[tor-talk] FBI harassing Tor devs

grarpamp grarpamp at gmail.com
Wed May 18 07:22:56 UTC 2016


On 5/14/16, Flipchan <flipchan at riseup.net> wrote:
> Did u manage to put up some anti ddos?
>
> I wrote a script that blocked my läst attackers ddos attacks might work..
>
> block udp ddos attacks drop em if they are sent more then 15 times
> iptables -A INPUT -p udp -m connlimit --connlimit-above 15 -j DROP
> iptables -A OUTPUT -p udp -m connlimit --connlimit-above 10 -j DROP

A real layer-3 [d]DoS saturates your pipe, nothing you can do with a "script"
on your box will help, it can only be mitigated upstream / waited out.

Like the SSH ATTACK whiners, the feelgood "block" above is really just
hiding some minor personal annoyance, kernel time, and return traffic.
The latter two being relavent only if you $pay for them.


More information about the tor-talk mailing list