I think that most of the people did, at least they've heard of Don Quixote.Quote:
I wonder if anyone else understood what you meant with don quixote.
An idea against DDOS
07/07/2013 15:39
Bartic#16
07/07/2013 16:29
EGYSTR#17
i want to know if i can't ping a certain ip can i ddos it ?
07/07/2013 16:37
Nezekan#18
I don't really think you can DDoS if you don't know how the icmp protocol actually works ;)Quote:
(answer is yes btw)
07/07/2013 18:07
Bartic#19
I wonder where you're from...Quote:
07/07/2013 18:41
WickedNite#20
new internet warriors generationQuote:
07/07/2013 18:54
鳳凰城#21
I got an idea *I did not test it, Just saying it might be working*
What about:
1- Coding something like ip filter. It will filter all connections out/in the dedicated itself, So you can ban the IPs manually. *I know its tuff when it's more than 100k ips are attacking you but, At least it will reduce some.*
Or simply, search for any DDoS software *As a help* There are many software doing this job, but auto. Like, filtering the IPs, If it was sending more than XX packet /sec, Automatically add to blacklist ->the filter I mean<-
2- Getting proxy to hide your ip/using VMachine to run the server on (With hiding ip function) so, No one will be able to get your real IP for DDoS )
3- Creating a limit for the outgoing connection to 30kb-sec. *SRO Does not need more per one client, it will be enough for no-lag gameplay*
And I'm sure it's not 100% solution but, All these elements when they're collected together, it will be great defense.
What about:
1- Coding something like ip filter. It will filter all connections out/in the dedicated itself, So you can ban the IPs manually. *I know its tuff when it's more than 100k ips are attacking you but, At least it will reduce some.*
Or simply, search for any DDoS software *As a help* There are many software doing this job, but auto. Like, filtering the IPs, If it was sending more than XX packet /sec, Automatically add to blacklist ->the filter I mean<-
2- Getting proxy to hide your ip/using VMachine to run the server on (With hiding ip function) so, No one will be able to get your real IP for DDoS )
3- Creating a limit for the outgoing connection to 30kb-sec. *SRO Does not need more per one client, it will be enough for no-lag gameplay*
And I'm sure it's not 100% solution but, All these elements when they're collected together, it will be great defense.
07/07/2013 18:57
Nezekan#22
Virtualization will use your main ip as gateway, so that won't work at all (you can find real ip by using tracert), there is no such thing as 'hide ip function', it's impossible by definitionQuote:
What about:
1- Coding something like ip filter. It will filter all connections out/in the dedicated itself, So you can ban the IPs manually. *I know its tuff when it's more than 100k ips are attacking you but, At least it will reduce some.*
Or simply, search for any DDoS software *As a help* There are many software doing this job, but auto. Like, filtering the IPs, If it was sending more than XX packet /sec, Automatically add to blacklist ->the filter I mean<-
2- Getting proxy to hide your ip/using VMachine to run the server on (With hiding ip function) so, No one will be able to get your real IP for DDoS )
3- Creating a limit for the outgoing connection to 30kb-sec. *SRO Does not need more per one client, it will be enough for no-lag gameplay*
And I'm sure it's not 100% solution but, All these elements when they're collected together, it will be great defense.
07/07/2013 19:01
鳳凰城#23
Chernobyl was doing that ;( in his vmachine.Quote:
07/07/2013 20:00
MaximumDark#24
You should learn about networking '101', hehehe...Quote:
1) You can't limit the amount of bandwidth an IP will throw towards you.
2) You can't hide an IP, always an IP will have to be shown if you want to have 'any' communication happening at the "IP" protocol, IP = Internet Protocol by definition, and any protocol built on the top of the "IP", like ICMP, UDP or TCP, requires an IP Address.
3) You can't solve high DoS/DDoS attacks with a simple server or pc, first because the architecture of the hardware is not built for this amount of "I/O", second because they aren't able to handle that much requests simultaneosly, if you ever 'programmed/coded' anything you probably know about asynchronism and threading, the context switching methods and thread locking methods to synchronize everything in such evenvironment are your overheads, plus they take too much cpu time with each packet, hence why a single linux box, even with 16 or 32 cores, will handle like 300-400 Kpps max. You need "ASIC" hardware, they are independant semi-conductors that do their decision without depending on software, and this type of equipment, costs much more than you probably will earn in the next 15-30 years. :P