Hello,

Is there firewall or firewall device from amazon or ebay that can stop ddos attack or paid to someone to setup firewall , is there way to stop ddos attackinh?
Note : ports are udp (home connection)
Thanks

Yes, hundreds of devices are for sale.

It is possible to get a firewall/security virtual machine appliance and run it possibly for no cost.

You should be able to have some control over your access to the web. I'd look to the router/modem and close all ports except ones that you must have open. And that is only a few for most people.

If someone knows your ip address it may be that no amount of your work can stop a ddos attack. You may have to have your isp block the attack.

I don't think you can "stop" a DDoS attack.

The point of a DDoS attack is to overwhelm a server/site with repeated calls, not to gain access to it. The persons who start a DDoS attack don't care whether they ever get past the firewall; their goal is to deny others access to the site.

The only way to stop a DDoS attack is to alter the target's ip address and, once the new ip address propagates across DNS servers, the attack can be resumed if the perpetrators wish.

Wikipedia has a pretty good article about this. https://en.wikipedia.org/wiki/Denial-of-service_attack

Intrusion is a whole nother story. Everyone, whether home network or a huge ISP, should make intrusion as difficult as possible.

Well everyone know my ip+port

"The only way to stop a DDoS attack is to alter the target's ip address and, once the new ip address propagates across DNS servers, the attack can be resumed if the perpetrators wish"

how i can do that

thanks

Can this stop the attacks ?
http://www.amazon.com/ZYXEL-Unified-...ords=anti+ddos

or this
http://www.newegg.com/Product/Produc...82E16833120135

You cannot stop a DDoS attack. To make it more simple you are asking "how can I confirm that every person visiting my shop wants to buy something". It's a bad analogy but roughly how things stand

I don't want to stop ddos attack all i want that every person protected to disconnect from the server

when i have ddos attack my network disconnect i had to restart it

You are asking about stopping DDoS attacks? If they are true DDoS attacks (and you should keep in mind that most of the questions on here about DDoS attacks turn out to be about something else, such as plain DoS attacks, and the answers for other attacks can be very different), it is difficult to stop them, although there may be palliative measures (which you aren't asking about).

In any case, as DDoS attacks cost money to mount, what has made it worthwhile for someone to do this?

@273
I think a slightly better analogy (and it is only an analogy - you can get into trouble by pushing analogies too far) would be to ask "How do I stop people knocking on my front door; I can't tell when a serious caller is knocking because of all of these nonsense people knocking on the door?"

Well, if the 'bad' requests are doing something different from the 'good' requests, then you could, potentially, do something based on that difference. If you have a fairly limited list of 'good' users, perhaps you could whitelist based on that (but the 'bad' requests are still made, you just drop them fairly efficiently). If there is only a fairly limited list of 'bad' accessors (in which case, it isn't much of a DDoS) then you might get somewhere with something like fail2ban, or manually blacklisting the worst offenders. But, ultimately, if it really is a full blown DDoS, you'll have to get co-operation from upstream.

That sounds rather different from the earlier statements; it sounds now as if you have people who are authorised to the server (is that correct??? maybe that's not what you mean by some people being 'protected') and you want the others to disconnect. If that is true, then it might be more possible; can you clarify, please?

I defer to your better analogy -- I seem to be out of good analogies.