Connections are sporatic due to a router/firewall problem. It appears to be dropping passthrough on port 80 (HTTP) from time to time. According to the literature I have found, the router in question is suceptible to floods and possibly certain attacks and goes in to hibernation.
This is a feature that I could have done without so tonight (PDT, Seattle) I will be replacing the router with a different one that does not have this problem.
0
Router Issues
Started by aidogs, May 31 2006 08:51 AM
2 replies to this topic
#1
-
- Root Admin
-
- 267 posts
Administrator
- Gender:Male
- Location:Isle of langerhans
- Interests:Lurking.
Posted 31 May 2006 - 08:51 AM
I'm easily distracted by squirrels.
#2
-
- Root Admin
-
- 267 posts
Administrator
- Gender:Male
- Location:Isle of langerhans
- Interests:Lurking.
Posted 01 June 2006 - 07:59 PM
The offending router was replaced last night with a standalone Linux firewall running Snort. This gives me the capability to detect attacks and control traffic down to a single IP:Port.
Short showed that the suspect attacks from China were in fact real. In a 24 hour period the logger detected over 20,000 intrusion attempts, mainly from one address in Shanghai.
As a result, an entire CIDR class B block from this attacker has been set to be denied. This encompasses Beijing, Chengdu, Huang Shan, Liuzhou, Shanghai, Zhijiang, and Hong Kong.
Here's the jist of this tale : if you are going to be on the internet, you should have a firewall. A hardware firewall is better than a software package. If you are going to host, build a dedicated Linux appliance - commercial hardware router/firewalls under $1000 are inadequate.
From this point out, barring maintenance, there should be no connection issues on this side of the internet. If there are, I would appreciate email being sent via the user email.
Short showed that the suspect attacks from China were in fact real. In a 24 hour period the logger detected over 20,000 intrusion attempts, mainly from one address in Shanghai.
As a result, an entire CIDR class B block from this attacker has been set to be denied. This encompasses Beijing, Chengdu, Huang Shan, Liuzhou, Shanghai, Zhijiang, and Hong Kong.
Here's the jist of this tale : if you are going to be on the internet, you should have a firewall. A hardware firewall is better than a software package. If you are going to host, build a dedicated Linux appliance - commercial hardware router/firewalls under $1000 are inadequate.
From this point out, barring maintenance, there should be no connection issues on this side of the internet. If there are, I would appreciate email being sent via the user email.
I'm easily distracted by squirrels.
#3
-
- Administrators
-
- 5737 posts
Troublemaker
- Gender:Not Telling
- Location:Seattle, Washington & Walla Walla, Wa.
- Interests:Martial Arts, Yoga, weightlifting, Frisbee and fun with my pup Coyote Crow Dog, cooking, art, languages, math, science.....the list goes on.
Posted 02 June 2006 - 05:11 AM
Thanks. He put in a tremendous amount of work, everyone, and all for a little extra kibble in the bowl.
It's really great.
It's really great.
One could argue that evolution suggests we’re not idiots, but I would say, “Well, no. Evolution just makes sure we’re not blithering idiots."
--David Dunning
--David Dunning
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
