DDoS attack

• Previous message (by thread): DDoS attack
• Next message (by thread): DDoS attack
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is lame.  They should be able to view NAT translation tables or
better yet have some method of watching flows.

Tim

On 12/9/19 12:11 PM, Christopher Morrow wrote:
> I'd note that: "what prefixes?" isn't answered here... like: "what is
> the thing on your network which is being attacked?"
> 
> On Mon, Dec 9, 2019 at 3:08 PM ahmed.dalaali at hrins.net
> <ahmed.dalaali at hrins.net> wrote:
>>
>> Dear All,
>>
>> My network is being flooded with UDP packets, Denial of Service attack, soucing from Cloud flare and Google IP Addresses, with 200-300 mbps minimum traffic, the destination in my network are IP prefixes that is currnetly not used but still getting traffic with high volume.
>> The traffic is being generated with high intervals between 10-30 Minutes for each time, maxing to 800 mbps
>> When reached out cloudflare support, they mentioned that there services are running on Nat so they can’t pin out which server is attacking based on ip address alone, as a single IP has more than 5000 server behind it, providing 1 source IP and UDP source port, didn’t help either
>> Any suggestions?
>>
>> Regards,
>> Ahmed Dala Ali

• Previous message (by thread): DDoS attack
• Next message (by thread): DDoS attack
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]