[arch-general] IPTables DDoS
Heiko Baums
lists at baums-on-web.de
Mon Jul 19 14:24:22 EDT 2010
Am Mon, 19 Jul 2010 23:37:01 +0530
schrieb Nilesh Govindarajan <lists at itech7.com>:
> Thanks a lot man. But I have a doubt (may sound quite weird, but I
> really don't know about it).
> Suppose I set this-
> iptables -I INPUT -m limit --limit 1/min --limit-burst 5 -j ACCEPT
> will this affect HTTP connections?
This hasn't anything to do with HTTP. It's a protocol layer below (TCP
or UDP). I'd suggest adding -p tcp.
> Basically, how many packets is probably going to constitute one
> connection? What is the recommended setting for the same to prevent
> DoS?
I'm not a security expert, but in the tutorial -m limit --limit
5/second --limit-burst 10/second is given as an example.
Heiko
More information about the arch-general
mailing list