Block ICMP Flooding
-
Hello,
Does anyone know to block ICMP Flooding? I already put a block rule in WAN Firewall rule but it keeps on flooding my WAN.
Thank you.
-
The default WAN rules allow nothing into your network. What you are seeing are blocked ICMP packets hitting your WAN and being dropped.
There is no magic way for you to avoid having traffic hit your WAN without involving your upstream ISP to null-route that traffic. You can't stop a DoS with a firewall.
What's up with all that private network traffic anyway? What kind of network are you on?
-
This private IPs are attackers private IPs, I don't know why it shows Private IPs instead of public ones. When they attacked me via DNS, it shows Public IPs however on ICMP attack it shows private IPs instead.
-
They're sending spoofed packets. Trivial to do. You learn how to do this in network 101. You can't stop traffic from hitting you, only ignore the traffic. The same way a bullet proof vest doesn't stop someone from shooting at you. A firewall doesn't stop a fire, it stops a fire from spreading.
