Help me choosing a good firewall to stop low ddos attack...

IPFW, PF, IPF (but not limited) related discussion

Help me choosing a good firewall to stop low ddos attack...

Postby xKri » 16 Sep 2012, 12:57

Hi guys,
my server is always under ddossing... x( I need something to stop that!

Limiting connection per IP (10Kb/s) and connections per IP (10 connection) can be useful?!

Another question: Is IPFW a good firewall to do that?

Thanks in advance.
Regards.
xKri
Junior Member
 
Posts: 8
Joined: 03 Jan 2012, 11:52

Postby zer0sig » 17 Sep 2012, 01:49

If the DDoS is flattening your router/switch, it won't help to set those kinds of parameters.

Do you know what kind of DDoS it is? what kind of traffic? Are you analyzing the packets? If you can narrow down the attacking hosts to ranges of IPs you can report them to either your internet provider or theirs. It turns out that most ISPs do not like being the source for DoS attacks.

Do you have other hosts on the network that can get out okay? If so, limiting the traffic per IP in terms of # of connections or throughput can be useful, even moreso from a router or switch. If they cannot, you must get further up the data path as connections are still passing through routers and switches before they get to your freeBSD server.
It doesn't get happy. It doesn't get sad. It just. Runs. Programs.
zer0sig
Junior Member
 
Posts: 26
Joined: 11 Dec 2008, 08:46
Location: NC, USA


Return to Firewalls

Who is online

Users browsing this forum: asteriskRoss, plotterotter and 0 guests