Search the Community

hello i have some doubs about pfsense, i have a 10gb connection in my house and i want to host a game server with at least 300 people online in peaks, and i want to protect the server with a firewall pfsense, i was thinking in buy a low end desktop only to install pfsense that should stop like 90% of kiddos that want to attack the server and my doub is that idk what extension of pfsense i should use... ofcourse i accept any idea that you all can give me UwU

I have a server in Google Cloud, its a fivem GTA 5 mod server and its runs on port 30102 UDP Is there any way to hide its IP so when people join they see a different IP, or is there any way to protect it from DDOS so no need to hide IP I tried load balancing in Google Cloud it worked for the website i can open the website with a different IP other than the original IP but when I did that for the game server and opened only port 30102 on that load balancer IP could not connect to game server on new IP My idea was in case of loadbalcer working i could change the load balancer ip once in a while so it would not matter, So what can i do to either hide my IP or protect from DDOS. Server running on Windows server 22

Summary "A security researcher" "has uncovered evidence that Swing VPN includes code allowing its controller to functionally operate app clients as a botnet capable of Distributed Denial of Service (DDoS) attacks". Quotes My thoughts Since LMG doesn't want to create a VPN, maybe it's time for everyone to create their own VPN, because "trusting" these companies was never an option and now it's not just a matter of our own privacy, apparently. Hope it gets covered on WanShow! Sources https://www.androidpolice.com/malware-android-vpn-ddos-botnet/

Hello LTT community! I recently bought a Dell R720 Rack-mounted server. I want to set up the popular pterodactyl panel to host my fivem Minecraft and TS3 servers. I bought the server so I can have direct access to my data and avoid the monthly cost. I have ran into a hard decision though, I need ddos Protection, I am new to every thing about servers. I know how to run them but hardware wise I know nothing. Is there any type of hard ware I can buy to put in my house to protect me from ddos attacks? I know it’s not the most ideal thing to do but not all my game servers have no community made ddos Protection platforms and I don’t want to pay monthly and mess with proxying. If anyone can recommend hardware or a different alternative that is cheap that would be great. Please tell me if you need more info this is my first ever forum post. Thanks!

Start by reading this technical post from CloudFlare. UDP itself has uses, but the 'monlist' command in the Network Time Protocol is entirely useless. It was probably a "feature" some genius programmer thought they'd need but didn't, and it just got left in the code base. In proper software design, the majority of development strategies will prevent you from having code in your codebase that isn't used. If programmers for the NTP codebase had been developing code properly, this command would never have been implemented, and we wouldn't be dealing with these sorts of DDos attack. Apparently SNMP is being predicted to fall next, with almost three times the potential for DDos that NTP amplification can do, so better start cleaning up those vectors for DDos. If this attack had been using SNMP amplification, we would be seeing attacks on the Terabit scale (1 Tb/s), which is on the order of disrupting the infrastructure of the internet.

I am getting AT&T Fiber within the next few days (1-3 days), I have 2 home servers and I want to host a game server off one for a friend that streams on Twitch, AT&T says they provide 1Gbps (1000mbps)..and I would like to know if anyone knows more info, would I be safe from most kiddos bought 'booters/stressors' from my home network of 1Gbps? Thanks for ya time

I know plenty of people have asked this before but I haven't found any clear answers in the admittedly small amount of research I have invested. I would like to host a TeamSpeak 3 server behind a VPN so people cannot DDOS me etc. Am I wrong in thinking they will not be able to DDOS me because they will be attempting to DDOS a VPN provider's server farm with extremely fast internet? Anyway, is this possible? I use no-ip.com currently for my domain. Are there any hoops to jump through etc?

http://www.eqao.com/en/about_eqao/media_room/news_releases/Pages/technical-issue-during-online-osslt-trial.aspx Education Quality and Accountability Office (EQAO) confirms that the cause of the technical issues that resulted in the cancellation of the October 20 province-wide trial of the online Ontario Secondary School Literacy Test (OSSLT) was an intentional, malicious and sustained Distributed Denial of Service (DDoS) attack—a type of cyberattack. An extremely large volume of traffic from a vast set of IP addresses around the globe was targeted at the network hosting the assessment application. The impact of this DDoS, initiated by an unknown entity or entities, was to block legitimate users’ (i.e., school boards’, schools’ and students’) access to the EQAO test application. Sorry, on mobile, gtg, will edit.

This new DDOS appears to be affecting different sites to the first as they appear to be striking a different part of Dyn's network. Level 3 and Cloudflare are seeing lots of errors in websites including Github and Playstation Network. Source: Ars Technica - Double-dip Internet-of-Things botnet attack felt across the Internet So far, github seems to be fine for me in the UK and I haven't seen any real problems, so this could be a more focused attack. But I think the headache caused by IoT devices' poor security is going to continue to snowball. And it's been used to try and silence security researchers in the past who stumble onto criminal uses for vulnerabilities.

Hello, i was playing a game of LoL when all of a sudden i had massive lag spikes. This have never happend before, and made the game unplayable. I've been pinging 8.8.8.8 for the last hour and it looks like i have 40% packets loss. I'm not sure if i'm getting ddosed or whats happening, but im sure some of you bright people might have some ideas to try out. (Checked with my ISP about being a problem on their end, and its not)

Link To Page = https://www.bleepingcomputer.com/news/security/turkish-hackers-are-playing-a-ddos-for-points-game/ An ad for Balyoz on Turkish hacking forums [Credit: Forcepoint] A Turkish hacking crew is running a DDoS-for-Points platform where participants can earn points if they carry out DDoS attacks against a list of predetermined targets, points they can exchange later on for various online click-fraud tools. The name of this DDoS-for-Points platform is "Sath-ı Müdafaa," which translates to "Surface Defense." The platform is advertised through local Turkish hacking forums such as Turkhackteam and Root Developer. Its creators say that each hacking crew or hacker who participates in the Surface Defense program will receive one point for every ten minutes of DDoS attacks. Hackers get points for attacking a list of political targets Surface Defense members are only allowed to attack a list of predefined targets. This list includes many websites that appear to have been added to the lineup based on political reasons. The list includes Kurdish targets such as the Kurdistan Workers Party (PKK), an organization considered a terrorist group by NATO members, its military wing the People’s Defense Force (HPG), the websites of Kurdish hacking crews, Kurdish radio and TV stations, and more. Other politically-motivated targets include the German Christian Democratic Party (CDU, Angela Merkel's party), the Armenian Genocide website, and several Israeli sites. List of targets included in the Surface Defense program [Credit: Forcepoint] Hackers must use a special DDoS tool nicknamed Sledgehammer Hackers that sign up for the Surface Defense program must use a special tool to carry out the DDoS attacks. This tool is named Balyoz, translated to "Sledgehammer." The version of Balyoz participants receive is locked-in and only allows them to attack the list of predefined targets. This DDoS tool includes features to prevent users from cheating, such as running Balyoz inside a virtual machine. Balyoz is available in two versions, one with a GUI and one for users that prefer command-line tools. According to Forcepoint security researchers, who uncovered the Surface Defense program, Balyoz works via Tor, requires a user and password to log in, and it uses a DoS (Denial of Service) technique to starve targets of computing resources. Balyoz DDoS tool CLI version [Credit: Forcepoint] If the operators of the Surface Defense operators detect that one user is trying to cheat and rack up more points, they can tell Balyoz to download and install a backdoor trojan in real-time, or the next time he logs in. As Turkish hacking crews carry out attacks, the Surface Defense platform aggregates the points and creates a ranking. A ranking of hacking crews participating in the Surface Defense program [Credit: Forcepoint] Surface Defense members can earn hacking tools for their efforts After attackers gather a certain amount of points, participating hackers can exchange their totals for various click-fraud tools. They have at their disposal four tools, according to a YouTube video. The big prize is an untethered version of the Balyoz DDoS tool that allows users to launch DDoS attacks against sites not included in the predefined list of targets. The others are three click-fraud bots that can automatically click on ads for pay-to-click (PTC) services such as Ojooo, PTCFarm, and Neobux PTC. Rewards offered to Surface Defense participants [Credit: Forcepoint] Forcepoint researchers say that they've managed to track down the IP where the Surface Defense platform operated, despite running on the Dark Web via Tor. This breakthrough has helped researchers gather some information on the hacker's identity, such as a name/nickname, which appears to be "Mehmet." Researchers said they also tracked the name Mehmet to two Balyoz tutorials uploaded on YouTube. For a more in-depth analysis of the Surface Defense platform, you can download and take a look over Forcepoint's 30-page "Sledgehammer - Gamification of DDoS attacks (for ideology, profit & msichief)" report.

there is a guy at my school RIGHT NOW firing up the low orbit ion cannon application to ddos the network. i told the teacher, but she is looking for some silly razor blade, what should I do?!

http://hothardware.com/news/latest-iot-ddos-attack-dwarfs-krebs-takedown-at-nearly-1-terabyte-per-second Launched from nearly 150k poorly secured and infected IoT devices, a new record has been set for DDoS attacks today with peak rates reaching just shy of 1Tbps at roughly 990Gbps. There really should have been a wakeup call a couple years ago when IoT devices started being used for attacks due to poorly implemented or completely lack of security present. A refrigerator doesn't need full on access to the internet and should not be broadcasting passwords in clear text. I really hope soon the hammer is dropped on some of these companies shipping devices like this and the industry as a whole starts to implement better security.

https://news.yahoo.com/wikipedia-down-malicious-attack-brings-143923391.html Wikipedia suffered a global outage on Friday night after cyberattackers brought down the site with a distributed denial of service (DDOS) attack. Users across Europe were unable to access the site for several hours. People in parts of the US and the Middle East were also affected. The site appeared to be online in the UK by Saturday afternoon. “Wikipedia was hit with a malicious attack that has taken it offline in several countries for intermittent periods,” a Wikimedia Foundation spokesperson said. The charitable foundation operates the website. “The attack is ongoing and our Site Reliability Engineering team is working hard to stop it and restore access to the site,” the spokesperson said, early on Saturday. A DDOS attack occurs when a huge network of computers all try to access a certain website or internet service at the same time, causing it to collapse under the strain of too much traffic. These networks, or ‘botnets’, can be made up of tens of thousands of computers, which have been compromised by malicious hackers without the knowledge of their owners. “As one of the world’s most popular sites, Wikipedia sometimes attracts “bad faith” actors,” the Wikimedia spokesperson added. “Along with the rest of the web, we operate in an increasingly sophisticated and complex environment where threats are continuously evolving. “We condemn these sorts of attacks. “They’re not just about taking Wikipedia offline. Takedown attacks threaten everyone’s fundamental rights to freely access and share information. “We in the Wikimedia movement and Foundation are committed to protecting these rights for everyone.” http://players.brightcove.net/624246174001/default_default/index.html?videoId=5837728067001 Support free-thinking journalism and subscribe to Independent Minds The online encyclopedia is one of the world’s most widely used websites. There are Wikipedia sites in 300 different languages, with some 46 million articles accessed by 1.4bn unique devices every single month, according to figures from 2018.

Hello guys, So recently I've been having trouble with my internet.So lets say I play an online game.Everything is normal when i check,my net speed is normal,my ping is normal,yet i have lags and stutters. Well i thought it was nothing untill i went to a page today and it crashed for some reason,When i got back in,it said Temporarily under heavy traffic or some like as DoS attack !!!. so now i am wondering if my IP addres is inflicted by some sort of attack or if something else is going on.I have no clue what it could be 100%.If there is someone that knows what it is and how to get rid of it i would really appreciate it.. THANKS

Hello everybody I wanted to ask if anyone knows an alternative to Vbooter. I wanted to test how safe my system is against DDo's attacks.

Greetings everyone I figure off topic is the perfect place for this post sorry in advance I'm sure someone has already been through this So I guess my question here is obvious. Is it possible to make your home network harder to hack into? I know little to nothing about hacking / cyber security, I just know how easy it is for people who do know as I've seen them do it in front of me. *Is there any way of stopping a ddos attack if your on the receiving end ? a program or software ?? *And with the modem / router is there any way to make it harder to hack ? I mean the people I've seen took about a whole minute if that??

So me and my team have a server room in our office where our projects and websites are hosted but our problem is that we get ddos'd nearly daily and we cant do anything about it. even if we shut down out servers the internet still doesnt work and still gets attacked. my question would be if we could intervene an extra server between the modem and the network switches since we have one staying around with a high computing power to review our traffic. is this even possible or do we have to buy those expensive servers from like riorey.com? Since we have a lot of capacity in those servers we cannot switch to cloudflare and those providers. any ideas? help would be very appreciated. Thanks in advance!

I have a vnc set up on my server and when I turned it on today 185.56.80.222 kept trying to connect to the vnc when a looked up the ip I got this: https://www.abuseipdb.com/check/185.56.80.222 and I can’t find a way to blacklist the ip. My router is using dd wrt.

Just as the title says, Cloudflare error messages are getting more and more frequent. Does it mean LTT is under attack? Is it a false positive on Cloudflare's side? I have to refresh multiple times just to post this. I can't even view my notifications. Windows 10 Home Chrome 67

If anyone could help, for school, my IT teacher gave us the challenge to help with a school project. We are learning about security and privacy, mainly about keeping our IP private, and therefore set us a challenge. We must create a DDOSing or DOSing application using any language. I have tried the ones on YT but they don't seem to do anything at all apart from slow my own computer down. If anyone knows of a script please let me know.

OP: https://www.wired.com/story/github-ddos-memcached/ Using memcached servers, allegedly chinese state sponsored hackers were able to launch a massive DDoS attack to the Github servers for over 1Tbps of load. When github realized this they relay all the traffic to their DDos Mittigation service with Akamai Tech. The whole attack lasted between 15-20 minutes. ThousandEyes was able to determine that the traffic payload was over 1.3 Tbps. Known as an amplification attack, this type of DDoS has shown up before. But as internet service and infrastructure providers have seen memcached DDoS attacks ramp up over the last week or so, they've moved swiftly to implement defenses to block traffic coming from memcached servers. "Large DDoS attacks such as those made possible by abusing memcached are of concern to network operators," says Roland Dobbins, a principal engineer at the DDoS and network-security firm Arbor Networks who has been tracking the memcached attack trend. "Their sheer volume can have a negative impact on the ability of networks to handle customer internet traffic."

Is it possible to build network redundancy on the PC side to reduce the chance of disconnecting? I mean quickly auto connecting to the backup network in case one goes offline to reduce the chance of disconnections and ddosing. Unlike other options which require you to manually switch the network when one goes down and has a significant delay.

Hello, I am new to this forum and have a question to ask. However, I am not sure what topic it falls under, or if this forum even has a topic for it. But... Basicaly, I would like to know where to ask a question about ddos. Specifically if higher spec hardware can withstand attacks longer. Thanks for any referrals to the proper threads!

Hi! Im going to open some dedicated game servers and I am worried in the case that a DDos attack strikes. Can anyone point me to a solution to this, preferably not too expensive if possible. Thanks