i have dD.o.S problem
Results 1 to 9 of 9

Thread: i have dD.o.S problem

  1. #1
    Junior Member
    Join Date
    Jul 2004
    Posts
    1

    i have dD.o.S problem

    one hacker attacked my website with DoS attack.What should i for this problem?
    Excuse me I can speak basic english.If you writed with basik english.i am happy.
    Thanks...

  2. #2
    0_o Mastermind keezel's Avatar
    Join Date
    Jun 2003
    Posts
    1,024
    What kind of web site? Is it hosted from your computer? If so, a firewall is supposed to be able to take care of a DoS attack. If it is remotely hosted, it also affects the company hosting the web site and they should take action.

  3. #3
    Junior Member
    Join Date
    Jul 2004
    Posts
    1
    yeah good point,im kinda new but i see what your saying.get a web site hosted by someone esle then you don't have to wrry about it.

  4. #4
    Senior Member mungyun's Avatar
    Join Date
    Apr 2004
    Location
    Illinois
    Posts
    172
    get a web site hosted by someone esle then you don't have to wrry about it.
    True, only if you can afford to pay that much a month. From the sound of it, I am going to assume that this site is on a computer of yours because you would not have known about this DoS attack if your site was hosted by someone else. keezel is right, a firewall will put a stop to that.
    I believe in making the world safe for our children, but not our childrenís children, because I donít think children should be having sex. -- Jack Handey

  5. #5
    0_o Mastermind keezel's Avatar
    Join Date
    Jun 2003
    Posts
    1,024
    If you just need a firewall, here are a few free commonly used personal firewalls.

    Sygate
    Outpost
    ZoneAlarm

    -Take your pick. All should meet your needs though people have vastly differing opinions of each. Just find one that works for you and go with it. Good luck!

  6. #6
    @řΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,696
    I would actually recommend Kerio for this. I have found the configuration to be somewhat nicer than the rest of the free ones out there.


    With Kerio, you also get an IDS.


    Oh yeah, if you're running Linux, look into IPtables/IPChains.
    Real security doesn't come with an installer.

  7. #7
    Junior Member
    Join Date
    Dec 2003
    Posts
    12
    If using Linux/Iptables what can you do to reduce or even avoid the Dd0s? ( Possible? )
    I have seen so much so i dont know what to belive.

  8. #8
    Senior Member
    Join Date
    Jul 2003
    Posts
    813
    What kind of DNS do you have? If it's locally hosted try to renew your IP [provided your ISP doesn't give you a static] and then update your DNS settings [if you're using dyndns.org or something].
    /\\

  9. #9
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    The action you need to take depends on the type of DoS attack

    If it's a web application / web server DoS attack, it needs fully formed TCP connections to be effective - therefore it cannot use spoofed IPs, so you should record the IPs and block them at your firewall. Also you can use some web sevrer plugin modules like mod_security or its IIS equivalents to identify DoS attempts and block them, also some lame bandwidth DoS attempts.

    If it's a synflood, just turn syn cookies on on your web servers or redirectors, job done.

    If it's a bandwidth DoS, that is the hardest problem, it will be using spoofed source IPs set randomly, so you can't block the IPs at an upstream firewall. The DoSers will be using a TCP packet type which is part of legitimate traffic, so you can't block it upstream by flags or port numbers either.

    Of course a local firewall has absolutely no effect on a bandwidth DoS, because the bandwidth is exhausted before it even gets there.

    Your best bet is to work with your upstream providers, and get them to work with their peers to identify the routes used by the DoS traffic, and attempt to narrow it down to a given area, and if it's a truly distributed attack, there may be little they can do.

    One option is to get your upstream provider to install some kind of QoS to somehow limit this traffic, to give established legitimate connections higher priority, or to set up a stateful firewall upstream, but again, this is dependent on how much resources your upstream provider have to throw at the problem.

    a firewall is supposed to be able to take care of a DoS attack
    No, it isn't.

    Slarty

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •