Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
04-10-2005, 03:00 AM
|
#1
|
LQ Newbie
Registered: Feb 2005
Distribution: Gentoo 2005.0
Posts: 17
Rep:
|
Are these DDoS Defense Router Settings correct ?
Hi, I am configuring my router DDoS Settings, but I'm not sure what to fill in, so I enabled all DDoS Defense settings, My PC is connected to a router, Draytek Vigor2200E, and my modem is a Motorola Surfboard 5100E, my connection speed is 2000 kbit/sec downstream and 520 kbit/sec upstream.
I have also selected that all packets should be 300 per second, so are these settings correct?
Enable DoS Defense
Enable SYN flood defense Threshold 300 packets / sec
Timeout 10 sec
Enable UDP flood defense Threshold 300 packets / sec
Timeout 10 sec
Enable ICMP flood defense Threshold 300 packets / sec
Timeout sec
Enable Port Scan detection Threshold 300 packets / sec
All these settings are ENABLED:
Block IP options
Block TCP flag scan
Block Land
Block Tear Drop
Block Smurf
Block Ping of Death
Block trace route
Block ICMP fragment
Block SYN fragment
Block Unknown Protocol
Block Fraggle Attack
|
|
|
04-10-2005, 03:23 AM
|
#2
|
Senior Member
Registered: Oct 2003
Location: hopefully not here
Distribution: Gentoo
Posts: 2,038
Rep:
|
you cant stop a DDoS attack, they usually exploit a weakness in the OS that causes a flood.
at its heart, a DDoS is basically a brute force attack, shove as many packets as possible up your network cable, and that will cut off other packets that would have gone to you, basically bringing that network connection to a halt.
those options stop a few things, personally i prefer to use iptables, but its all good, 300/sec does sound a bit high if the packets come from the same source, but if its a attack, it will keep some of it from reaching your computers.
|
|
|
04-10-2005, 03:37 AM
|
#3
|
LQ Newbie
Registered: Feb 2005
Distribution: Gentoo 2005.0
Posts: 17
Original Poster
Rep:
|
Yes, I know, I also play multiplayer games on the Internet (MOHAA), and a gaming server will probably send a lot of data each second, (something like 80/40 kbit/sec) so that's the reason why I have set my settings to 300, however I will try to lower it and try to find a way to adjust it by lowering the packets without interrupting the game-servers which I game on.
|
|
|
04-10-2005, 10:15 AM
|
#4
|
Senior Member
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658
Rep:
|
If those timeout values represent the acual connection timeouts, then they're extremely short and you'll probably drop alot of connections.
|
|
|
All times are GMT -5. The time now is 06:21 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|