All home networking related discussions.
User avatar
jdsilva
Post Whore
Posts:
5347
Joined:
Mon Jan 17, 2005 11:01 pm
Certs:
CCNP

Re: How can i block a DDOS attack? (Direct dinial of service

Wed Feb 15, 2012 12:12 am

cheesepuff wrote:@Infinite It was my professor who told me that, so i would hope he knew what he was talking about.

That's an assumption you should never make.

User avatar
cheesepuff
Junior Member
Posts:
57
Joined:
Tue Jan 24, 2012 3:54 am

Re: How can i block a DDOS attack? (Direct dinial of service

Wed Feb 15, 2012 12:36 am

good point.
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

User avatar
jdsilva
Post Whore
Posts:
5347
Joined:
Mon Jan 17, 2005 11:01 pm
Certs:
CCNP

Re: How can i block a DDOS attack? (Direct dinial of service

Wed Feb 15, 2012 10:20 am

OK, enough with the philosophical "Don't be a sheep" speech...

Generally when someone starts talking about "IPv6 being built with security in mind" what they are talking about is IPsec. IIRC IPsec was originally created to be part of the IPv6 spec, and was back ported to IPv4. So basically you (theoretically) can encrypt any IPv6 stream using the IPv6 IPsec extension headers. Not every vendor has gotten this far in the IPv6 implementations.

How does this help you and your problem? It doesn't. IPsec (and really, any security) is in no way related to DDoS. You can encrypt your traffic all you like, but if someone shoves 2Gb/s down your 50Mb/s internet connection you're FUBAR.

Firewalls may offer some protection in that they can filter out certain types of DoS attacks before they reach your server, but at the end of the day if someone shoves 2Gb/s down your 50Mb/s internet connection you're FUBAR.

The only thing you can do then is contact your ISP and get their help. They have the Big Iron needed to filter that kind of traffic before it ever reaches your firewall.

User avatar
cheesepuff
Junior Member
Posts:
57
Joined:
Tue Jan 24, 2012 3:54 am

Re: How can i block a DDOS attack? (Direct dinial of service

Wed Feb 15, 2012 5:38 pm

thank you for getting straight to the point. If i get dossed again I'll contact my ISP and see what they can do.
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

User avatar
mellowd
CCIE #38070
Posts:
13814
Joined:
Wed Jun 18, 2008 7:49 am
Certs:
CCIE (RS,SP), JNCIE-SP, BC-/SPNE/NP

How can i block a DDOS attack? (Direct dinial of service)

Thu Feb 16, 2012 2:20 am

I would contct them before and ask them what they could possibly do if it happens again


Sent on the move...

User avatar
cheesepuff
Junior Member
Posts:
57
Joined:
Tue Jan 24, 2012 3:54 am

Re: How can i block a DDOS attack? (Direct dinial of service

Thu Feb 16, 2012 6:17 am

still, i would like to know what kind of DOS attack im getting. How can i tell what type is being implemented on me?
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

User avatar
Halo
Post Whore
Posts:
1008
Joined:
Thu Oct 14, 2010 4:39 am
Certs:
CCNP (R&S, Security), ITILv3 Foundation

Re: How can i block a DDOS attack? (Direct dinial of service

Thu Feb 16, 2012 8:19 am

If you captured some of the traffic using wireshark, that would give our Internet Scientists something to work from.

As a completely off-the-cuff guess, it's going to be something like LOIC or LCF.

Perlhack
Member
Posts:
234
Joined:
Wed Aug 19, 2009 7:22 pm
Certs:
CCNP CCIP CCNA-S

Re: How can i block a DDOS attack? (Direct dinial of service

Thu Feb 16, 2012 9:24 am

Its the kind of DDOS attack that makes your site go offline.
_______________________________________________________________________
There are 10 types of people in the world. Those who understand binary and those who don't.

User avatar
jdsilva
Post Whore
Posts:
5347
Joined:
Mon Jan 17, 2005 11:01 pm
Certs:
CCNP

Re: How can i block a DDOS attack? (Direct dinial of service

Thu Feb 16, 2012 9:30 am

What makes you think you're even under attack?

Sent from my GT-I9000M using Tapatalk

User avatar
cheesepuff
Junior Member
Posts:
57
Joined:
Tue Jan 24, 2012 3:54 am

Re: How can i block a DDOS attack? (Direct dinial of service

Thu Feb 16, 2012 6:05 pm

im not under attack right now. But i know whos attacking me, and i know hes DDOS many people before. I've seen him take down servers before. So whenever i come in contact with him, he tends to DOS me just because he can. I lose connection to everything ONLY when hes around. Hes become infamous in a sense. Hes basically "im guna DDOS you, so bye" and then i go offline.
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

User avatar
wirerat
Post Whore
Posts:
5340
Joined:
Tue Mar 31, 2009 4:15 pm
Certs:
More than none

Re: How can i block a DDOS attack? (Direct dinial of service

Thu Feb 16, 2012 6:14 pm

cheesepuff wrote:Hes become infamous in a sense. Hes basically "im guna DDOS you, so bye" and then i go offline.

Is it the tracer-t guy?
"See packet, be packet, you are packet. Ignore all else!" -The Networker
packetsdropped.wordpress.com

User avatar
cheesepuff
Junior Member
Posts:
57
Joined:
Tue Jan 24, 2012 3:54 am

Re: How can i block a DDOS attack? (Direct dinial of service

Thu Feb 16, 2012 7:24 pm

not sure what you mean by that =S
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

User avatar
kerpap
Ultimate Member
Posts:
765
Joined:
Sun Jan 04, 2009 6:28 pm
Certs:
CCNA, CCDA, CCNA-SECURITY

Re: How can i block a DDOS attack? (Direct dinial of service

Thu Feb 16, 2012 7:31 pm

hmmmm. this guy sounds like a real troll.
you know you could set up a nice honey pot server for him to attack and then setup some monitoring so that you can analyze his attack vectors, then see if there is a way to block it or beat him at his own game.
is he a full on hacker or just a little script kiddy.
CCNA, CCDA, CCNA-SECURITY

User avatar
cheesepuff
Junior Member
Posts:
57
Joined:
Tue Jan 24, 2012 3:54 am

Re: How can i block a DDOS attack? (Direct dinial of service

Fri Feb 17, 2012 2:29 am

hes not really even a hacker, just a DDOS God. Hes not a little kid. Hes an adult. He knows what hes doing, but he doesnt care that he does it.
I want to work with the Internet Engineering Task Force (IETF) and standardize a WTF protocol. It would literally be a "What The F**k" protocol for when NO ONE can figure out where the f**k something went wrong.

Non-Cisco forum http://networkinghelp.freeforums.org/index.php

User avatar
kerpap
Ultimate Member
Posts:
765
Joined:
Sun Jan 04, 2009 6:28 pm
Certs:
CCNA, CCDA, CCNA-SECURITY

Re: How can i block a DDOS attack? (Direct dinial of service

Fri Feb 17, 2012 4:01 am

DDoS God eh?
I'd love to see what he is doing and how.

if you can set up a little honey pot for him to attack and setup some monitoring.

see what type of traffic he is sending. if he is doing a SYN flood, it is pretty easy to filter out with a firewall without interrupting gameplay connections.

you can do it with a cisco switch (can get one dirt cheap on ebay) and configure one port as a SPAN port, then connect a lappy to the SPAN port and open wireshark.
put the switch between the WAN connection and the server.
CCNA, CCDA, CCNA-SECURITY

User avatar
Halo
Post Whore
Posts:
1008
Joined:
Thu Oct 14, 2010 4:39 am
Certs:
CCNP (R&S, Security), ITILv3 Foundation

Re: How can i block a DDOS attack? (Direct dinial of service

Fri Feb 17, 2012 4:07 am

Man am I out-of-date with my knowledge on attack tools. Other grand implements are hping and loris derivatives (like PyLoris).

roggy
Senior Member
Posts:
346
Joined:
Tue Apr 08, 2008 10:09 am

Re: How can i block a DDOS attack? (Direct dinial of service

Fri Feb 17, 2012 4:44 am

Normally denial of service fits into 2 areas

1) a protocol attack
2) a bandwidth attack

My money is either on your not monitoring your bandwidth correctly or a protocol attack - given that outbound is affected as well me thinks that it is simple half syn attack maxing out the state table on your firewall.

So I would either decrease your tcp timeouts or buy a firewall with more memory/ better tcp options.


p.s. this guy is not a ddos or a dos god - this is nothing short of a script kiddie is a LOIC

'
Previous

Return to Home Networking

Who is online

Users browsing this forum: No registered users and 13 guests