[Gllug] [OT] Netgear DG834 and DOS attacks
Anthony Newman
anthony.newman at uk.clara.net
Wed Jul 20 11:19:48 UTC 2005
Wiehe, Simon wrote:
> I have my network protected by my Linux box running ip tables as well
> as the firewall on the router. However, I tend to explicitly drop packets
> for any ports where I have previously had DOS attacks, even though the router
> defaults to deny. I was just wondering if I was able to reject any requests
> from a particular domain.
>
Blocking by domain (if you mean name domain) would require higher level
protocol awareness than plain IP or TCP/IP, and lots of DNS traffic. All
you can do is contact the authority to whom the offending netblock has
been delegated (good luck ;) ) and hope they might pull the plug on the
offender(s), or weather the storm and put up with reduced bandwidth
until it stops.
Anthony
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list