similar to: Custom iptables rules to drop DNS Amplification Attacks

Displaying 20 results from an estimated 100 matches similar to: "Custom iptables rules to drop DNS Amplification Attacks"

2006 May 03
6
Scaffold Generation Problem
Greetings all, I''m sure there is probably a very obvious reason for the following problem. However, after much hair pulling, I am just not seeing it yet. As you can see from the trace below, I am not able to complete scaffold generation due to some problem between rails and mysql. I double checked MySQL to make sure both my Ruby user and Root user have full rights to the database.
2014 Feb 25
1
DNS amplification attacks
How can I configure samba4 to be protected against DNS amplification attacks? Is there a way to set the network I want it to be recursive, like in bind9? My samba4 is receiving attacks and googling I found this: http://dnsamplificationattacks.blogspot.com.br/2014/02/domain-gerdar3ru.html -- --------------------------------------- Bruno Vane S.O. do Brasil Telecomunica??es +55 24 99306-8618 |
2019 Oct 01
1
Re: [NBDKIT SECURITY] Denial of Service / Amplification Attack in nbdkit
On 9/20/19 8:58 AM, Eric Blake wrote: > On 9/12/19 12:41 PM, Richard W.M. Jones wrote: >> We have discovered a potential Denial of Service / Amplification Attack >> in nbdkit. > > Unfortunately, our fix for this issue cause another potential Denial of > Service attack: > >> >> Lifecycle >> --------- >> >> Reported: 2019-09-11 Fixed:
2016 Nov 09
1
[Bug 98657] New: Reproducible freeze when changing volume amplification in kodi
https://bugs.freedesktop.org/show_bug.cgi?id=98657 Bug ID: 98657 Summary: Reproducible freeze when changing volume amplification in kodi Product: xorg Version: unspecified Hardware: x86-64 (AMD64) OS: Linux (All) Status: NEW Severity: normal Priority: medium
2013 Jan 17
1
concepts against amplification using dnssec
Hello, Lutz Donnerhacke implemented DNS-Dampening. http://lutz.donnerhacke.de/eng/Blog/DNS-Dampening The implementation is available as patch for BIND9 only. He told me that there is an other method preferred by the nsd developer. It's called "Response Rate Limiting". May one describe the idea behind rate limiting and compare it with Lutz' solution? Thanks. -- Andreas
2008 Jul 22
0
AST-2008-011: Traffic amplification in IAX2 firmware provisioning system
Asterisk Project Security Advisory - AST-2008-011 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Traffic amplification in IAX2 firmware | | |
2019 Sep 20
0
Re: [NBDKIT SECURITY] Denial of Service / Amplification Attack in nbdkit
On 9/12/19 12:41 PM, Richard W.M. Jones wrote: > We have discovered a potential Denial of Service / Amplification Attack > in nbdkit. Unfortunately, our fix for this issue cause another potential Denial of Service attack: > > Lifecycle > --------- > > Reported: 2019-09-11 Fixed: 2019-09-11 Published: 2019-09-12 > > There is no CVE number assigned for this issue
2016 Dec 05
0
Huge write amplification with thin provisioned logical volumes
Hi, I've noticed huge write amplification problem with thinly provisioned logical volumes and I wondered if anyone can explain why it happens and if and how can be fixed. The behavior is the same on Centos 6.8 and Centos 7.2. I have a NVME card (Intel DC P3600 -2 TB) on which I create a thinly provisioned logical volume: pvcreate /dev/nvme0n1 vgcreate vgg /dev/nvme0n1 lvcreate
2013 Oct 10
15
Remapping port below 1024 on the firewall
I give up and need help! I won''t add to the confusion by showing all the combinations I have tried unsuccessfully... and yes, I''ve read FAQ2 and FAQ2a many times! When googling the subject of this post there are many answers that boil down to using the same three iptables rules, two of which use nat. I won''t repeat them here. I don''t want to risk mixing
2013 Sep 10
6
lsm configuration issues...
Hi, I use shorewall-4.5.4 + lsm-0.143 and it does not seem to work as expected... When all providers are up, everything seems fine. When one goes down, lsm says "link <provider> down event"... and it seems ok but we then experience some problems such as a few unreachable sites, DNS problems... If I remove the downed provider from all confs and restart, everything works again.
2013 Oct 03
7
TCCLASSES vs Providers
Hi, I want to configure QoS in my shorewall conf but I have a doubt. Now I am using tcrules with prerouting and with the file providers, like this. 2:P 192.168.0.11 0.0.0.0/0 tcp 25 So, with this way I route my smtp traffic with my provider number 2. Well, now I want to configure QoS with tcclasses and tcdevices, but if I do that I need to use the MARK in the tcclasses So, how
2013 Oct 03
2
Packetfence
Hi Has anybody tried to combine shorewall (instead of iptables) with packetfence? /Göran ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and
2019 Sep 12
2
[NBDKIT SECURITY] Denial of Service / Amplification Attack in nbdkit
We have discovered a potential Denial of Service / Amplification Attack in nbdkit. Lifecycle --------- Reported: 2019-09-11 Fixed: 2019-09-11 Published: 2019-09-12 There is no CVE number assigned for this issue yet, but the bug is being categorized and processed by Red Hat's security team which may result in a CVE being published later. Credit ------ Reported and patched by Richard W.M.
2013 Oct 27
4
shorewall stop
hi, while stopping shorewall 4.5.21.2 on a debian7 box with the ADMINISABSENTMINDED set to no in shorewall.conf, the connections on vlan tagged interfaces that were active before the shorewall stop command was executed are not terminated as it is for the firewall and other interfaces! when the firewall is stopped as expected new connections on vlan tagged interface are refused but even
2013 Oct 10
3
Detect dhclient leases file in centos
Hello, I''m using shorewall-4.5.16 with centos5. The dhclient stores the lease information on the /var/lib/dhclient/dhclient-<DEVICE>.leases file. The /var/lib/shorewall/firewall script has the function detect_dynamic_gateway that detects the gateway based on the leases file. The code in the function is: detect_dynamic_gateway() { # $1 = interface local interface
2013 Sep 30
4
strange problem
Hi, In log I get: ----------------------------------------------------------- Sep 30 16:19:03 host kernel: Shorewall:FORWARD:REJECT:IN=eth0 OUT=eth0 SRC=ip1 DST=ip2 LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=27279 DF PROTO=TCP SPT=51501 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0 ---------------------------------------------------------- Even in /etc/shorewall/rules I have
2013 Oct 07
4
AutoBL issues on CentOS 6
Hi Tom and all, I started to play a bit with the AutoBL action on a CentOS 6 box and ran into the following problems: 1) The action.AutoBL doesn''t work for me until I patch it like so: --- /usr/share/shorewall/action.AutoBL.orig 2013-10-01 00:59:42.000000000 +0200 +++ /usr/share/shorewall/action.AutoBL 2013-10-07 14:44:31.530841099 +0200 @@ -22,6 +22,9 @@ DEFAULTS
2013 Oct 08
5
Shorewall dropping packets that should be forwarded
I had to restart one of my routers tonight and since then shorewall on it has been dropping SIP packets coming in from one machine instead of forwarding them to the freebpx server. Shorewall:net2all:DROP:IN=eth0 OUT= MAC=<removed> SRC=<my home network external ip> DST=<server network external ip> LEN=575 TOS=0x00 PREC=0x20 TTL=78 ID=230 PROTO=UDP SPT=5061 DPT=5060
2009 Dec 07
2
Are there free R webinar recordings somewhere ?
Hi all, A friend just sent me this: http://www.mathworks.com/company/events/webinars/index.html?id=&language=en <http://www.mathworks.com/company/events/webinars/index.html?id=&language=en>And asked me if there is something of the like in the R community. Does anyone know of such a think ? Cheers, Tal ----------------Contact
2013 Nov 05
8
Forwarding external traffic to another external server?
I''m trying to use my VPS server (single interface of course) as somewhat of a VPN gateway to my other location (which is not accessible directly from some places) where the openvpn server is running, and am kind of lost as to what to try next. I tried a redirect rule, but apparently shorewall didn''t like that (it just failed to start). I tried adding the rules via