what to do in a dos attack?
Results 1 to 9 of 9

Thread: what to do in a dos attack?

  1. #1
    Senior Member
    Join Date
    Apr 2002
    Posts
    214

    what to do in a dos attack?

    Hello,
    In case it ever happens to me, I would just like to know what to do in a DOS attack? I mean, if the attackers are smart enough, they would be sending raw packets with false ip's, so there would be no way of tracking them. Also, it would be dumb to shutdown the network, because they would probably be waiting for it to come back online anyway. So, what would I do?
    Either get busy living or get busy dying.

    -The Sawshank Redemption

  2. #2
    Senior Member
    Join Date
    Apr 2002
    Posts
    712
    With a DoS attack? Well, there are lots of different scenarios, but if you can track the IP(s), you can often just blackhole the traffic on a router (hopefully) and go on about your business. Of course, tracing the traffic back to an ISP or their upstream and making a few calls is normally a good idea, too.

    Sometimes it's also helpful to get your own upstream provider involved...
    \"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"

  3. #3
    Senior Member
    Join Date
    Apr 2002
    Posts
    214

    Question

    I'm kind of a newbie to networking and I don't know much yet, so can you explain these terms?

    "Blackhole the traffic on a router"'?
    "Get your own upstream provider"?

    Thanks
    -Mike

  4. #4
    Banned
    Join Date
    Oct 2001
    Posts
    1,462
    I'm kind of a newbie to networking and I don't know much yet, so can you explain these terms?

    "Blackhole the traffic on a router"'?
    "Get your own upstream provider"?

    Thanks
    -Mike
    Im not sure about the second one but I think he means that you could just set your router to discard all taffic from that IP or IP's (depending on whether its a DoS or a DDoS)

  5. #5
    Senior Member
    Join Date
    Apr 2002
    Posts
    214
    does my router have to support that though, because I don't think it has that feature (I have a 3com home ethernet gateway).

    -Mike

  6. #6
    Banned
    Join Date
    Oct 2001
    Posts
    1,462
    All routers are supposed to support it, if anything just set up a GOOD firewall to block all incoming traffic from the whole IP range (for example if I was being DoS'ed by 1.1.1.1 I would block 1.1.1.1-1.1.1.255 just to be safe)

  7. #7
    Senior Member
    Join Date
    Apr 2002
    Posts
    214
    but then, if the firewall you're talking about is a software firewall (since my router doesn't have a good firewall), then all those packets would still be getting to the server (even though they would be stopped by the firewall)? so then i think it would still be slowing down the server

  8. #8
    Senior Member cwk9's Avatar
    Join Date
    Feb 2002
    Posts
    1,211
    The best way to prevent a dos attack is to try and hide you ip address. A4proxy would be a good start. But if you do get a dos attack just turn off you computer and go for a walk. Most script kidz don't have an attention span long enough to dos you for hours on end.
    Its not software piracy. Iím just making multiple off site backups.

  9. #9
    Senior Member
    Join Date
    Apr 2002
    Posts
    214
    ok, thanks all for the info
    Either get busy living or get busy dying.

    -The Sawshank Redemption

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •