[Guide] Protect Your Server From * ,..., * Attacks (attackers) DDoS vdos etc

Sorry guys for not answer some people cuz i'm verry busy these days and i will check all masseges as soon as i can .
Most of People asking me for ddos attack problem and most of us are in some problems from this cuz it's make the server down and u will lose players and so .. So
Today i will explain how to protect ur server from some kinds of attack like ddos and ..etc (No more kids will doss ur server to get more players to his server :P)
with windows server 2008 or (windows 8~but not suggest cuz it's still in beta) u will protect ur server with 100% from any attacs ..
but it's really 99% .
Now Let's start & it's verry simple So Don't Worry :)

--------------------------------------
(i upload all pictures on attachment to protect from lose!)



We will Explain How to block ping On Your Server and incoming and outcoming ICMP .
__________________________________________________ _
(IP Security)

To block all PING traffic to and from a computer you need to create an IPSec policy that will block all ICMP traffic.
Check to see if the computer responds to PING requests by pinging it:

[Only registered and activated users can see links. Click Here To Register...]

To configure a single computer follow these steps:




Configuring IP Filter Lists and Filter actions
1. Open an MMC window (Start > Run > MMC).

[Only registered and activated users can see links. Click Here To Register...]

2. Add the IP Security and Policy Management Snap-In.

[Only registered and activated users can see links. Click Here To Register...]
3. In the Select which computer this policy will manage window select the local computer (or any other policy depending upon your needs). Click Close then click Ok.

[Only registered and activated users can see links. Click Here To Register...]
4. Right-click IP Security Policies in the left pane of the MMC console. Select Manage IP Filter Lists and Filter Actions.

[Only registered and activated users can see links. Click Here To Register...]
5. You do not need to configure a specific IP Filter for ICMP (the protocol used by PING) because such a filter already exists by default - All ICMP Traffic.

[Only registered and activated users can see links. Click Here To Register...]


However you might want to configure a more specific IP Filter for ICMP. For example, lets say you wish to prevent a server from answering all PINGS except for specific PINGs sent by a specific computer used by the Help Desk department. In that case you should add a new IP Filter and use your defined source and Destination IP Addresses, and the ICMP protocol.
6. In the Manage IP Filter Lists and Filter actions review your filters and if all are set, click on the Manage Filter Actions tab. Now we need to add a filter action that will block our designated traffic, so click Add.

[Only registered and activated users can see links. Click Here To Register...]
7. In the Welcome screen click Next.
8. In the Filter Action Name type Block and click Next.

[Only registered and activated users can see links. Click Here To Register...]
9. In the Filter Action General Options click Block then click on Next.

[Only registered and activated users can see links. Click Here To Register...]
10. Back in the Manage IP Filter Lists and Filter actions review your filters and if all are set, click on the Close button. You can add Filters and Filter Actions at any time.

[Only registered and activated users can see links. Click Here To Register...]

Next step is to configure the IPSec Policy and to assign it.





Configuring the IPSec Policy

1. In the same MMC console right-click IP Security Policies on Local Computer and select Create IP Security Policy.

[Only registered and activated users can see links. Click Here To Register...]
2. In the Welcome screen click Next
3. In the IP Security Policy Name enter a descriptive name, such as "Block PING". Click Next

[Only registered and activated users can see links. Click Here To Register...]
4. In the Request for Secure Communication window click to clear the Active the Default Response Rule check-box. Click Next

[Only registered and activated users can see links. Click Here To Register...]

5. In the Completing IP Security Policy Wizard window, click Finish.

[Only registered and activated users can see links. Click Here To Register...]

6. We now need to add the various IP Filters and Filter Actions to the new IPSec Policy. In the new IPSec Policy window click Add to begin adding the IP Filters and Filter Actions.

[Only registered and activated users can see links. Click Here To Register...]
7. In the Welcome window click Next.
8. In the Tunnel Endpoint make sure the default setting is selected and click Next.

[Only registered and activated users can see links. Click Here To Register...]
9. In the Network Type windows select All Network Connections and click Next.

[Only registered and activated users can see links. Click Here To Register...]
10. In the IP Filter List window select "All ICMP Traffic" (or any other IP Filter configured in step #5 at the beginning of this article). If, for some reason, you did not previously configure the right IP Filter, then you can press Add and begin adding it now. When done, click Next.

[Only registered and activated users can see links. Click Here To Register...]
11. In the Filter Action window select "Block". Again, if you did not previously configure the right Filter Action, you can now press Add and begin adding it now. When done, click Next.

[Only registered and activated users can see links. Click Here To Register...]
12. Notice how the IP Filter has been added.

[Only registered and activated users can see links. Click Here To Register...]

Again, you can add any combination of IP Filters and Filter Actions you like.
Notice that you cannot change their order like in other full-featured firewalls. Even so, this configuration works perfectly as you will soon discover.
The next phase is to assign the IPSec Policy.





Assigning the IPSec Policy

1. In the same MMC console, right-click the new IPSec Policy and select Assign.

[Only registered and activated users can see links. Click Here To Register...]

Done, you can now test the configuration by trying to surf to restricted and unrestricted websites.

-------------------------------------------------------

SOme Question : Why block ping to protect myself from ddos attack or other attacks
cuz, let me talk about ddos, let me say that the answer how to ddos via CMD commands
Start > Run > ping 127.0.0.1 -t -l 65500
Change 127.0.0.1 for ip of server or site u need to crash it ..
i think u now know the answer
But the Next Question
Why google ~ yahoo ~ facebook ~ ETC!!
Don't Close Ping ~!
The Answer if u make ddos attac on your router or any router Is something will happen?
THey have Something named HardWare FireWall so when u are ping on yahoo or google u ping on the firewall not the server ;)
Hope u got the idea :)


(This Thread Not My Full Write But ..) & Thread in Update to add new staffs!

Have Fun Friends :D

be ready for pm massive avalanche
nice guide btw

abdel what a working man...Gratz and regards my brouther...

Quote:

Originally Posted by PortalDark be ready for pm massive avalanche nice guide btw

Thank u :)

Quote:

Originally Posted by mertcoskun abdel what a working man...Gratz and regards my brouther...

Thanks & Welcome :)

Edit : thread pics uploaded

thanks, i go try it

Quote:

Originally Posted by seven16 thanks, i go try it

u welcome and GL :)

Edit :
Thread updated New Part in thread

-------------------------------------------------------
SOme Question : Why block ping to protect myself from ddos attack or other attacks
cuz, let me talk about ddos, let me say that the answer how to ddos via CMD commands
Start > Run > ping 127.0.0.1 -t -l 65500
Change 127.0.0.1 for ip of server or site u need to crash it ..
i think u now know the answer
But the Next Question
Why google ~ yahoo ~ facebook ~ ETC!!
Don't Close Ping ~!
The Answer if u make ddos attac on your router or any router Is something will happen?
THey have Something named HardWare FireWall so when u are ping on yahoo or google u ping on the firewall not the server ;)
Hope u got the idea :)

now i can't enter in my host MUHAHAHA :S

Quote:

Originally Posted by seven16 now i can't enter in my host MUHAHAHA :S

hmm it don't block ports !
u just make a mistake in choosing roles or something like ..

Quote:

can't enter in my host

did u mean remote disktop?
if yes so u choose All IP Traffic
or
u don't choose all ICMP traffic

im gonna suggest doing this on other pc and then try remote to test if adress is being blocked

Quote:

Originally Posted by Dr.Abdelfattah hmm it don't block ports ! u just make a mistake in choosing roles or something like .. did u mean remote disktop? if yes so u choose All IP Traffic or u don't choose all ICMP traffic

yes remote desktop, but i can't enter more in remote desktop, this blocked all :S

Quote:

Originally Posted by seven16 yes remote desktop, but i can't enter more in remote desktop, this blocked all :S

as i tell u before it don't close ports it's block traffic and u just choose by mistake Block All IP Traffic = u close or block internet incoming and outcoming packets
if u have website working on ur server u will find it doesn't work too cuz of the same i say ..

[Only registered and activated users can see links. Click Here To Register...]

Need I say more?

Quote:

Originally Posted by WeeMan1337 [Only registered and activated users can see links. Click Here To Register...] Need I say more?

hmm those in packet of name (Tools) and i don't use tools in my security ;)

kids ddosers gone rage :D
nice guide

Quote:

Originally Posted by marcius01 kids ddosers gone rage :D nice guide

thank you :)