AntiDDoS Defence

[Biowoolf]

Sry if my idea is not in that topic what needed.
and sry for my english.
I just want to share with u by my idea.

So...

it can help, i think, if u have problem with a flood of game server port and u have a server on linux\unix machine.

u need to authorize on login. then login add your ip to iptables filter, which allow you to connect.

first of all u need to deny all connections to 7777 port (deny all what is not allowed - this MUST be 1st rule in ip tables).

Any discussion?

[Probe]

what if they flood the login port and crash your loginserver?

[Biowoolf]

well login server must have autorestart system - it starting much faster than game server and u can have it on different pc and players on game server will not notice that it is attack on server...

U can make some config like

DDoSdefence = true
#it won't work on windows!! add rule to iptables to deny all connections on 7777 port

something like this...

[UnAfraid]

You cannot block ddos attack only with iptables.
You blocking the connections not the traffic.. you have 100 mbp/s bandwidth when they flooding u with more what you will do?

[netvirus]

To call to the provider

[ThePhoenixBird]

Rent a host with Cisco DDoS Protection.

[bigbro]

You cannot block ddos attack only with iptables.
You blocking the connections not the traffic.. you have 100 mbp/s bandwidth when they flooding u with more what you will do?

you can protect against ddos with iptables.

[MELERIX]

for windows server you can use http://www.peerblock.com to block a ip list, a single ip, or ip ranges.

and TCPVIEW is useful to check if you are being ddosed: http://technet.microsoft.com/en-us/sysi ... 97437.aspx

[UnAfraid]

@bigbro belive its impossible to stop that ddos that i received my ISP cut me because they cant handle with the it so you will stop it only with iptables? you will stop the connections but the traffic who will stop it ? you? and how? only ISP make some shaped tunnels and filter those ips to use that tunnel ..

p.s. i received a 2.7 GBP/s flood

[Lupu1]

you can stop ddos only if you can config the ips

[Aikimaniac]

You cannot block ddos attack only with iptables.
You blocking the connections not the traffic.. you have 100 mbp/s bandwidth when they flooding u with more what you will do?

you can protect against ddos with iptables.

LOL DDOS isnt meant for 10 bots attack but botnet like 500k zombies

[MELERIX]

anyway is really hard and rare to see a botnet working today (is not like in the 90's).

generally... is just a single guy with 2 o 3 dedicated machines making the flood to specific ports, so is easy to block him if you know from where the connections come.

and does not matter if he is using a proxy, because you can ban all the ip ranges of the proxy if you need, and obviously... the guy can't use every proxy of the world to make flood, because some proxy don't allow to do that

[Aikimaniac]

anyway is really hard and rare to see a botnet working today (is not like in the 90's).

generally... is just a single guy with 2 o 3 dedicated machines making the flood to specific ports, so is easy to block him if you know from where the connections come.

and does not matter if he is using a proxy, because you can ban all the ip ranges of the proxy if you need, and obviously... the guy can't use every proxy of the world to make flood, because some proxy don't allow to do that

imho biggest botnets are IM client networks like ICQ...MSN...Skype...im pretty sure there are ways how to use them for their owner

[Lupu1]

you can block ips but what you do with the traffic when hits your ips ?

[Nik]

if its DDoS from a botnet, pray that it will stop, cuz you cant stop it, your ISP cant stop it... no one can, except the attacker.