Re: [squid-users] Squid under attack (opaserv)

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Tue, 07 Jan 2003 06:29:04 +0100

Recommendation:

Use firewalling to block the offending clients from reaching Squid until
they have been fixed.

Most OS:es, including RedHar 6.2 has built-in features for firewalling.
RedHat 6.2 uses Linux-2.2 and there the firewalling mechanism is
ipchains.

To block a offending PCs from accessing your Squid server:

  ipchains -A input -s ip.of.infected.pc -j DENY

To unblock it again when fixed:

  ipchains -D input -s ip.of.infected.pc -j DENY

Regards
Henrik

Niti Lohwithee wrote:
>
> Dear all,
>
> I'm facing problem. My box is Redhat 6.2 and squid Version
> 2.3.STABLE3 . Now it is attacked from opaserv. The average cpu is about
> 80-95 %. Sometime the log file is over 2 GB. I try to solving this
> problem using enable echo 1 > /proc/sys/net/ipv4/tcp_syncookies but
> It 's not work.
>
> Please someone advise what to do
>
> Regards and thank you
> Niti : )
Received on Mon Jan 06 2003 - 22:29:47 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:29 MST