• November 04, 2024, 10:49:08 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: How to stop [D]DOS attacks  (Read 6520 times)

Yanta

  • Level 2 Member
  • **
  • Posts: 66
How to stop [D]DOS attacks
« on: January 29, 2012, 05:42:48 PM »

Hi,

Sorry to keep asking questions..

Recently we had problems with our Internet which we originally though was load based, then software based, then a fault with the router. It turned out to be a physical line fault, which the telco has corrected.

in my investigations I found that my son is an administrator on a steam application server. A Malicious user has been attemtping to hack that server, and my son issued a worning. The "assassin" then said "You can't ban me, I've just DOS'd you.

Indeed, what he did really took our internet down for anound 5 - 10 minutes.

His IP address is 68.6.136.199 (Assuming it's not spoofed).

So question is, how do I protect my connection from such malicious attacks on my 655?

Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: How to stop [D]DOS attacks
« Reply #1 on: January 30, 2012, 07:11:09 AM »


1. Need to use Domain Tools web site and use the IP address and see who owns that domain and notify them of the abuse. I would also attempt to find the DDOS originating ISP service and notify them of the abuse.

2. Then use Domain Tools to see the IP address range and input that into the the routers INBOUND Filter option. I would input the 68.6.0.1 thru 68.6.255.255 or 254. If other non malicious users are on the same pool then you'll have to start to narrow down where there IP address is coming in at to exclude them from the range.

3. I would notify your ISP and have them help track the IP address that seems to be the DDOS and have them block the IP address and or IP address range if they can't narrow it down.

4. You may need to start managing your son's server or use a 2nd ISP internet line for your main network or use the gaming server on a different line should your server and software application needs exceed bandwidth of your single line.
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.