All home networking related discussions.
User avatar
cheesepuff
Junior Member
Posts:
57
Joined:
Tue Jan 24, 2012 3:54 am

How can i block a DDOS attack? (Direct dinial of service)

Thu Feb 02, 2012 7:42 pm

Is there anyway to block a DDOS attack? I dont know to much about DDOS attacks and how they work, but i think i understand a little bit of it. Is there no way to configure a firewall to detect rapid, spontaneous, continuous amounts of fragmented, random data coming from an IP address? Wouldn't the data coming in from a DDOS server be somewhat distinct from data that flows normally?

Any info would be greatly appreciated!
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

User avatar
kerpap
Ultimate Member
Posts:
761
Joined:
Sun Jan 04, 2009 6:28 pm
Certs:
CCNA, CCDA, CCNA-SECURITY

Re: How can i block a DDOS attack? (Direct dinial of service

Thu Feb 02, 2012 8:05 pm

yes. as per my response to your firewall post,
a firewall can do this or an IDS/IPS device.

usually though DDOS attacks don't happen to a home user. they are usually targeted towards large companies or service providers. not that that means it cant happen, its just odd.

are you being victimized by one now? or do you think someone on your network is infected and is being used as part of one?
CCNA, CCDA, CCNA-SECURITY

User avatar
cheesepuff
Junior Member
Posts:
57
Joined:
Tue Jan 24, 2012 3:54 am

Re: How can i block a DDOS attack? (Direct dinial of service

Thu Feb 02, 2012 8:22 pm

I use my PC at home as a game server. I host a video game server, someone causing trouble in the server gets banned from the server, they get mad, they try to get revenge via DDOS. It happens to so many people. And i have been a victim before.
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

User avatar
kerpap
Ultimate Member
Posts:
761
Joined:
Sun Jan 04, 2009 6:28 pm
Certs:
CCNA, CCDA, CCNA-SECURITY

Re: How can i block a DDOS attack? (Direct dinial of service

Thu Feb 02, 2012 8:46 pm

ah yes.
makes sense.
CCNA, CCDA, CCNA-SECURITY

User avatar
cheesepuff
Junior Member
Posts:
57
Joined:
Tue Jan 24, 2012 3:54 am

Re: How can i block a DDOS attack? (Direct dinial of service

Thu Feb 02, 2012 9:02 pm

yeah. I hoping that i can config a firewall to block stuff like that kind of stuff.
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

shapeshifter
Member
Posts:
133
Joined:
Sat Mar 26, 2011 10:42 pm

Re: How can i block a DDOS attack? (Direct dinial of service

Mon Feb 13, 2012 3:58 am

Distributed Denial of Service*

Because you haven't made an attempt at posting literately I'm not going to make the effort to answer your post, apart from that remark correcting your terrible spelling and this one explaining it.

User avatar
kerpap
Ultimate Member
Posts:
761
Joined:
Sun Jan 04, 2009 6:28 pm
Certs:
CCNA, CCDA, CCNA-SECURITY

Re: How can i block a DDOS attack? (Direct dinial of service

Mon Feb 13, 2012 4:16 am

shapeshifter wrote:Distributed Denial of Service*

Because you haven't made an attempt at posting literately I'm not going to make the effort to answer your post, apart from that remark correcting your terrible spelling and this one explaining it.



angry much?

if you dont have something nice/useful to say than.....
CCNA, CCDA, CCNA-SECURITY

shapeshifter
Member
Posts:
133
Joined:
Sat Mar 26, 2011 10:42 pm

Re: How can i block a DDOS attack? (Direct dinial of service

Mon Feb 13, 2012 1:42 pm

kerpap wrote:angry much?

if you dont have something nice/useful to say than.....


Not particularly.. Just here for my own amusement.

User avatar
cheesepuff
Junior Member
Posts:
57
Joined:
Tue Jan 24, 2012 3:54 am

Re: How can i block a DDOS attack? (Direct dinial of service

Mon Feb 13, 2012 5:31 pm

I think we just found the forum troll!

+5 points for me!
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

User avatar
kerpap
Ultimate Member
Posts:
761
Joined:
Sun Jan 04, 2009 6:28 pm
Certs:
CCNA, CCDA, CCNA-SECURITY

Re: How can i block a DDOS attack? (Direct dinial of service

Mon Feb 13, 2012 7:37 pm

troll.
CCNA, CCDA, CCNA-SECURITY

edlin
New Member
Posts:
10
Joined:
Wed Jul 06, 2011 1:57 pm

Re: How can i block a DDOS attack? (Direct dinial of service

Mon Feb 13, 2012 11:38 pm

one single ip address or range? if so contact the abuse department that owns that block.

no clue on a cisco device level yet sorry but when I was working for a webhost this was the first thing to do.

User avatar
cheesepuff
Junior Member
Posts:
57
Joined:
Tue Jan 24, 2012 3:54 am

Re: How can i block a DDOS attack? (Direct dinial of service

Tue Feb 14, 2012 3:17 am

I found that many new firewalls you can buy have a anti DOS feature specifically built in. Im guna get one and see how it works.
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

User avatar
ristau5741
Post Whore
Posts:
10307
Joined:
Tue Aug 21, 2007 2:15 pm
Certs:
Instanity

Re: How can i block a DDOS attack? (Direct dinial of service

Tue Feb 14, 2012 2:49 pm

you need to work with your ISP, the ideas is to stop the saturation of your circuit, this needs to be done upstream.
dropping packets at the near end router is useless to stop a DDOS, the circuit will still be saturated with disruptive packets
so call your ISP, work with them to resolve the DDOS.
Tips of the day:
- The human mind is the ultimate creation invention.
- I have so many customers, my customers have customers.
- Sausage time
- POP, stack, and store

User avatar
cheesepuff
Junior Member
Posts:
57
Joined:
Tue Jan 24, 2012 3:54 am

Re: How can i block a DDOS attack? (Direct dinial of service

Tue Feb 14, 2012 7:23 pm

yeah, i was afraid of that. I might call me ISP and see what they have to offer in terms of help with DDOS. However, light DOS mitigation wouldnt be a bad thing to have. Also, i thought about IPv6. isn't IPv6 designed with security in mind? I was talking with someone and they said that IPv6 could help protect against packet forging and what not. Would it be worth it to go IPv6?
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

Perlhack
Member
Posts:
234
Joined:
Wed Aug 19, 2009 7:22 pm
Certs:
CCNP CCIP CCNA-S

Re: How can i block a DDOS attack? (Direct dinial of service

Tue Feb 14, 2012 7:51 pm

IPv4 is every bit as secure as IPv6 thanks in part to RFC 3514.

http://www.faqs.org/rfcs/rfc3514.html

:whistle:
_______________________________________________________________________
There are 10 types of people in the world. Those who understand binary and those who don't.

User avatar
cheesepuff
Junior Member
Posts:
57
Joined:
Tue Jan 24, 2012 3:54 am

Re: How can i block a DDOS attack? (Direct dinial of service

Tue Feb 14, 2012 8:34 pm

I was told in my CCNA networking fundamentals class that IPv4 was never originally designed with security in mind, but security features were added later. I was also told that IPv6 was designed with security in mind from the very start. I guess i assumed that it would be a little more secure because of that.
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

User avatar
jdsilva
Post Whore
Posts:
5347
Joined:
Mon Jan 17, 2005 11:01 pm
Certs:
CCNP

Re: How can i block a DDOS attack? (Direct dinial of service

Tue Feb 14, 2012 10:22 pm

cheesepuff wrote:I was told in my CCNA networking fundamentals class that IPv4 was never originally designed with security in mind, but security features were added later. I was also told that IPv6 was designed with security in mind from the very start. I guess i assumed that it would be a little more secure because of that.

I was told not to listen to everything I hear.

The bottom line is that something that is not configured properly is likely at risk and something that has been well thought out and configured correctly only carries as much risk as the yet to be found vulnerabilities in the code running it carries.

User avatar
scottsee
Post Whore
Posts:
1800
Joined:
Wed Feb 10, 2010 2:45 am
Certs:
NA:R&S, NA:Sec

Re: How can i block a DDOS attack? (Direct dinial of service

Tue Feb 14, 2012 10:29 pm

So, what about TCP Interrupt options..

User avatar
kerpap
Ultimate Member
Posts:
761
Joined:
Sun Jan 04, 2009 6:28 pm
Certs:
CCNA, CCDA, CCNA-SECURITY

Re: How can i block a DDOS attack? (Direct dinial of service

Tue Feb 14, 2012 11:09 pm

keep in mind it is a game server he is running which makes it a bit tricky to thwart a DDoS.

could set connection limits but without denying users to login legitimately.

@Cheesepuff, do you know what type of attack is being unleashed?

SYN flood?, massive pings?
CCNA, CCDA, CCNA-SECURITY

User avatar
cheesepuff
Junior Member
Posts:
57
Joined:
Tue Jan 24, 2012 3:54 am

Re: How can i block a DDOS attack? (Direct dinial of service

Wed Feb 15, 2012 12:03 am

@Infinite It was my professor who told me that, so i would hope he knew what he was talking about.

@kerpap I'm not sure. When i look at my network bandwidth meter, it doesn't go up much during the DOS attack, but i lose connection to everything.
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

'
Next

Return to Home Networking

Who is online

Users browsing this forum: Exabot [Bot] and 20 guests

      cron