Page 1 of 1

How can i defend a DDOS attack

Posted: Tue Dec 10, 2019 1:51 pm
by palmy100
Hi,

Router = BiPac 880NL R2.

We are experiencing an amplified reflection DDOS attack - CLDAP - port 389 UDP. This is attacking our Windows Server SBS 2011 (Win Server 2008) - I've found some advice online about setting a Local Security Policy on the Server to block UDP 389 but that results in Active Directory breaking so my users can't authenticate.

Is there a way to set up the BiPAC router firewall to stop this. I've looked at Incoming Filters but not sure how to configure it properly.

Thanks in advance.

Re: How can i defend a DDOS attack

Posted: Tue Dec 10, 2019 3:00 pm
by billion_fan
palmy100 wrote:
Tue Dec 10, 2019 1:51 pm
Hi,

Router = BiPac 880NL R2.

We are experiencing an amplified reflection DDOS attack - CLDAP - port 389 UDP. This is attacking our Windows Server SBS 2011 (Win Server 2008) - I've found some advice online about setting a Local Security Policy on the Server to block UDP 389 but that results in Active Directory breaking so my users can't authenticate.

Is there a way to set up the BiPAC router firewall to stop this. I've looked at Incoming Filters but not sure how to configure it properly.

Thanks in advance.
Try following the attached screen shot

Re: How can i defend a DDOS attack

Posted: Wed Dec 11, 2019 2:53 pm
by palmy100
Thanks - fingers crossed that this works for us. Looking good at the moment.

Re: How can i defend a DDOS attack

Posted: Wed Dec 18, 2019 6:49 am
by anajames
Its a very hit or miss. Contrary to most providers ways of doing it, IP’s are generally assigned for DSL service. Sometimes Disconnecting the connection for a bit will hault the attack and provide you specifics on it.