1
1
currently I am receiving an attack against one of my services running on Windows Server 2008 R2 with malicious UDP packets all of a specific length. I have tried dropping these packets with a plugin to the application however once these packets reach the app it is too late, the extra CPU cycles it spends dropping these packets in the plugin causes the service to crash.
How can I drop these large UDP packets before they reach my app which will work with my current OS. Any ideas?
Thank you in advance!
Fisherman
Posted 2014-04-23T11:57:31.140
Reputation: 11
Software recommendations are off topic- I updated your question so it still reads the same, but just removed the recommendation bit – Dave – 2014-04-23T12:02:42.827
Windows Firewall cannot do this, do you have any other devices in the path that has a more advance firewalling capability? You could do this with
iptablesif you have a linux box handy. – Paul – 2014-04-23T12:34:53.317The basic answer would be to use a hardware or software firewall solution. Since we don't really do hardware/software recommendations and your criteria is still a bit broad, I'd suggest starting by reading up on types of firewalls and how they work: http://en.wikipedia.org/wiki/Packet_filtering. What you appear to be looking for is a first generation type.
– MaQleod – 2014-04-23T19:42:11.533