Portal Home > Knowledgebase > Articles Database > Windows Server 2003 DDoS Protection
Windows Server 2003 DDoS Protection
| Posted by Flinstone, 07-02-2010, 04:02 PM |
| Can someone give me some tips on how to block ddos attacks on a windows server 2003?
It can easily be taken down by shell scripts.
Please help.
|
| Posted by AttackerNET, 07-02-2010, 04:42 PM |
| Hello,
Please execute the following command to see all connections:
netstat -noa| find /c "80"
Find the IP address which is having maximum number of connection and block it using your firewall or if you are using IPSec, Also you may need to harden your TCP/IP stack, You can do this by editing your registry.
Regards,
|
| Posted by centauricw, 07-03-2010, 03:13 AM |
| Windows Server 2003 doesn't have anything to mitigate a DDoS attack. It's firewall is pretty cheesy and TCP/IP stack isn't that configurable. You generally need to have a real firewall in front of the Windows server. Linux actually makes a nice firewall to put in front of a Windows server.
If you can't put a real firewall in front the Windows server, I've had good success hardening the TCP/IP stack using the Port Filtering in the Advanced tab of the TCP/IP properties. Here you deny everything except those ports that you want open. I've work with servers configured like this and they managed to hold their own.
|
| Posted by Flinstone, 07-03-2010, 05:33 PM |
| how can i block all udp ports?
|
| Posted by AttackerNET, 07-03-2010, 05:46 PM |
| This may help you :
http://support.microsoft.com/kb/816792
Sincerely,
|
| Posted by Flinstone, 07-03-2010, 06:11 PM |
| i already tried that but i can still flood myself using a udp flood script.
|
| Posted by centauricw, 07-03-2010, 11:07 PM |
| Which is why you need a real firewall in front of a Windows Server 2003 system. Windows 2003 is still suffering from a bias that it's going to be part of a protected corporate network. You may be able to find a software firewall for Windows, but a hardware or Linux firewwall is best.
|
| Posted by Flinstone, 07-04-2010, 01:09 PM |
| can anyone recommend me some good windows software firewalls?
|
| Posted by arun_kris, 07-06-2010, 10:47 AM |
| Use Visnetic firewall. It's a good one.
|
| Posted by viGeek, 07-06-2010, 10:24 PM |
| Haven't used a software firewall on windows in a few years, but I can recall BlackICE being very good, I believe it was bought out by IBM and they later discontinued it. Also believe it's now free assuming you can find it and luckily this site has it. I've used it on Windows 2000 and 2003 32-bit, unsure about 64-bit comparability.
http://ituploads.com/security/black-...wall-download/
|
| Posted by Flinstone, 07-11-2010, 08:45 PM |
| i still need more tips.
anyone can help?
|
| Posted by Flinstone, 07-11-2010, 11:44 PM |
| how can i block outbound traffic using windows 2003?
|
| Posted by jackpx, 07-12-2010, 07:06 AM |
| Use ipsec ...
|
| Posted by tweakservers, 07-12-2010, 09:55 AM |
| How large is your attack? If you hit particular level of attack which makes your server unresponsive, contacting your provider to drop the packet at their network firewall / router (if they do support this) will be an option
|
| Posted by Flinstone, 07-12-2010, 07:44 PM |
| it makes server lag for about 10-15 seconds.
has anyone tried d-guard before?
|
| Posted by Flinstone, 07-12-2010, 10:47 PM |
| BlackIce PC Protection seems to shut down by itself every time I try to start it up.
Anyone know how to fix?
|
| Posted by larmib, 03-10-2011, 02:37 PM |
| how can i block all udp ports?"
Here's an easy solution: blog.larmib.com/2011/stop-outbound-udp-floods-on-your-windows-server-2003-or-2008/
If you want to simply block all inbound connections use:
add 130 drop udp from any to any in
I hope that helps.
|
Add to Favourites 
Print this Article
Also Read
Virpus Down (Views: 812)