Web hosting isp - Chapter 6 . Securing Linux 217 A tool
Chapter 6 . Securing Linux 217 A tool called nmap is generally considered the best way to scan a host for services (note that nmap is a tool that can be used for good and evil). Once the attacker has a list of the available services running on his target, he needs to find a way to trick one of those services into letting him have privileged access to the system. Usually, this is done with a program called an exploit. While DOS attacks are disruptive, intrusion type attacks are the most damaging. The reasons are varied, but the result is always the same. An uninvited guest is now taking up residence on your machine and is using it in a way you have no control over. Protecting Against Denial of Service Attacks As explained earlier, a denial of service attack attempts to crash your computer or at least degrade its performance to an unusable level. There are a variety of denial of service exploits. Most try to overload some system resource, such as your available disk space or your Internet connection. Some common attacks and defenses are discussed in the following sections. Mailbombing Mailbombing is the practice of sending so much e-mail to a particular user or system that the computer s hard drive becomes full. There are several ways to protect yourself from mailbombing. You can use the Procmail e-mail-filtering tool or, if you are using sendmail as your mail transport agent, configure your sendmail daemon. Blocking Mail with Procmail The Procmail e-mail-filtering tool, installed by default with Fedora, RHEL, and many other Linux systems, is tightly integrated with the sendmail e-mail daemon; thus, it can be used to selectively block or filter out specific types of e-mail. You can learn more about Procmail at the Procmail Web site: www.procmail.org. To enable Procmail for your user account, create a .procmailrc file in your home directory. The file should be mode 0600 (readable by you but nobody else). Type the following, replacing evilmailer with the actual e-mail address that is mailbombing you. # Delete mail from evilmailer :0 * ^From.*evilmailer /dev/null The Procmail recipe looks for the From line at the start of each e-mail to see if it includes the string evilmailer. If it does, the message is sent to /dev/null (effectively throwing it away). Blocking Mail with sendmail The Procmail e-mail tool works quite well when only one user is being mailbombed. If, however, the mailbombing affects many users, you should probably configure your sendmail daemon to block all e-mail from the mailbomber. Do this by adding
Please visit Domain Name Hosting services for high quality webhost to host and run your jsp applications.