3

Just out of curiosity...
Is there a way to prevent a DDoS attack using settings in the Router? Like, changing the DNS Port to maybe 54 because most people just spam 53 with random packets?

Comments
  • 0
    1. You mean Modem

    2. Maybe with a custom modem. If you set your Modem (Fritzbox or alike) to bridging mode you can use your Linux/Windows PC as Modem and install a routing script (so you have a router) and then it should be possible I know there are Linux tools out there to prevent it
  • 0
    Do you roll your own public dns server?
  • 0
    @raldo94 no, I just want to know if it's possible (for private use).
  • 2
    @EaZyCode I would say you could just change all public ports to something else than defaults to avoid unnecessary traffic from scrapers. Other than that you could tune application specific stuff.

    dos/ddos by sheer volume is not possible to protect against.

    you could setup the state full firewall in the gateway, other than that you would probably need to invest in hardware or atleast check what your current hardware is capable of
  • 0
    You can put services on what port you like, but if you're offering them publicly, don't expect many legitimate users either.

    If your DNS server is authoritative for a domain on the public Internet, your domain won't work, for anything, if it's not on the usual port.

    If your DNS server is for recursive lookups by clients, you might have trouble configuring those clients to use it if it's not on the usual port. I've never seen the option.
Add Comment