Hi all,
I'm currently facing a ddos syn-flood attack against my cluster. Fortunately,
those guys do not have enough machines to flood all my servers and the
service is still up and running. They seem to use spoofed source IPs (as
usual) so I can't even know where it comes from.
Anyway, It is now 24 hours they are playing like that, and I would like to
stop it. Do you have an idea? Don't tell me that I have to use iptables to
reduce the syn rate, I can't :). I have a lot of mobile clients, and the wap
gateways can send me a lot of valid syns.
So, if anyone has an idea, he's welcome.
François.
Décharge / Disclaimer
Ce message et toutes les pièces jointes (ci-après le "message") sont
confidentiels et établis à l'intention exclusive des destinataires. Toute
utilisation ou diffusion non autorisée est interdite. Tout message électronique
étant susceptible d'altération, 123Multimédia et ses filiales déclinent toute
responsabilité au titre de ce message s'il a été altéré, déformé ou falsifié.
This message and any attachments (the "message") are confidential and intended
solely for the addressees. Any unauthorised use or dissemination is prohibited.
E-mails are susceptible to alteration. Therefore neither 123Multimédia nor any
of its subsidiaries or affiliates shall be liable for the message if altered,
changed or falsified.
|