Actually, from what I understand, an upgrade to Cisco's newest IOS will prevent most DoS attacks. I think the default setting is to block all packets that are identified as DoS packets. Also, do you really need to allow ping? If you are checking to see if your web server is running, just do:
telnet [server] 80
Or you can write a perl script to download a page on your server and check the result to see if the server returned something other than an error. Here's a webget script I found on the internet:
#!/usr/bin/perl -w use IO::Socket; unless (@ARGV > 1) { die "usage: $0 host document..." } $host = shift(@ARGV); $EOL = "\015\012"; $BLANK = $EOL x 2; foreach $document ( @ARGV ) { $remote = IO::Socket::INET->new( Proto => "tcp", PeerAddr => $host, PeerPort => "http(80)", ); unless ($remote) { die "cannot connect to http daemon on $host" } $remote->autoflush(1); print $remote "GET $document HTTP/1.0" . $BLANK; while ( ) { print } close $remote; }
I had a HP 4324 and I wanted to check it at http://www.cdrecorderclassnotice.com/ but I can't pull up anything useful because they got slashdotted =) I quote from the site: www.cdrecorderclassnotice.com Temporarily Unavailable This account has surpassed its bandwidth allocation at the present time. You may reach the account administrator at www@www.cdrecorderclassnotice.com Since Concentric's Hosting is done by Gbits transferred per month, I have to wait 30 days to access that site =P Doh! Gilbert
Slashdot Mirror
It still works. I doubt they're going to fix it anytime soon. Heck, do you think CBS is even reading its own message board.
Actually, from what I understand, an upgrade to Cisco's newest IOS will prevent most DoS attacks. I think the default setting is to block all packets that are identified as DoS packets. Also, do you really need to allow ping? If you are checking to see if your web server is running, just do:
..." }
telnet [server] 80
Or you can write a perl script to download a page on your server and check the result to see if the server returned something other than an error. Here's a webget script I found on the internet:
#!/usr/bin/perl -w
use IO::Socket;
unless (@ARGV > 1) { die "usage: $0 host document
$host = shift(@ARGV);
$EOL = "\015\012";
$BLANK = $EOL x 2;
foreach $document ( @ARGV ) {
$remote = IO::Socket::INET->new( Proto => "tcp",
PeerAddr => $host,
PeerPort => "http(80)",
);
unless ($remote) { die "cannot connect to http daemon on $host" }
$remote->autoflush(1);
print $remote "GET $document HTTP/1.0" . $BLANK;
while ( ) { print }
close $remote;
}
I had a HP 4324 and I wanted to check it at http://www.cdrecorderclassnotice.com/ but I can't pull up anything useful because they got slashdotted =) I quote from the site: www.cdrecorderclassnotice.com Temporarily Unavailable This account has surpassed its bandwidth allocation at the present time. You may reach the account administrator at www@www.cdrecorderclassnotice.com Since Concentric's Hosting is done by Gbits transferred per month, I have to wait 30 days to access that site =P Doh! Gilbert