Are You Being DoS’d?

My network connection was “teh suck” all weekend until I did this:


      iptables -A INPUT -s 212.17.87.173 -j DROP

Who, you might ask, is 212.17.87.173? I have no freaking clue, except that he’s Austrian and really loves photos of my wedding. It was harder to diagnose this problem than you might expect. Apache apparently writes it’s access.log after a request has completed. Thank god for netstat, or I might never have figured this one out.

Thanks to the oh-so-typically-condescending folks on freenode #apache, I’ve enabled mod_status with ExtendedStatus On, so that I can view HTTP requests in-flight.

Next I’ll try to install mod_evasive.

Advertisements


%d bloggers like this: