|
Horms <horms@xxxxxxxxxxxx> writes:
> > link or more to perform the attack. It is difficult to syn-flood a
> > IPVS box. It would be much more difficult to attach a box with more
> > memory.
>
> Thanks that makes a lot of sense, though of course a healthy
> SYN flood could take up resources that would otherwise
> be used for valid connections on a loaded machine. Having
> said that the machines in question have penalty of memory
> so I think we should be ok.
A normal DoS attack would have a difficult time flooding an IPVS
box with plenty of memory, but if you have heard of the attacks on
Yahoo, etc, recently, it was reported that they were receiving up
to *1GB/second* of requests.
The attack used a distributed DoS tool like Trinoo, TFN (Tribe Flood
Network), or stacheldraht, which take over many (possibly thousands)
of internet hosts and use them to pound on the unlucky target.
Even IPVS could not withstand this.
Cheers,
Doug
----------------------------------------------------------------------
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe, e-mail: lvs-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
For additional commands, e-mail: lvs-users-help@xxxxxxxxxxxxxxxxxxxxxx
|
