University Crest

[wlug] iptables question

wlug archive index About the wlug list Mailing lists home
To The University of Waikato HomepageWaikato Home > Waikato Mailing Lists > wlug Info > wlug archives
DrWho? x_files_@i...
Tue Apr 27 13:48:18 NZST 2004

At 13:01 27/04/2004 A. Pagaltzis did say...

>* DrWho? <x_files_@i...> [2004-04-27 00:08]:
> > That seems to be the conclusion I have come to as well. The SYN
> > attack risk could be reduced by making use of the counters and
> > limiting the number of connection attempts to say 2 and then
> > dropping them there after.
>You're still susceptive to DoS, except it's now much easier,
>because you play "I can't hearing anything" as soon as someone
>starts singing.

It would be safe to say that before an attack can be launched there will 
need to be an indication that something is there to be attacked in the 
first place, and if the system is fully stealthed then there will be no 
replies coming from the system from any port using any protocol so unless 
someone passes the IP address onto some one, or something just launches a 
random attack on a random address, both of which one can do nothing about 
any way, I can live with it. A DoS attack from a national or local IP will 
not effect my cap and if it brings the system down also no great loss.

By structuring the chains in the correct sequence I can minimize the risk / 
effect of a DoS and can live with any performance hits as a result. After 
all this is not a production or commercial server!

After all, no one really has any control over what incoming traffic they 
receive from upstream sources so there for concentrating on minimizing the 
out going is best one can do.


>"If you can't laugh at yourself, you don't take life seriously enough."
>wlug mailing list | wlug@l...

More information about the wlug mailing list
NOTICE: This is an archive of a public mailing list. The University of Waikato is not responsible for its contents.

The University of Waikato - Te Whare Wananga o Waikato