[Need Help] How to stop ddos?

(01-18-2017, 06:03 PM)CRNpolyfluoric Wrote:

[To see links please register here]

Hey Mr. Kurd,
Sorry to hear of your troubles. Axi's advice on configuration is critical and this is square one for anybody running public-facing systems. You say that the attack was "very strong"; please elaborate. Origin, packet types, bandwidth consumed, duration etc. Logs would be ideal. Load balancers and firewalls are excellent but the fundamental problem with all DOS is link saturation.

PM me if you would like assistance configuring a more aggressive mitigation system.

Cheers,
Poly

Really thank you for your offer if I need I will PM you.

(01-18-2017, 03:57 PM)Ender Wrote:

[To see links please register here]

(01-18-2017, 03:46 PM)Mr.Kurd Wrote:

[To see links please register here]

(01-18-2017, 03:24 PM)Axi Wrote:

[To see links please register here]

Chances are, 99.9%, the admin did not patch fetch_remote_file and the attacker simply bypassed CloudFlare.

Maybe I will ask them, but man you didn't hear the ddos attack for money, They start very huge ddos attack for 3 days just by I think 70$.

Yeah, there was probably a misconfiguration, as cloudflare (usually) wouldn't just "get up and leave".

yeah maybe.
I will ask them later.

(01-18-2017, 08:19 PM)Zenith Wrote:

[To see links please register here]

Once a ddos is in place. You can't stop it. You can only take precautions.
I wouldn't trust cloudfare due to the fact that last time I checked. Wiresharking their backdoor is ez. So I prefer digitalfort but that's because someone I know runs it.

"He played a moneys to ddos it". There is no way to ddos for free unless you have your own personal method. Usually skids pay for booters.

Ddos attack if you used a botnet it can come everywhere, Botnet start ddos attack from victims to the target so the victim possible be everywhere.

(01-18-2017, 09:03 PM)Mr.Kurd Wrote:

[To see links please register here]

(01-18-2017, 08:19 PM)Zenith Wrote:

[To see links please register here]

Once a ddos is in place. You can't stop it. You can only take precautions.
I wouldn't trust cloudfare due to the fact that last time I checked. Wiresharking their backdoor is ez. So I prefer digitalfort but that's because someone I know runs it.

"He played a moneys to ddos it". There is no way to ddos for free unless you have your own personal method. Usually skids pay for booters.

Ddos attack if you used a botnet it can come everywhere, Botnet start ddos attack from victims to the target so the victim possible be everywhere.

The most likely conclusion is that the admin of the forum misconfigured the site, and the actual backend leaked. That's why the DDoS bypassed CloudFlare.

You can shutdown the server for a bit and then once you reboot it, add some sort of protection to stop the ddos attack and try to blacklist the ips which you think aren't legitimate

There is multiple ways you can stop DDoS. You can purchase a VPN which does not have DNS Leaks and is DDoS protected (I reccomend PIA [Private Internet Access])

You can purchase a Residential VPN and act like its yours.

You can not talk shit and not get ddosed..

You can not join random calls or don't go on anything that is able to pull your IP.

You can make yourself unresolvable.

(03-22-2017, 04:15 PM)Cremate Wrote:

[To see links please register here]

There is multiple ways you can stop DDoS. You can purchase a VPN which does not have DNS Leaks and is DDoS protected (I reccomend PIA [Private Internet Access])

You can purchase a Residential VPN and act like its yours.

You can not talk shit and not get ddosed..

You can not join random calls or don't go on anything that is able to pull your IP.

You can make yourself unresolvable.

He's talking about a web server getting DDOSed, not his personal computer.

Contact the host of the website ask for an ip change(this just incase they attacked with layer 4 and have the ip) or also config cloud flare so the attacker cant get the websites ipv4. Put cloud flare in under attack mode and try to find out what ips are the badguys and black list them.

(03-22-2017, 06:33 PM)Eclip$e Wrote:

[To see links please register here]

Contact the host of the website ask for an ip change(this just incase they attacked with layer 4 and have the ip) or also config cloud flare so the attacker cant get the websites ipv4. Put cloud flare in under attack mode and try to find out what ips are the badguys and black list them.

We have cloudflare but it didn't stop it.
At the end we changed the forum server....

(03-23-2017, 03:12 PM)Mr.Kurd Wrote:

[To see links please register here]

(03-22-2017, 06:33 PM)Eclip$e Wrote:

[To see links please register here]

Contact the host of the website ask for an ip change(this just incase they attacked with layer 4 and have the ip) or also config cloud flare so the attacker cant get the websites ipv4. Put cloud flare in under attack mode and try to find out what ips are the badguys and black list them.

We have cloudflare but it didn't stop it.
At the end we changed the forum server....

which forum is this?