Dos and DDos attack
-
Hello everybody, I'm trying resolve a problem in my game servers, I host my server and friends and while I am having a problem with attacks.
My link is Brazil Vivo fiber 100 Mbps Download / 50 Mbps Upload and has FIXED IP.
By doing tests the upload is always well above 50 Mbps, 100 Mbps reaching + …
At the moment I use the CSF as a firewall, it helps but does not seem to be doing more effect.
My structure is as follows:
ONT FIBER> server with Debian installed and CSF.
I do the direct PPPoE server and he already has the CSF.
So would aid personnel with the pfSense could help me in this part, because depending on the attack is so strong that the machine is without full access, does the firewall could work it out?
What I need to do and how to work with it?
I was told I would have to configure Snort, another tool that was very well presented me.
So that's personal, I'm new here and hope you can share with you a lot.
If anyone can give me tips on pfSense and what are the first steps I'm grateful.
Thanks.
-
As I understand it, if someone was to send over 100Mbit/sec of UDP packets to your IP, your connection will be practically useless and there is nothing that your router/firewall can do about it because the data is already there.
Only your ISP can help you by blocking it before it saturates your allocated bandwidth.
-
Do you know what type of DoS/DDoS it is?
-
UDP Flood.
Yes, came the knock down completely, however I changed from 25 Mbps to 50 Mbps Upload.
Now is not enough to bring down completely, but the attack fails utterly slow.
Thanks.
-
You would need to upgrade your download, not upload.
Even then, 1Gbit+ DDoS speeds are easily achievable with a small botnet.
Honestly, I do not think there is anything you can do. :(
-
Dont waste your time…Pfsense cannot help you in this matter.