Hi Justin,
Thanks for your time, I appreciate it.
--
Best Regards,
Richard Hatherly
Ritech Computing Services
0411 459 507
On 21/09/2018 10:39 PM, Justin Pryzby wrote:
On Thu, Sep 20, 2018 at 09:27:35AM +1000, Richard wrote:
Not going to help for UDP, but it would stop TCP replies if it was
On Thu, Sep 20, 2018 at 09:27:35AM +1000, Richard wrote:
> Not going to help for UDP, but it would stop TCP replies if it was a TCP
> flood ?
If you DROP TCP initial "SYN" packet, there's no connection nor reason to reply
to anything else.
shorewall/blacklist is the easy way (see also shorewall/i
On Thu, Sep 20, 2018 at 08:52:20AM +1000, Richard wrote:
> My child was playing fortnite last night when another kid in the lobby
> threatened to DDOS him,
It doesn't appear to be "distributed", right ?
> SRC= 98.139.130.248
> SRC= 98.139.130.248
> SRC= 98.139.130.248
> SRC= 98.139.130.248
> Is
Hi Justin,
Good point, not a DDOS at all, just a DOS.
Yes, the packets were dropped, I guess the only potential protection is
upstream.
If i do shorewall-drop (ip) , the packets will still hit the interface,
but does it still appear in the logs ? Actually, looks like they are
dropped silent
Hi,
My child was playing fortnite last night when another kid in the lobby
threatened to DDOS him, I was skeptical but it turns out he could. I
guess there is software available to show the IP address of who is in
the same lobby.
98.139.130.248 DST=203.217.21.161 LEN=468 TOS=0x00 PREC=0x00 T
On 5/17/13 1:48 PM, "Michael McCallister"
wrote:
>Tom Eastep wrote, On 5/17/2013 8:14 AM:
>> On 05/16/2013 09:50 AM, Michael McCallister wrote:
>>
>>> BTW: I realize all bets are off with a DDoS attack - but this one was
>>> only 50mbit and an application layer attack - I just want to beef
>>>thi
Tom Eastep wrote, On 5/17/2013 8:14 AM:
> On 05/16/2013 09:50 AM, Michael McCallister wrote:
>
>> BTW: I realize all bets are off with a DDoS attack - but this one was
>> only 50mbit and an application layer attack - I just want to beef things
>> up to better handle smaller attacks (like this one)
Michael McCallister wrote, On 5/16/2013 9:50 AM:
> Michael McCallister wrote, On 5/16/2013 12:05 AM:
>> Hello List!
>>
>> I got a small (50mbits or so) application layer ddos attack against a
>> few name servers (thousands of IPs sending lots of bogus A record
>> requests - weird) - one of the nam
On 05/16/2013 09:50 AM, Michael McCallister wrote:
> BTW: I realize all bets are off with a DDoS attack - but this one was
> only 50mbit and an application layer attack - I just want to beef things
> up to better handle smaller attacks (like this one) - I am fully aware
> that if they saturate
Michael McCallister wrote, On 5/16/2013 12:05 AM:
> Hello List!
>
> I got a small (50mbits or so) application layer ddos attack against a
> few name servers (thousands of IPs sending lots of bogus A record
> requests - weird) - one of the name servers was behind a shorewall
> firewall. That firewa
Hello List!
I got a small (50mbits or so) application layer ddos attack against a
few name servers (thousands of IPs sending lots of bogus A record
requests - weird) - one of the name servers was behind a shorewall
firewall. That firewall was running a 2.6.18-194.11.1.el5 kernel and
shorewall
On Monday, 20 August, 2012 00:07:43 Simon Hobson wrote:
> The other issue if it's UDP traffic is that the source addresses are
> probably spoofed anyway. It depends on the network infrastructure at
> the attacking end, but it's often easy to send traffic with spoofed
> source addresses. Even if
cac...@quantum-sci.com wrote:
>Is there any way to solve something like this?
In a word, no.
Well there is, but it's not very useful as it means unplugging from
the internet !
The whole point of a good DDoS is that there are so many source IPs
involved that it's impossible to block them easily
I know someone who for the past 4 days has been having the heck ddosed out of
him. He runs a gaming server, and ran a report on the ddos; he has 8 pages of
that and a few hours ago there were 16 pages. They're attacking his machine on
random ports and he blocks UDP traffic on those ports, bu
14 matches
Mail list logo
