Category: Uncategorized

My Reaction: London Bombings

2005-07-07 / / 0 Comments

I am not sure what the overall American reaction to today’s bombing in London is. I hope it’s not the usual American response: didn’t happen here, so it’s not important.
I hope that I am wrong.
I am extremely upset. I am feel a connection to all of humanity, and to see the wanton destruction of human life for reasons of hate makes me ill.
Do I want to be a part of this species?

Traffic Shaping with tc

2005-07-06 / / 0 Comments

I have discovered a little secret of Linux today: tc. The Linux Advanced Routing & Traffic Control project (here) allows you to shape traffic in any way that you want. In most cases, it is used in a situation where a multi-homed Linux box is used as firewall/router.
I have activated it on my Web server, limiting uplink/downlink speeds to 256kbps. I am using this in combination with the rate-limiting feature in iptables to control the morons. Limiting bandwidth to 256kbps leaves me with enough overhead to get in and control the machine, even when the morons think that they are flooding me with traffic.
I really suggest that you look into this, especially if you are in a bandwidth-limited environment.

Technorati: , , , ,

Today’s iptables FUN!

2005-07-06 / / 0 Comments

Ok, after this morning’s DDoS, I started rummaging around for ways to limit the amount of hurt that my server would handle. And I found the limit function in iptables.

/sbin/iptables -A INPUT -p tcp -d 10.125.1.250 \
      --dport 80 -m limit --limit 6/m --limit-burst 10 -i eth0 -j ACCEPT
/sbin/iptables -A OUTPUT -p tcp -s 10.125.1.250 \
      --sport 80 -m limit --limit 6/m --limit-burst 10 -o eth0 -j ACCEPT

This should help get some of the requests under control.
Also, I discovered this interesting application called tc. Going to see how I can integrate this with some iptables rules.

Technorati:

DDoS this morning

2005-07-06 / / 0 Comments

This morning, my server was the victim of a sustained DDoS lasting approximately 45 minutes. The entire flow of traffic came from the usual group of trackback and comment spam morons.
Now, the good news: b2evolution came through the event with flying colours. The antispam feature built into the product prevented ANY attempts by these morons at inserting comments and trackbacks from being successful.
I have added one more layer filtering to handle these morons. Since they use such a limited number of keywords in their REFERER fields, I just wrote a mod_rewrite rule to send them off to my infamous TCP Port 9080.

RewriteCond %{HTTP_REFERER} .*(pharmacy|poker|casino|blackjack|cialis|viagra| \
     porn|nude|girls|drugs|sex|animal|holdem| \
     stud|hydrocodone|vicodin|slut|anal|xanax|video| \
     oxycontin|russia|-online|online-).*
RewriteRule ^.*$ http://www.newestindustry.org:9080/ [R,L,NS]

This should deal with 90% of the morons. If I missed any keywords, drop me a comment.

Technorati: , , , ,

MCI and Telephone Slamming

2005-07-05 / / 0 Comments

I recently switched all of my phone services back to Verizon. Today, I got a phone call from my former provider, MCI.
I have never experienced telephone slamming before, but “Tiffany Johnson” from MCI exposed me to the seedy side of the telephone market. I know why MCI is slamming departing customers: they need to get their customer count up before the acquisition by Verizon is completed.
I have frozen my telephone provider. And MCI goes on my blacklist.

Technorati: , ,

Copyright © 2025 Performance Zen

Theme by Anders NorenUp ↑