Hi
How Are you?
i Got a VDS , Used for Hosting Game Servers
after a while i got a massive ddos attack , with IP spoofing Method,
i try rp-filter=strict but not working , the attack cross the filter,
i try any rules i can find against ddos attacks,and nothing , still attack cross the firewall
the protocol is udp
the tool his using is hping3 ( i think)
and the way he is doing it , is:
he scan ip ranges , and find the live ips
and with hping3 use those live ips and send the spoofed ddos attack
so if the ips are alive and rp-filter send the reversal packet to the source ip , it will be known as Valid , and cross the rule
it uses over 1 2 million ips
i got this problem over 6 months
if you got any idea how to prevent it, please let me know
Thanks
The only one idea is eBGP peering with several ISP + firewall box from cyber security company with license including their support. There is no way you can reflect or stop UDP DDoS with Tik whatever box.
Is there a correlation between the spoofed addresses? Being in a certain range like /24.