Uyurgezer Posted June 12, 2013 Posted June 12, 2013 Hi, I have been a few times attacked by DDoS attacks just because I sponsor some guilds and clans with a TeamSpeak server. My current router has "Denial-of-service (DoS) attack prevention". Well this is good on paper but when a DNS DDoS attack comes as it has done, my router gets a little slow. The attacks won't kill my connection, but it more or less gets unusable. The router has a 680 MHz processor with 16 MB flash and 128 MB RAM. (Netgear WNDR3800 - N600 Wireless Dual Band Gigabit Router—Premium edition) Would a homemade router stand better against these kinds of attacks or is there a way to make the current one better against it? If a homemade router would be better, what OS / firewall should be used? I know Smoothwall has gotten a lot of good things said about it, and I know Darren has used this in one segment (back in 2010 i think). Would that still be one of the better free versions that is easy to handle or has there come up something new? Sincerely, Sleepwalker/Uyurgezer Quote
tom564 Posted June 12, 2013 Posted June 12, 2013 If your router is maxing out its available resources a homemade router or higher spec one may be beneficial however in a DOS situation you will probably be limited by the amount of available bandwidth. I currently use untangle on an old PC as a firewall and router. I would try flashing open-wrt to the router if it supports it and looking at its resource use whilst under a DOS attack and throwing a couple NIC's into an old PC and using untangle or smoothwall etc as if you are not bandwidth limited a custom router would stand up better. Quote
digininja Posted June 12, 2013 Posted June 12, 2013 I'd agree, it is more likely that it is your bandwidth that is being maxed out rather than the resources on your router but improving the spec of your router won't hurt if you are being hit hard. Quote
Uyurgezer Posted June 13, 2013 Author Posted June 13, 2013 Thanks for the answers. The feeling I have had is that the router is the thing that gives up. I have a 200/200 Mbit connection and the attack has only been from one DNS source at the time. People on the TeamSpeak server can still talk to each other, but with robotic voice. This is why it feels like it's the router that can't withstand the attack. I will be trying out a homemade router to see if it works better or if I need to check with any service that can hold a proxy or something that can take a attack. Thanks for the help! Quote
Zombie_Testicle Posted June 26, 2013 Posted June 26, 2013 are the dox from a single ip or different ones. depending there could be a setting or script to block em based on how many times they pinged you and such Quote
barry99705 Posted July 3, 2013 Posted July 3, 2013 Pfsense and Smoothwall both have snort add ons that will block these kinds of attacks. Quote
GuardMoony Posted July 4, 2013 Posted July 4, 2013 (edited) You could test if its the bandwidth or the router. If youre under attack. Just run a quick speedtest. ( like speedtest.net ) if that shows low speeds. ( esp upload ) Then its your bandwidth and then there's not much you can do. Otherwise if thats still high enough. then it could be the router. P.S. Run a test before any attacks to have a base comparison. I just put my own server online. And that got a pfsense fw in front. It seems verry decent and easy setup. Edited July 4, 2013 by GuardMoony Quote
Infiltrator Posted July 8, 2013 Posted July 8, 2013 (edited) Depending on the magnitude of the DDoS attack, your bandwidth can get crippled very quickly. And as you stated in your post "my router gets a little slow", that could be one of the reasons why the player's voices are sounding like robots. Also, one way to minimize the effects of the DDoS attack, is using a Load Balancer hardware. You could build your own with Untangle or Pfsense both support this feature. But it requires an additional Internet connection to load balance the traffic. Just a suggestion. Edited July 8, 2013 by Infiltrator Quote
barry99705 Posted July 8, 2013 Posted July 8, 2013 Depending on the magnitude of the DDoS attack, your bandwidth can get crippled very quickly. And as you stated in your post "my router gets a little slow", that could be one of the reasons why the player's voices are sounding like robots. Also, one way to minimize the effects of the DDoS attack, is using a Load Balancer hardware. You could build your own with Untangle or Pfsense both support this feature. But it requires an additional Internet connection to load balance the traffic. Just a suggestion. Heh. Most of my clients won't even pony up for a second wan connection, and some of them are townships/cities! Quote
Infiltrator Posted July 9, 2013 Posted July 9, 2013 (edited) Heh. Most of my clients won't even pony up for a second wan connection, and some of them are townships/cities! Well, I can understand that. It would be pointless for an average home user to have a second WAN connection. Unless, you are offering some kind of cloud service, that needs to have some kind of redundancy in place. In addition, not many users will be able to afford the price of a second WAN connection. Edited July 9, 2013 by Infiltrator Quote
Dec100 Posted July 15, 2013 Posted July 15, 2013 I'm not sure about their terms and conditions for game servers, but could you look into a free account at a cloud service like Cloud Flare? http://www.cloudflare.com/ Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.