[squid-users] tarpit, silent-drop vs. DDoS ?
Jim Freeman
sovrajn at gmail.com
Tue Jun 8 13:43:49 UTC 2021
I've scoured docs and Google for DDoS/security mechanisms, and hope I
have the lay of the land.
But I've not yet seen anything mentioned like HAProxy's
tarpit/silent-drop mechanisms :
https://cbonte.github.io/haproxy-dconv/2.2/configuration.html#4.2-http-request%20tarpit
... blocks the request without responding for a delay specified ...
https://cbonte.github.io/haproxy-dconv/2.2/configuration.html#4.2-http-request%20silent-drop
... can resist much higher loads than "tarpit", and slow down
stronger attackers. ...
Does anyone have these kinds of countermeasures in play with squid ?
[ I'm using squid 3.5.20 ]
Thanks,
...jfree
More information about the squid-users
mailing list