I accidentally posted this with the last message i was replying to...
so reposting..., I apologize for the mistake.
Lucas Albers said:
> I am exposing another machine as http mirror, and am trying to secure it.
> Done with iptables.
> configured portsentry to auto-block portscans.
>
> How to block TRACE in apache?
> I believe you do it with rewriting rule like such, but does not work.
> <IfModule mod_rewrite.c>
> #security changes
> RewriteCond %{REQUEST_METHOD} ^TRACE
> RewriteRule .* - [F]
> </IfModule>
>
> How to restrict ALL product information?
> I want to leak no webserver/os information, I've already configured:
>
> ServerTokens ProductOnly
>
> Anyone have a rule to restrict this via mod_rewrite or similar?
>
> I have also been trying to prevent DOS attacks.
> I used mod_throttle on the webserver but it had severe performance
> problems. It just slowed the webserver down drastically.
>
> What iptable rules or scripts, have you used to prevent DOS on the
> webserver?
> I would be very interested in hearing how others do this.
>
> For example last week I was being trawled by 20 bots from one of the
> search engines. If I had an iptables throttle on simultaneous connections
> or similar I would not have had problems.
>
> 6 weeks ago I had a user publish a movie file that maxed out my webserver
> at 256 simultaneous connections and was using 40 megs of traffic a second.
> This used up 2/3rds of our network bandwidth, and prevented anyone else
> from viewing webpages on our webserver.
> Our webserver kept working...joy joy.
> Any ideas on how to prevent this particular DOS?
> An scripts you use?
> Thanks.
> --
> --Luke CS Sysadmin, Montana State University-Bozeman
>
--
--Luke CS Sysadmin, Montana State University-Bozeman
