North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: Mitigating HTTP DDoS attacks?
- From: Roland Dobbins
- Date: Mon Mar 24 19:34:56 2008
- Authentication-results: hkg-dkim-1; [email protected]; dkim=pass ( sig from cisco.com/hkgdkim1002 verified; );
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; l=608; t=1206401268; x=1207265268; c=relaxed/simple; s=hkgdkim1002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; [email protected]; z=From:=20Roland=20Dobbins=20<[email protected]> |Subject:=20Re=3A=20Mitigating=20HTTP=20DDoS=20attacks? |Sender:=20; bh=6IQFBTyNmfguXg4XzsJvwk0sFYV5vSruByo9VD86avA=; b=NnLTY4WyiHbyy2T+i6HZ+SXzeBgYJ5xsejZ7DlaE1UC8TFcVA5mSBo0IJX wRYpLcz7bl3oqW/ZgB7gkyWUE5siRqAzXtuCPwkX7IuYhxHABve+jkRuJCRt /caChZAhU41KkkO1Ohtt715kSycDVb8mOw6mIkxDG5nwfxvhbZCMc=;
On Mar 25, 2008, at 6:18 AM, Tim Yocum wrote:
If you're running Apache, you may also investigate mod_evasive, and in
the case of exploits, mod_security.
mod_evasive and mod_security are definitely recommended, good point.
And a good relationship with your peers/upstreams/customers/vendors is
also key, so that you can get assistance when you need it.
-----------------------------------------------------------------------
Roland Dobbins <[email protected]> // +66.83.266.6344 mobile
It doesn't pay to dispute what you know to be true.
-- Fred Reed
|