mitigate the
issue …. or you need to change to an ISP that can do that.
Frank
From: tech-boun...@lists.lopsa.org [mailto:tech-boun...@lists.lopsa.org] On
Behalf Of john boris
Sent: Wednesday, March 23, 2016 10:47 AM
To: Chris McEniry
Cc: tech@lists.lopsa.org
Subject: Re: [lopsa-tech] Questions
If I'm reading that right, and it's serving public DNS, move that off - Dyn and
Route53 have been useful. I know in the former, you can do hidden master.
Haven't set that up in the latter but would be surprised if it's not possible.
The assumption here is that DNS is being the beacon they're usi
> From: tech-boun...@lists.lopsa.org [mailto:tech-boun...@lists.lopsa.org]
> On Behalf Of john boris
>
> Here at $WORK a few of our sites that use the same ISP have been targets of
> DOS attacks at random times. Part of my department handles the network to
> our sites and the ISPs answer has been
Some more information about my "quest".The sites are schools in our
"district" and all of our Web sites are hosted elsewhere. The attacks are
against our main gateway which acts as a DNS server as well.
On Wed, Mar 23, 2016 at 11:32 AM, Chris McEniry wrote:
> Part of the reason DDoS mitigation a
The way I've handled it to this point with my sites and it has worked
well is various firewalls (mostly OpenBSD PF is what I use) allow you to
establish what an overload looks like. so I set mine up that if you
establish 10 connections in 5 seconds it tosses you onto the overload
list and just does
Part of the reason DDoS mitigation advice doesn't have a whole lot of
concretes is because it really depends on your own traffic and
secondarily on your attacker - so summarizing them all becomes
problematic. DDoS Mitigation stems from the theoretical question of "How
do you only allow 'good' t
Depends on what type of DDOS. If it's web based, services like CloudFlare
can help a tremendous amount with very little engineering work on your
team's part (most times). I've heard of it being implemented in hours.
If it's more a network level issue, then nothing will really help except
rigorous f
John,
Several school districts in WA have also had problems with DDOS attacks.
The solutions have ranged from:
* Get a DDOS box that helps to manage and dump the traffic such as Forti
DDoS 900B, Cisco firewall with IPS, or run fail2ban on a linux server:
https://www.garron.me/en/go2linux/f