All Questions
49 questions
1
vote
0
answers
366
views
How to diagnose a DDOS on a home network?
I'm a user with a consumer level modem and a plain wifi router.
I have been seeing activity where for long periods of time over night, my internet connection will shut off for 10-20 minutes at a time. ...
- 202
0
votes
1
answer
189
views
How to prevent spam attacks from rotating proxies
My website has hundreds of thousands of html pages that are open to public. Each time a html page is requested, a call will be made to my database to get the correct data. Therefore the cost of each ...
- 1
1
vote
0
answers
321
views
How can I verify that my DoS attack is effective?
I was trying to simulate a DoS attack on the CORE network emulator using hping3 (Ubuntu). The topology is like three PCs connected by a router. The client's IP is 10.0.0.20/24, The server's IP is 10.0....
3
votes
0
answers
138
views
Can botnets/malicious traffic be effectively reduced on my exit nodes?
I host a small collection of TOR exit nodes to the clear net. Believe it or not, the number one complaint I get in my inbox is not due to illegal materials coming through the nodes (of which I have ...
- 202
0
votes
1
answer
141
views
icmp smurf attack
I am learning about ICMP smurf attack and for this, I have forged a packet with the following details:
source_mac_address = **??**
destination_mac_address = router mac address
char ...
- 101
-1
votes
1
answer
219
views
Is it safe to conduct DDoS attack on a live server?
I am new to cybersecurity industry. I want to try if the company server is vulnerable to DDoS attack. Is it possible to conduct DDoS attack without damaging the live server?
What I mean is, my main ...
- 101
1
vote
0
answers
21
views
How do I use SYN cookies to perform a DOS attack [duplicate]
I am taking a computer security course but I have a question I am stuck on.
You are the system administrator for a provider that owns a large network (e.g., at least 64,000 IP addresses). Show how you ...
- 11
0
votes
1
answer
579
views
Being charged with DDoS – my IP address shows on hacked computer
On July 21 2020 a business was subjected to DDoS attacks crashing their system and causing a very expensive problem.
My IP address was used and I am being blamed and have to explain how my IP address ...
2
votes
3
answers
3k
views
How to detect when one or more devices in my local network have become DDOS attack nodes?
I have a home network, big family, with around 20 devices on it at any given time. It seems like every year or so, some device gets a virus or a security flaw is revealed, and the device starts ...
-2
votes
1
answer
2k
views
What is the difference between DNS flood attack and UDP flood attack?
As title says, what is the difference between DNS flood attack and UDP flood attack?
Plus, do they only exhaust the network bandwidth or do they also exhaust the server-side assets such as CPU, ...
- 1
5
votes
2
answers
1k
views
Use mining to prevent DDOS attacks on websocket: Is this a viable solution?
I'm thinking whether the following way is a good way to completely and totally prevent ddos on my server. My idea is to use the same mechanism of cryptocurrency mining (bitcoin, with sha256 or any ...
- 1,109
0
votes
1
answer
161
views
DDos prevention systems behavior for corporate networks [closed]
I asked this question on stackoverflow but couldn't get any answers and I even got a down vote as a present so that I'll try my luck out here. I did some research about this problem and couldn't find ...
- 119
3
votes
2
answers
1k
views
Why is IP spoofing still possible?
What are valid usages?
Why don't ISPs prevent this by default? Do any major ISPs do this already?
- 1,682
4
votes
1
answer
581
views
Trying to determine if someone was "DoS'd"
I'm part of a pretty small video game community and one of our members claims he was DoSed or DDoSed during a recent match. We are currently split as some people believe he was and others believe he ...
- 41
13
votes
1
answer
1k
views
What happens inside of a DDoS Scrubbing Center?
I understand, that traffic is redirected to a scrubbing center during a DDoS to differentiate between malicious and legitimate traffic as has been explained in this post. However, from a technical ...
- 131
1
vote
1
answer
2k
views
Host sending massive amount of TCP/IP Packets with RA Flag: Part of DDoS Attack?
I have a host on the Network that tries to send TCP/IP Packets to various servers. The DST Port is always 80 or 443 and the Flags set are RST and ACK. These Packets are blocked by our firewall. I did ...
- 4,343
6
votes
3
answers
566
views
Did the October 21, 2016 DDoS attack on Dyn's DNS service cause Bandwidth Exhausion?
A recent attack on Dyn's DNS services affected several major websites last Friday, Oct 21, 2016. I would be interested to know if this was Bandwidth Exhaustion, or if it was mainly load on the server ...
- 14k
6
votes
1
answer
566
views
How was DDoS attack on Dyn made?
https://krebsonsecurity.com/2016/10/ddos-on-dyn-impacts-twitter-spotify-reddit/#more-36727
A DDoS attack on Dyn, on 21st Oct 2016, caused outages for Twitter, SoundCloud, Spotify, Reddit, etc. on the ...
- 371
1
vote
1
answer
3k
views
Best option for DDoS protection on DigitalOcean server?
I would not like to use CloudFlare since they effectively act as a man in the middle and handle unencrypted data.
Is there a CDN that mitigates the security risks that CloudFlare imposes?
If not, is ...
- 425
4
votes
3
answers
3k
views
Can CloudFlare be DDoS-ed and issn't the actual DDoS mitigation limit, financial resources?
CloudFlare (known for fighting DDoS-attacks) is explaining quite a lot about DDoS on their website cloudflare.com/ddos. In an article named The DDoS That Almost Broke the Internet they write about a ...
- 7,135
1
vote
1
answer
236
views
Following strategy using DDoS mitigation service - UDP bandwith exhaustion attack from spoofed IPs
I need to defend against receiving a massive spam of UDP packets from random spoofed IP addresses. I would make it this way:
In my protocol, every UDP packet contains username and password.
Firewall(...
- 193
5
votes
2
answers
1k
views
How to deal with UDP bandwidth exhaustion DDoS attacks?
I am building a service, which will use UDP. It will run on Amazon AWS - in the firewall they provide, I can block everything except that one UDP port my service will run.
The only thing I'm ...
- 193
2
votes
0
answers
176
views
Rogue Containment on a wired network (mostly)
I work as a security analyst for a large company. The answer must provide remote support. We are currently looking to build a piece of software (integrating existing products with home grown ...
- 258
2
votes
1
answer
602
views
What's the best way to block all external proxy IP's which could be used for pivot points or as a DDOS Source?
At the simplest form - the question is to block external proxy due to an emergency situation due to which management have forced technical teams to get a solution to block all the external proxy or ...
- 1,600
1
vote
1
answer
759
views
Must an attacker using a Smurf attack be on the same network as the victim?
I'm learning about Smurf Attacks. Since they need to use a broadcast address, doesn't that mean they can't work over the internet? For example if an attacker sends a router the packet with the ...
- 10.2k
3
votes
1
answer
654
views
How can I launch DHCP starvation attack in WLAN?
In WLAN, due to MAC association on Access Point (AP), I can't send the DHCPDISCOVER messages using random MAC addresses. But if I keep my original MAC address as the source ethernet MAC a and random ...
- 31
0
votes
1
answer
235
views
Identifying attacks by network activity
Is it possible (and how) to tell from a network dump if there is a buffer overflow attack, DoS or brute force attack? A DDoS would be more obvious to identify, but those attacks mentioned above I ...
- 25
-1
votes
1
answer
1k
views
what type of attack does LOIC do? [closed]
I have used LOIC (Low Orbit Ion Cannon) earlier .
Today i was reading on wikipedia that there are many types of dos attacks , namely SYN attacks , HTTP flooding ,UDP flooding ,etc and two questions ...
1
vote
2
answers
2k
views
How to avoid DDOS against Kerberos Authentication Server
I have a school project where i am supposed to implement a Kerberos based infrastructure (AS, TGS and resource server).
It is already done and working, but i started thinking about how to protect the ...
- 191
0
votes
2
answers
5k
views
What could be the reason for the high traffic on the local network? [closed]
In our small company we have very high traffic outbound from local network to server which is getting blocked, and slow downs our server respond time. Especially at night.
I am not security ...
- 3
2
votes
1
answer
384
views
What are the hardwares used to protect against a DDoS attack on Network layer
What hardware is used to prevent a DDoS attack on a network layer?
This question is for my project which I am doing. I have a game server and I need to simulate an attack - an SYN flood. So what ...
- 31
-4
votes
1
answer
7k
views
DoSing my Home Network with only a Public IP address [closed]
+--------------------------------------------------------+
| Client Host Name |.. IP Address ..|.... MAC Address ...|
| Desktop-Home ....| 192.168.1.100 | 00:19:D1:EA:03:68 |
| GT-S5380K .........
- 113
49
votes
13
answers
43k
views
DDoS - Impossible to stop?
Is it possible - in theory - to stop1 a DDoS attack of any size? Many people claim it's impossible to stop DDoS attacks and tell me I just shouldn't mess with the wrong people on the internet.
But ...
- 599
9
votes
3
answers
6k
views
How will IPv6 affect DDoS mitigation techniques?
IPv6 introduces a much larger address space than IPv4 and with it there are many new techniques in creating and mitigating DDoS attacks. What are some examples of risks and mitigations?
For example, ...
- 51.1k
2
votes
3
answers
10k
views
DDoS on LAN: How to Defend?
DDos on a wired network has to be extremely rare, since the intruder has to be physically connected to the network. However, let's say that it still managed to happen. How would you be able to defend ...
- 653
7
votes
1
answer
358
views
Parabolic Denial Of Service -- Would it work?
Would this DoS attack be effective:
Attacker determines target (10.0.0.1)
Attacker sends ack packets to a buch of web servers with a src addr of 10.0.0.1
Servers reply to 10.0.0.1 with syn packets
...
- 505
11
votes
3
answers
20k
views
How to protect myself against paid DDoS services?
I am domestic user and I am getting attacked regularly by a guy that hates me.
Here is the background story: that guy uses Skype resolvers (tools offered by paid DDoS services) to find out my IP ...
- 213
0
votes
1
answer
2k
views
Monitor incoming TCP/UDP flood attack and graph it
I'm preparing a presentation on a security issue and want to include a demonstration. It won't be in real time, I just need to show some pictures of the results.
I have some VPSes that will perform a ...
- 666
4
votes
2
answers
5k
views
IPTables DDoS protection working with per client IP address counter AND UDP
I am looking to protect LAMP server with a software, which will detect above average number of requests from single IP numbers (in this case DNS queries), and add these hosts to IPTables deny chain.
...
6
votes
5
answers
4k
views
SYN Flooding issue
I recently purchased a server with "DDoS protection" and a 1gbps uplink.
What I can't figure out, is that I'm suffering from SYN floods. Isn't the large amount of bandwidth available to me supposed ...
- 357
9
votes
4
answers
10k
views
Block all botnets and Tor addresses from accessing our site
I've heard that many DoS attacks and general "black hat hacking" attempts occur over the Tor network. Is it possible for me to dynamically block source Is by their presence in a botnet or ...
- 51.1k
6
votes
4
answers
12k
views
Using SYN cookies to perform a DOS attack
In my software security class, we had this question:
You are the system administrator for a provider that owns a large network (e.g., at least 64,000 IP addresses). Show how you can use SYN cookies ...
chungtinhlakho
7
votes
2
answers
2k
views
I'm having a DDoS attack, my hosting company is not giving me a solution, and I need to know what is hapening
So ok, right now my windows 2003 dedicated server is under attack by some guy who's flooding UDP packets (~90.000 packets/sec) on my 100Mbps server for the last 8 hours.
I'm on a shared port, so I'm ...
- 71
13
votes
4
answers
11k
views
Looking for botnet IP address feeds to protect against DDoS
I would like to get a live feed of botnet IP addresses delivered from a service and block them under certain conditions. Preferably community based/open source but open to looking at worthy commercial ...
- 139
32
votes
3
answers
12k
views
How do DoS/DDoS work?
In the last days one could frequently read about attacks from anonymous and LulzSec against different platforms like Sony or HBGary etc. Yesterday for example they DDoS'ed soca.gov.uk and jhw.gov.cn. ...
- 493
5
votes
4
answers
3k
views
what is a good public available iptables script for ddos mitigation?
what is a good public available iptables script for ddos mitigation?
- 513
24
votes
2
answers
13k
views
Reject IP packets with an ICMP error, or just drop them?
Consider an internet-facing host (the outer firewall). What should be done with undesired traffic: just drop it, or send back an ICMP error such as port unreachable? (In Linux terms: iptables -P DROP ...
7
votes
1
answer
12k
views
High concentration of UDP traffic, good or bad?
Should a network have a high concentration of UDP traffic compared to TCP traffic bad for a network especially in the context of network security?
I'm looking at my organization's network protocol ...
- 383
81
votes
5
answers
38k
views
What techniques do advanced firewalls use to protect againt DoS/DDoS?
It is hard to protect a server against Denial of Service attacks, DoS/DDoS. The two simple ways I can think of is to use a server with much resources (e.g. CPU and memory), and to build the server ...
- 5,233