[ic] IC not responding

John1 list_subscriber at yahoo.co.uk
Thu Nov 17 13:55:11 EST 2005

On Thursday, November 17, 2005 2:56 PM, sandy at scotwebshops.com wrote:

> Peter wrote:
>> Try something like (off the top of my head, untested):
>> iptables -I INPUT -s %s -j DROP; echo 'iptables -D INPUT -s %s -j
>> DROP' | at now + 1 hours
> Thats pretty neat, I have never heard of the at command.  Surely if
> you were being hammered by multiple IP's, that would leave loads of at
> processes hanging around?
"atd" is a daemon like "crond", so I presume that atd manages all the "at 
now + 1 hour" requests.

> On another note I dont think you should let interchange have clear
> access to iptables for fairly obvious reasons, you can configure sudo
> to allow access to a command with limited arguments (i.e something
> like iptables -I INPUT -s (\d*.\d*.\d*.\d*)/32 -j DROP; to limit
> access) so the interchange user can't do things like  iptables -I
> INPUT -s -j DROP. An even better solution would be to use 
> something
> like grsecurity, which I am planning to tinker with in the near
> future. _______________________________________________
I like the look of mod_evasive that you pointed out, but won't have chance 
to try it for some months.

Also came across the following DDoS mitigation solutions which may be of 
interest to you:


To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com

More information about the interchange-users mailing list