Home > Alumnus Blog > mencegah lebih baik daripada pusing dikemudian hari ^^

mencegah lebih baik daripada pusing dikemudian hari ^^

March 27th, 2008 Administrator Leave a comment Go to comments

Attacks that consume your available Internet-facing bandwidth or overpower your router’s CPU can still take you offline.

Denial of a particular service will come in one of two forms:

  • Complete consumption of a resource such as bandwidth, memory, CPU, file handles, or any other finite asset.
  • Exploiting a weakness in the service to stop it functioning or causing the service to crash.

Begitu katanya onlamp, so daripada entar pusing², muntah², pucat karena kena DOS kan lebih baik kalau di benchmark dulu aja :P . Trik berikut sebenarnya digunakan untuk FreBSD 4.X dan 5.X, tapi skr ta coba juga di 6.X.. ya iseng² berhadiah.. [berhadiah komplain kalo ngga berhasil :P ]



net.inet.tcp.msl=7500efines the Maximum Segment Life. This is themaximum amount of time to wait for an ACK in reply to a SYN-ACK or FIN-ACK, inmilliseconds.  If the computer does not receive an ACK in this time, itconsiders the segment lost and frees the network connection.


net.inet.tcp.blackhole=2defines what happens when the systemreceives a TCP packet on a closed port. When set to 1, SYN packetsarriving on a closed port will be dropped without a RST packet being sent back.When set to 2, all packets arriving on a closed port are droppedwithout an RST being sent back. This saves CPU time, because packets don't needas much processing, and outbound bandwidth, by not sending outpackets.


net.inet.udp.blackhole=1the system will drop all UDP packets that arrive on a closed port.


net.inet.icmp.icmplim=50This controls the maximum number of ICMP "Unreachables" and also TCP RST packets toreturn every second. It helps curb the effects of attacks that generate a lotof reply packets.


kern.ipc.somaxconn=32768limits the maximum number of concurrently open sockets.open sockets.


http://www.onlamp.com/pub/a/bsd/2004/06/24/anti_dos.html

Read original post at http://runia2001.blogspot.com/2008/03/mencegah-lebih-baik-daripada-pusing.html




Related posts:
  1. Satpam 1
  2. Bikin YM loe lebih… pokoknya lebih
  3. Pelupa.. duhh pusing.
  4. PANIC! AT THE DISCO sedikit nyembuhin stress n kesedihan gw buat hari ini . . .
  5. Hari-hari sial(an) gara2 Jakarta tenggelam
  6. MikroTik : Limit Bandwidth Extensi Tertentu
  7. hal baik
  8. MikroTik : Limit Bandwidth Extensi Tertentu
  9. niat baik
  10. bulan baik
			

		

		

			Categories: Alumnus Blog			Tags: 		

	


	
		

	










	
	
    
			
  1. 
			No comments yet.		
    2. 
		

	


	
			
    
							
  1. 
					No trackbacks yet.				
    2.