[CentOS] DoS Attack
Chris Mauritz
chrism at imntv.com
Wed Oct 12 21:22:17 UTC 2005
John Hinton wrote:
> Yesterday, I had a DoS attack on a php/mysql webpage which uses a lot
> of resources. I have learned today, as a for instance, in the last
> hour, about 3000 requests for that page were made by 610 different
> servers, mostly from 'odd' places... China, Russia, Poland, Turkey...
> the usual suspects from my experience.
>
> The bottom line is this... I hit server loads of 142 yesterday!!! And
> the server never crashed! Yeah, it might as well have been dead, but
> it wasn't. Yes, some things shut down temporarily... but the machine
> never went down. This is a remote server, about an hour away.. It took
> about 20 minutes for my mysqld stop command to execute, but with time
> it did respond! I'm extremely impressed by this and just wanted to
> pass this 'trivia' along. EL rocks!
Back in the "good 'ol days" we could just add a page full of /16's,
flushing all traffic from naughty places, to the iptables deny list and
call it a day. Now, my company has customers in some of these
"troublesome" countries so we can't drop all their packets on the
floor. 8-(
That's good news about your server staying up. What does its hardware
config look like?
Cheers,
More information about the CentOS
mailing list