Sponsored Content
Special Forums Cybersecurity 3 steps to protect Webserver against DoS? Post 302895227 by postcd on Saturday 29th of March 2014 07:08:38 PM
Old 03-29-2014
3 steps to protect Webserver against DoS?

Hi, there are 3 steps on how to protect against Denial of Service attack on a webserver:

- limiting the number of requests that a server will accept from a single IP address in a fixed time frame

- lowering the minimum transfer rate of a single connection

- reducing the connection time from a single client

Please can you write ideas on how to apply these protections on basic Apache webserver? I think these are really basics
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

protect dtterm

we have an hp-ux and a user requested me if i can password protect the dtterm. i know that this is possible but can you give me some hints in making this happen? thanks :cool: (2 Replies)
Discussion started by: inquirer
2 Replies

2. UNIX for Dummies Questions & Answers

Password protect a file

I have created a PHP page that I use to clean files on my machine. I would like to leave the file there but I want to password protect it so that I am the only one that can run it from the shell. Does anyone know how to do this? Thanks. -Cam (2 Replies)
Discussion started by: perryl7
2 Replies

3. Shell Programming and Scripting

tar with password protect

Hello All, i work with backup, The below script runs and tar the user specified dir and put it in a backup machine. can any one help me to modify this in such a was that the tar file generated can be given a users specific password so that it can have high security. KINDLY LET ME... (2 Replies)
Discussion started by: pradeepmacha
2 Replies

4. UNIX for Advanced & Expert Users

Protect from rm /

We recently had an accidental delete from /. I hold the root password but others are allowed to sudo over to root to perform admin tasks. The only way I want to permit deletion from / is by physically being root (su -). I'd like to add a line to the sudoers file which would permit all commands... (1 Reply)
Discussion started by: scottsl
1 Replies

5. Linux

dos-path / un-dos-path compatibility with cygwin

Hello ; I have a problem running some script on dos . when i run : C: ls /temp ls: cannot access /temp: No such file or directory but when i run C: ls \temp windriver backup remotebackup also when i run C: ls temp windriver backup remotebackup The... (4 Replies)
Discussion started by: mulder20
4 Replies

6. UNIX for Dummies Questions & Answers

Protect a Process from Being Killed

Hi, I have a process which takes 13-15 mins for execution and its getting killed in the meantime.So can you please helpme out how to protect the process from getting killed. Thanks in advance. Regards, Harika (9 Replies)
Discussion started by: harikagrp
9 Replies

7. UNIX for Advanced & Expert Users

protect process

how to protect my process from others to kill?? Double post, continued here, thread closed (0 Replies)
Discussion started by: samrintu
0 Replies

8. Cybersecurity

How to protect system from cloning?

Hello there, I would like to protect a Linux system from cloning, I don't mind if the cloned hard drive works in the same computer, but I need to avoid it to work in other one, even if it uses exactly same mainboard model and rest of computer parts. I want the cloned system to get frozen or... (4 Replies)
Discussion started by: Installimat
4 Replies

9. Shell Programming and Scripting

Password protect script

Is there a way to have a user be prompted for a password to open a file? I am trying to protect a bash script from being changed. Thank you :). (3 Replies)
Discussion started by: cmccabe
3 Replies
IGMP(4) 						   BSD Kernel Interfaces Manual 						   IGMP(4)

NAME
igmp -- Internet Group Management Protocol SYNOPSIS
#include <sys/types.h> #include <sys/socket.h> #include <netinet/in.h> #include <netinet/in_systm.h> #include <netinet/ip.h> #include <netinet/igmp.h> int socket(AF_INET, SOCK_RAW, IPPROTO_IGMP); DESCRIPTION
IGMP is a control plane protocol used by IPv4 hosts and routers to propagate multicast group membership information. Normally this protocol is not used directly, except by the kernel itself, in response to multicast membership requests by user applications. Routing protocols may open a raw socket to directly interact with igmp. As of FreeBSD 8.0, IGMP version 3 is implemented. This adds support for Source-Specific Multicast (SSM), whereby applications may communi- cate to upstream multicast routers that they are only interested in receiving multicast streams from particular sources. SYSCTL VARIABLES
net.inet.igmp.stats This opaque read-only variable exposes the stack-wide IGMPv3 protocol statistics to netstat(1). net.inet.igmp.ifinfo This opaque read-only variable exposes the per-link IGMPv3 status to ifmcstat(8). net.inet.igmp.gsrdelay This variable specifies the time threshold, in seconds, for processing Group-and-Source Specific Queries (GSR). As GSR query pro- cessing requires maintaining state on the host, it may cause memory to be allocated, and is therefore a potential attack point for Denial-of-Service (DoS). If more than one GSR query is received within this threshold, it will be dropped, to mitigate the potential for DoS. net.inet.igmp.default_version This variable controls the default version of IGMP to be used on all links. This sysctl is normally set to 3 by default. net.inet.igmp.legacysupp If this variable is non-zero, then IGMP v1 and v2 membership reports received on a link will be allowed to suppress the IGMP v3 state-change reports which would otherwise be issued by this host. This sysctl is normally enabled by default. net.inet.igmp.v2enable If this variable is non-zero, then IGMP v2 membership queries will be processed by this host, and backwards compatibility will be enabled until the v2 'Old Querier Present' timer expires. This sysctl is normally enabled by default. net.inet.igmp.v1enable If this variable is non-zero, then IGMP v1 membership queries will be processed by this host, and backwards compatibility will be enabled until the v1 'Old Querier Present' timer expires. This sysctl is normally enabled by default. net.inet.igmp.sendlocal If this variable is non-zero, then IGMP state-changes for groups in the 224.0.0.0/24 link-scope prefix will be issued. This behav- iour is recommended if deploying FreeBSD in a network environment with layer 2 devices which snoop IGMP traffic to mitigate multicast propagation throughout the network. This sysctl is normally enabled by default. net.inet.igmp.sendra If this variable is non-zero, then IGMP v2 and v3 reports will contain the IP Router Alert option. This sysctl is normally enabled by default. net.inet.igmp.recvifkludge If this variable is non-zero, then received IGMP reports which contain 0.0.0.0 as their source will be rewritten to contain the sub- net address. This is useful when there are hosts on-link which have not yet been configured with a primary IPv4 address. This sysctl is normally enabled by default. SEE ALSO
ifmcstat(8), inet(4), multicast(4), netstat(1), sourcefilter(3) HISTORY
The igmp manual page re-appeared in FreeBSD 8.0. BSD
March 9, 2009 BSD
All times are GMT -4. The time now is 07:21 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy