesidianroot.com/
More information about the NANOG
mailing list