[Owasp-cincinnati] Attack Recovery

Edward Sumerfield esumerfd at bitbashers.org
Wed Jun 24 08:49:53 EDT 2009


I have a customer that is being hit with over 3 millions requests a day and
they have no customers yet :-) They are all attacks with the usual
smattering of language and framework probe urls.

My initial response was to try to firewall block the requesting IPs but
there are 21,000 unique source IPs driving the attack.

So,

1) Is it reasonable to block 21K IPs?

2) is there another solution that I should be looking for?

3) Is there a security consultant that we could hire to address this issue?

Ed Sumerfield
Ed Sumerfield Consulting, LLC
http://www.edsumerfieldconsulting.com
513-295-7016
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-cincinnati/attachments/20090624/a943ae7b/attachment.html 


More information about the Owasp-cincinnati mailing list