[citation][nom]antilycus[/nom]This is how easy to is to stop DDOS. Put those few lines of code into your router (pending which version you have, syntax changes) and DDOS goes out the window.Sub xxx.xxx.xxx.xxx for LAN IP router addr#port 22 (telnet ssh?)iptables -I FORWARD -p tcp -d xxx.xxx.xxx.xxx --dport 22 -j DROPiptables -I FORWARD -p tcp -d xxx.xxx.xxx.xxx --dport 22 -j ACCEPTiptables -I FORWARD -p tcp --dport 22 -m state --state NEW -m limit --limit 5/min -j ACCEPTiptables -I FORWARD -p tcp --dport 22 -m state --state RELATED,ESTABLISHED -j ACCEPT#port 23 (telnet non ssh)iptables -I FORWARD -p tcp -d xxx.xxx.xxx.xxx --dport 23 -j DROPiptables -I FORWARD -p tcp --dport 23 -m state --state NEW -m limit --limit 5/min -j ACCEPTiptables -I FORWARD -p tcp --dport 23 -m state --state RELATED,ESTABLISHED -j ACCEPT[/citation]
Lol, if it were really that simple, do you think massive corporations and government organizations would be having these problems? The real problem is that DDOS attacks aren't the real attacks in most anonymous threats, but instead merely decoys while they data-mine whoever is caught off guard.