I'm not writing in my blogs about any of the issues that you mentioned, nor do I host any such content, yet I had the "honour" of being DDoS attacked.
Hetz 2010/9/4 Etzion Bar-Noy <eza...@tournament.org.il> > Your Cisco won't protect you against these either. There are specific DDoS > protection systems, which you are not going to try and afford. Unless your > servers are about gambling, porn or something very hot, you will not likely > be the target of DDoS attack. I haven't been myself, for the last 7 years or > so. > > Ez > > > On Sat, Sep 4, 2010 at 12:42 AM, Hetz Ben Hamo <het...@gmail.com> wrote: > >> I'm doing this thing right now. The only issue I worry about is attacks >> like DDoS. >> >> Hetz >> >> 2010/9/4 Etzion Bar-Noy <eza...@tournament.org.il> >> >> Hi. >>> I am in your shoes. I maintain several Linux systems hosted in Netvision >>> (currently) for the last few years. For the last 7 years or so, I have been >>> using iptables to protect my systems from intrusion. I have been using >>> denyhosts to prevent unauthorized SSH logins, and prevented direct root >>> login, or blocked all/some except my home fixed address and some other >>> well-trusted addresses. >>> >>> This setup has proven itself to be effective and reliable, with zero >>> intrusions (I stopped logging them after a while, because it's not that >>> interesting, after all. The amount of random port scans are huge). >>> >>> Assuming you understand iptables, and you know how to handle it right, >>> there is no problem with that solution. None that I have noticed. >>> >>> Ez >>> >>> 2010/9/3 Hetz Ben Hamo <het...@gmail.com> >>> >>>> Hi people, >>>> As I setup my VPS/dedicated hosting here in Israel, I have been asked by >>>> the hosting company (Netvision) to either buy and bring a firewall or rent >>>> from them since the bandwidth I bought exceeds what is allowed under their >>>> firewall. >>>> They're offering Cisco 1383 (or 1838, I don't remember exactly which >>>> model). >>>> >>>> As a person who really loves Linux, I thought to myself: Why do I need >>>> to buy/rent some proprietary Cisco solution? Can't Linux handle the >>>> firewall >>>> task well? I'm sure Cisco/Checkpoint solutions are great, but yet... >>>> >>>> So here's my question: If you were in my shoes, would you take a cisco >>>> or apply some Linux solution? If you say Linux solution, what kind of >>>> solution? Could you name an app/module/whatever that can do a good >>>> protection against the usual suspect and protect against stuff like DDoS >>>> attack? >>>> >>>> I prefer the Linux solution because then I can run other services on >>>> this machine (small mail server, nagios, etc..) >>>> >>>> Suggestions? >>>> >>>> Thanks, >>>> Hetz >>>> >>>> -- >>>> my blog (hebrew): http://benhamo.org >>>> Skype: heunique >>>> MSN: hetz-b...@benhamo.org >>>> >>>> _______________________________________________ >>>> Linux-il mailing list >>>> Linux-il@cs.huji.ac.il >>>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il >>>> >>>> >>> >> >> -- >> my blog (hebrew): http://benhamo.org >> Skype: heunique >> MSN: hetz-b...@benhamo.org >> > > -- my blog (hebrew): http://benhamo.org Skype: heunique MSN: hetz-b...@benhamo.org
_______________________________________________ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
