Question about preventing from being ddos'ed.

Toggle sidebar Toggle sidebar
thatmoney

thatmoney

Honorable
Dec 26, 2013
184
0
10,710
I have a question about preventing ddosing, I only know basic networking so, no hate. Anyway since ddosing revoles around by just spamming your target with icmp echo request packet, couldnt major corperations just make their router or servers to drop echo request packets? If not is there some reason that they cant do so because it might interfere with ligitment request or something along the lines of that. Another question about that when the attacker is spamming the target, is it possible to manipulate the packet so that it cant be dropped?
 
Solution
abailey
You can definitely tell your router to drop the packet. It is tricky if they come in on port 80 or something. At my office we have an IPS module that looks for DDOS attacks and will drop packets from IP addresses that send them, even on port 80. That is great for most ddos attacks. But if you get a really big one, it can saturate your line to the internet and can max out the processor on your router as the router still has to do work identifying what to drop before it drops it.
Sort by date Sort by votes
abailey

abailey

Distinguished
Mar 23, 2014
944
0
20,960
You can definitely tell your router to drop the packet. It is tricky if they come in on port 80 or something. At my office we have an IPS module that looks for DDOS attacks and will drop packets from IP addresses that send them, even on port 80. That is great for most ddos attacks. But if you get a really big one, it can saturate your line to the internet and can max out the processor on your router as the router still has to do work identifying what to drop before it drops it.
 
Upvote 0 Downvote
Solution
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom