Devilzc0de Forum Information Technology Networking Router And Switch Cisco v
Stop DDOS attacks on a cisco router

Home General Computer Multimedia Business Lounge

Post Reply 
Stop DDOS attacks on a cisco router
08-09-2010, 05:55 PM (This post was last modified: 08-09-2010 07:52 PM by El-Farhatz.)
Post: #1
El-Farhatz Offline
Moderator Keren
****
Global Moderators 		Posts: 1,597
Joined: May 2010
Reputation: 46
Stop DDOS attacks on a cisco router
ISPs have other options available that depend on routing changes, such as black hole filtering. Black hole filtering works by forwarding malicious traffic to an imaginary interface known as Null0 – similar to /dev/null on Unix machines. Since it’s not a valid interface, traffic routed to Null0 is essentially dropped. Moreover, this technique minimizes performance impact – a useful feature during the DDoS investigation so the rest of the network remains stable under the heavy load.
Here’s the simplest form of a black hole route:

Code:
Router(config)# int null0
Router(config-if)# no ip unreachable
Router(config)# ip route 1.1.1.1 255.255.255.0 null0

this statement sends all traffic arriving on this router to the null0 interface — in effect, discarding it and sending it to the black hole.
You could also redistribute this route into your dynamic routing protocol and have it sent to all other routers on your network. Then, all routers would send traffic to your router, and your router would drop that traffic.
Using ISP back hole you could limit some bad traffic, imagine that the target IP for the DDOS is 1.2.3.4 and my AS is 1234. The transit provider is 1000 and he blackhole community is tagged with 666.
On a cisco router I may use the following to blackhole the traffic before the
traffic enter my network.
router bgp 1234
bgp router-id 1.2.3.4
redistribute static route-map static-to-bgp
..
..
!
route-map static-to-bgp permit 5
match tag 666
set community 1000:666 additive
!


Regrads

El-Farhatz
Find all posts by this user
Quote this message in a reply
08-11-2010, 08:44 PM
Post: #2
El-Farhatz Offline
Moderator Keren
****
Global Moderators 		Posts: 1,597
Joined: May 2010
Reputation: 46
RE: Stop DDOS attacks on a cisco router
wew sepi ,,, ketawa ,,, ntar ah pas gath aja dibahas ketawa
Find all posts by this user
Quote this message in a reply
08-12-2010, 06:51 AM
Post: #3
wahyu_devilzc0de™ Offline
IBI Darmajaya - Lampung
****
Global Moderators 		Posts: 1,582
Joined: Dec 2009
Reputation: 184
RE: Stop DDOS attacks on a cisco router
ora sepi kok mas, mari kita ramamaiken.
mas, beda atau tidak, kalau router cisco kita diberi firewall untuk drop itu paket?, saya sih kyk gitu mas. :)
Visit this user's website Find all posts by this user
Quote this message in a reply
08-12-2010, 07:59 AM
Post: #4
anbu Away
-|Devilzc0de Ganteng Only|-
****
Global Moderators 		Posts: 3,046
Joined: Feb 2010
Reputation: 47
RE: Stop DDOS attacks on a cisco router
berat maen cisco...ilmunya belum sampe ane


ijin meratin aja kapan kapan harus belajar cisco
Visit this user's website Find all posts by this user
Quote this message in a reply
08-12-2010, 10:26 PM (This post was last modified: 08-12-2010 10:31 PM by El-Farhatz.)
Post: #5
El-Farhatz Offline
Moderator Keren
****
Global Moderators 		Posts: 1,597
Joined: May 2010
Reputation: 46
RE: Stop DDOS attacks on a cisco router
(08-12-2010 06:51 AM)wahyu_devilcode Wrote:  ora sepi kok mas, mari kita ramamaiken.
mas, beda atau tidak, kalau router cisco kita diberi firewall untuk drop itu paket?, saya sih kyk gitu mas. :)

bisa mas, firewall ada ips ada ids , nah dia intinya buka yg dizinkan tutup sisanya, trus dia jg kenali paket data aneh, msl nya koneksi yg establish atau fail. mantap

tapi diingat firewall bukan segalanya ketawa ,

ada seperangkat server buat firewall , namanya watchguard , tapi dia bikin berat , karena data keluar dan masuk kudu melalui dia , dia menggunakan fungsi bridge , jadi bisa ga di detect sama orang yg ska usil , kalo ente trace dia, gadapet , besok ada filmnya tuh di rcti , firewall judulnye ketawa ,

server watchguard , digunakan departemen departemen biasanya , setahu ana , wallahua'lam mantap

nah firewall yg di bridge susah kita deteknya, karen dia memfilter paket dgn manggle. tapi secara fisik susah kita serang , kita bisa kelabui dari dalam. nah itu soceng yg main.

mantap
(08-12-2010 07:59 AM)ade yonatan Wrote:  berat maen cisco...ilmunya belum sampe ane


ijin meratin aja kapan kapan harus belajar cisco

wah sama mas , ane juga baru belajar ketawa . yg penting kemauan sama semangat ketawa mantap
Find all posts by this user
Quote this message in a reply
08-12-2010, 11:04 PM
Post: #6
wahyu_devilzc0de™ Offline
IBI Darmajaya - Lampung
****
Global Moderators 		Posts: 1,582
Joined: Dec 2009
Reputation: 184
RE: Stop DDOS attacks on a cisco router
(08-12-2010 10:26 PM)El-Farhatz Wrote:  bisa mas, firewall ada ips ada ids , nah dia intinya buka yg dizinkan tutup sisanya, trus dia jg kenali paket data aneh, msl nya koneksi yg establish atau fail. mantap

tapi diingat firewall bukan segalanya ketawa ,

ada seperangkat server buat firewall , namanya watchguard , tapi dia bikin berat , karena data keluar dan masuk kudu melalui dia , dia menggunakan fungsi bridge , jadi bisa ga di detect sama orang yg ska usil , kalo ente trace dia, gadapet , besok ada filmnya tuh di rcti , firewall judulnye ketawa ,

server watchguard , digunakan departemen departemen biasanya , setahu ana , wallahua'lam mantap

nah firewall yg di bridge susah kita deteknya, karen dia memfilter paket dgn manggle. tapi secara fisik susah kita serang , kita bisa kelabui dari dalam. nah itu soceng yg main.
ok2 mas, ane maksud sekali. trus share ilmu cisconya mas bro, ane sangat perlu untuk menambah ilmu. :)
Visit this user's website Find all posts by this user
Quote this message in a reply
08-12-2010, 11:07 PM
Post: #7
El-Farhatz Offline
Moderator Keren
****
Global Moderators 		Posts: 1,597
Joined: May 2010
Reputation: 46
RE: Stop DDOS attacks on a cisco router
ane masih salut aja ama perangkat watchguard ini , mantep bener eui , lagi cari cara wat bypassnya ketawa , xixixi

soalnya dah perangkatnya mahal , manteb pulak , sama ssl thawte / verisign, itu yg biasa dipake di departemen , harganya ga nahan ketawa . bagi yg demen carding , kalo order web pake cc orang , disitus yg ada thawte nya , jarang yg dapet tracking order nya ketawa


hehe malahan nyambung ke ssl mantap , buat mas wahyu , jgn lupa sering sering share dimari , ok bro ?....
Find all posts by this user
Quote this message in a reply
08-12-2010, 11:18 PM
Post: #8
wahyu_devilzc0de™ Offline
IBI Darmajaya - Lampung
****
Global Moderators 		Posts: 1,582
Joined: Dec 2009
Reputation: 184
RE: Stop DDOS attacks on a cisco router
(08-12-2010 11:07 PM)El-Farhatz Wrote:  ane masih salut aja ama perangkat watchguard ini , mantep bener eui , lagi cari cara wat bypassnya ketawa , xixixi
sejauh ini watch guarder emang ampuh bener mas, ane juga masih jembol mas itu.
(08-12-2010 11:07 PM)El-Farhatz Wrote:  hehe malahan nyambung ke ssl mantap , buat mas wahyu , jgn lupa sering sering share dimari , ok bro ?....
oke mas bro, dengan senang hati :)
Visit this user's website Find all posts by this user
Quote this message in a reply
08-12-2010, 11:24 PM
Post: #9
El-Farhatz Offline
Moderator Keren
****
Global Moderators 		Posts: 1,597
Joined: May 2010
Reputation: 46
RE: Stop DDOS attacks on a cisco router
watchguard emang top markotop . ane kemaren dah trial eroor coba bypas disalah satu server. tapi masih dalam tahap pengembangan.
iya watchguard fiturnya aja ada yg XTM, Multi Function Firewall, ama XCS , Content Security , ama ssl dan vpn dia jual

cek aja dimari : http://www.watchguard.com/products/
harganya aja selangit ketawa , heheh
Find all posts by this user
Quote this message in a reply
08-12-2010, 11:28 PM
Post: #10
wahyu_devilzc0de™ Offline
IBI Darmajaya - Lampung
****
Global Moderators 		Posts: 1,582
Joined: Dec 2009
Reputation: 184
RE: Stop DDOS attacks on a cisco router
(08-12-2010 11:24 PM)El-Farhatz Wrote:  cek aja dimari : http://www.watchguard.com/products/
harganya aja selangit ketawa , heheh
ane sih, kalau masalah harga urusan si Bos, ane hanya buruh disitu. thanks mas bro.
Visit this user's website Find all posts by this user
Quote this message in a reply
Post Reply 


Topic Tools
Topic Link :
BBCode :
HTML Code :
View a Printable Version Send Thread to a Friend Subscribe to this thread
Submit Google Submit Face book Submit to Digg Submit to Reddit Submit to Furl Submit to Del.icio.us Submit to Jeqq

Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  [Ask] Help with BGP cisco justlearn 10 862 05-18-2012 03:59 AM
Last Post: zero_14
  download IOS cisco semuanya kk! terserahdeh 22 4,439 05-09-2012 03:39 PM
Last Post: seagat3
  modul cisco 1 - dst lengkap mas plus ada deh!! wahyu_devilzc0de™ 15 5,786 04-05-2012 10:49 PM
Last Post: akhew_jr
  Konfigurasi VoIP di Cisco zero_14 4 344 03-02-2012 07:04 PM
Last Post: zero_14
  [Ask] Limit BW per IP di CISCO sunawan 3 286 02-14-2012 04:57 PM
Last Post: N4ck0
  [Tutor] Konfigurasi Dasar Router Cisco ( IP address , RIP , DHCP , NAT ) Motaro Irhaby 18 867 02-09-2012 03:22 PM
Last Post: c33yber
  [Ask] clearing historiy internet in router cisco death voice 6 443 01-12-2012 03:40 PM
Last Post: death voice
  konfigurasi dasar Cisco Motaro Irhaby 13 1,330 11-30-2011 12:49 PM
Last Post: Motaro Irhaby
  [SHARE] tentang pengalaman sertifikasi Ujian CISCO CCNA biemabbit 15 6,537 04-28-2011 05:03 AM
Last Post: trayzero
  Setting Password Router Cisco terserahdeh 10 2,355 04-24-2011 07:52 AM
Last Post: mwiyoto

Users Browsing
1 Guest(s)


Stop SOPA/PIPA | Discuss !