LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

Re: Is someone hacking me ? (apparently not....)

from [Malcolm Turnbull] [Permanent Link]
To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: Re: Is someone hacking me ? (apparently not....)
From: Malcolm Turnbull <Malcolm.Turnbull@xxxxxxxxxxxx>
Date: Fri, 20 Dec 2002 10:44:44 +0000 
Malcolm Turnbull wrote:



I just got a large spike in traffic approx 10 connections per second from :
TCP 00:25 FIN_WAIT cache10.drkw.com:49470 192.168.1.13:http 192.168.1.7:http TCP 00:24 FIN_WAIT cache10.drkw.com:49441 192.168.1.13:http 192.168.1.4:http TCP 00:26 FIN_WAIT cache10.drkw.com:49440 192.168.1.13:http 192.168.1.7:http TCP 00:24 FIN_WAIT cache10.drkw.com:49442 192.168.1.13:http 192.168.1.4:http TCP 01:47 FIN_WAIT cache10.drkw.com:53541 192.168.1.13:http 192.168.1.6:http
Apparently the bank has a very agresive proxy, so not hacking me but just pissing me off.
My database is getting slaughtered by the thousands of sessions being created at one time. 


Any ideas on the best aproach to restrict this ?
Should I use iptables to do a rate limit on http connections ? can it limit connections from specific address ? i.e. not a blanket limit.. 

Or should I use the DOS techniques mentioned in the ipvsadm manual ?





--


Regards,

Malcolm Turnbull.

Crocus.co.uk Ltd
01344 629629
http://www.crocus.co.uk/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Problem with LVS DR - 10065 Host is unreachable, Sébastien Bonnet
Next by Date:  Problems with Citrix-ICA and Keepalived, David Rippel
Previous by Thread:  Is someone hacking me ?, Malcolm Turnbull
Next by Thread:  R: Is someone hacking me ?, Grilli, Diego
Indexes:  [Date] [Thread] [Top] [All Lists]