[Gllug] [OT] Netgear DG834 and DOS attacks
Chris Bell
chrisbell at overview.demon.co.uk
Wed Jul 20 11:47:59 UTC 2005
On Wed 20 Jul, Anthony Newman wrote:
>
> Wiehe, Simon wrote:
>
> > I have my network protected by my Linux box running ip tables as well
> > as the firewall on the router. However, I tend to explicitly drop packets
> > for any ports where I have previously had DOS attacks, even though the router
> > defaults to deny. I was just wondering if I was able to reject any requests
> > from a particular domain.
> >
>
> Blocking by domain (if you mean name domain) would require higher level
> protocol awareness than plain IP or TCP/IP, and lots of DNS traffic. All
> you can do is contact the authority to whom the offending netblock has
> been delegated (good luck ;) ) and hope they might pull the plug on the
> offender(s), or weather the storm and put up with reduced bandwidth
> until it stops.
>
>
> Anthony
I would hope that you are not putting any trust in the domain name, only
the verified numerical IP address. Otherwise someone in Russia may be
receiving some undeserved complaints.
--
Chris Bell
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list