New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Ever tried to suck a golf ball through a garden hose?
Ever try draining an entire olympic swimming pool manually using a bucket?
vps cannot protect him self! vps not an hero!
-A INPUT -p udp -m limit --limit 2/sec --limit-burst 5 -j ACCEPT
or
-A INPUT -p udp -m limit --limit 10/minute --limit-burst 25 -j ACCEPT
or if you know the ip of the vps attacking you and the target port hes attacking should be like:
iptables -A INPUT -p udp -s 11.11.11.11 --dport 161 -m limit --limit 25/minute --limit-burst 100 -j ACCEPT
Should work in theory.
what happens the the 1Gbps port floods the 100Mpbs port?
WELCOME BACK, CAPTAIN OBVIOUS
Jkjkjk
In theory, if its 1 vs 1, you can limit the requests from VPS 1 (1gbit) to VPS 2 (100mbit) and should be ok I guess?
+1 You very correct sir, Thank you for the use full command
I was trying to lead him there, but you ruined the surprise dang it!!!!!!
@AuroraZ crap, REMOVE IT. Did a NINJA EDIT
Bad memories of the doctor explaining kidney stones.
Francisco
vps can protect himself and the others dude!!
no.
Jesus christ.
Congratulations, you just essentially disabled UDP (if there's an implied DROP afterwards. Otherwise you didn't do anything at all).
Could people please stop recommending the basic limit match for stuff like this? This is not what it is designed for.
Congratulations you just gave away one of the biggest surprises of whole thread. People, people, people, stop giving away my surprises dang it!!!!!!!
Please use the right measure.
1gb/s would be 8gbit/s or 1000mb/s
guys i blocked Attacker IP from both UDP & TCP Protocols and he can using udp flood to off my vps and when i look to if top i see my network 99mb/s send to attacker ip, so i ask this question. i use all limitation command. and now i block attacker ip, so i think no solution for udp flood if the attacker have high internet speed from your vps/dedicated.
*note: he can't attack me using tcp attacks methods.
I don't think anyone on LET is giving the attacker his high internet speed form our vps/dedicated, but may be you can put your stuff behind cloudflare?
i provide game server so i need to work on udp protocol and using original ip's
If you have a gameserver you are better off paying for some protection. You will not be able to mitigate this yourself.
Better get ddos protection, hostbased filtering will not help under real ddos.
This is beyond retarded. The moment this 1Gbps attack hits your 100Mbps NIC, the damage is already done.. Nothing will help even if you tried to drop the entire protocol with these iptables.. Invest in a VPS thats behind DDoS protected network and 100Mbps just might be enough..
YES you are right i just made this question to make me sure for this action.
So the ANSWER IS NO. we can't block udp attacker if he have high speed than our server. so wee need third party to protect us.
Thank you all
Depends on the provider, like OVH's yes, as if the VPS is hosted in let's say France and I'm sending a DDoS attack from the US, let's say near chicago, once it its chicago the DDoS VAC in their CHI PoP will mitigate the attack even before it heads overseas.