It is currently Wed Oct 18, 2017 6:41 am

All times are UTC [ DST ]




 Page 1 of 1 [ 4 posts ] 
Author Message
 Post subject: As far as cservice/live goes
PostPosted: Mon May 09, 2011 2:46 am 

Joined: Mon May 09, 2011 2:24 am
Posts: 1
I sort of can't believe no one can block the attacks nor do i know whoever runs the site has admin access.
There are simple rules that can be applied in iptables to block attacks after a certain hitcount to drop in seconds and the amount of time.

For eg iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --set

then iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 80 --hitcount 3 -j DROP

These numbers can be adjusted for seconds and hitcount, I had to use that for a server i worked on that was being pounded on smtp and shh constantly and it worked.

But what do I know just being an undernet user getting asked by people how can they register now and i say they can't because the site is down for months.

I suggested making that possible through X and was directed here.

Cheers

*Topic has been moved to Channel Service Help by moderator.*


Offline
 Profile  
 
 Post subject: Re: As far as cservice/live goes
PostPosted: Fri Jun 24, 2011 8:59 am 
Senior Cservice Admin
User avatar

Joined: Sun Jul 06, 2003 2:47 am
Posts: 564
Location: Hamilton, New Zealand
thats not going to stop a DoS attack... it's about volume of traffic, try thinking about the amount of traffic travelling down a motorway (yes I mean cars) during rush hour, make rush hour last every second of the day, and turn the motorway into a single lane street.

Also apply the fact that it's a free service, so there is no money to upgrade the road, let alone the fact that the share amount of cars trying to travel our special road would require a road thousands of times the size to actually solve the problem.

Using iptables would be like putting traffic lights at the end of the road, which wouldn't help.



_________________
xplora @ undernet.org
Past Co-ordinator
Undernet Channel Services Committee
Offline
 Profile  
 
 Post subject: Re: As far as cservice/live goes
PostPosted: Fri Jul 01, 2011 2:41 pm 

Joined: Fri Jul 01, 2011 2:33 pm
Posts: 1
but what is the alternative sloution for this matter or it will be like this for ever no one can make id nor channel get registered on undernet


Offline
 Profile  
 
 Post subject: Re: As far as cservice/live goes
PostPosted: Sun Jul 17, 2011 11:13 pm 
Senior Cservice Admin
User avatar

Joined: Sun Jul 06, 2003 2:47 am
Posts: 564
Location: Hamilton, New Zealand
I'm afraid all I know is that something is being worked on.



_________________
xplora @ undernet.org
Past Co-ordinator
Undernet Channel Services Committee
Offline
 Profile  
 
Display posts from previous:  Sort by  
 Page 1 of 1 [ 4 posts ] 

All times are UTC [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  

cron