s

[LeakingSink251]

s

[zlolslavez]

Don't let someone get your IP address/info lol.

[LeakingSink251]

s

[Tedster]

Assuming if they have you IP what could you do in that jumble. It's not i have ever been DoSed but i'm just wondering. 

Get your IP address changed.

[Enderman]

enable WAN ping block mode in your modem/router settings

[Gregoreg]

Call your ISP and ask them to change it. If for whatever reason they refuse (don't know why they would) act really dumb. Say you have no idea why the internet isn't working. Or get a VPN.

[desertcomputer]

Don't piss off kids on cod. 

[zlolslavez]

Assuming if they have you IP what could you do in that jumble. It's not i have ever been DoSed but i'm just wondering. 

If they already have your IP address then you need to do whatever you can to attempt to change it.

You can try to protect yourself from that by getting a VPN, but that's basically all you can do.

[LeakingSink251]

s

[Samfisher]

So there is nothing hardware wise that prevents DoS attacks like a firewall...

There's really nothing that can handle a DoS attack.  A firewall would still be between you and the internet, but incoming traffic goes through it as well. So when (and not if) your firewall gets overwhelmed by the mass connections, your net will still go down either way.

 

There's no stopping DDoS attacks, there is only minimizing it by spreading your service on as wide a net as possible.

[LeakingSink251]

s

[MrBucket101]

So there is nothing hardware wise that prevents DoS attacks like a firewall...

course there is, how much money you wanna shell out?

 

barracuda makes some pretty beefy network hardware that can handle DoS attacks

 

you got the $$$ though?

 

change your IP by changing the MAC address on your router then hard reboot the modem and soft restart the router

[leadeater]

course there is, how much money you wanna shell out?

 

barracuda makes some pretty beefy network hardware that can handle DoS attacks

 

you got the $$$ though?

 

change your IP by changing the MAC address on your router then hard reboot the modem and soft restart the router

 

Hardware only works so well until the actual bit rate of the cable is exceeded then nothing will help, except more bandwidth or more connection points etc. Large scale DDoS attacks if pointed to a personal property would take out a town in most cases. There is no financial gain to such a thing which is why large cooperates and data centers get attacked not houses.

 

You can try honey potting attacks and force keep open TCP connections etc till the attacking client runs out of dynamic ports but that is the whole point of DDoS vs DoS, they have more  TCP ports available than the target. That's if they are using a TCP based attack and not just UDP which is the protocol type you would use to flood data pipes etc not TCP.

[yzbd]

Folks in here are not paying attention to the details. Your bandwidth speeds in your average home will be such a small amount that no hardware will help. Think of your toilet being clogged.

 

99% of the time you would just unplug your modem's powercable for a few hours then reconnect it - you will get a new IP address.

 

Unless you have some kind of extreme home internet setup, this will fix your problem. If you do, you shouldn't be posting on this forum. 

[leadeater]

Unless you have some kind of extreme home internet setup, this will fix your problem. If you do, you shouldn't be posting on this forum. 

 

Not that I actually do find this comment offensive or anything but I do have what would be classified as an 'extreme home setup' and I'm not the only person on this forum either. I don't feel this should exclude me from participation at all, common sense in what to post and talk about is more than required.

 

There have also been many people asking about complex networking advice and learning material, what the question is and what the OP wants is more important than simply excluding content that isn't strictly 'enthusiast' or 'gamer' etc.

[LeakingSink251]

s

[LeakingSink251]

s

[afranco]

You could get a small computer with multiple ports and install fail2ban and have iptables set up to prevent some ddosing if its that bad

[yzbd]

I never once said i have a problem i'm just interested. And i shouldn't be posting on a tech form to what, Learn?  

 

 

You are assuming things about my post besides reading what words are there. What I mean: If you have for example 1gb up/dn connection that is being affected then this isn't the right forum. You would be looking for a place where enterprise equipment is being use. While I am sure there may be one or two people that might have the knowledge or working education you could find a place that would provide better/more reliable info. 

[MeshFile]

First concern is the bandwith your ISP provides. If the attacker is saturating that link, you need to change your IP as no other solutions will work.

 

If your connection is not saturated, but it's your router that's having problem keeping active connections, disable connections initiated on the Internet (on its WAN port).

 

On a typical scenario where you're not hosting anything over the Internet, that should prevent the attack from continuing. Changing your IP is mostly the solution that will work.

[Coaxialgamer]

Change your ip.

[Rawity]

Don't piss off kids on cod. 

Even worse on Meinkraft

[SilicateWielder]

Don't let someone get your IP address/info lol.

That's hard to do though, there are sites that can figure out your IP just from your URL.

 

But, they're useful for building personal DNS servers.

[leadeater]

You are assuming things about my post besides reading what words are there. What I mean: If you have for example 1gb up/dn connection that is being affected then this isn't the right forum. You would be looking for a place where enterprise equipment is being use. While I am sure there may be one or two people that might have the knowledge or working education you could find a place that would provide better/more reliable info. 

 

Actually there are quite a few people that work for ISP's, hosting providers and large corporate/education institutions who are members of this forum, myself being one of them. Sure this forum is not dedicated for that kind of audience and questions they would ask but there have been many cases of people asking questions that require this knowledge over the few months I have been a member.

 

Yes there are other forums for this purpose but they are not always that active and neither that helpful, nor really can be. No body is going to be able to give decent advice on a forum for such a setup as where I work. We have 6 40Gbps connections, multiple routers, firewalls, data centers etc and you don't go to a forum to asks questions on anything to do with that. We have people employed, send them on training, contracts with support vendors, direct contacts within the suppliers/makers of the equipment.

 

I'm more than willing to share the knowledge I have if people ask for it and are willing to listen, just like multiple other people on the forum that I have seen are too.

[KraftDinner]

enable WAN ping block mode in your modem/router settings

This might not always work as someone who actually knows what they're doing wouldn't perform a DOS using ICMP requests, they're usually masked under protocols that look like legitimate requests, and blocking this specific incoming protocol could mean that you're blocking legitimate users / customers (if you're a business) out too. Kind of a shitty situation