[AusNOG] DDOS mitigation
Heinz N
ausnog at equisoft.com.au
Sun May 12 13:29:33 EST 2013
+1
I have LOTS of attempts on the Mambo, Joomla & Wordpress sites that I
host. They spray the Administrator pages with login attempts. It is damn
annoying as it fills the logs up too! Please, please everyone set a
directory password on all administrator directories (as well a secure
admin login password).
See : http://www.thesitewizard.com/apache/password-protect-directory.shtml
to set a directory password. It is easy to do! I HATE PHP with a
vengence!!! It is 10X slower than a compiled application: it is easy to
see if they are trying to exploit you, just look at the massive spike in
CPU on the servers!. It seems that I am reading about a new PHP exploit
every few weeks. It is so easy to mis-configure the stupid thing as well.
</rant>
Regards,
Heinz N
On Sun, 12 May 2013, Zone Networks - Joel wrote:
> Its all those damn Joomla/Wordpress websites that have been compromised and
> I don't see it stopping either, since they are millions of these websites
> that wont get patched/upgraded until its exploited.
>
> -----Original Message-----
> From: ausnog-bounces at lists.ausnog.net
> [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Dobbins, Roland
> Sent: Sunday, 12 May 2013 12:58 PM
> To: ausnog at lists.ausnog.net
> Subject: Re: [AusNOG] DDOS mitigation
>
>
> On May 12, 2013, at 7:15 AM, Joshua D'Alton wrote:
>
>> and this is why it falls back on the originating networks to fix their
> problems ie udp spoof so that they arent sending so much traffic in the
> first place.
>
> FYI, the ongoing attack campaign against US financial institutions regularly
> hits ~35gb/sec - ~70gb/sec, non-spoofed.
>
> -----------------------------------------------------------------------
> Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
>
> Luck is the residue of opportunity and design.
>
> -- John Milton
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
More information about the AusNOG
mailing list