[Pool] defending against DDoS attacks
bakers at canbytel.com
Fri Feb 21 18:52:15 UTC 2014
On 02/21/2014 07:08 AM, Brian Rak wrote:
> So far, I've seen this exact situation play out multiple times.
> Someone says 'What iptables rules do I need?' or 'I came up with these
> iptables rules', and it turns out they still have monlist enabled.
> These problems tend to go away when you disable monlist (unless you're
> actually the target of an attack)
What I saw was a server that WAS serving monlist packets. I corrected
the config to fix this, and was still seeing 2000+ packets a second
incoming. The IPTables rule stops that, and other abusive (too chatty)
Never hurts to have two lines of defense.
Scott Baker - Canby Telcom
System Administrator - RHCE - 503.266.8253
More information about the pool