ConfigServer Community Forum

Since bots and zombie computer are getting harder for the average bot kiddy to come by now a days they are resorting to GET attacks on dynamic sites with the inetention to exhaust resources which in most cases it does no matter if you have network ddos protection, connection tracking, etc. The reque...

Sorry to bump this chirpy but I need to know about this. I would even be willing to pay for a custom module if necessary.

Can this be made possible wiithout giving them complete access? This would be a great feature as I have some resellers who have been asking for this quite some time yet II have not been able to come up with anything for them. Any ideas?

I have always noticed when I set my email to get all lfd alerts and dont filter any to spam that it constantly fires on spamd child. I have tried adding this to process ignore: exe:/usr/bin/spamd cmd:spamd To no avail. At the time of this post, I just added: pcmd:/usr/bin/spamd* So I will see if it ...

I know we got the ct states option which is a big help but I figured I would offer this suggestion from experience. I got to noticing on a server I didn't have ct_states on that it was counting last_ack, fin_wait, close_wait etc as connections. I know about the skip time wait option but usually ther...

Ok I see now. However when you use perm ban though it wont ban ips in allow.

I dont know if this was fixed in the very last release but I know the one before it had this problem. Basicaly if you had connection tracking on tmp ban it would ban whitelisted ips. For example I had a few server setups that use remote sql and such and everyone I had set on tmp ban was banning the ...

Yes and I found out that its highly unreliable as well as blocking legit users I did howver find a real useful match that can be added. String match For example last night I had a customer getting hit with a ferocious POST attack. First the bots were posting liek index.php?=dir , etc. So I setup mod...

Probably un-needed by most people but I could use something like this. If it wouldnt add no bulk or anything that would cause problems id really like to see this. Would be good in case you have an ip under attack, you could examine tcpdump and see if there is a pattern in TTL which there usually is ...

Hi, chirpy, Thanks for adding the new ct_states option. I dont know if it was related to this suggestion or not but it is very useful. What Ive done now on the syn attacks is set ct_states to SYN_RECV, running ct every 30 seconds, and setting a limit of around 10-20 and it does great. A lot faster t...