#1 Modulo de apache para tratar de evitar ataques DoS
http://www.networkdweebs.com/stuff/security.html
Apache DoS Evasive Maneuvers Module
A module for Apache 1.3 giving Apache the ability to fend off request-based DoS attacks conserving your system resources and bandwidth. This new tool maintains an internal table of IP addresses and URLs and will deny repeated requests for the same URL from the same IP address, blacklisting the address for 10-seconds per extraneous request. This is by no means designed to be a complete solution. In the event of a heavy distributed DoS attack, this module will not fend off attacks consuming all available bandwidth or more resources than are available to send 403's, but is very successful in typical flood attacks or cgi flood attacks.
This tool wasn't designed as an end-all be-all solution, it was designed as a starting point for cutting off extraneous requests (so you don't have a few thousand CGIs running on your server, or a few thousand page sends) and to provide a means of detection. You could easily take this code and have it talk to your firewalls or border routers to shut down the ip addresses that are being blacklisted. If you don't have decentralized content or at the very least a distributed design, you're going to be DoS'd regardless, but this tool can at least make it take more power to do it.
Salu 2
Apache DoS Evasive Maneuvers Module
A module for Apache 1.3 giving Apache the ability to fend off request-based DoS attacks conserving your system resources and bandwidth. This new tool maintains an internal table of IP addresses and URLs and will deny repeated requests for the same URL from the same IP address, blacklisting the address for 10-seconds per extraneous request. This is by no means designed to be a complete solution. In the event of a heavy distributed DoS attack, this module will not fend off attacks consuming all available bandwidth or more resources than are available to send 403's, but is very successful in typical flood attacks or cgi flood attacks.
This tool wasn't designed as an end-all be-all solution, it was designed as a starting point for cutting off extraneous requests (so you don't have a few thousand CGIs running on your server, or a few thousand page sends) and to provide a means of detection. You could easily take this code and have it talk to your firewalls or border routers to shut down the ip addresses that are being blacklisted. If you don't have decentralized content or at the very least a distributed design, you're going to be DoS'd regardless, but this tool can at least make it take more power to do it.
Salu 2
0
