[Answered] FreeBSD and Internet Attacks

November 20th, 2004, 4:39 PM

Protecting yourself from denial of service, by Avleen Vig

The Internet is no longer the cute and fluffy cloud it once was.

This article applies equally to FreeBSD 4.x and 5.x

Protecting your servers, workstations and networks can only go so far. Attacks which consume your availible Internet-facing bandwidth, or overpower your router's CPU can still take you offline. This paper is aimed at mitigating the effects of such attacks, and guiding you in what you should do if you are attacked.
Different types of attacks

Denial of Service attacks as their name implies, set out to remove a service from functional use by its clients. Web servers will stop serving web pages, e-mail servers will stop accepting or delivering e-mail, and routers will go dark taking you off the Internet all together.

Denial of a particular service will come in one of two forms:

* Complete consumption of a resource such as bandwidth, memory, CPU, file handles, or any other finite asset.
* Exploiting a weakness in the service to stop it functioning or causing the service to crash.

Over the last few years, attackers have refined their methods. As developers make software more reliable and more resiliant to DoS, the attack vectors have changed to target hard to secure parts of a service. In this paper we will discuss the first type of attack, and what we can do to protect our services from it.

Visit the site if you have a FreeBSD server, to follow the rest.

November 20th, 2004, 4:39 PM	#1 (permalink)
Dark Matter Guest n/a posts	[Answered] FreeBSD and Internet Attacks Protecting yourself from denial of service, by Avleen Vig The Internet is no longer the cute and fluffy cloud it once was. This article applies equally to FreeBSD 4.x and 5.x Protecting your servers, workstations and networks can only go so far. Attacks which consume your availible Internet-facing bandwidth, or overpower your router's CPU can still take you offline. This paper is aimed at mitigating the effects of such attacks, and guiding you in what you should do if you are attacked. Different types of attacks Denial of Service attacks as their name implies, set out to remove a service from functional use by its clients. Web servers will stop serving web pages, e-mail servers will stop accepting or delivering e-mail, and routers will go dark taking you off the Internet all together. Denial of a particular service will come in one of two forms: * Complete consumption of a resource such as bandwidth, memory, CPU, file handles, or any other finite asset. * Exploiting a weakness in the service to stop it functioning or causing the service to crash. Over the last few years, attackers have refined their methods. As developers make software more reliable and more resiliant to DoS, the attack vectors have changed to target hard to secure parts of a service. In this paper we will discuss the first type of attack, and what we can do to protect our services from it. Visit the site if you have a FreeBSD server, to follow the rest.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)