UDP named DDOS

[qba82]

Hi,
I'm receiving often DDOS on my IP, attack is aimed into UDP named service, what is best and cost effective solutions for such an attacks? I don't want to discus DC protection here, because it might be insufficient.

 

[Driesp]

Hi

Is it a DNS amplification attack?
Only thing you can do is to limit the requests / second with bind.

Kr
Dries

 

[warg]

Use a software or hardware firewall to filter out automated, suspicious traffic. If you are lucky, a software firewall is enough. If you are unlucky, try to replace the software of the attacked service with a more performant one. If that's not working out too, you have to use some kind of CDN to hide your server IP address or get a hardware firewall. Depending on your provider, you might have such a solution already or can order it for a high or low price.

 

[factor]

Hi,
I'm receiving often DDOS on my IP, attack is aimed into UDP named service, what is best and cost effective solutions for such an attacks? I don't want to discus DC protection here, because it might be insufficient.

You might look through here and tweak the firewall.

Basic DoS/DDoS Mitigation with the CSF Firewall

Learn about Basic DoS/DDoS Mitigation with the CSF Firewall today with Liquid Web.

www.liquidweb.com

 

[qba82]

Thank You all for Your answers.
Ddos attack is handled well by my server which has quite good configuration, problem is that my DC is blackholing my connection after some level of attack, which causing that server is not available. I already configured csf to block too many bad named requests, but I can't do anything if DC will blackhole me for few minutes or even half of an hour. Most likely will have to look for DC with better ddos protection.