Jump to content

On DDOS protection

Recommended Posts

  • Premium

Hello everyone.  As some may know, I make a living from securing servers against ddos attacks and intrusions, among other less exciting administrative tasks. I also mantain a blog about FreeBSD which you can visit here https://freebsdis.fun where I try to share some tutorials I wrote on common tasks on FreeBSD.

I would like today to write a word of warning to those who are considering their security, as well as a sort of answer to someone who suggested I should publish my system because others are profiting from it.

My first thought is I don't give a crap if you pay 400 euro to some random dude you're the one getting scammed not me.

If you wonder what am i talking about: In the past I posted occasionally some configurations for the pf firewall and other useful materials, and more recently I coded, with my basic knowledge of PHP, a simple and poorly written script to whitelist IPs on your firewall, which I named Gatekeeper. (By the way I do not recommend you to follow any of my posts you see anywhere except for those in the blog which I do keep reasonably updated)

Anyhow back to the topic I have installed this script, or system, for a number of clients who wanted to have a better chance of resisting DDoS attacks. I consider it a tool in my arsenal, rather than some definitive solution to attacks. In other words, it's not something you can install with a nice installer script and sleep better at night. It's just a quick and dirty fix to a very specific problem, one which I had to perfect with various additions until it became sort of foolproof. There are many other problems or attack vectors that this script will do nothing about.

Regardless, quite a lot of people have seen fit to take this script and resell it to others, in most cases for a higher price than I was charging myself for my full service. It is also vox populi that there is this portugese guy whose name would be pointless to repeat and who "sells" a "protection system" which basically consists on a bunch of firewall configurations and a proxy whose only function is hide the fact that the one who is attacking you in the first place is himself. Needless to say none of these people have much of a notion about security, but that never stopped the bold and the brave from making a buck in the scene did it?

Let me get this straight: just like an antivirus won't save you from getting hacked if you use 1234 as password and believe in nigerian prince, there's no "file" or "config" or "solution" that will save you from DDoS attacks. The only defense against a DDoS attack is having the expertise and skill on your side. But I don't intend this to become an advertisement for my services, which I cannot provide as much as I they are demanded. But I have been there, I have mindlessly copied things thinking they would magically fix stuff without me needing to understand them in the first place.

If you are worried about DDoS attacks in general, but you have no particular enemies, you will probably get attacked by our portuguese friend, and you may just play along with the extorsion just to get rid of it.

Or you may have other attackers who actually want to see you down rather than make money, in which case you should contact someone who knows what he is doing.

By the way...

FreeBSD 14 is out. It has a much newer PF on it than FreeBSD 13, where you can do some cool stuff. FreeBSD 13 also has a much newer PF than the PF on FreeBSD 12 which is probably older than you. Just so you can start seeing the tip of the iceberg of the problem with just copying some pf.conf files and why I'm not "sharing the stuff": because there is nothing to share unless one day I decide to write a whole book I would be fooling you if I told you X is going to keep you safe. Ah, and Linux is trash.

Have a nice day.

Edited by Shogun
  • Metin2 Dev 1
  • Flame 1
  • Good 3
  • muscle 3
  • Love 4
Link to comment
Share on other sites

  • 2 weeks later...
  • Premium

Glad you've posted this here @ Shogun, people who sell other people's lost nights, anxiety and stress, are just some rats which are trying to escape the Paris canals. Many of them don't even know what they sell, they just install it and that's it, if there's in need of adjustments, pray to god for support, cause the guys who install it, will never know how to fix it.

We both know who we're referring to, we hope he will realize what he did and stop being filthy.

For those who still want to buy Shogun's services, you're buying support not only the protection, he's one of the best people i know which really know security and the passion behind an operating system. Support means more than anything in this world at the moment.

Stay humble


Link to comment
Share on other sites

  • Create New...

Important Information

Terms of Use / Privacy Policy / Guidelines / We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.