09-19-2010
There is not much you can do about serious DDOS attacks with a simple network architecture.
If you aee concerned, you need a stateful fw. Is your firewall capabable of stateful inspection?
This User Gave Thanks to Neo For This Post:
7 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
since putting my pc online, it keeps getting slower and i dig the logfile to have such a surprise:
this is just one of a many and I beleived it's a bruteforce attack
how do i block this IP 200.41.81.228 from trying to knock my online pc?
my system:
FreeBSD testing.net 6.2-STABLE-JE... (6 Replies)
Discussion started by: rdns
6 Replies
2. Cybersecurity
REPLAY ATTACK.
Can some one elobrate on measures to encounter this problem of replay atack on network. (3 Replies)
Discussion started by: Ashvin Gaur
3 Replies
3. Cybersecurity
About 3 days ago our Apache logs started filling with the following errors:
mod_ssl: SSL handshake failed (server <weberver>:443, client 41.235.234.172) (OpenSSL library error follows)
OpenSSL: error:1408A0B7:SSL routines:SSL3_GET_CLIENT_HELLO:no ciphers specified
These initially were... (1 Reply)
Discussion started by: ccj4467
1 Replies
4. Cybersecurity
Hi,
I have a belkin router installed and a look at the security log has got me worried a little bit.
Security log:
Fri Jan 29 20:41:46 2010
=>Found attack from 68.147.232.199.
Source port is 58591 and destination port is 12426 which use the TCP protocol.
Fri Jan 29 20:41:46 2010 ... (1 Reply)
Discussion started by: jld
1 Replies
5. Cybersecurity
In my logs I find entries about attacks on my system. I know IP addresses, I know date and time and I know what they tried to do. So what's the best I can do now? Tell everybody that there are cybercriminals on that network? Write an email to their admin? Anything else? (10 Replies)
Discussion started by: Action
10 Replies
6. Cybersecurity
Is this an attack attempt? I got an e-mail from 'uucp Admin' last night and again this morning:
What does it mean and what can I do about it? Thanks (4 Replies)
Discussion started by: ctafret
4 Replies
7. Emergency UNIX and Linux Support
Dear community,
my site was recently attacjed by DDOS technique and goes down in a few minutes. My site runs under Debian/Apache2/Mysql.
I identified the IPs who attack me and block it through iptable firewall from debian.
Something like:
iptables -D INPUT -s xxx.xxx.xxx.xxx -j DROP
This... (7 Replies)
Discussion started by: Lord Spectre
7 Replies
LEARN ABOUT DEBIAN
lire::firewall::watchguarddlfconverter
WatchguardDlfConverter(3pm) LogReport's Lire Documentation WatchguardDlfConverter(3pm)
NAME
Lire::Firewall::WatchguardDlfConverter - convert Watchguard logs to firewall DLF
DESCRIPTION
Lire::Firewall::WatchguardDlfConverter converts Watchguard logs into firewall DLF format. Input for this converter is the standard
Watchguard syslog log file.
AUTHOR
Wessel Dankers <wsl@logreport.org>
Initial code by Joost Bekkers <joost@jodocus.org>, now maintained by the LogReport team. Based upon the cisco_ios2dlf.in script.
SEE ALSO
The WatchGuard website at http://www.watchguard.com/ for some information on the WatchGuard Firebox System. Unfortunately, only very
little information is freely available.
VERSION
$Id: WatchguardDlfConverter.pm,v 1.10 2006/07/23 13:16:35 vanbaal Exp $
COPYRIGHT
Copyright (C) 2001-2003 Stichting LogReport Foundation LogReport@LogReport.org
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program (see COPYING); if not, check with
http://www.gnu.org/copyleft/gpl.html.
Lire 2.1.1 2006-07-23 WatchguardDlfConverter(3pm)