Here at $WORK a few of our sites that use the same ISP have been targets of DOS attacks at random times. Part of my department handles the network to our sites and the ISPs answer has been to just change the external IP. Which stems the tide for a bit but it will rear its head again in a short time. The attacks continue for a time then stop then start up again.
I have been searching the net on this topic but I have not found what I am looking for. We are a fledgling group in this area (By way of reorganization and decentralization) and as the Grey Beard of the group I have taken it on the roll as the person looking for solutions. What I am looking for is what people have done to try and stave off an attack. I know it is a moving target but I am looking for tools that help monitoring the traffic to alert us when the traffic gets to a certain point, also best practices on setting up a good defense. I have read a bunch of articles that tell me what to do but I would like to see how its done. Example: 1. Use this tool to monitor traffic 2. Setup the firewall this way to this if A happens , B if this IP etc. If you want to talk offline on this it is fine. I just want to find a better way than changing our Public IP for our ISP each time. That just strikes me as changing my phoe number to stop crank calls. Thanks in advance. -- John J. Boris, Sr.
_______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
