Displaying 20 results from an estimated 9000 matches similar to: "Flood of email"
2003 May 19
5
FreeBSD firewall block syn flood attack
Hello,
I current have a FreeBSD 4.8 bridge firewall that sits between 7 servers and
the internet. The servers are being attacked with syn floods and go down
multiple times a day.
The 7 servers belong to a client, who runs redhat.
I am trying to find a way to do some kind of syn flood protection inside the
firewall.
Any suggestions would be greatly appreciated.
--
Ryan James
ryan@mac2.net
2006 Aug 16
1
Email dictionary attacks and firewall
I keep seeing 'Joe Average compromised computer on broadband' being used
to do email dictionary attacks on our systems. Seems I always have
several domains going through these. One in particular has been in the
'a-' list for weeks with about 20,000 attempts per day from various
systems. Yeah, I do have a system which blocks email from these systems
for a period of time after 3
2002 Apr 10
5
sfq, queue len and dropped packets
Hi
If I use sfq qdisc on a CBQ class I get a lot of dropped packets and the
backlog itr almost always to its full value: 128. From the HOWTO I
understand that the queue is at 128 packets, and SFQ shows 128/1024 flows
, but how can I increase that value ? I have tried ip link set txqueuelen
but this only increases the tx queue on the interface.
qdisc sfq d468: quantum 1514b limit 128p flows
2014 Jan 24
1
Possible SYN flooding on port 8000. Sending cookies
Hi
*Problem *- I'm running Icecast in a VM container on OpenVZ. Syslog on the
hardware node (HN) shows these error messages:
Jan 23 18:43:05 HN kernel: [27469893.430615] possible SYN flooding on port
8000. Sending cookies.
Jan 23 21:37:40 HN kernel: [27480362.817944] possible SYN flooding on port
8000. Sending cookies.
Jan 23 23:43:50 HN kernel: [27487929.582025] possible SYN flooding on
2005 Mar 23
1
syn flood protection - inside initiated attacks
Perhaps someone will help me on this :-
I have read a lot of examples of syn flood protect on the INPUT chain.
That I have no question at all.
I wonder if it make sense to perform syn flood protection
at the FORWARD chain ? If packets are originated from a
LAN worm, and are not targetted at the firewall itself, but
rather at hosts in the internet, will it cause problem with
the firewall itself,
2008 Sep 01
3
Howto "trickle" wine applications..
Someone for the love of go must have a answer for this.. :)
Im so needing to trickle a few games/apps running under wine..
Anyone got any ideas?
2008 Nov 20
2
SYD flood dropped on Sendmail (centos 4.x)
My guys,
My firewall seems to block an attack my Centos / Sendmail boxes on port 110.
These servers require a reboot after each attack. My firewall says it's
blocked? Do I need to patch something on sendmail? Or is my firewall not
doing its job (Sonicwall)? This is not the first time this has happened.
11/20/2008 02:53:04.864 - SYN flood attack dropped -
75.2.205.141, 48102 -
2003 Nov 21
2
question on scalability
Hello All,
We have a Linux cluster application that uses openssh as its inter-node
communication mechanism and we've recently run into a problem that points
to a potential scalability issue in openssh code.
Our client nodes systematically open ssh connections to the server node to
execute an administrative command. When establishing socket connections,
the server side sometimes fails to
2004 Nov 06
2
What determines DROP versus delay ("BACKLOG")?
HTB:
class htb 1:40 parent 1:1 leaf 40: prio 3 rate 358Kbit ceil 529Kbit \
burst 6Kb cburst 2260b
Sent 145871726 bytes 97293 pkts (dropped 69, overlimits 0)
rate 56741bit 37pps backlog 23p
lended: 77429 borrowed: 19841 giants: 0
I would like to increase "backlog" because I think that would decrease
"dropped". 23 packets of 1500 bytes each is only 34,500 bytes. IMO,
there
2002 May 05
16
More on qdiscs
I notice one other small problem with my modified version of SFQ.
The fact that packets can be dropped at dequeue time is incompatible
with the way HTB (and probably CBQ and others modeled on it) keep
statistics. When I fill a low rate queue causing packets to expire
and be dropped at dequeue I get interesting statistics like this:
This is my variant of SFQ
qdisc plfq 8016: dev eth1
...
Sent
2007 May 19
1
Re: LARTC Digest, Vol 27, Issue 26
Hi folks...!!!
I need to generate qdisc statistics to show my 4 class (10, 20, 30, 40),
i`ve all working with HTB and so on, but i need to graph this results
e.gwith RRDTOOL.
I found a script made in perl, that can to graph my 4 class, but i need to
know which IP address on my LAN are using the bandwidth too, in other hand i
need to classify the traffic by IP to show.
This is an out of my
2006 Feb 24
4
why isn''t 1:1 getting the traffic? [filter question]
With the below script, whenever I ping 10.0.16.10 (which matches the
only filter I have), traffic still get''s sent to the default 1:2 class
instead of 1:1 and I don''t know why... Any hints?
(kernel 2.6.12, iproute2-2.6.15)
tc qdisc del dev eth0 root > /dev/null 2>&1
tc qdisc add dev eth0 handle 1: root htb default 2
tc class add dev eth0 classid 1:1 parent 1: htb rate
2010 Oct 03
3
SIP flood attacK
Hello all. I was recently the victim of a SIP flood attack. I'm wondering
what is the best method to prevent such things in the future.
Many thanks
Greg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20101003/2e254523/attachment.htm
2012 Nov 20
3
Simple Traffic Shaping Problem
Hello,
I have a problem with simple traffic shapping in shorewall, my current
configuration is:
zones
vlan10 ipv4 #
interfaces
vlan10 vlan10 detect tcpflags,routeback
shorewall.conf
TC_ENABLED=Simple
tcinterfaces
vlan10 Internal 1mbit:50kb
shorewall show tc
Device vlan10:
qdisc prio 5: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
2007 Dec 15
1
hfsc and bps
Hi!
Do you know somthing about hfsc and bps?
There''s no output for speed only for packets. Doesn''t hfsc support such
a field?
tc -s class show dev eth0
class hfsc 1: root
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
period 0 level 2
class hfsc 1:11 parent 1:1 sc m1 0bit d 18.0ms m2 1000Kbit ul m1 0bit d
0us m2
1997 Feb 28
0
forwarded from BoS: Linux anti-SYN flooding patch
I have just finished a patch to linux 2.0.29 that provides
the SYN cookies protection against SYN flood attacks.
You can grab it from my home page at:
http://www.dna.lth.se/~erics/software/tcp-syncookies-patch-1.gz
You can also follow the pointers from my home page (see the signature)
to get a very short blurb about this patch.
Quick synopsys: This implements the SYN cookie defense
against SYN
2005 Jan 23
1
Determing the pfifo backlog
Greetings --
in the "Linux Advanced Routing & Traffic Control HOWTO"
chapter 14.1 on bfifo/pfifo it says that:
"you can use this qdisc to determine the backlog on your interface".
But it does not say exactly how.
Command [#tc -s qdisc ls] outputs the number of packets sent so far
but it does not output any info about the backlog.
My first question is whether a command
2010 Apr 22
1
PRIO qdisc + iptables TOS target
i am trying to do some traffic classification using the PRIO qdisc and
i am having a few problems.
I have a root htb class:
tc qdisc add dev imq0 root handle 1: htb default 255 r2q 1
tc class add dev imq0 parent 1: classid 1:1 htb rate 768kbit
and a child PRIO
tc class add dev imq0 parent 1:1 classid 1:99 htb rate 96kbit ceil
600kbit prio 0
tc qdisc add dev imq0 parent 1:99 prio
tc filter
2008 Jun 02
4
Syn Flood Attack to SMTP server
Hello everyone, is a pleasure to be here.
I have a problem with my server, it runs qmail SMTP and protect it with
shorewall. Since yesterday I get syn flood attacks on port 25, which means
that no longer meet. How can I stop this with shorewall?
my setup is as follows.
zones:
#ZONE DISPLAY COMMENTS
net Net Internet
loc Local Local networks
dmz DMZ
2008 Jul 29
4
nss_ldap 5.2 update question
Hi all, I was just wondering when this update will trickle down into the
Centos repo:
http://rhn.redhat.com/errata/RHBA-2008-0611.html
Obviously, it just came out yesterday, so I'm not expecting it to
suddenly appear. ;) Just curious what the turn around time usually is
for RHEL bug fixes that get released and when we should expect it.
As a side note, does anyone know if there is a way