How to use iptables to defend against reflection DDOS attack on Centos

Usually use iptables to drop the UDP fragmented packets, below is the iptables config example:

vi /etc/sysconfig/iptables

 

Reference:

HOW TO DEFEND AGAINST AMPLIFIED REFLECTION DDOS ATTACKS

DDoS attacks – an explanation of amplified reflective UDP-based attacks

Bookmark/Favorites

Leave a Reply

Your email address will not be published. Required fields are marked *