lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: B3r3n at argosnet.com (B3r3n)
Subject: DDos counter measures

Gael,

>Try some other tests using no A record for windowsupdate.com in your local 
>zone,
>you will notice that the damages are even smaller doing that instead of 
>localhost (127.0.0.1).
We also tested this solution to answer nothing to query as with an 
unresolved domain.
But finally the solution answered localhost was kept because we hope a 
machine SYN flooding will behave badly enough so its user creates a call 
and so we could know the machine requires to be patched.

Thanks for raising the idea, some others might prefer this version.

Brgrds

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ