× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. February 2000

Re: Denial of Service, Good for AS/400?

  • Subject: Re: Denial of Service, Good for AS/400?
  • From: Jim Langston <jlangston@xxxxxxxxxxxxxxxx>
  • Date: Thu, 10 Feb 2000 13:19:22 -0800
  • Organization: Conex Global Logistics Services, Inc.
 
It also depends on just how much traffic these DoS packets were
generating.  If they have a T1 pipe coming in, and someone is generating
T3 amount of traffic (a tremendous amount) even if you stop it at your
server all the legitimate packets are going to time out and get returned
to their senders anyway, and/or the servers are going to seem to be
running very slow since it takes so long for your packets to get through.

And, even if you have a T1 and it's only a T1 or so amount of traffic,
you have all that traffic running across your local network, it's going to
slow your network down tremendously, make sure you have fiber on
your backbone.

And now they're all going to a specific IP address, so it's being handled
by a specific box (router, PC, AS/400, whatever it is) and even if that
box ignores those requests from certain IP addresses, the card still has
to process the requests and find out what the IP address is deny it.
So you better have a pretty fast card and a pretty fast CPU.

The best way to stop it is at the source.  Denying that, at your local ISP
before it even comes down to your wire.  Barring that, at your router.
Once it gets into your network, it's a whole heck of a lot of traffic to
deal with.

Regards,

Jim Langston

"Art Tostaine, Jr." wrote:

> If it shuts down the HTTP server, and your Amazon.com, your shut down.  
>Period.  Other AS/400 jobs
> are probably still not running very quickly, until you end the HTTP server.
>
> Doesn't the HTTP server run at normal interactive job priority 20?  If it 
>does, it would be just
> like any other runaway interactive job.  It would bog everyone down.  Of 
>course, then the CFINT
> governor would come in....
>
> It was also my understanding that the servers didn't crash, they just 
>couldn't respond to all of the
> requests.  So MOST people got server unavailable while the server dutifully 
>tried to fill all of the
> other bogus requests.
>
> Art Tostaine, Jr.
> CCA, Inc.
> Jackson, NJ 08527

+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.