I Think I Was Getting Ddosed By Netgaylords

[MOG Hackintosh]

A router does make a difference, it just depends what type.

[Herbs!]

What about LinkSYS? Because thats what I have.

[marleythe9]

I here if you Block ICM or what ever Traffic.. it basicly stops ping... or basicly stops ddos.. you can block ICm or what ever with a firewall you just need to cfg your firewall ... i saw that somwere in another forum ..... about blocking ddos hacks also Friend Working on his network Seq Degre told me the same....

since i dont know much about the ICM or what not... just posting see if this helps you guys.

Heres more from same site i posted Down there

ICMP packet magnification (or ICMP Smurf): An attacker sends forged ICMP echo packets to vulnerable networks' broadcast addresses. All the systems on those networks send ICMP echo replies to the victim, consuming the target system's available bandwidth and creating a denial of service (DoS) to legitimate traffic.

from look info on this page it looks like its posable to filter DDOS ...

but i dont have Router .. if i find a ICMP filter program then id be happy lol.

hers a Site on how block ICMP or Ping..

<a href='http://www.petri.co.il/block_ping_traff ... _ipsec.htm' target='_blank'>http://www.petri.co.il/block_ping_traff ... sec.htm</a>

[marleythe9]

Sorry posting 2x


Hide
Join your peers at TechRepublic for access to these great newsletters »IT Locksmith »Network Security »Cisco Routers and Switches
Prevent hacker probing: Block bad ICMP messages

by Michael Mullins CCNA, MCP | More from Michael Mullins CCNA, MCP | Published: 10/21/03
Keywords: Networking | Diagnostics and monitoring | Security | Support
Rating: 4.5 (out of 5) Rate it Comments: 7 | 0 NEW | View all
Update - 3/24/2004: Firewalls can help block ICMP messages, but they can also block legitmate traffic. This TechProGuild article shows how to allow traffic through a firewall using port knocking.

Takeaway:
The ICMP protocol facilitates the use of important administrator utilities such as ping and traceroute, but it can also be manipulated by hackers to get a snapshot of your network. Learn what ICMP traffic to filter and what to allow.


This article originally appeared in the Security Solutions e-newsletter.



Although most network administrators do a fairly good job of filtering TCP and UDP traffic, many forget to filter ICMP traffic. ICMP traffic is necessary for troubleshooting TCP/IP and for managing its flow and proper function. However, ICMP is also dangerous. Hackers can use it to map and attack networks, so it needs to be restricted.

Like TCP and UDP, ICMP is a protocol within TCP/IP that runs over IP. Unlike TCP and UDP, ICMP is a Network Layer protocol and not a Transport Layer protocol. For more information on ICMP, see its request for comments (RFC) on the IETF's Web site.

friend Told me if you Filter ICMP with your router it will block ddos .... also this info was from website <a href='http://techrepublic.com.com/5100-1035_11-5087087.html#' target='_blank'>http://techrepublic.com.com/5100-1035_1 ... 7.html#</a>

:0 subject on prevent hacker probing/ blocking Bad ICMP messages ..

[bone-you]

I'll say again, since no one seems to know how to read, and so people like this don't spread around bullshit and make others think they really can stop a DDoS. DDoS can only be stopped in a few places. Period. Either by your ISP (internet service provider), or a router between your ISP and the outside world. If you have a goody goody firewall to "block" ICMPs, in order for anything to be blocked, you must still receive those ICMPs and then your firewall blocks. But since your firewall is receiving them, that means they are still wasting your bandwidth... the original problem... Also, NOL attacks with mostly UDP.. not ICMP which makes it even harder to block ISP-side. I've talked to an ISP and they said they cannot add a UDP filter to a single destination IP, and can only do it to a BLOCK which would affect too many customers so they won't.

[delinquent]

I'll say again, since no one seems to know how to read, and so people like this don't spread around bullshit and make others think they really can stop a DDoS. DDoS can only be stopped in a few places. Period. Either by your ISP (internet service provider), or a router between your ISP and the outside world. If you have a goody goody firewall to "block" ICMPs, in order for anything to be blocked, you must still receive those ICMPs and then your firewall blocks. But since your firewall is receiving them, that means they are still wasting your bandwidth... the original problem... Also, NOL attacks with mostly UDP.. not ICMP which makes it even harder to block ISP-side. I've talked to an ISP and they said they cannot add a UDP filter to a single destination IP, and can only do it to a BLOCK which would affect too many customers so they won't.

Stop trying let them "block" their DDoS attacks.

[marleythe9]

meh... ddos gay lameis kind of crap you can do to a server.. especialy when its not relay even hacking its more of a Interferince cuz they Lag there computer.. meh.. you'v sunck realy low if you start ddosing..

**some day it will be posable block ddos**

all you need is a program to help you filter out bad packets witch inother words filter Big packets .. and limiting the pack rate .. they do have a firewall like that .. but i didnt bother try find a download for it.. i dout its free ware tho..

[delinquent]

meh... ddos gay lameis kind of crap you can do to a server.. especialy when its not relay even hacking its more of a Interferince cuz they Lag there computer.. meh.. you'v sunck realy low if you start ddosing..

**some day it will be posable block ddos**

all you need is a program to help you filter out bad packets witch inother words filter Big packets .. and limiting the pack rate .. they do have a firewall like that .. but i didnt bother try find a download for it.. i dout its free ware tho..

Jesus christ stfu already

[SirGalahad]

Ok, old topic and I shouldn't revive it, but a word to the wise on DDoS filtering on private lines (especially cable): you can't do it. The more broad the sources are, meaning the more diverse geological location, node position, etc., the more impossible it becomes. Whether you block the connections or not, the gateway is still trying to deliver the packets it couldn't filter directly to your client (modem) and whether or not you don't allow the computer to receive/process/auth/handshake/whatever with those packets from whatever IP doesn't mean you're stopping shit. A good NAT and router setup on a home network that is designed to actually eat the packets and and deny only half the connections is the best method for end-user connections. You'll still get hosed somewhat, but it becomes obvious to a) your ISP that something is up and B) the ISP of the victim who is unknowingly a DDoS bot, and that'll fuck over Nerdoverlords faster than trying to fight it.

I have friends in hosting, you know. Not bullshit hosting, I'm talking OC and DS3s up the ass, all over the midwest to the west coast. Someone get me a definitive list of their IPs and I'll talk my stupid kyke friend into fucking them off, no joke.

Have a nice day.

[Slipknight]

Ok, old topic and I shouldn't revive it, but a word to the wise on DDoS filtering on private lines (especially cable): you can't do it. The more broad the sources are, meaning the more diverse geological location, node position, etc., the more impossible it becomes. Whether you block the connections or not, the gateway is still trying to deliver the packets it couldn't filter directly to your client (modem) and whether or not you don't allow the computer to receive/process/auth/handshake/whatever with those packets from whatever IP doesn't mean you're stopping shit. A good NAT and router setup on a home network that is designed to actually eat the packets and and deny only half the connections is the best method for end-user connections. You'll still get hosed somewhat, but it becomes obvious to a) your ISP that something is up and B) the ISP of the victim who is unknowingly a DDoS bot, and that'll fuck over Nerdoverlords faster than trying to fight it.

I have friends in hosting, you know. Not bullshit hosting, I'm talking OC and DS3s up the ass, all over the midwest to the west coast. Someone get me a definitive list of their IPs and I'll talk my stupid kyke friend into fucking them off, no joke.

Have a nice day.

finally some1 with a brain

[bone-you]

Ok, old topic and I shouldn't revive it, but a word to the wise on DDoS filtering on private lines (especially cable): you can't do it. The more broad the sources are, meaning the more diverse geological location, node position, etc., the more impossible it becomes. Whether you block the connections or not, the gateway is still trying to deliver the packets it couldn't filter directly to your client (modem) and whether or not you don't allow the computer to receive/process/auth/handshake/whatever with those packets from whatever IP doesn't mean you're stopping shit. A good NAT and router setup on a home network that is designed to actually eat the packets and and deny only half the connections is the best method for end-user connections. You'll still get hosed somewhat, but it becomes obvious to a) your ISP that something is up and B) the ISP of the victim who is unknowingly a DDoS bot, and that'll fuck over Nerdoverlords faster than trying to fight it.

I have friends in hosting, you know. Not bullshit hosting, I'm talking OC and DS3s up the ass, all over the midwest to the west coast. Someone get me a definitive list of their IPs and I'll talk my stupid kyke friend into fucking them off, no joke.

Have a nice day.

lol give up. I've been trying to tell everyone that for weeks now. No one listens. ISPs can stop DDoS'es, but most choose not to. Talked to one on the phone and they said they can, but it would affect too many customers so they won't.