Nope its not codered , and to filter codered and nimda is easy. I havent
found
codered's traffic on proxy.In normal condition In: 100 KB/s out: 140 KB/s ,
But suddenly some time its get reserved In: 140 KB/s out: 50 KB/s
And that time my backbone bandwidth also goes to full utilization, I dont
know why.
I feel that that was only undesirable traffic.But how should I figure it
out.
Thanks
pankaj
----- Original Message -----
From: "Joel Jaeggli" <joelja@darkwing.uoregon.edu>
To: "Peter Kassies" <p.kassies@ptt-post.nl>
Cc: "squid" <squid-users@squid-cache.org>
Sent: Thursday, January 31, 2002 3:42 AM
Subject: RE: [squid-users] dos attack protection on proxy
> The biggest possible dos against a well run proxy server is something like
> codered coming from client machines inside you network aimed at the
> outside world... The defense against those type of attacks (not codered
> necessarily since that's already been identified) is to monitord your
> proxy server for unusual spikes in activity, particulalry if they
> originate from a single or small number of hosts...
>
> your proxy server should be running a lot of services visible from outside
> your netowrk in most cases anyway, so it should itself be hard to dos from
> the outside.
>
> joelja
>
> On Wed, 30 Jan 2002, Peter Kassies wrote:
>
> > Good luck.
> > http://grc.com/dos/grcdos.htm
> >
> > There are some ways, but none of them are failproof.
> > I'm sure if you do not run some high visible website, where marketing
people
> > claim "most secure site in the world", you're unlikely to become a
target.
> >
> > Peter
> >
> > > -----Oorspronkelijk bericht-----
> > > Van: pankaj patel [mailto:pankaj_surat@nettaxi.com]
> > > Verzonden: Wednesday, January 30, 2002 8:53 AM
> > > Aan: Squid
> > > Onderwerp: [squid-users] dos attack protection on proxy
> > >
> > >
> > > HI all
> > > Please give me some idea about dos attack.
> > > I know that mostly dos attack is for proxy and dns servers.
> > > I want to protech my proxy server from having DOS attack ,
> > > any body can help me pl??
> > >
> > >
> > > Thnaks
> > > pankaj
> > >
> > >
> >
>
> --
> --------------------------------------------------------------------------
> Joel Jaeggli Academic User Services joelja@darkwing.uoregon.edu
> -- PGP Key Fingerprint: 1DE9 8FCA 51FB 4195 B42A 9C32 A30D 121E --
> The accumulation of all powers, legislative, executive, and judiciary, in
> the same hands, whether of one, a few, or many, and whether hereditary,
> selfappointed, or elective, may justly be pronounced the very definition
of
> tyranny. - James Madison, Federalist Papers 47 - Feb 1, 1788
>
>
Received on Thu Jan 31 2002 - 23:46:22 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:06:02 MST