Comments on: How to Prevent Denial of Service Attacks

By: Mennley Womb

Mennley Womb — Wed, 08 Feb 2012 17:51:27 +0000

Hello there!
How could i defend against a denial of service attack where the attacker is originated in my network?

By: Phil

Phil — Wed, 18 Jan 2012 13:27:04 +0000

Isnt it possible to somehow get some QoS to the ICMP Ping port on the router so if its taken up a certain percentage of the bandwidth (like 12% or something) then deny any other packets from that port?

By: SpYdee

SpYdee — Mon, 21 Nov 2011 22:38:17 +0000

does any1 know a simple c++ source code that can help auto detect dos attacks on a network….please help

By: Joseph

Joseph — Mon, 06 Jun 2011 02:39:52 +0000

I think most routers have a “block WAN ping” option…..which prevents the network behind that router or set of routers from being pinged to death

By: Daniel

Daniel — Thu, 07 Oct 2010 19:16:23 +0000

Great work. Simple and very comprehensive.

By: Ibrahim Hudhaif

Ibrahim Hudhaif — Sun, 15 Nov 2009 12:51:47 +0000

First of, I don’t think buying IDS would effectively help avoiding DDoS. IDS is only after facts device and do not help to overcome such an issue.

IPS could be much better than IDS but still if you don’t have a good relationship with your ISPs by retaining an emergency contacts of the technical staff and proper procedure of what to do if that happen! Because it would a panic time… so some written documents should guide on what do!

By: Ramil

Ramil — Sun, 11 Oct 2009 10:59:26 +0000

I was told to help organize and prevent a DoS attack for a web-site for testing purposes. This was really helpful to start with. Great job! Tnx a lot.

By: Erin

Erin — Fri, 11 Sep 2009 12:32:32 +0000

DDoS attacks are done using the ping flood method.
No ip verify unicast reverse-path is only going to filter out the actual attacker but not all the zombies because they are coming from legit IP’s.
DDoS attack zombies sometimes are in specific geographic areas….so lets say some guys in Korea has it out for your company or website….and 90% of his zombies are in Korea….you can filter whole A or B blocks of IP’s…..if it is truly distributed….things get really hairy really quickly.

By: Eric

Eric — Tue, 11 Aug 2009 03:20:37 +0000

Well written but I hope you’re open to critizism.

You talked about all the details of the DoS attacks until you reached the DDos. At that point you just explained what a zombie is which really says nothing about the actual attack of each individual zombie, it only describes that you are being attacked from multiple vectors. Are those vectors using tcp syn, smurf, pod, fraggle, teardrop or what? I would expand on DDos a little more. Maybe cit examples like Kraken or Srizbi and what specifc methods they use.

By: varun naresh

varun naresh — Fri, 07 Aug 2009 14:46:03 +0000

This article is so awsome XD !

Amazing really !

well done !