.:: Blackc0de Forum ::.
Would you like to react to this message? Create an account in a few clicks or log in to continue.

-=Explore The World From Our Binary=-
 
HomeIndeksLatest imagesPendaftaranLogin

 

 Stop DDOS attacks on a cisco router

Go down 
PengirimMessage
Roy Sukro
VIP Member
VIP Member
Roy Sukro


Jumlah posting : 392
Points : 711
Reputation : 17
Join date : 06.02.11
Age : 35
Lokasi : dimana-mana ada ^^

Stop DDOS attacks on a cisco router Empty
PostSubyek: Stop DDOS attacks on a cisco router   Stop DDOS attacks on a cisco router Icon_minitimeSat Dec 03, 2011 12:16 pm

ISPs have other options available that depend on routing changes, such as black hole filtering. Black hole filtering works by forwarding malicious traffic to an imaginary interface known as Null0 – similar to /dev/null on Unix machines. Since it’s not a valid interface, traffic routed to Null0 is essentially dropped. Moreover, this technique minimizes performance impact – a useful feature during the DDoS investigation so the rest of the network remains stable under the heavy load.
Here’s the simplest form of a black hole route:


Quote :
Router(config)# int null0
Router(config-if)# no ip unreachable
Router(config)# ip route 1.1.1.1 255.255.255.0 null0

this statement sends all traffic arriving on this router to the null0 interface — in effect, discarding it and sending it to the black hole.
You could also redistribute this route into your dynamic routing protocol and have it sent to all other routers on your network. Then, all routers would send traffic to your router, and your router would drop that traffic.
Using ISP back hole you could limit some bad traffic, imagine that the target IP for the DDOS is 1.2.3.4 and my AS is 1234. The transit provider is 1000 and he blackhole community is tagged with 666.
On a cisco router I may use the following to blackhole the traffic before the
traffic enter my network.
router bgp 1234
bgp router-id 1.2.3.4
redistribute static route-map static-to-bgp
..
..
!
route-map static-to-bgp permit 5
match tag 666
set community 1000:666 additive
!
Kembali Ke Atas Go down
http://www.google.com
 
Stop DDOS attacks on a cisco router
Kembali Ke Atas 
Halaman 1 dari 1
 Similar topics
-
» Konfigurasi IP,DHCP,RIP dan NAT Router Cisco
» USB susah d stop (ASK)
» modul cisco 1
» konfigurasi dasar Cisco
» telneting dan hardening cisco

Permissions in this forum:Anda tidak dapat menjawab topik
.:: Blackc0de Forum ::. :: BoarD Blackc0de :: International Room :: Networking (Int.)-
Navigasi: