LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 04-10-2005, 03:00 AM   #1
Rayen16
LQ Newbie
 
Registered: Feb 2005
Distribution: Gentoo 2005.0
Posts: 17

Rep: Reputation: 0
Exclamation Are these DDoS Defense Router Settings correct ?


Hi, I am configuring my router DDoS Settings, but I'm not sure what to fill in, so I enabled all DDoS Defense settings, My PC is connected to a router, Draytek Vigor2200E, and my modem is a Motorola Surfboard 5100E, my connection speed is 2000 kbit/sec downstream and 520 kbit/sec upstream.

I have also selected that all packets should be 300 per second, so are these settings correct?



Enable DoS Defense
Enable SYN flood defense Threshold 300 packets / sec
Timeout 10 sec

Enable UDP flood defense Threshold 300 packets / sec
Timeout 10 sec

Enable ICMP flood defense Threshold 300 packets / sec
Timeout sec

Enable Port Scan detection Threshold 300 packets / sec

All these settings are ENABLED:
Block IP options
Block TCP flag scan
Block Land
Block Tear Drop
Block Smurf
Block Ping of Death
Block trace route
Block ICMP fragment
Block SYN fragment
Block Unknown Protocol
Block Fraggle Attack
 
Old 04-10-2005, 03:23 AM   #2
SciYro
Senior Member
 
Registered: Oct 2003
Location: hopefully not here
Distribution: Gentoo
Posts: 2,038

Rep: Reputation: 51
you cant stop a DDoS attack, they usually exploit a weakness in the OS that causes a flood.

at its heart, a DDoS is basically a brute force attack, shove as many packets as possible up your network cable, and that will cut off other packets that would have gone to you, basically bringing that network connection to a halt.

those options stop a few things, personally i prefer to use iptables, but its all good, 300/sec does sound a bit high if the packets come from the same source, but if its a attack, it will keep some of it from reaching your computers.
 
Old 04-10-2005, 03:37 AM   #3
Rayen16
LQ Newbie
 
Registered: Feb 2005
Distribution: Gentoo 2005.0
Posts: 17

Original Poster
Rep: Reputation: 0
Yes, I know, I also play multiplayer games on the Internet (MOHAA), and a gaming server will probably send a lot of data each second, (something like 80/40 kbit/sec) so that's the reason why I have set my settings to 300, however I will try to lower it and try to find a way to adjust it by lowering the packets without interrupting the game-servers which I game on.
 
Old 04-10-2005, 10:15 AM   #4
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
If those timeout values represent the acual connection timeouts, then they're extremely short and you'll probably drop alot of connections.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Finding Correct Moniter Settings jakobie Linux - Hardware 4 11-29-2004 11:28 AM
PCMCIA wireless card does not connect to the router after finding the correct ESSID Almazick Linux - Wireless Networking 0 09-04-2004 03:34 PM
SuSE 6.3 - correct network/internet settings. david3578atl Linux - Distributions 2 05-19-2004 08:10 PM
XF86Config - Settings For Correct Resolution On Second Monitor Svha Linux - Software 3 10-03-2003 10:57 AM
garbagy screen, says "PC Display settings correct?" eyemopiated Linux - Newbie 4 07-19-2001 04:29 AM


All times are GMT -5. The time now is 07:18 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration