[help]Ddos attack how can i block it?

[jossoo]

Tue, 2011-03-29 22:29:37 - UDP Packet - Source:109.242.141.101,1900 Destination:239.255.255.250,1900 - [DOS]

Tue, 2011-03-29 22:29:39 - UDP Packet - Source:94.64.251.85,53911 Destination:109.242.141.101,25932 - [DOS]

Tue, 2011-03-29 22:50:25 - UDP Packet - Source:94.64.251.85,53911 Destination:109.242.141.101,25932 - [DOS]

ue, 2011-03-29 23:59:38 - UDP Packet - Source:109.242.141.101,1900 Destination:239.255.255.250,1900 - [DOS]

Wed, 2011-03-30 00:43:29 - UDP Packet - Source:79.107.230.93,9320 Destination:109.242.141.101,25932 - [DOS]

Wed, 2011-03-30 00:45:47 - UDP Packet - Source:109.242.141.101,1900 Destination:239.255.255.250,1900 - [DOS]

Wed, 2011-03-30 01:48:07 - UDP Packet - Source:72.92.214.207,13906 Destination:109.242.141.101,22731 - [DOS]

Wed, 2011-03-30 01:50:24 - UDP Packet - Source:109.242.141.101,1900 Destination:239.255.255.250,1900 - [DOS]

Wed, 2011-03-30 01:50:24 - UDP Packet - Source:85.74.203.146,25619 Destination:109.242.141.101,22731 - [DOS]

Wed, 2011-03-30 03:15:48 - UDP Packet - Source:116.94.220.193,8339 Destination:109.242.141.101,22731 - [DOS]

Wed, 2011-03-30 03:15:48 - UDP Packet - Source:183.179.60.156,19127 Destination:109.242.141.101,22731 - [DOS]

Wed, 2011-03-30 03:25:02 - UDP Packet - Source:82.114.214.38,25638 Destination:109.242.141.101,22731 - [DOS]

Wed, 2011-03-30 03:27:19 - UDP Packet - Source:109.242.141.101,1900 Destination:239.255.255.250,1900 - [DOS]

Wed, 2011-03-30 11:34:16 - UDP Packet - Source:150.140.233.107,13109 Destination:109.242.141.101,25932 - [DOS]

Wed, 2011-03-30 13:25:04 - UDP Packet - Source:92.244.245.48,59734 Destination:109.242.141.101,54028 - [DOS]

 

 

 

 

 

 

how i can block this attacks ?this are from my modems logfile (netgear DGN 2000)

also i have close all ports from everything and still get those attacks...

can some1 explain me ?

 

 

[Howl3r]

DDOS are unblocked you can't block a ddos attack.

 

how a ddos works?

There is a number of computers that are connected to a main computer by a trojan or something else. This network also called Botnet when the owner of the trojan

wants to do a ddos he put every single computer on his botnet to send junk to their target so a ddos can't be blocked because there are many ip to be blocked and you can't

Why not? there is botnet with millions computer in it.

 

 

http://en.wikipedia.org/wiki/Botnet

[jossoo]

if i change ip ?i dont have static..

[Howl3r]

It won't work.. an ip is easy to find.

[Hax0r]

also i have close all ports from everything and still get those attacks...

Those ports are probably mapped by UPnP. If you want to get rid of these ports, disable UPnP.

[Howl3r]

A ddos attack from any port is open on a modem..

A ddos don't attack on your l2 server but your internet connection it's eating resources because your internet is trying to respond to thoose packets but since they are unknown and MANY of them you will have delays many many delays that's the cause of lag.

[Kràtos]

Those ports are probably mapped by UPnP. If you want to get rid of these ports, disable UPnP.

[jossoo]

all ports disabled upnp disabled but still get the packets :S

 

what now ?:S

[Kràtos]

all ports disabled upnp disabled but still get the packets :S

 

what now ?:S

 

what os are you using? .... i found some solution for windows server 2000 and 2003 i dont know if they work 100%.

 

If you have the above os... tell me.

[Xanderॐ]

ofcurse you get the packets. But the router blocks them and doesnt allow them to pass to the targeted application. Thats your routers firewall log isnt it ?

[jossoo]

ofcurse you get the packets. But the router blocks them and doesnt allow them to pass to the targeted application. Thats your routers firewall log isnt it ?

yes...

 

 

my server running at w7 for test now...when i close the game/login i dont get packets...:S

 

 

anyway can i find this trojan/program(what the hell it is) and delete it ?

[Hax0r]

You still don't get what DDoS is...

 

Your computer is not infected!

There are some other computers on the net, infected from a trojan(botnets). The one who controls those botnets can connect all these botnets to your server. Imagine 100 computers trying to connect to your home server...that's bad. All you can do is buy a router with a good firewall(that's expensive) or firewall.

[jossoo]

thank you all..can some1 close the topic ?

[Reptant_]

thank you all..can some1 close the topic ?

yes