dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
5101
18286719 (banned)
join:2013-02-02
Whistler, BC

18286719 (banned) to kevinds

Member

to kevinds

Re: ddos attack

ok cool, well in that case it looks like my 2 choices for router would be the D Link DIR 857, or the Ubiquiti EdgeRouter Lite, dont know if the ubiquiti would be a feasable option without wireless tho, could someone verify if it does or does not have wifi? and also what do u have to say about pfaks comment above yours kevinds? is he incorrect?
ruiner3
join:2012-03-10
Canada

ruiner3

Member

First, I doubt you have the technical knowledge required to set that router up. If you did you could use your current router as a WiFi AP only.

Second, see here: »blog.cloudflare.com/deep ··· s-attack

Your downlink can easily be flooded which fills out the buffers in your equipment and causes massive latency. Dropping the packets will do nothing at this point.
18286719 (banned)
join:2013-02-02
Whistler, BC

18286719 (banned)

Member

so basically i could use the ubiquiti but it would be complicated for me to setup and then i could connect it to my d link to provide wireless to the people that use it and keep the 2 wired connections for my pc and my xbox, also i didnt understand the second bit of that last post to much, were u implying the router might not even stop a weaker ddos? also will the ubiquiti do a better job dealing with attacks then the d link? if so how much better, they both got 512 ram ubiquiti has much larger flash tho (125 times more), id rather go with the d link for simplicity, but the ubiquiti seems like a tank, even tho its all a dream at this point i cant afford either right now
ruiner3
join:2012-03-10
Canada

ruiner3

Member

Since dropping the packets will do nothing at this point means nothing to you, I'll try again. Just leave it alone, there is nothing you can do about it short of complaining to Shaw to see if they can filter the traffic out before it gets to you.

pfak
Premium Member
join:2002-12-29
Vancouver, BC

pfak to 18286719

Premium Member

to 18286719
At the organization I work for, we have multiple 10 GigE links to the Internet and still have to get our upstream ISP(s) involved if there is a DDoS attack launched against us.
18286719 (banned)
join:2013-02-02
Whistler, BC

18286719 (banned)

Member

i wish these answers were a bit more yes or no but its ok, will a that d link modem work to stop ddos? YES (Asuming its weak enough) or NO plain and simple, i dont want a guess, thanks

my next question, is there anything i can do about this like hiding my ip while causing 0 latency on my connection, yes or no answer plz, if the answer is yes and there is multiple options plz tell me options you know will work, thanks

kevinds
Premium Member
join:2003-05-01
Calgary, AB

kevinds

Premium Member

No, you can't hide your IP while adding no latency.

spock8
join:2012-07-08

1 edit

spock8 to kevinds

Member

to kevinds
said by kevinds:

ddos is sending garbage traffic to your router.

Enough packets, it can't handle it and it crashes.

Better router handles the traffic better.
Can't stop the attack, but can manage/deal with it a lot better.

Your Cisco modem in bridge mode, passes all the traffic to your router without touching it.

Your connection would be saturated before your router hits 100% CPU. Having better hardware is not going to make a diff. I have never crashed my ancient Cisco routers by running them at 100% CPU. Cisco 2621 can't handle PAT with a 25 meg connection.

Get a different IP or complain to shaw.

May I ask what you are doing on the intarwebs to deserve a ddos?
spock8

spock8 to Juggernaut

Member

to Juggernaut
said by Juggernaut:

From what I've experienced, the 192.x.x.x LAN IP seems to be a common attack vector regardless of the WAN IP. Perhaps it's because it's common? I'm not sure to be truthful.

I have noticed these hits are far less common on the 10.x.x.x internal IP's though.

No, changing your private non routable ip will make no difference. The 10.0.0.0 and 192.168 ips translate to the wan ip your ISP gives you.
spock8

spock8 to 18286719

Member

to 18286719
said by 18286719:

ok cool, well in that case it looks like my 2 choices for router would be the D Link DIR 857, or the Ubiquiti EdgeRouter Lite, dont know if the ubiquiti would be a feasable option without wireless tho, could someone verify if it does or does not have wifi? and also what do u have to say about pfaks comment above yours kevinds? is he incorrect?

Dude save your money and ignore kevinds and juggerknots posts telling you getting a new router will help you. They obvious have no clue about ip networking. Call shaw and tell them the situation.

Pfak knows his networking, take his advice
18286719 (banned)
join:2013-02-02
Whistler, BC

18286719 (banned)

Member

what could shaw help me with lol? what am i gonna call them and say?
Expand your moderator at work