# Help me choosing a good firewall to stop low ddos attack...



## xKri (Sep 16, 2012)

Hi guys,
my server is always under ddossing... x( I need something to stop that!

Limiting connection per IP (10Kb/s) and connections per IP (10 connection) can be useful?!

Another question: Is IPFW a good firewall to do that?

Thanks in advance.
Regards.


----------



## zer0sig (Sep 17, 2012)

If the DDoS is flattening your router/switch, it won't help to set those kinds of parameters.

Do you know what kind of DDoS it is? what kind of traffic? Are you analyzing the packets? If you can narrow down the attacking hosts to ranges of IPs you can report them to either your internet provider or theirs. It turns out that most ISPs do not like being the source for DoS attacks. 

Do you have other hosts on the network that can get out okay? If so, limiting the traffic per IP in terms of # of connections or throughput can be useful, even moreso from a router or switch. If they cannot, you must get further up the data path as connections are still passing through routers and switches before they get to your freeBSD server.


----------

