Is there anyway to block a DDOS attack? I dont know to much about DDOS attacks and how they work, but i think i understand a little bit of it. Is there no way to configure a firewall to detect rapid, spontaneous, continuous amounts of fragmented, random data coming from an IP address? Wouldn't the data coming in from a DDOS server be somewhat distinct from data that flows normally?

Any info would be greatly appreciated!

_________________
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

yes. as per my response to your firewall post,
a firewall can do this or an IDS/IPS device.

usually though DDOS attacks don't happen to a home user. they are usually targeted towards large companies or service providers. not that that means it cant happen, its just odd.

are you being victimized by one now? or do you think someone on your network is infected and is being used as part of one?

_________________
CCNA, CCDA, CCNA-SECURITY

I use my PC at home as a game server. I host a video game server, someone causing trouble in the server gets banned from the server, they get mad, they try to get revenge via DDOS. It happens to so many people. And i have been a victim before.

_________________
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

ah yes.
makes sense.

_________________
CCNA, CCDA, CCNA-SECURITY

yeah. I hoping that i can config a firewall to block stuff like that kind of stuff.

_________________
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

Distributed Denial of Service*

Because you haven't made an attempt at posting literately I'm not going to make the effort to answer your post, apart from that remark correcting your terrible spelling and this one explaining it.

angry much?

if you dont have something nice/useful to say than.....

_________________
CCNA, CCDA, CCNA-SECURITY

Not particularly.. Just here for my own amusement.

I think we just found the forum troll!

+5 points for me!

_________________
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

troll.

_________________
CCNA, CCDA, CCNA-SECURITY

one single ip address or range? if so contact the abuse department that owns that block.

no clue on a cisco device level yet sorry but when I was working for a webhost this was the first thing to do.

I found that many new firewalls you can buy have a anti DOS feature specifically built in. Im guna get one and see how it works.

_________________
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

you need to work with your ISP, the ideas is to stop the saturation of your circuit, this needs to be done upstream.
dropping packets at the near end router is useless to stop a DDOS, the circuit will still be saturated with disruptive packets
so call your ISP, work with them to resolve the DDOS.

_________________
"If you're good at anticipating the human mind. It leaves nothing to chance."
-Jigsaw

yeah, i was afraid of that. I might call me ISP and see what they have to offer in terms of help with DDOS. However, light DOS mitigation wouldnt be a bad thing to have. Also, i thought about IPv6. isn't IPv6 designed with security in mind? I was talking with someone and they said that IPv6 could help protect against packet forging and what not. Would it be worth it to go IPv6?

_________________
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

IPv4 is every bit as secure as IPv6 thanks in part to RFC 3514.

http://www.faqs.org/rfcs/rfc3514.html

_________________
_______________________________________________________________________
There are 10 types of people in the world. Those who understand binary and those who don't.

I was told in my CCNA networking fundamentals class that IPv4 was never originally designed with security in mind, but security features were added later. I was also told that IPv6 was designed with security in mind from the very start. I guess i assumed that it would be a little more secure because of that.

_________________
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

I was told not to listen to everything I hear.

The bottom line is that something that is not configured properly is likely at risk and something that has been well thought out and configured correctly only carries as much risk as the yet to be found vulnerabilities in the code running it carries.

_________________
blog.brokennetwork.ca

So, what about TCP Interrupt options..

keep in mind it is a game server he is running which makes it a bit tricky to thwart a DDoS.

could set connection limits but without denying users to login legitimately.

@Cheesepuff, do you know what type of attack is being unleashed?

SYN flood?, massive pings?

_________________
CCNA, CCDA, CCNA-SECURITY

@Infinite It was my professor who told me that, so i would hope he knew what he was talking about.

@kerpap I'm not sure. When i look at my network bandwidth meter, it doesn't go up much during the DOS attack, but i lose connection to everything.

_________________
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php