0

I would love to know, If you know some way to mitigate DDos/Dos attacks on Windows. In Linux we can Mitigate using the IPTables Almighty, but I wonder If there is something like that in Windows.

I am talking about pure Window Protection, No Cloud Based Protection like CloudFlare and Porxy like Nginx.

HopelessN00b
  • 53,385
  • 32
  • 133
  • 208
Ammar Brohi
  • 11
  • 1
  • The OP is asking for a native Windows firewall that supports DDoS mitigation techniques like per-connection limitations. This isn't a duplicate of the "What is a DDOS" thread. This one is closer, potentially helpful: http://serverfault.com/questions/613303/limit-connections-per-ip-windows-2008-r2-x64 – jlehtinen Jan 21 '15 at 17:02
  • @jlehtinen Thanks, I have gone through all, but these are for brute force/Dictionary Attacks, I wonder if you know installing mod_evasive for WAMP/XAMPP. – Ammar Brohi Jan 21 '15 at 17:25
  • Sorry, I have not used mod_evasive. I don't know of a Windows firewall solution that gives this flexibility - I always end up putting Windows boxes behind some other firewall like pfsense for this exact reason. – jlehtinen Jan 21 '15 at 19:36

1 Answers1

0

iptables is a firewall. It does not mitigate a DDoS attack, because by the time the traffic reaches your software firewall, it has already consumed your bandwidth and succeeded in its purpose.

Any firewall software on Windows (including the built-in one) is every bit as successful at mitigating DDoS attacks as iptables is on Linux.

The only real solution to a DDoS is to get the traffic dropped up stream, by your ISP or their upstream provider, assuming you don't already have a distributed, resilient infrastructure setup in place that's designed to withstand DDoS attacks, of course.

HopelessN00b
  • 53,385
  • 32
  • 133
  • 208
  • We can use IPTables to mitigate using this: iptables -I INPUT -p tcp --dport 80 \ -m connlimit --connlimit-above 20 --connlimit-mask 32 -j DROP > This will, stop further requests at port 80 after 20. I wonder how and what firewall can do this for Windows. – Ammar Brohi Jan 21 '15 at 16:33
  • That IS mitigation. If he said "prevent DDOS" than your first statement would be more true. – jlehtinen Jan 21 '15 at 16:55