kevinds
join:2003-05-01
Calgary, AB
kudos:1 | reply to xtachx
Re: ddos attack said by dasman09 :A normal internet user is highly unlikely to get DoS'ed. The best recommendation in this case is to avoid doing douchie things that invite DoS attacks.
--
Yes, I am not employed and looking for IT work. Have passport, will travel. |
|
| define a normal internet user, here in the world of competitive call of duty ddos is a daily routine for many players just to get there wins, i even watched a pro team loose a tournament qualifier on livestream the other day cause 2 of them were getting ddos, so yes a normal internet user probably isnt likely to incur a ddos attack, but when ur beating someone in a game and then can just hit u off for the win, the douchy people r usually the ones attacking, usually the people getting hit are innocent. as far as my connection goes the mac adress thing worked to change my ip but i dont know how i was still getting hit of originally, maybe the modem was just overwealmed, either way my connection is working now so hopefully i dont get another attack for a while |
|
|
|
kevinds
join:2003-05-01
Calgary, AB
kudos:1 | Then get a better router... Dual-Core 1.5 GHz with 1GB ram should be overkill...
-Posted from my phone |
|
Reviews:
 ·Windstream
 ·VOIPo
| reply to Juggernaut
said by Juggernaut:From what I've experienced, the 192.x.x.x LAN IP seems to be a common attack vector regardless of the WAN IP. Perhaps it's because it's common? I'm not sure to be truthful.
I have noticed these hits are far less common on the 10.x.x.x internal IP's though.
You have no idea what you are talking about.
No one can reach 192.168.x.x from another network. That not what they are attacking, they are attacking the WAN IP which is provided by the ISP, changing the LAN IP does nothing. They cant hit the 192.168.x.x they cant hit the 10.x.x.x it no different.
--
ASUS M4A79T Deluxe | AMD Phenom II x3 720 BE AM3 w/4 Cores @ 3.41Ghz(OC) | 4Gb DDR3 Memory @ 1600mhz | Sapphire ATI HD4870 1GB 800mhz/1000mhz(OC) | 2x500GB HDD's Raid 0 | Windows 7 Ultimate x64 Build 7600 (RTM) | Windstream DSL 12m (14.9m Sync)/766k |
|
 pfakPremium
join:2002-12-29
Vancouver, BC | reply to xtachx
said by xtachx:I have a question with such DDOS attacks. If no ports are forwarded on the router side, wouldnt the packets just be ignored? DDoS will cause your downstream or upstream to be saturated, thus preventing legitimate traffic from reaching the intended destination.
Replacing your router is not going to resolve the problem. Having cooperation from your ISP to filter traffic, or stop pissing off people is the best result 
--
The more I C, the less I see. |
|
Reviews:
 ·Mobilicity
| said by pfak:said by xtachx:I have a question with such DDOS attacks. If no ports are forwarded on the router side, wouldnt the packets just be ignored? DDoS will cause your downstream or upstream to be saturated, thus preventing legitimate traffic from reaching the intended destination. Replacing your router is not going to resolve the problem. Having cooperation from your ISP to filter traffic, or stop pissing off people is the best result So I guess in this case, we would need cooperation from the host ISP. Its funny how someone can be DDOSed and he/she will go over their bandwidth caps for no fault of his/ hers.
--
Bell Canada: It is “Preposterous" that consumers should get content they want on their cellphones. |
|
pfakPremium
join:2002-12-29
Vancouver, BC | said by xtachx: Its funny how someone can be DDOSed and he/she will go over their bandwidth caps for no fault of his/ hers.
Doubtful that it's unwarranted. The original poster is not a business, and therefore there is no benefit of DDoSing them for extortion or otherwise ..
--
The more I C, the less I see. |
|
kevinds
join:2003-05-01
Calgary, AB
kudos:1 | reply to pfak
Upstream no, because your router should simply drop the traffic, and not respond to it.
Downstream, possible, but unlikely with faster internet speeds. 10 mbps wouldn't be hard to saturate with ddos, 25 and up, significantly harder...
--
Yes, I am not employed and looking for IT work. Have passport, will travel. |
|
| reply to Connor M
If you are getting attacked, I would suggest unplugging your modem and taking it to Mcdonalds for a big mac. Come back, get a new MAC for your router, plug the modem back in and enjoy a new dynamic IP. For whoever gets your old one, sucks to be them. Or, you could just stop being an idiot online and get rid of any mic's you have. |
|
pfakPremium
join:2002-12-29
Vancouver, BC | reply to kevinds
said by kevinds:Upstream no, because your router should simply drop the traffic, and not respond to it.
Downstream, possible, but unlikely with faster internet speeds. 10 mbps wouldn't be hard to saturate with ddos, 25 and up, significantly harder...
Upstream can be saturated by causing the router to respond to requests, via ICMP Ping or other services (eg. UPnP).
25Mbps is a ridiculously small DDoS attack. I suggest you do some reading
--
The more I C, the less I see. |
|
pfakPremium
join:2002-12-29
Vancouver, BC
1 edit | reply to Connor M
dupe post |
|
| reply to kevinds
so a better router would stop the ddos because if could accually handle the attack? if kevinds or anyone else could link me with a suggestion router to look at, and im assuming this would all go through the cisco in bridge mode and still work? |
|
kevinds
join:2003-05-01
Calgary, AB
kudos:1 | Wouldn't stop it, but should handle it... Unless it is that much traffic that your download is being saturated.
What do you have for old computers 'laying' around?
--
Yes, I am not employed and looking for IT work. Have passport, will travel. |
|
tlhIngan
join:2002-07-08
Richmond, BC
kudos:1 | No need old PCs - modern routers are more than fast enough - the very latest 802.11n dual bands can easily handle 750Mbps (yes, 750) routing packets. Handling a DDoS is even easier since it just involves discarding packets and they get tossed lower down in the network stack.
Even an older top end router can handle 25Mbps without a sweat. |
|
kevinds
join:2003-05-01
Calgary, AB
kudos:1 | Depends on your budget, high-end consumer router, or low-end PC Both will accompish the same, I will stand by the statement that a computer can do a lot more then a router can, but most people don't need the features.
And also consider power usage over time.
--
Yes, I am not employed and looking for IT work. Have passport, will travel. |
|
| reply to kevinds
i have alot of old computers, probly 5-7 around, the one in the best condition would probly be my little compaq cq50, could i really use something like this in some type of way to stop ddos? and also would a router like this be strong enough to stop attacks »amplifi.dlink.com/products/DIR-857 |
|
kevinds
join:2003-05-01
Calgary, AB
kudos:1 | Any older computer with two network cards (one for internet and one for your LAN/network) combined with the right software (DD-WRT is simple to use) usually work very well...
The searches I did on the CQ50 show it as a laptop, but no expansion ports. I checked two different CQ50 laptops and neither of them had the expansion port to add the 2nd network card. But I have had good successes with using laptops for routers in the past (good use for a broken screen laptop) and they generally consume small amounts of power.
Using a spare computer takes a bit more work to setup to be honest as well.
That D-Link should do the job as well.
--
Yes, I am not employed and looking for IT work. Have passport, will travel. |
|
pfakPremium
join:2002-12-29
Vancouver, BC | This post makes me want to cry. You guys realise that 25Mbps isn't really concerned a DDoS? I have more upstream at home. Things like DNS amplification bring DDoS to the gigabit/s range -- and even a small DoS is able to take your internet offline.
This has nothing to do with the hardware on your router, absolutely nothing. No amount of hardware is going to stop a DoS or DDoS with your slow DOCSIS modem speeds.
--
The more I C, the less I see. |
|
| hmm, im confused now, would a router like that stop an attack or no, it kinda makes sense it wouldnt since it would be going through my cisco anyway, and also, would this be any better then the d link router »www.smallnetbuilder.com/lanwan/l···ter-lite
they both got 512mb ram but the ubiquiti has about 125 times the flash capacity, but i dont know if it even has wifi |
|
kevinds
join:2003-05-01
Calgary, AB
kudos:1 | ddos is sending garbage traffic to your router.
Enough packets, it can't handle it and it crashes.
Better router handles the traffic better.
Can't stop the attack, but can manage/deal with it a lot better.
Your Cisco modem in bridge mode, passes all the traffic to your router without touching it.
--
Yes, I am not employed and looking for IT work. Have passport, will travel. |
|
