|
I've developed my own program for dealing with this early this year, since then, i don't suffer attacks anymore, and when someone dares it gets very pissed off, very quickly.
I call my script BEOWULF, as in the old nordic myth.
I basically have the whole list of free proxies aorund the world, now every time a DOS attacks comes in the program detects it and blocks the Ip at router level and voila!, attack smoked.
The real important part is that beowulf is PROACTIVE, you see, they never come up with just one IP, there are 1000's, if you block one, that doesn't matter, there are many more and they do that simultaneously, so Beowulf consults its huge Ip database whenever it detects an attack pattern, if the Ip is in the database, it raises up a 'shield' in this form:
on your .htaccess:
deny from 1.1.1.1
on every Ip in the DB, what the hackers sees, is that all his attack is falling down, hitting a concrete wall and he just desists.
now there are some new IP's, then beowulf learns them by adding them to its database, and it becomes more harder to even start an attack every time. For the hard hitting IP's )more than 50 tries) Beowulf blocks then at router level to prevent a DOS
Sometimes, rightful users are blocked, then my 403 goes to a page that needs the user to authenticate using his user/pass only 3 attemps and it lifts the ban in that IP.
I don't sell nor disclose my code, but i can give you the IP database so you may construct your own BEOWULF
hope it helps.
__________________
WE ARE ALL ONE CIRCLE, NO BEGINNING, NO END.
|