Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: What I think is a DoS attack
Special Forums Cybersecurity What I think is a DoS attack Post 302389063 by ccj4467 on Friday 22nd of January 2010 12:41:04 PM
Old 01-22-2010
What I think is a DoS attack
About 3 days ago our Apache logs started filling with the following errors:
Code:
[Fri Jan 22 12:20:38 2010] [error] mod_ssl: SSL handshake failed (server <weberver>:443, client 41.235.234.172) (OpenSSL library error follows)
[Fri Jan 22 12:20:38 2010] [error] OpenSSL: error:1408A0B7:SSL routines:SSL3_GET_CLIENT_HELLO:no ciphers specified

These initially were happening at rate of about 3000 per minute and we started blocking IP addresses at our firewall. The rate has no dropped to about 500 per minute. The problem is the IP addresses are relatively random and we do not have the manpower to keep adding IP address continuely to the firewall ( in the last 24 hours there were over 100,000 individual IPs). We also are hesitant to block large IP ranges.

My question is:

Is there some kind tool that can be installed on our firewall that could catch these requests before they reach our webservers?

The firewall is an OpenBSD machine.

This problem has been affecting connectivity to our webservers.
 

6 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Bruteforce attack on my pc

since putting my pc online, it keeps getting slower and i dig the logfile to have such a surprise: this is just one of a many and I beleived it's a bruteforce attack how do i block this IP 200.41.81.228 from trying to knock my online pc? my system: FreeBSD testing.net 6.2-STABLE-JE... (6 Replies)
Discussion started by: rdns
6 Replies

2. Cybersecurity

Replay Attack

REPLAY ATTACK. Can some one elobrate on measures to encounter this problem of replay atack on network. (3 Replies)
Discussion started by: Ashvin Gaur
3 Replies

3. Linux

dos-path / un-dos-path compatibility with cygwin

Hello ; I have a problem running some script on dos . when i run : C: ls /temp ls: cannot access /temp: No such file or directory but when i run C: ls \temp windriver backup remotebackup also when i run C: ls temp windriver backup remotebackup The... (4 Replies)
Discussion started by: mulder20
4 Replies

4. Cybersecurity

Found attack from

Hi, I have a belkin router installed and a look at the security log has got me worried a little bit. Security log: Fri Jan 29 20:41:46 2010 =>Found attack from 68.147.232.199. Source port is 58591 and destination port is 12426 which use the TCP protocol. Fri Jan 29 20:41:46 2010 ... (1 Reply)
Discussion started by: jld
1 Replies

5. Cybersecurity

UUCP attack?

Is this an attack attempt? I got an e-mail from 'uucp Admin' last night and again this morning: What does it mean and what can I do about it? Thanks (4 Replies)
Discussion started by: ctafret
4 Replies

6. Emergency UNIX and Linux Support

DDOS attack please help!

Dear community, my site was recently attacjed by DDOS technique and goes down in a few minutes. My site runs under Debian/Apache2/Mysql. I identified the IPs who attack me and block it through iptable firewall from debian. Something like: iptables -D INPUT -s xxx.xxx.xxx.xxx -j DROP This... (7 Replies)
Discussion started by: Lord Spectre
7 Replies

LEARN ABOUT MINIX

ppmtosixel

ppmtosixel(1)                                                 General Commands Manual                                                ppmtosixel(1)

NAME

       ppmtosixel - convert a portable pixmap into DEC sixel format

SYNOPSIS

       ppmtosixel [-raw] [-margin] [ppmfile]

DESCRIPTION

       Reads  a  portable  pixmap  as input.  Produces sixel commands (SIX) as output.  The output is formatted for color printing, e.g. for a DEC
       LJ250 color inkjet printer.

       If RGB values from the PPM file do not have maxval=100, the RGB values are rescaled.  A printer control header and a color assignment table
       begin the SIX file.  Image data is written in a compressed format by default.  A printer control footer ends the image file.

OPTIONS

       -raw   If  specified,  each  pixel  will  be explicitly described in the image file.  If -raw is not specified, output will default to com-
              pressed format in which identical adjacent pixels are replaced by "repeat pixel" commands.  A raw file is often an order  of  magni-
              tude larger than a compressed file and prints much slower.

       -margin
              If  -margin  is not specified, the image will be start at the left margin (of the window, paper, or whatever).  If -margin is speci-
              fied, a 1.5 inch left margin will offset the image.

PRINTING

       Generally, sixel files must reach the printer unfiltered.  Use the lpr -x option or cat filename > /dev/tty0?.

BUGS

       Upon rescaling, truncation of the least significant bits of RGB values may result in poor color conversion.  If the original PPM maxval was
       greater  than  100,  rescaling  also reduces the image depth.  While the actual RGB values from the ppm file are more or less retained, the
       color palette of the LJ250 may not match the colors on your screen.  This seems to be a printer limitation.

SEE ALSO

       ppm(5)

AUTHOR

       Copyright (C) 1991 by Rick Vinci.

                                                                   26 April 1991                                                     ppmtosixel(1)
All times are GMT -4. The time now is 04:17 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy