On Wed, Sep 24, 2003 at 10:03:26PM +1200, Hamish MacEwan wrote:
On Wed, Sep 24, 2003 at 15:23 +1200, richard(a)kcbbs.gen.nz wrote:
Hopefully there is some software out there somewhere that can be used as the basis of a new proxy blacklist without reinventing the wheel. It looks like the existing public access blacklists are systematically being blasted one by one.
Would a distributed service be the best way to avoid the DDoS peril? Does any such software exist?
Don't forget that the database is in DNS, and the DNS is distributed by design. You can have several nameservers. However the tester machine, website and primary nameserver are perhaps a single point (each). Regardless, a few zombies on wideband connections or university residences can throw a lot of traffic even if you can distribute. If I was doing it, I'd want to use a separate /24 so that it could be dropped while under attack without affecting anything else, and it would be kept fairly quiet so it wouldn't get much attention. Regards, RH.