Benutzer-Werkzeuge
dapnetnodeconnectionratelimit
Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
| Beide Seiten der vorigen Revision Vorhergehende Überarbeitung | Letzte Überarbeitung Beide Seiten der Revision | ||
|
dapnetnodeconnectionratelimit [2018/06/26 20:56] dh3wr [Countermeasures and Connection Rate Limiting] |
dapnetnodeconnectionratelimit [2018/06/26 20:58] dh3wr [Countermeasures and Connection Rate Limiting] |
||
|---|---|---|---|
| Zeile 7: | Zeile 7: | ||
| In order to block maschines like this, the firewall at db0sda has been set up in a way, that if either | In order to block maschines like this, the firewall at db0sda has been set up in a way, that if either | ||
| * There are more then 5 new TCP connections/minute from the same source IP to Port 43434 on dapnet.afu.rwth-aachen.de | * There are more then 5 new TCP connections/minute from the same source IP to Port 43434 on dapnet.afu.rwth-aachen.de | ||
| - | * Or the first 2 kB for the traffic contain a string like //[UniPager-C9000 v.0.6.0 ]// (RegEx: \[UniPager-.+\ v[0-9]+\.[0-9]+\.[0-9]\ \ \]) | + | * Or the first 2 kB for the traffic contain a string like //[UniPager-C9000 v.0.6.0 ]// |
| + | <code>(RegEx: \[UniPager-.+\ v[0-9]+\.[0-9]+\.[0-9]\ \ \])</code> | ||
| + | |||
| + | then the source IP is added for 10 minutes to a list of blocked IPs. | ||
| + | |||
| + | With this approach, we should be also more save against possible DOS attacks. | ||
dapnetnodeconnectionratelimit.txt · Zuletzt geändert: 2018/06/26 20:59 von dh3wr
Seiten-Werkzeuge
Falls nicht anders bezeichnet, ist der Inhalt dieses Wikis unter der folgenden Lizenz veröffentlicht: CC Attribution-Share Alike 4.0 International
