# Problem :(



## Armando (Jun 30, 2012)

[font="Franklin Gothic Medium"]Hi I had a problem with my dedicated, I put all the protection possible, ipwf, pf, pfSense, kernel fix. however, the same as a DoS I do?​[/font] [*]

Hi. I had a problem with my dedicated server. I put in all the protection possible, ipwf, pf, pfSense, kernel fixes. *H*owever, the same as a DoS I do? _[ What? -- Mod. ]_


----------



## _martin (Jun 30, 2012)

Armando said:
			
		

> Hi. I had a problem with my dedicated server. I put in all the protection possible, ipwf, pf, pfSense, kernel fixes. *H*owever, the same as a DoS I do?


Man, that's one cryptic question.  I sense you wanted to ask about DoS attack protection?

Server has to deal with the unwanted traffic even if you block it on its firewall -- not an ideal situation. You have to protect yourself at least one (routing) hop before. This all depends on your network topology but if you have your server hosted somewhere it's ISP who can help you with blocking the traffic.

If you were already hacked and need to recover, don't apply any "kernel fixes" - go for a restore or clean install if you don't have backups.


----------



## Armando (Jul 1, 2012)

_*yes but what i can do to block the traffic by my self because where i have hosted my dedicat server don't help me and they only close the dedicat when i have DoS attack.*_

*Y*es*,* but what can *I* do to block the traffic by myself*,* because where *I* have hosted my dedicat*ed* server, they don't help me and they only close the dedicat*ed* server when *I* have a DoS attack.

[*] [*] [*]


----------



## _martin (Jul 1, 2012)

Well, then you have to change the hosting services :/. You can't block the (D)DoS yourself. You can set the firewall up and block it, but those packets will still go through the ISP's infrastructure to you.

It might be you caught a script kiddie in action. What service is he trying to reach? Set the default block and allow only IPs you know they use the service, if possible. You can also combine it with connection limit (IP connection per time per service) and put it to blacklist afterwards.  

But still your ISP might cut you off as all these won't prevent high network peeks on his infrastructure.


----------

