ddos atak na http

[Michal Truban]

zdravim,

cca 1-2 dni mi na stroj utocia z roznych masin
asi nejaky ddosovsky klienti na http...

stranky sa zobrazuju velmi pomaly, alebo sa nedaju zobrazit..

neviem, ako sa tomu ubranit.. dat ip do fw, nepomoze, pretoze 
sa tie IP striedaju dost rychlo..

nie je nejaky systemovy krok ako nato ?

kamos poradil nejake feautures z netfiler, tak som tam napraskal nieco z:
http://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO-7.html#ss7.2

iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
DROP       tcp  --  80.0.0.0/8           anywhere           tcp dpt:www-http

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere           tcp 
flags:SYN,RST,ACK/SYN limit: avg 1/sec burst 5
ACCEPT     tcp  --  anywhere             anywhere           tcp 
flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5
ACCEPT     icmp --  anywhere             anywhere           icmp echo-request 
limit: avg 1/sec burst 5

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

dik .. miso