被人DDOS攻擊而成日斷線

近幾日成日斷線, 看router 個log 如下

Dec 13 09:14:44
      
DOS [UDP]: Attack Incoming 218.254.113.9->61.238.54.122 [UDP Flood]
Dec 13 09:02:15
      
DOS [UDP]: Attack Incoming 218.254.113.9->61.238.54.122 [UDP Flood]
Dec 13 09:01:46
      
DOS [UDP]: Attack Incoming 61.10.246.109->61.238.54.122 [UDP Flood]
Dec 13 09:01:34
      
DOS [UDP]: Attack Incoming 218.254.113.9->61.238.54.122 [UDP Flood]
Dec 13 09:01:19
      
DOS [UDP]: Attack Incoming 218.254.113.9->61.238.54.122 [UDP Flood]
Dec 13 09:01:16
      
DOS [UDP]: Attack Incoming 218.254.113.9->61.238.54.122 [UDP Flood]
Dec 13 09:01:12
      
DOS [UDP]: Attack Incoming 218.254.113.9->61.238.54.122 [UDP Flood]
Dec 13 09:00:33
      
DOS [UDP]: Attack Incoming 122.121.217.145->61.238.54.122 [UDP Flood]
Dec 13 09:00:16
      
DOS [UDP]: Attack Incoming 121.154.63.213->61.238.54.122 [UDP Flood]
Dec 13 08:58:39
      
DOS [UDP]: Attack Incoming 218.254.113.9->61.238.54.122 [UDP Flood]
Dec 13 08:58:37
      
DOS [UDP]: Attack Incoming 218.254.113.9->61.238.54.122 [UDP Flood]
Dec 13 08:58:36
      
DOS [UDP]: Attack Incoming 218.254.113.9->61.238.54.122 [UDP Flood]
Dec 13 08:58:31
      
DOS [UDP]: Attack Incoming 218.254.113.9->61.238.54.122 [UDP Flood]
Dec 13 08:58:30
      
DOS [UDP]: Attack Incoming 218.254.113.9->61.238.54.122 [UDP Flood]
Dec 13 08:58:29
      
DOS [UDP]: Attack Incoming 218.254.113.9->61.238.54.122 [UDP Flood]
Dec 13 08:57:52
      
DOS [UDP]: Attack Incoming 218.254.113.9->61.238.54.122 [UDP Flood]
Dec 13 08:57:41
      
DOS [UDP]: Attack Incoming 218.254.113.9->61.238.54.122 [UDP Flood]
Dec 13 08:57:22
      
DOS [UDP]: Attack Incoming 218.254.113.9->61.238.54.122 [UDP Flood]
Dec 13 08:57:16
      
DOS [UDP]: Attack Incoming 218.254.113.9->61.238.54.122 [UDP Flood]
Dec 13 08:56:13
      
DOS [UDP]: Attack Incoming 218.254.113.9->61.238.54.122 [UDP Flood]
有甚麼解決方法?
router 型號是planex brl-04ur, 用bb100上網
用緊nod32

用部勁機黎做router 4GB ram

TOP

bb100,可能可以 try try 轉 router wan的 mac address (clone 第2 個 mac addr) 來 force 轉 ip

TOP

提示: 作者被禁止或刪除 內容自動屏蔽

TOP

原帖由 rhkl 於 2008-12-13 11:44 發表

人地應該成個subnet  咁做UDP Attack
或者client 機有software 「裡應外合」

如果成個 subnet, 只有 report hkbn 了.

要轉 ip, 就是想試是不是有 malware 裡應外合

TOP

好多彊屍 , 根本就只可以report hkbn,
不過其實, hkbn的server都會好大loading..

[ 本帖最後由 jackli 於 2008-12-13 12:05 編輯 ]

TOP

提示: 作者被禁止或刪除 內容自動屏蔽

TOP

提示: 作者被禁止或刪除 內容自動屏蔽

TOP

個人做到的, 都係用部勁機擋

TOP

原帖由 rhkl 於 2008-12-13 12:14 發表

HKBN can do nothing indeed
除非開恆firewall block 所有UDP Packet


  hkbn, 採你都傻 , 除非好過份,
不過正常屋企, 都無咩可能同時間hold 百萬條連線 , 又唔係做server....

TOP