leeter said:There is a possible solution to this problem, most routers can be configured to ignore certain types of traffic, so if say how about this:
only one tcp connection per IP, period (or what ever is needed for normal site usage), anymore will cause a IP packet block at the router level for at least 24 hours.
if UDP isn't used, or is only used in certain ways, block all pings at router level, and block any traffic from ip's that shouldn't be using UDP for at least 24 hours.
the key here is that you ignore any traffic from that ip for at least 24 so sustained DDOS should quickly drop off, mind though I am a dev coder not a net coder so, I would find one of them and confirm everything above before implementing.
Doesn't work. DDoS' evolved because of "high-speed" internet. Namely, one jackass sitting on a college network with tons of bandwidth couldn't take down that annoying website he hates, anymore. DDoS works, not by the traffic itself, but by overloading the throughput. You literally have to contact the ISP that does the server-hosting, to deal with a DDoS