Author

Topic: How can I tell if I am being DDOS'd? (Read 50596 times)

legendary
Activity: 1400
Merit: 1005
June 29, 2011, 01:00:27 PM
#3
I hate when Yahoo Answers sometimes seems helpful http://answers.yahoo.com/question/index?qid=20090211201758AAz6Xzv

But if the traffic is being blocked at the router level because it's the wrong port, command-line commands from my server (or any other machine on the network) isn't going to do me any good.  So I need some way to analyze the traffic using DD-WRT... at least, I think I do.

I suppose this might be a valid answer though:
Quote
If you were honestly getting hit with a DDOS, you wouldn't even get a ping reply and you'd be unreachable. A DDOS attack will take down big servers. Your little wimpy connection isn't even a match for a good DOS attack.
Though I guess it also depends on the scale of a DDOS attack too (or maybe it's just a simple DOS attack).
hero member
Activity: 630
Merit: 500
Posts: 69
June 29, 2011, 12:45:31 PM
#2
I hate when Yahoo Answers sometimes seems helpful http://answers.yahoo.com/question/index?qid=20090211201758AAz6Xzv
legendary
Activity: 1400
Merit: 1005
June 29, 2011, 12:35:11 PM
#1
I run a gameserver off of my residential internet connection (50/10).  It's worked great for the last 8 months or so.  Suddenly, I am getting complaints of extreme lag without any evidence of server problems.  I am wondering if I am getting a DDOS attack, perhaps someone disgruntled from being banned from the server or something.  I've had several threats sent my way with that sort of implication.

I've run speedtests, though I haven't had the opportunity to run one during a laggy period, and they come out fine.  15ms ping to the closest server, connection speeds are spot-on.

I use this router with DD-WRT:  http://www.newegg.com/Product/Product.aspx?Item=N82E16833320038

The incoming log table shows a lot (20-30) of incoming requests for ports 27733 and bootpc.  Not sure whether those requests are related to the gameserver at all, though the actual game service does not utilize either of those ports as far as I am aware, and neither of them are opened in my NAT table.

What would be the easiest way to tell if someone is trying to DDOS me?
Jump to: