John Hinton wrote:
Yesterday, I had a DoS attack on a php/mysql webpage which uses a lot of resources. I have learned today, as a for instance, in the last hour, about 3000 requests for that page were made by 610 different servers, mostly from 'odd' places... China, Russia, Poland, Turkey... the usual suspects from my experience.
The bottom line is this... I hit server loads of 142 yesterday!!! And the server never crashed! Yeah, it might as well have been dead, but it wasn't. Yes, some things shut down temporarily... but the machine never went down. This is a remote server, about an hour away.. It took about 20 minutes for my mysqld stop command to execute, but with time it did respond! I'm extremely impressed by this and just wanted to pass this 'trivia' along. EL rocks!
Back in the "good 'ol days" we could just add a page full of /16's, flushing all traffic from naughty places, to the iptables deny list and call it a day. Now, my company has customers in some of these "troublesome" countries so we can't drop all their packets on the floor. 8-(
That's good news about your server staying up. What does its hardware config look like?
Cheers,