[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Samuel Tarling wrote: > > It makes you think about the (in)security of web servers and such. Is > there any real protection from DDoSs other than unplugging your server > (or computer for that matter)? There are many ways of mitigating DDoS attacks. But they are relatively crude. Ultimately if enough hosts are out to get you they there are limits to what can be done. The most effective measures are to co-operate with your upstream, or peers, so that the narrow bandwidth points are filtered from the other end. If the service permits it one can also use things like content distribution networks, so the data is served from a lot of points. DNS is a case in point, where f.root-server.net is served from a large number of addresses using anycast, so if someone attempts to DDoS f.root-server.net they'll likely only take out a selection of the servers. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html