Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| en:dpi:dpi_options:opt_ddos:ddos_dos:ddos_dos_udpflood [2020/02/05 17:35] – ↷ Page moved from en:dpi:dpi_options:base_functionality:opt_ddos:ddos_dos:ddos_dos_udpflood to en:dpi:dpi_options:opt_ddos:ddos_dos:ddos_dos_udpflood lexx26 | en:dpi:dpi_options:opt_ddos:ddos_dos:ddos_dos_udpflood [2024/09/26 15:29] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Protection against UDP flood attack ====== | ====== Protection against UDP flood attack ====== | ||
| + | {{indexmenu_n> | ||
| + | This attack is handled by fragmented UDP packets. The target system has to spend a lot of resources to assemble and analyse them. | ||
| + | |||
| + | The protection is carried out by disabling of unnecessary protocols on the site under protection. You can learn how to configure the protocol' | ||
| + | |||
| + | For a typical WEB site under protection, the required protocols are HTTP and HTTPS. Therefore the proper configuration looks like this: | ||
| + | < | ||
| + | http cs0 | ||
| + | https cs0 | ||
| + | default | ||
| + | </ | ||
| + | |||
| + | To convert the ready configuration file into the internal format and to send it to DPI: | ||
| + | < | ||
| + | cat my_dscp.txt|lst2dscp protocols.dscp | ||
| + | mv protocols.dscp | ||
| + | service fastdpi reload | ||
| + | </ | ||
| + | |||
| + | The protection against DDos attack of DNS/NTP amplification type can be arranged similarly. This attack overloads the incoming channel by the traffic that exceeds the channel' | ||