North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Mitigating HTTP DDoS attacks?

  • From: Roland Dobbins
  • Date: Mon Mar 24 19:34:56 2008
  • Authentication-results: hkg-dkim-1; [email protected]; dkim=pass ( sig from verified; );
  • Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; l=608; t=1206401268; x=1207265268; c=relaxed/simple; s=hkgdkim1002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version;; [email protected]; z=From:=20Roland=20Dobbins=20<[email protected]> |Subject:=20Re=3A=20Mitigating=20HTTP=20DDoS=20attacks? |Sender:=20; bh=6IQFBTyNmfguXg4XzsJvwk0sFYV5vSruByo9VD86avA=; b=NnLTY4WyiHbyy2T+i6HZ+SXzeBgYJ5xsejZ7DlaE1UC8TFcVA5mSBo0IJX wRYpLcz7bl3oqW/ZgB7gkyWUE5siRqAzXtuCPwkX7IuYhxHABve+jkRuJCRt /caChZAhU41KkkO1Ohtt715kSycDVb8mOw6mIkxDG5nwfxvhbZCMc=;

On Mar 25, 2008, at 6:18 AM, Tim Yocum wrote:

If you're running Apache, you may also investigate mod_evasive, and in
the case of exploits, mod_security.

mod_evasive and mod_security are definitely recommended, good point.

And a good relationship with your peers/upstreams/customers/vendors is also key, so that you can get assistance when you need it.

Roland Dobbins <[email protected]> // + mobile

It doesn't pay to dispute what you know to be true.

-- Fred Reed