DDOS Attack

[r0x]

Look what I found:
http://msdn.microsoft.com/en-us/library/Aa302363

Same as "SYN cookies" of Linux.

The goal of successful DDoS is making host unaccesible through internet. So if your os starts dropping packets and doesnt reply to requests = DDoS is successful (how you determine during DDoS which requests are valid and which are not?!). So - there is no software protection against DDoS.

Well, after I configured the windows, the attacks stopped.

But I do not know if it was the protection or if they gave up the attack.

[regenx]

Yes, you are right..

I have Win2k8R2 and my native OS firewall was stopped and replaced with another "crap" firewall -> Commodo
I was vulnerable to all DDOS attacks on Port 3724 (login from WoW ), on DNS (from no-ip, i don't know with DynDNS but i think is the same), all UPD/TCP open ports was affected + TCP Mysql .. everything.
I am not have Apache istalled, only IIS.

Next Crashes from flooding:
Login port from login server for WoW was down everytime,
Lineage 2 was UP.

Machine was not affected and i have 2 servers on this win2k8R2 machine:
Processor Core 2 DUO (in flooding was up to 10% PP)
Ram 8 GM DDR2. (no problems)

Now on the same machine i have L2 Freya, Aion and 2 Realms for WoW
with native Firewall = ON (Public and Private), IPSec = ON, akamay service = ON (for dropping packets from flooding ) and nothing more.

Good Luck!
I can guarante for this anti flood configuration for everyone (80% attackers will fail)


btw, MxC (maxcheaters) was down for 2 weeks and they are on Ubuntu Linux, with all things updated iptables and everything and FAIL!

[regenx]

nobody can help you except your ISP

Even your ISP can't hep you Why? ISP can ban and put restriction for some IP's if you send your OS logs to them.
Because with spoofing attacks from an entire community like (i.e AC-web) nobody can't survive

Anyway flooding is illegal and attacker/attackers can be viewed in TCP clients and they can go to JAIL.

[l2chaos]

If you have some mysql query quota set and somebody makes your server to make lot of query's by DDOS than Mysql will deny every query in next hour. So if you set

Code: Select all

MAX QUERIES PER HOUR 0  MAX UPDATES PER HOUR  0 MAX CONNECTIONS PER HOUR 0 

than Mysql probably won't shut down. But it's better to deal with attackers by some flood protector.

how put this man

[JMD]

If you have some mysql query quota set and somebody makes your server to make lot of query's by DDOS than Mysql will deny every query in next hour. So if you set

Code: Select all

MAX QUERIES PER HOUR 0  MAX UPDATES PER HOUR  0 MAX CONNECTIONS PER HOUR 0 

than Mysql probably won't shut down. But it's better to deal with attackers by some flood protector.

how put this man

wild guess this is on my.ini of mysql.

[Maraxer]

In phpmyadmin > Permissions > chose user you use for server

[l2chaos]

If you have some mysql query quota set and somebody makes your server to make lot of query's by DDOS than Mysql will deny every query in next hour. So if you set

Code: Select all

MAX QUERIES PER HOUR 0  MAX UPDATES PER HOUR  0 MAX CONNECTIONS PER HOUR 0 

than Mysql probably won't shut down. But it's better to deal with attackers by some flood protector.

how put this man

wild guess this is on my.ini of mysql.

i have mysql 5.5 and dont have this

[MELERIX]

lol, if you do that, you will block your own server xD

and btw mysql service deny all mysql remote connection by default, except when you have a mysql user account where "remote for all" is allowed.

so, don't enable mysql remote account for all, only allow a specific IP

[Szponiasty]

No. Let them do that. Seriously, is this still going to be an forums to "learn java or just copy what u find"? Or we're gonna show that open source means business Check out how's Blender look like nowadays. Open Source can be very very good these days. I think its time to rise level