[AusNOG] DDOS mitigation

James Hodgkinson yaleman at ricetek.net
Sun May 12 15:26:56 EST 2013


On this topic, is there a good non-PHP alternative that I can hand to
people that Just Works? Every time I've asked this question I've been told
Jekyll/build-your-own-in-django etc, which is not a solution.

James


On 12 May 2013 13:29, Heinz N <ausnog at equisoft.com.au> wrote:

> +1
>
> I have LOTS of attempts on the Mambo, Joomla & Wordpress sites that I
> host. They spray the Administrator pages with login attempts. It is damn
> annoying as it fills the logs up too! Please, please everyone set a
> directory password on all administrator directories (as well a secure admin
> login password).
> See : http://www.thesitewizard.com/**apache/password-protect-**
> directory.shtml<http://www.thesitewizard.com/apache/password-protect-directory.shtml>to set a directory password. It is easy to do! I HATE PHP with a
> vengence!!! It is 10X slower than a compiled application: it is easy to see
> if they are trying to exploit you, just look at the massive spike in CPU on
> the servers!. It seems that I am reading about a new PHP exploit every few
> weeks. It is so easy to mis-configure the stupid thing as well. </rant>
>
> Regards,
> Heinz N
>
>
>
> On Sun, 12 May 2013, Zone Networks - Joel wrote:
>
>  Its all those damn Joomla/Wordpress websites that have been compromised
>> and
>> I don't see it stopping either, since they are millions of these websites
>> that wont get patched/upgraded until its exploited.
>>
>> -----Original Message-----
>> From: ausnog-bounces at lists.ausnog.**net <ausnog-bounces at lists.ausnog.net>
>> [mailto:ausnog-bounces at lists.**ausnog.net<ausnog-bounces at lists.ausnog.net>]
>> On Behalf Of Dobbins, Roland
>> Sent: Sunday, 12 May 2013 12:58 PM
>> To: ausnog at lists.ausnog.net
>> Subject: Re: [AusNOG] DDOS mitigation
>>
>>
>> On May 12, 2013, at 7:15 AM, Joshua D'Alton wrote:
>>
>>  and this is why it falls back on the originating networks to fix their
>>>
>> problems ie udp spoof so that they arent sending so much traffic in the
>> first place.
>>
>> FYI, the ongoing attack campaign against US financial institutions
>> regularly
>> hits ~35gb/sec - ~70gb/sec, non-spoofed.
>>
>> ------------------------------**------------------------------**
>> -----------
>> Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
>>
>>           Luck is the residue of opportunity and design.
>>
>>                        -- John Milton
>>
>> ______________________________**_________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/**mailman/listinfo/ausnog<http://lists.ausnog.net/mailman/listinfo/ausnog>
>>
>>
>> ______________________________**_________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/**mailman/listinfo/ausnog<http://lists.ausnog.net/mailman/listinfo/ausnog>
>>
>>  ______________________________**_________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/**mailman/listinfo/ausnog<http://lists.ausnog.net/mailman/listinfo/ausnog>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130512/5d1f13b9/attachment.html>


More information about the AusNOG mailing list