14 Feb 2001 AilleCat   » (Journeyer)

Ok, I've been up for over 36 hours. Slashdot got DoS'd last night and I was too tired to actually see what was happening totally.

Anyway, it was essentially syn packet flooding in at over 11000 packets per second. The arrowpoint didn't like this too much. Rate limiting them doesn't help much either, because then you lose "good" syns.

The more technical explanation is that the SYN's all had a window size of 8192, and no mss option. Makes it pretty easy to filter....right? I didn't notice this until later on, after staring at a screen for a while, fixing other issues that came up as a result.

Anyway, so with the help of a friend I saw this.

all fixed, I think, now, I sleep.

This diary entry brought to you by Tired Network Engineers on Caffeine, Inc, (TM)

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!