Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Hi, I am configuring my router DDoS Settings, but I'm not sure what to fill in, so I enabled all DDoS Defense settings, My PC is connected to a router, Draytek Vigor2200E, and my modem is a Motorola Surfboard 5100E, my connection speed is 2000 kbit/sec downstream and 520 kbit/sec upstream.
I have also selected that all packets should be 300 per second, so are these settings correct?
Enable DoS Defense
Enable SYN flood defense Threshold 300 packets / sec
Timeout 10 sec
Enable Port Scan detection Threshold 300 packets / sec
All these settings are ENABLED:
Block IP options
Block TCP flag scan
Block Tear Drop
Block Ping of Death
Block trace route
Block ICMP fragment
Block SYN fragment
Block Unknown Protocol
Block Fraggle Attack
you cant stop a DDoS attack, they usually exploit a weakness in the OS that causes a flood.
at its heart, a DDoS is basically a brute force attack, shove as many packets as possible up your network cable, and that will cut off other packets that would have gone to you, basically bringing that network connection to a halt.
those options stop a few things, personally i prefer to use iptables, but its all good, 300/sec does sound a bit high if the packets come from the same source, but if its a attack, it will keep some of it from reaching your computers.
Yes, I know, I also play multiplayer games on the Internet (MOHAA), and a gaming server will probably send a lot of data each second, (something like 80/40 kbit/sec) so that's the reason why I have set my settings to 300, however I will try to lower it and try to find a way to adjust it by lowering the packets without interrupting the game-servers which I game on.