Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Help to defend from DOS web attacks

from [Jan Heisterkamp] Network Security [Permanent Link]
Subject: Re: Help to defend from DOS web attacks
Date: Fri, 26 Oct 2007 12:43:27 -0600 
Hi Emanuel,

depending on which flavor of DoS you detected, this article might be helpful for you:
http://www.securityfocus.com/infocus/1729

saludos
Jan
Breno Brand Fernandes schrieb:
Hi Emanuel,
You can't block the attackers IPs, because they often use random sources. So, you should limit the packets which use SYN flag activeted, and use some protection like syn cookie that dont let the attack allocate so memory in your gateway.

Att,
Breno Brand Fernandes

----- Original Message ----- From: "Emanuel Marufo" <marufos@gmail.com>
To: <security-basics@securityfocus.com>
Sent: Thursday, October 25, 2007 11:41 PM
Subject: Help to defend from DOS web attacks


Hello,

Recently somebody attack my web server, and i thinking defend from that.

I readed the next article:
http://www.quadrunner.com/index.php?option=com_content&task=view&id=151&Itemid=2


but i want to know if can config a snort/portsentry to block attackers ip's. 





--
Grupo Ampersand S.A.
IT-Security Consultants & Auditors
Apdo. 924  Escazu 1250
Costa Rica C.A.
Phone: (506)588-0432
ceo_at_ampersanded.com  [corp.]
janheisterkamp_at_web.de [priv.]



[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: LAN issue, Juan B
Next by Date:  RE: DMZ - Question, David Gillett
Previous by Thread:  Re: Help to defend from DOS web attacks, Breno Brand Fernandes
Next by Thread:  DMZ - Question, hol64
Indexes:  [Date] [Thread] [Top] [All Lists]