[Dshield] How do you prepare for or fight against a DDOS?
josh at raintreeinc.com
Tue Feb 17 05:48:17 GMT 2004
I can't help you much on question #1, aside from 1) keep an IDS or
something going so you know when you're being DDoS'd, 2) talk to your
ISP when the attack comes and ask them for help, and 3) don't tick off
any influential skiddies (just kidding).
About question #2 re: hfnetchk and SUS, we're just on the tail end of a
light discussion of that very subject. The jury so far seems to agree
that hfnetchk is the way to go, unless you can accept (or are forced to
accept) the limitations of SUS (Software update services), including
among other things
- can only work with hotfixes (not service packs)
- requires IIS, significant disk space (in some configurations)
Tim Lamberth wrote:
> Hello list,
> Actually I have two questions if you will allow me.
> First how does one prepare for and/or fight a DDOS? Since this seems to be
> the evil of choice lately I was wondering what others (those more
> experienced than I) would do.
> Also in keeping up with patches for MS products is there a utility or
> program better that hfnetchk? If so what are some of the general features?
> What about the SUS server from MS?
> As always thanks for any comments,
> Tim Lamberth
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list
More information about the list