DDOS

alexus alexus at gmail.com
Thu Feb 17 18:35:28 CET 2011 

I like your idea, I'll look into that ...

On Wed, Feb 16, 2011 at 6:13 PM, <Nicholas_Maesepp at scee.net> wrote:

> As someone else said best to use a firewall, if you want to use a simple
> one just run iptables, since this is only DoS you best to use rate limit
> connections per IP, depending on the number of objects etc you should be
> able to get away with keeping connections to a fairly low number and not
> hampering browsing experience at all. It would need to move to being DDoS
> for it to bring it down.
>
> Only cheaty way I can think of doing it in the vcl is to define multiple
> backends one with no max_connections and one with a fairly low
> max_connections. Define some ip acl's using netblocks. If you feel all of
> the hammering comes from china and very little legit web traffic you could
> find their netblocks and force them to use the one with a set limit on
> .max_connections while others dont have such limits. Vice versa, if you
> expect 90% of traffic to be within your own country allow those to connect
> to the backend with higher max_connections and have everyone else connect
> with a low number. If someone tries to hammer your page it will just starve
> those outside your target audience but keep your backend healthy and your
> regular visitors fine. Lots of caveats in that and wouldn't recommend it,
> purely for science. Definitely use a firewall or other tools.
>
> Nick
>
>
>
>
> From:        alexus <alexus at gmail.com>
> To:        varnish-misc at varnish-cache.org
> Date:        02/17/2011 07:37 AM
> Subject:        DDOS
> Sent by:        varnish-misc-bounces at varnish-cache.org
> ------------------------------
>
>
>
> How does Varnish handles DDOS?
>
> here is my problem, in our environment varnish servers static pages
> but dynamic pages it passed to application server (apache).
> so every onces in a while we have some attacker(s) who start doing
> some sort of attacks against us, and apache hits very high load on
> server and about to go down...
> so I look up an IP address and I block it on Varnish .vcl file, and
> load goes back to normal right away...
> is there something that can be done automatically? or is there
> anything can be done at all to somehow handle this type of issue?
>
> please advise
>
> --
> http://alexus.org/
>
>
> _______________________________________________
> varnish-misc mailing list
> varnish-misc at varnish-cache.org
> http://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
>
> *
> *
>
> *
> Sony Computer Entertainment Australia Pty Ltd*
> Level 1, 63-73 Ann Street Surry Hills NSW 2010
> P.O. Box 5023 Darlinghurst NSW 2010
> ph: +61 (0)2 9324 9500 fax: +61 (0)2 9324 9558
>
> *http://au.playstation.com* <http://au.playstation.com/>*
> **http://www.facebook.com/PlayStationAU*<http://www.facebook.com/PlaystationAU>
>
>
> *
> New tools, new games, new fun.
> Sackboy returns in LittleBigPlanet 2
> Out now and exclusive to PlayStation 3*
>
> *
> *[image: LBP2] <http://www.littlebigplanet.com/>
>
> **********************************************************************
> This email and any files transmitted with it are confidential and intended
> solely for the use of the individual or entity to whom they are addressed.
> If you have received this email in error please notify postmaster at scee.net
> This footnote also confirms that this email message has been checked for
> all known viruses.
> Sony Computer Entertainment Australia Pty. Limited
> Registered Office: Level 1, 63-73 Ann Street, Surry Hills, NSW 2010
> Australia
> Registered in Australia: 077 583 183
> **********************************************************************
>
> P* Please consider the environment before printing this e-mail*
>
>
> _______________________________________________
> varnish-misc mailing list
> varnish-misc at varnish-cache.org
> http://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
>



-- 
http://alexus.org/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20110217/e424ed2a/attachment-0003.html>

More information about the varnish-misc mailing list