[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] FBI harassing Tor devs



On 5/14/16, Flipchan <flipchan@xxxxxxxxxx> wrote:
> Did u manage to put up some anti ddos?
>
> I wrote a script that blocked my lÃst attackers ddos attacks might work..
>
> block udp ddos attacks drop em if they are sent more then 15 times
> iptables -A INPUT -p udp -m connlimit --connlimit-above 15 -j DROP
> iptables -A OUTPUT -p udp -m connlimit --connlimit-above 10 -j DROP

A real layer-3 [d]DoS saturates your pipe, nothing you can do with a "script"
on your box will help, it can only be mitigated upstream / waited out.

Like the SSH ATTACK whiners, the feelgood "block" above is really just
hiding some minor personal annoyance, kernel time, and return traffic.
The latter two being relavent only if you $pay for them.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk