On an irc, we had some split, by brasilians hackers, because some irc members had rehack 1 dump, with ddos. Provider then cut the hub.
I have 2 questions :
is it possible to prevent this ?
can someone could give me name of tools who work ?
I've tried Striker 1.5b but i'm not sure it works, because i've tried it on 1 ip.
Maybe more efficient tool, well known by members?
Full Version: Question About Ddos
i dun think there is a way to prevent ddos...
secondly
the tool is not 1 that you can use
however i seems more like a trojan that infects other computer
therefore the DISTRUBUTED denial-of-service comes about
when about 100 or more indivisual computers packets the targeted server with alot of bandwidth slowing it down to a crawl
secondly
the tool is not 1 that you can use
however i seems more like a trojan that infects other computer
therefore the DISTRUBUTED denial-of-service comes about
when about 100 or more indivisual computers packets the targeted server with alot of bandwidth slowing it down to a crawl
| QUOTE |
| But putting in place extra server processing capacity to handle DDoS attacks can be expensive and is likely to make sense only for larger companies, Mockapetris said. "There's a bit of a digital divide when it comes to the ability of companies to defend themselves against these attacks," he said. |
also note
| QUOTE |
"The long-term answer to DDoS protection has to be in the [service provider] networks and backbones," said John Pescatore, an analyst at Stamford, Conn.-based Gartner Inc. That's because upstream service providers are in a better position to detect and choke off traffic directed at a specific IP address, said Schneier. As a result, it's a good idea to require service providers to offer some sort of guarantee against DDoS attacks, said Schneier. Gartner has in fact been advocating this for more than two years, urging users to include DDoS protection language in their service-level agreements with Internet service providers and data center hosting companies. But less than 1% of companies overall are buying such services |
blocking all your ports (and block ICMP messages)... or block ALL incomming traffic (at low levels in OSI model).. or arranging something with your ISP.. or setting limits on how much traffic to allow to process before dumping... something along those lines should work
as for making the DDOS, it's pointless, but fine, you don't need a special program. just send a regular DOS but on mass porportions (through "zombies").. a ping is sometimes good enough (reason to block ICMP messages).. if that's blocked, have them all do some other bandwidth consuming task...
ever since the first ddos attacks against google and yahoo started a couple of years back , there has been a wide spread ackknowledgement world over that protection from DDOS attacks and Solution to the problem can only come in the way of Egress Filtering.
When you want to break a bundle of sticks you break them one by one its easier,
But when you try to break them as a whole its tough,the same goes to DDOs attack.
Egress Filtering is the way to go.
When you want to break a bundle of sticks you break them one by one its easier,
But when you try to break them as a whole its tough,the same goes to DDOs attack.
Egress Filtering is the way to go.
i know router can help against ddos attacks,but it's hardware not software... 
Fraid a router doesnt do very much, often the router just crashes.
Try to recognize attack pattern and blockit by software firewall.
Also check out if attacks from some IP Ranges, So uou may can block some ranges temproarily.
Also check out if attacks from some IP Ranges, So uou may can block some ranges temproarily.
there are a few things that can help u when handling a ddos, but u can never really block it 100%
to do this u have to setup yer router with some specific configurations andi warn u it's gonna give u some trouble
.
since most ddos attacks have spoofed ips as origin u can block a bit of it by setting up some restrictions on yer router.
step 1
setup the router to only accept incoming connections from non internal ip ranges ( this will prevent attacks from spoofed ips that send internal ips as origin like 192.168.0.* ; 172.16.*.*) etc.
step 2
belive it or not some ddos codes that are spread around are so stupid that the ip spoofing sometimes is out of ipv4 range ( 0.0.0.0 - 255.255.255.255 ), so block anything that isnt in that range.
these steps help a bit in reducing the effects of a ddos, but face it
if u have a dialup and get attacked by 99999999999 edus even god cant help your connection
to do this u have to setup yer router with some specific configurations andi warn u it's gonna give u some trouble
.
since most ddos attacks have spoofed ips as origin u can block a bit of it by setting up some restrictions on yer router.
step 1
setup the router to only accept incoming connections from non internal ip ranges ( this will prevent attacks from spoofed ips that send internal ips as origin like 192.168.0.* ; 172.16.*.*) etc.
step 2
belive it or not some ddos codes that are spread around are so stupid that the ip spoofing sometimes is out of ipv4 range ( 0.0.0.0 - 255.255.255.255 ), so block anything that isnt in that range.
these steps help a bit in reducing the effects of a ddos, but face it
if u have a dialup and get attacked by 99999999999 edus even god cant help your connection
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
