Labnuke99 Jun 13, 2008   4:59 PM GMT

A DDos attack is difficult to stop and it may actually be a reflected attack. Can you block the specific service that they are attacking?

32,960 pointsBadges:

Kevin Beaver Jun 16, 2008   8:12 PM GMT

I agree with Labnuke99 - try to limit who can access the service they're attacking. Also consider contacting your ISP to see if there's anything they can do (i.e. setup an ACL) to keep the traffic from ever getting to your network in the first place.

27,520 pointsBadges:

dwulff May 15, 2012   3:15 PM GMT

Too many iptable rules in your firewall can create memory & CPU overhead loads for each new connection and impact latency. I found TechGuard makes an in-line appliance (IPV4/IPV6 compatible) that works w/ other firewalls and routers that allows for blanket policies (like country blocking) but still granular control (i.e. allow specific IP addresses for a corporate office in China as an exception, or blocking specific IP addresses for countries you want open to your network). Again, this would be for a company operating their own servers, in a network that can support an in-line appliance built to block IP addresses by country.

30 pointsBadges: