2021 DDoS Issue

Null said:
Someone suggested these
mikrotik.com

MikroTik

MikroTik is a Latvian company which was founded in 1996 to develop routers and wireless ISP systems. MikroTik now provides hardware and software for Internet connectivity in most of the countries around the world.
mikrotik.com mikrotik.com
www.arista.com

7150 Series

Arista 7150 Series Software Defined Networking Switch is the leading ultra-low latency 1RU network platform for High Frequency Trading Markets and virtualized data centers
www.arista.com www.arista.com

Accepting competing suggestions. I'd like to keep it in a budget range.

Someone also said they have a $1000 credit with Dell but they don't really do networking. Is there a management tool, like a rackmount KVM or something, from Dell worth getting?
Click to expand...
Bytefend.com
 
HTTP Error 404 said:
Fashwave edits won't be accidentally watched by the people that need to see those messages.

Although now I do wanna see something similar to those anime facts vids with Fashwave instead.
Click to expand...
And the people who watch Idolshit obsess over fictional underage girls, who the lolbertarian "just let me coom" types not the "based anti-degeneracy trads" you are advertising to.
 
  • Thunk-Provoking
  • Like
Reactions: Neo-Liberal Bugman, TVStactic, Dork Of Ages and 1 other person
If the attack is spoofing the source IP to look like it originates from the local host ( BCP38 ), you can add these to your iptables to mitigate that:


Code: 
iptables -A INPUT -i eno0 -s 10.0.0.0/8 -j LOG --log-prefix "IP DROP SPOOF A: "
iptables -A INPUT -i eno0 -s 172.16.0.0/12 -j LOG --log-prefix "IP DROP SPOOF B: "
iptables -A INPUT -i eno0 -s 192.168.0.0/16 -j LOG --log-prefix "IP DROP SPOOF C: "
iptables -A INPUT -i eno0 -s 224.0.0.0/4 -j LOG --log-prefix "IP DROP MULTICAST D: "
iptables -A INPUT -i eno0 -s 224.0.0.0/5 -j LOG --log-prefix "IP DROP MULTICAST E: "
iptables -A INPUT -i eno0 -s 10.0.0.0/8 -j DROP
iptables -A INPUT -i eno0 -s 172.16.0.0/12 -j DROP
iptables -A INPUT -i eno0 -s 192.168.0.0/16 -j DROP
iptables -A INPUT -i eno0 -s 224.0.0.0/4 -j DROP
iptables -A INPUT -i eno0 -s 224.0.0.0/5 -j DROP

As for networking hardware I don't know much about it
 
  • Like
  • Informative
  • Thunk-Provoking
Reactions: Driedsoap, ToroidalBoat, CockPockets and 5 others
Null said:
What? Are you going to DOX this guy and BRING HIM TO JUSTICE? No, he's some random fucking guy. Probably lives in Russia.
Click to expand...
No. But I'd like if one of these Twitter loons celebrating taking down KF for a few days gets a knock at the door from the FBI. Even if nothing comes of it, the Twitter melt down would be predicable, but deserved.
 
  • Like
  • Thunk-Provoking
  • Optimistic
Reactions: hundredpercent, HTTP Error 404, Dork Of Ages and 1 other person
LanceHaver said:
If the attack is spoofing the source IP to look like it originates from the local host ( BCP38 ), you can add these to your iptables to mitigate that:


Code: 
iptables -A INPUT -i eno0 -s 10.0.0.0/8 -j LOG --log-prefix "IP DROP SPOOF A: "
iptables -A INPUT -i eno0 -s 172.16.0.0/12 -j LOG --log-prefix "IP DROP SPOOF B: "
iptables -A INPUT -i eno0 -s 192.168.0.0/16 -j LOG --log-prefix "IP DROP SPOOF C: "
iptables -A INPUT -i eno0 -s 224.0.0.0/4 -j LOG --log-prefix "IP DROP MULTICAST D: "
iptables -A INPUT -i eno0 -s 224.0.0.0/5 -j LOG --log-prefix "IP DROP MULTICAST E: "
iptables -A INPUT -i eno0 -s 10.0.0.0/8 -j DROP
iptables -A INPUT -i eno0 -s 172.16.0.0/12 -j DROP
iptables -A INPUT -i eno0 -s 192.168.0.0/16 -j DROP
iptables -A INPUT -i eno0 -s 224.0.0.0/4 -j DROP
iptables -A INPUT -i eno0 -s 224.0.0.0/5 -j DROP

As for networking hardware I don't know much about it
Click to expand...
Wouldn't all that logging just make it even easier to kill the server
 
Dustlord said:
I feel like you're overthinking a silly meme.
Click to expand...
Maybe so, but just like K-pop, I can't comprehend why people would like such garbage preppy, high-pitched, obnoxious garbage. How can you listen to that voice and not be annoyed? You have to be attracted to annoying kids to get a kick out of it.
 
  • Agree
Reactions: Wright
Nice work, the search function is finally working again. It's been a difficult week without it.
 
  • Like
Reactions: Dork Of Ages
LurkTrawl said:
I don't really know shit about networking, what did it mean when I tried to access the .onion version of the site and it said something about a hashring?

Also Godspeed Null in thwarting retards and all that, but what's the difference between a DDoS and a DoS?
Click to expand...

DoS = denial of service
DDoS = distributed denial of service
Basically, DDoS is a denial of service attack which is performed using multiple sources, eg: a ton of separate source machines all launching traffic against one destination.

Distributed attacks are a lot harder to mitigate, as you (or more likely your provider) can’t just drop the prefix the attack is coming from. While you may be receiving 1Gb of bad traffic, it may be coming from 100 endpoints sending 10Mbps each.

I prefer to use the term DoS when talking about mitigation strategies though, as it covers both, and most vendors use DoS in their syntax/terminology.
 
  • Informative
  • Like
Reactions: Evil Bunny, Dork Of Ages, BIG BILL HELL'S and 2 others
You must log in or register to reply here.
Back