[nycbug-talk] OpenBSD + PF "whitepapers"
Ray Lai
nycbug
Tue Jan 31 21:45:28 EST 2006
On Tue, Jan 31, 2006 at 05:35:54PM -0500, Charles Sprickman wrote:
> Hi all,
>
> The guy that runs BroadbandReports.com was fishing around for something to
> help protect him from DDoS attacks. He's aware that once his pipe is full
> (100Mb/s) the game is over, but he's been having trouble getting the Linux
> stuff he's using to not choke up on a 50-60 Mb/s attack at 100Kp/s.
>
> He seems slightly intrigued by OpenBSD, but doubts that it would perform
> any better than Linux 2.6.x w/ipchains and some "fast block" module.
>
> Anyone have pointers to the following:
>
> -corporate style whitepaper touting OpenBSD/PF for DoS protection
> -articles about OpenBSD protecting web farms from DoS based on real-life
> experiences
> -list of folks (preferably with close ties to OBSD) that do consulting
> work in this vein
> -???
henning@ does a lot of pf work, try contacting him. Here are some
pf papers:
http://openbsd.rt.fm/papers/ven05-henning/
http://openbsd.rt.fm/papers/bsdcan04-pf/
More papers can be found at:
http://openbsd.rt.fm/papers/
Also try the pf mailing list <pf at benzedrine.cx>.
-Ray-
More information about the talk
mailing list