In Any Firewall You Cannot Stop a SYN Attack, I Tried it My Self I Can Put Down EvilwarriorMU, GrudgeMU, ZhyperMU, for testing only, but ZhyperMU have autoblock ip, so he can stop you, but can take down a minute
In Any Firewall You Cannot Stop a SYN Attack, I Tried it My Self I Can Put Down EvilwarriorMU, GrudgeMU, ZhyperMU, for testing only, but ZhyperMU have autoblock ip, so he can stop you, but can take down a minute
just get the best Hst u can afford , maybe install website on linux and put rest on dedi , make it in tricky way .
292 messages of type [61] NAT Error: Not enough free memory to add a new connection suppressed in 1 second(s)
327 messages of type [61] NAT Error: Not enough free memory to add a new connection suppressed in 1 second(s)
388 messages of type [61] NAT Error: Not enough free memory to add a new connection suppressed in 1 second(s)
799 messages of type [61] NAT Error: Not enough free memory to add a new connection suppressed in 1 second(s)
madness...
firewall will be enough to see connections incoming and block them.
good luck with that when you will see real ddos kid.Originally Posted by Wish Q
DDoS protection for any server or network
Best Solution
CloudFlare Pro is the best protection. Protects from most attacks.
best solution outpostfirewall
Buy good DEDICATED HOST AND UR Good to go Dammit :P
Ddos attack making only to website or Gameserver too?
If your website its hosted with your Files i mean on the same Server/Host then yes.
if u find trick and connect it from other pc then only web or host.
![[RCZ]ShadowKing's Avatar](https://forum.ragezone.com/customavatars/avatar381849_2.gif "[RCZ]ShadowKing's Avatar"){kind=avatar}
open ports = possible targets
Even with closed ports,you can get DDOSd.
Tested.
then whoever made the setup wasn't very good at it, keeping only the ports necessary for the server to function and limiting connections per ip rate should do the trick (also it's good idea to check most commonly used ports for gameservers and reconfigure the serverfiles, sitefiles and client making sure that you don't use said common ports)
also if you do close the ports from serverside or firewell it wont be bulletproof since one of the possible targets of the attacker could be your connection, so you need to filter the ports from first device of the serverlan to make sure traffic in your lan and wan connection is minimum.
with all these checked you should be good to go assuming there aren't any vulnerabilities in your client or website
ps: it's also good idea to have your website hosted on a separate server, preferably even have separate wan connection and ip for it and use some tricky way like additional network card on both servers and connect them directly to each other using crosscable (that's something an attacker would definitely not expect)
this is how it was done back in the day i was in the business and this is how i would do i now too, unless the attacker has highcaliber botnet at his disposal there should be no problems with dealing ddosing as not just any small scale network could even hope to bring down a setup like this assuming you have couple of fiberlines with static ip's for both of your servers and are using optical fiber in your lan all the way from server to firewall and from firewall to the first device of your lan and the server's you're using are proper, modern, higheffiency servers preferably equipped with couple of xeons, 32gb ram etc
yea sure this might cost like 10k +fiberlines+monthly connection fee but this is how you could make an actual near bulletproof server network little-to-none affected by ddosing
Last edited by KraMer; 07-02-13 at 11:55 AM.
We had closed the port 44405 in this case(tested on CentOS 5.x), and did ourselves a test ,DDOSing even tough we saw the port closed or down.
And it just flew up the connection.
We were DDOSing a closed port, and were trying to connect through Putty from an open port,and still down.
Reply With Quote