[ale] protection from TCP DOS attacks

Nick Lucent nlucent at mindspring.com
Mon Jun 7 09:29:21 EDT 1999


On Mon, Jun 07, 1999 at 09:02:44AM -0400, Ryan Bridges shook his keyboard and out fell:
> You may also want to try putting a line in your /etc/hosts.deny file.  I
> believe you can use this to block any connection from a specific host or
> domain.  On second thought, I don't think that would apply to pings...

Only to daemons run from tcpd called by inetd.

> Let me think of something else...  You could make ipchains drop all
> packets from that host...  That would work.
> 

That would work, you could check the source for sentry to get the syntax if
you needed to (www.abacus.com)

Nick
-- 
           .   "        ^     .            ^
       o^                                    ^o          ,
 , ' .$;  Nick Lucent <nlucent at mindspring.com> ;$.  ' ,  .
;p   '$,                                       ,$'    q;
 ^ .   o .                                  . o    .  ^
            ^$  p   o                  ^
  9:01am  up 14 days,  4:50,  1 user,  load average: 0.09, 0.16, 0.11






More information about the Ale mailing list