The most elegant solution to Denial of Service (DoS) attacks I’ve ever seen

OMG. This is network security poetry. It is the most exquisitely beautiful solution to Denial of Service (DoS) attacks I’ve ever seen. If excessive connections are made to select ports in a certain timeframe, the source IP is added to an escalated list of iptables rules which eventually lock that IP out for over a month!

Initially I blocked attacks on an IP-by-IP basis, but this resulted in hundreds of separate iptables rules which as you can imagine became unwieldy quickly. Next, I implemented iptables rules using the iptables recent module (ipt_recent), which stopped attacks in a certain timeframe but did not prevent the same IP address from starting a new attack a short time later, scot free. The solution below keeps a long-term memory of offending IPs and thus really punishes attackers by putting their zombie hosts on the sidelines for a long time. It is also better than the IP-by-IP way I used to do it because after the longest ban (monthlong or whatever) expires, the IP is trimmed from the list.

Brilliant! I will soon adapt my rules to implement these clever ideas.

I have previously written a bit about using IPTables to limit brute-force attacks. For the past month, that system has been working quite well. The typical attack pattern resembled that in [graph 1, graph2]. A few days ago, however, an attack was implemented which ‘fell under the radar’, so to speak – instead of being a short-lived, high volume (60/min for 5 min) attack, this one was a slow and prolonged attack (1/2 min for 11 hrs) [graph 3, graph 4].

Improvements

Due to this, I have decided to augment my IPTables ruleset somewhat. There are a couple of points I found lacking in the previous revision. Firstly, repeat offenders did not have any extra consequences – whether you attacked for the first time or the tenth time, you were treated equally. Secondly, a slow attack was not effectively dealt with. Thirdly, the nature of the attack (quick vs slow) was not considered in the consequence. Finally, I wasn’t that pleased with the logging implementation – the log file was not exclusive, and no log rotation was setup. All of the above are addressed in this revision.

Source: Escalating Consequences with IPTables « That’s Geeky

Script kiddie fail

Watch out, we’ve got a badass over here.

Some bored kid out there has taken to brute force attacking my webserver in the early morning. I just noticed this referrer entry on the URL:

[Redacted IP] – – [19/Jan/2016:03:33:28 -0500] “POST /wp-login.php HTTP/1.1” 200 3416 “-” “–user-agent=Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:39.0) Gecko/20100101 Firefox/39.0”

Catch that? Whatever script Dr. Evil is trying to run here sets the referrer value by using –user-agent= as an argument. Instead, our boy genius is passing…

–user-agent=”–user-agent …”

Brilliant. Simply brilliant.

Principal Asks Parents To ‘Take The Time To Get Dressed’ For Drop Off – Scary Mommy

This blog post generated some lively discussion on a friend’s Facebook page, both pro and con. There were lots of defenders of the UK principal’s position but I’m not one of them.

School starts way too early in the United States. Ungodly early. I don’t think it’s fair to expect anyone to put two thoughts together before the sun even comes up, much less to be looking their best.

If you’re dropping kids off at school and never leave your vehicle, no one should care what you look like. I agree with the author here: the principal needs to relax.

A UK principal wrote a note to parents to ask them to please “take the time to get dressed” in the morning and stop doing drop off in their pajamas. She insists the letter has been well received. Mkay. I’m an adult and I do what I want. And that includes wearing whatever the hell I can get on my body before I get the kids packed up for school.

Kate Chisholm, headteacher at Skerne Park Academy, Darlington, wrote to all parents imploring them to “dress appropriately” in day wear. “I have noticed there has been an increasing tendency for parents to escort children to and from school while still wearing their pajamas and, on occasion, even slippers,” reads the note The Telegraph managed to get a copy of. “Could I please ask that when you are escorting your children, you take the time to dress appropriately in day wear that is suitable for the weather conditions?”

No. No you cannot.

Source: Principal Asks Parents To ‘Take The Time To Get Dressed’ For Drop Off Scary Mommy

Offensive lineman John Urschel starting PhD at MIT – Business Insider

John Urschel

I am in absolute awe of this.

Continuing to show he is one of the more unusual (and impressive) players in the NFL, Baltimore Ravens offensive lineman John Urschel announced via Twitter his plan to start his Ph.D. in mathematics at the Massachusetts Institute of Technology this year, ESPN reported.

Put another way, the 24-year-old, 305-pound lineman got into the No. 1 ranked graduate school for mathematics, all while having a full-time job in a field other than math.

Source: Offensive lineman John Urschel starting PhD at MIT – Business Insider

S	M	T	W	T	F	S
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30
31