OK, wanted to give an update on this: I was talking about DOS from the
Wireless side, not the wired ;)

J.

--
Jonathan De Graeve
Network/System Engineer
Imelda vzw
Informatica Dienst
015/50.52.98
Jonathan dot de dot graeve at imelda dot be 

> -----Oorspronkelijk bericht-----
> Van: Lee Sharp [mailto:leesharp at hal dash pc dot org]
> Verzonden: zondag 13 augustus 2006 19:13
> Aan: m0n0wall at lists dot m0n0 dot ch
> Onderwerp: Re: [m0n0wall] M0n0wall and DOS attacks ?
> 
> From: "Bob Young" <bob at lavamail dot net>
> 
> > I'm not sure if WISP operators need to worry about DOS attacks or
not?
> > If
> > so, how do M0n0wall WISP operators here handle DOS attacks?
> 
> I had one not too long ago.  First, you router is the wrong place to
> handle
> it.  This is because by the time it gets to you, it has already used
your
> bandwidth.  You need to work with the provider.  However, m0n0wall has
> very
> good logs, so it is easier.  During the attack, I had the providers
NOC on
> the phone.  I would grab a chunk of logs and cut and past them in to a
> spread sheet.  Sort by IP address, and give ranges for the ISP to
black
> hole
> on his router.
> 
> > Maybe a separate firewall capable of fending off DOS attacks, should
be
> > used
> > in conjunction with  M0n0wall?
> 
> Yes. The one in the NOC of your ISP.  A DOS attack works by filling
the
> pipe
> between you and the ISP.
> 
> > Maybe I'm overly worried about DOS attacks and WISP operators don't
run
> > into
> > DOS attacks all that often?
> 
> Not too often...  Commercial accounts with websites more often, but
still
> rare.
> 
>                                             Lee
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>