|
-
April 21st, 2002, 08:30 PM
#1
Senior Member
what to do in a dos attack?
Hello,
In case it ever happens to me, I would just like to know what to do in a DOS attack? I mean, if the attackers are smart enough, they would be sending raw packets with false ip's, so there would be no way of tracking them. Also, it would be dumb to shutdown the network, because they would probably be waiting for it to come back online anyway. So, what would I do?
Either get busy living or get busy dying.
-The Sawshank Redemption
-
April 21st, 2002, 08:45 PM
#2
With a DoS attack? Well, there are lots of different scenarios, but if you can track the IP(s), you can often just blackhole the traffic on a router (hopefully) and go on about your business. Of course, tracing the traffic back to an ISP or their upstream and making a few calls is normally a good idea, too.
Sometimes it's also helpful to get your own upstream provider involved...
\"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"
-
April 21st, 2002, 09:08 PM
#3
Senior Member
I'm kind of a newbie to networking and I don't know much yet, so can you explain these terms?
"Blackhole the traffic on a router"'?
"Get your own upstream provider"?
Thanks
-Mike
-
April 21st, 2002, 09:49 PM
#4
I'm kind of a newbie to networking and I don't know much yet, so can you explain these terms?
"Blackhole the traffic on a router"'?
"Get your own upstream provider"?
Thanks
-Mike
Im not sure about the second one but I think he means that you could just set your router to discard all taffic from that IP or IP's (depending on whether its a DoS or a DDoS)
-
April 21st, 2002, 10:19 PM
#5
Senior Member
does my router have to support that though, because I don't think it has that feature (I have a 3com home ethernet gateway).
-Mike
-
April 21st, 2002, 10:25 PM
#6
All routers are supposed to support it, if anything just set up a GOOD firewall to block all incoming traffic from the whole IP range (for example if I was being DoS'ed by 1.1.1.1 I would block 1.1.1.1-1.1.1.255 just to be safe)
-
April 21st, 2002, 11:19 PM
#7
Senior Member
but then, if the firewall you're talking about is a software firewall (since my router doesn't have a good firewall), then all those packets would still be getting to the server (even though they would be stopped by the firewall)? so then i think it would still be slowing down the server
-
April 21st, 2002, 11:58 PM
#8
The best way to prevent a dos attack is to try and hide you ip address. A4proxy would be a good start. But if you do get a dos attack just turn off you computer and go for a walk. Most script kidz don't have an attention span long enough to dos you for hours on end.
Its not software piracy. I’m just making multiple off site backups.
-
April 22nd, 2002, 12:31 AM
#9
Senior Member
ok, thanks all for the info
Either get busy living or get busy dying.
-The Sawshank Redemption
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
