[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Denying connections
On 17 Oct 1997 borud@xxxxxxxxxxx wrote:
> I have found it best just to drop packets from abusive sites rather
> than reject (which results in a ECONNREFUSED) them so as to possibly
> slow down the attack.
We haven't installed anything fancy - we just change our routing table:
Routing Table:
Destination Gateway Flags Ref Use Interface
-------------------- -------------------- ----- ----- ------ ---------
shells.technojunkie.com localhost UH 0 0 lo0
amazer.amaze.net.au localhost UH 0 0 lo0
pacific.undertow.net localhost UH 0 32041 lo0
shell.cisi.net localhost UH 0 24 lo0
Very efficient. The remote end will eventually get ETIMEDOUT, which delays
their connect attempts some, hmm, 90 seconds? In the end it'll hopefully
piss them off enough so as not to give up using my server.
Null@xxxxxxxxxxxx
-- Robert Martin-Legène (RM59), Network Manager (AS2109)
main(){int a[2],b[2];pipe(a);pipe(b);if(fork()){dup2(a[0],0);dup2(b[1],1)
;}else{dup2(b[0],0);dup2(a[1],1);write(1,"R",1);}execlp("cat","cat",0);}