[squid-users] dos attack - How to handle from lokesh.khanna@dont-contact.us on 2005-08-10 (squid-users)

From: <lokesh.khanna@dont-contact.us>
Date: Wed, 10 Aug 2005 09:48:25 +0100

I am running squid 2-5-10 on red hat 2.4.21-4.ELsmp with 1 Gb memory.
Before compiling squid I set ulimt value to 32000. I also set ulimit
-HSn 32000 command in my squid startup script.
I noticed if anybody launch dos attack on my network from internal
network, squid stop responding to other internal users also. What is the
solution for this. One user should not be able to use whole resources.
Is there any way to control this?
I read squid document for maxconn parameter. I set maxconn to 2 for
testing purpose and I made more than 2 connections ( checked through
netstat -tn ) from my browsers but squid was still replying me. What
could be the reason of this?

Thanks
Lokesh
Disclaimer
****************************************************************************************************************************
The information contained in this e-mail, any attached files, and response threads are confidential and
may be legally privileged. It is intended solely for the use of individual(s) or entity to which it is addressed
and others authorised to receive it. If you are not the intended recipient, kindly notify the sender by return
mail and delete this message and any attachment(s) immediately.

Save as expressly permitted by the author, any disclosure, copying, distribution or taking action in reliance
on the contents of the information contained in this e-mail is strictly prohibited and may be unlawful.

Unless otherwise clearly stated, and related to the official business of Accelon Nigeria Limited, opinions,
conclusions, and views expressed in this message are solely personal to the author.

Accelon Nigeria Limited accepts no liability whatsoever for any loss, be it direct, indirect or consequential,
arising from information made available in this e-mail and actions resulting there from.

For more information about Accelon Nigeria Limited, please see our website at
http://www.accelonafrica.com
******************************************************************************************************************************
Received on Wed Aug 10 2005 - 02:47:06 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Sep 01 2005 - 12:00:01 MDT