Tag Archives: kernel tarpit

Kernel Hacking – Tarpiting or not

For the last week or such i have started to look back into a module that seems to be updated again by some students at Harvard and the module name is Tarpit .

The module itself is a bit old and was directed to be used to stop or at least bring down a DDoS attack. Problem was that for the last few years this was not updated anymore so it became kind of useless as it was not working under the newer kernels.

I am not going to get into details about it as it will take me some time but if anyone wants to read about the idea behind Tarpit please follow the link at: Secureworks .

So like i was saying Tarpit is being updated again for the 2.6 kernels and also there is a patch for iptables 1.38 and 1.4, you can find them Here .

Right now after rebuilding one of the kernel and compiled Tarpit in(next to other few goodies) i have started to test this out in my own internal network and see what will be the output of all this.

Hopefully in the next few days(time permitting) i will have a better idea on how this is working and how much is being able to accomplish against a fairly large DDoS attack .