Results 1 to 38 of 38
  1. #1
    Join Date
    Mar 2004
    Posts
    1,005

    Dos attack whcih cant be stoped

    Hello Everyone,

    I am hosted at Theplanet.com
    Its been a second day i am under teh Dos attack which no one can stop,the tcech guys i have hired,the Cisco guard at Theplanet !

    I am simply offline and cant get online the second day,can anyone please recommend me anything ?

    All antidos mudules etc were installed so far but they didnt helped !
    Best Regards,
    Namesniper

  2. #2
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,290
    Sometimes, you just cant stop a ddos from the server, you have to invest in ddos hardware.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  3. #3
    Join Date
    Mar 2004
    Posts
    1,005
    Ok but may i ask you post everything you would do in this case o i check if i have performed all those tasks ?

    As of hardware then can cisco pix 501 100% protect you from ddos ?


    Originally posted by thelinuxguy
    Sometimes, you just cant stop a ddos from the server, you have to invest in ddos hardware.
    Best Regards,
    Namesniper

  4. #4
    Join Date
    May 2002
    Location
    Moscow
    Posts
    1,490
    no, it is not possible, because how-to about DDOS just not exist.
    regarding Cisco - yes, it is not bad hardware, but for your type DDOS attack i think it will not good solution. Most likely you need filter request under few rules which can't be used by Cisco.
    Rustelekom LLC Dedicated server since 2002, RIPE NCC member, LIR, AS51168

  5. #5
    Join Date
    Jan 2005
    Location
    Scotland, UK
    Posts
    2,549
    Firstly, see what type of attack it is.

    Ping attacks can be solved by ignoring pings.
    UDP is very hard to stop, even blocking ips with iptables will not resolve it fully.
    Syn, syn cookies help but not very good.

    ---

    Hardware firewalls are the way to go, or just null the ip and use another temporarily.
    Server Management - AdminGeekZ.com
    Infrastructure Management, Web Application Performance, mySQL DBA. System Automation.
    WordPress/Magento Performance, Apache to Nginx Conversion, Varnish Implimentation, DDoS Protection, Custom Nginx Modules
    Check our wordpress varnish plugin. Contact us for quote: [email protected]

  6. #6

    DDoS attack that cannot be stopped

    Check out Top Layer IPS. It is used in many hosting companies to stop DDOS attacks

  7. #7
    Join Date
    Mar 2004
    Posts
    1,005
    Its more UDP like
    They are requesting thuzands of pages from thouzands of ips so even if they request one page from 1000 ip during one minute the server will go down



    Originally posted by HostGeekZ
    Firstly, see what type of attack it is.

    Ping attacks can be solved by ignoring pings.
    UDP is very hard to stop, even blocking ips with iptables will not resolve it fully.
    Syn, syn cookies help but not very good.

    ---

    Hardware firewalls are the way to go, or just null the ip and use another temporarily.
    Best Regards,
    Namesniper

  8. #8
    Join Date
    Jun 2005
    Location
    Blue Springs, MO
    Posts
    17
    Block UDP on port 80.

    Rebecca

  9. #9
    Join Date
    Mar 2004
    Posts
    1,005

    Re: DDoS attack that cannot be stopped

    Unfortunally its not used at theplanet,they are using cisco guard which doesnt helping much in my case


    Originally posted by abhayjoshi
    Check out Top Layer IPS. It is used in many hosting companies to stop DDOS attacks
    Best Regards,
    Namesniper

  10. #10

    DDOS attack

    Top Layer is used by datacenters like Globix..Some of the features in the Top Layer IPS that can help you are:

    DNS request validation

    IP request limiting (for UDP requests like DNS or SIP)
    This can be applied on a threshold on the server (total/aggregate) or per client IP

    SYN FLood like user characterization algorithm for DNS that tracks/characterizes requestors and blocks them if deemed malicious

    Let me know if you want me to call you and discuss.

  11. #11
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    11,686
    There is absolutely no way to stop a true ddos attack without a hardware firewall. Invest in TP's firewall and your system will be under control in no time flat.

    A true ddos attack will make your system unusable, unreachable, and attack you on so many levels that your system can't handle it. This is why it is imperative that you get something like a hardware firewall if you're getting constantly attacked.

    Without firewall:
    DOS attacks server
    |
    Server has to process attack
    |
    Server has to process iptables (or other firewall) rules
    |
    Server get loaded down

    With hardware firewall:
    Dos attacks server
    |
    Hardware firewall repels attack
    |
    Server goes on moving, no problems at all.
    WHMCS Guru - WHMCS addons, management, support and more.
    WHMCS Notifications Extended - Add slack, hipchat, SMS, pushover to WHMCS !!
    Always looking for Linux, WHMCS, Support Desk work. PM for details

  12. #12
    Join Date
    Mar 2004
    Posts
    1,005

    Re: DDOS attack

    SYN FLood like user characterization algorithm for DNS that tracks/characterizes requestors and blocks them if deemed malicious


    Thats exactly what i need but theplanet doesnt have it ;(

    Call me to discuss what ?


    Originally posted by abhayjoshi
    Top Layer is used by datacenters like Globix..Some of the features in the Top Layer IPS that can help you are:

    DNS request validation

    IP request limiting (for UDP requests like DNS or SIP)
    This can be applied on a threshold on the server (total/aggregate) or per client IP

    SYN FLood like user characterization algorithm for DNS that tracks/characterizes requestors and blocks them if deemed malicious

    Let me know if you want me to call you and discuss.
    Best Regards,
    Namesniper

  13. #13
    Join Date
    Mar 2004
    Posts
    1,005
    Yes but theplanet technician has told me that in my case firewall like cisco pix 501 could been useless and wont help me much



    Originally posted by linux-tech
    There is absolutely no way to stop a true ddos attack without a hardware firewall. Invest in TP's firewall and your system will be under control in no time flat.

    A true ddos attack will make your system unusable, unreachable, and attack you on so many levels that your system can't handle it. This is why it is imperative that you get something like a hardware firewall if you're getting constantly attacked.

    Without firewall:
    DOS attacks server
    |
    Server has to process attack
    |
    Server has to process iptables (or other firewall) rules
    |
    Server get loaded down

    With hardware firewall:
    Dos attacks server
    |
    Hardware firewall repels attack
    |
    Server goes on moving, no problems at all.
    Best Regards,
    Namesniper

  14. #14

    Re: Re: DDOS attack

    Originally posted by NameSniper
    SYN FLood like user characterization algorithm for DNS that tracks/characterizes requestors and blocks them if deemed malicious


    Thats exactly what i need but theplanet doesnt have it ;(

    Call me to discuss what ?
    Well you really have 3 OPTIONS

    1. Move to a datacenter that can offer you that protection

    2. Convince the Planet to buy a Top Layer

    3. Try/Buy one Top Layer yourself for your cage. I know that Top Layer will ask for payment only if it stops the attack

    Let me know if you want to know more.

  15. #15
    Join Date
    Jul 2005
    Posts
    256
    They are requesting thuzands of pages from thouzands of ips so even if they request one page from 1000 ip during one minute the server will go down
    Could you give more accurate numbers?
    1000 pages/minute is easy to deal with. Put a caching Squid in front of your Apache, and force caching of both static and dynamic content. If your website(s) require really dynamic page display (eg. discussion boards) - allow cache bypassing only for logged in users, and put visual confirmation on login form (an image with letters/numbers that a user should type in). Bots won't be able to access pages that cause server load, and serving 1000 pg/min from Squid cache isn't going to make any load. And more importantly, your server won't crash, so you'll be able to detect IPs that are involved in attack, and block them one by one.
    Attackers' resources are always limited. Usually to a few thousand IPs.
    After all attackers' IPs are blocked, you can remove Squid (or turn off caching for dynamic content).

  16. #16
    Join Date
    Mar 2004
    Posts
    1,005
    PerfTuner,

    Your solution may work but requires a lot of tech knowledges to install and implement it

    I have came up hiring www.totalserversolutions.com and after 5 hours of hard job (monitoring attack's algorithm and some other tech details),an attack is beeing mitigated now, even if they continue attacking my server by thouzands of requests per second Apache doesnt failing anymore

    By now Totalserversolutions.com has stopped them,lets see if they change the way they were attacking

    Many thanks to TTS they did more than TP cisco guard !




    Originally posted by PerfTuner
    Could you give more accurate numbers?
    1000 pages/minute is easy to deal with. Put a caching Squid in front of your Apache, and force caching of both static and dynamic content. If your website(s) require really dynamic page display (eg. discussion boards) - allow cache bypassing only for logged in users, and put visual confirmation on login form (an image with letters/numbers that a user should type in). Bots won't be able to access pages that cause server load, and serving 1000 pg/min from Squid cache isn't going to make any load. And more importantly, your server won't crash, so you'll be able to detect IPs that are involved in attack, and block them one by one.
    Attackers' resources are always limited. Usually to a few thousand IPs.
    After all attackers' IPs are blocked, you can remove Squid (or turn off caching for dynamic content).
    Best Regards,
    Namesniper

  17. #17
    Join Date
    Aug 2004
    Location
    Karachi, Pakistan
    Posts
    747
    He's prolly getting HTTP GET flood attacks from multiple spoofed IPs. CiscoGuard (formerly known as Riverhead Guard) is useless - well not useless - handicapped, but actually needs traffic analysis for it to be told what filter to apply.

    Many times companies will invest in CiscgoGuard or TopLayer, etc. without the proper traffic analysis software, this is where companies like Arbor Networks (www.arbornetworks.com) pretty much rule the carrier-level customers and are able to mitigate their threats in conjunction with mitigation equipment from the likes of Captus / Top Layer/ Cisco / Tippingpoint, etc.

    The "main" thing to look at is the setups per second the device can handle, the incoming setups persecond and the bandwidth being used. A pipe flood is the worst thing that can happen to oneself.

    The false sales pitches by merely implementing firewalls will deter DoS/DDoS attacks is a joke. They do *very* little to control attacks. Perhaps thwart off a script-kiddie but nothing more.

    Faisal
    "I drink too much. The last time I gave a urine sample it had an olive in it. ".
    Rodney Dangerfield (from "I Get No Respect!").

  18. #18
    Join Date
    Mar 2004
    Posts
    1,005
    Faisal,

    "CiscoGuard (formerly known as Riverhead Guard) is useless - well not useless - handicapped, but actually needs traffic analysis for it to be told what filter to apply"

    Probably but i guess theplanet.com simply doesnt care about individual customers and didnt want to spend time to add the filter for me

    www.arbornetworks.com shoud be expensive,maybe that the reason they arent buying it?

    The "main" thing to look at is the setups per second the device can handle, the incoming setups persecond and the bandwidth being used. A pipe flood is the worst thing that can happen to oneself.

    You mean the server ?
    They were attacking at 1.5 mbps which is not much but my dual xeon server's apache has gone down in a few minutes

    Perhaps thwart off a script-kiddie but nothing more

    Not sure what do you mean ?


    Originally posted by Babushka99
    He's prolly getting HTTP GET flood attacks from multiple spoofed IPs. CiscoGuard (formerly known as Riverhead Guard) is useless - well not useless - handicapped, but actually needs traffic analysis for it to be told what filter to apply.

    Many times companies will invest in CiscgoGuard or TopLayer, etc. without the proper traffic analysis software, this is where companies like Arbor Networks (www.arbornetworks.com) pretty much rule the carrier-level customers and are able to mitigate their threats in conjunction with mitigation equipment from the likes of Captus / Top Layer/ Cisco / Tippingpoint, etc.

    The "main" thing to look at is the setups per second the device can handle, the incoming setups persecond and the bandwidth being used. A pipe flood is the worst thing that can happen to oneself.

    The false sales pitches by merely implementing firewalls will deter DoS/DDoS attacks is a joke. They do *very* little to control attacks. Perhaps thwart off a script-kiddie but nothing more.

    Faisal
    Best Regards,
    Namesniper

  19. #19
    Join Date
    Aug 2004
    Location
    Karachi, Pakistan
    Posts
    747
    Originally posted by NameSniper

    www.arbornetworks.com shoud be expensive,maybe that the reason they arent buying it?

    You mean the server ?
    They were attacking at 1.5 mbps which is not much but my dual xeon server's apache has gone down in a few minutes

    Not sure what do you mean ? [/B]
    Arbor Network is expensive. US$60k for managing upto 5 routers. and this is just traffic analysis.

    1.5Mbps is not much - I think you may need to have your server checked out. If it was an HTTP GET, your timeout values on your HTTP server could alone bring your machine down. Have it checked by some security guru.
    "I drink too much. The last time I gave a urine sample it had an olive in it. ".
    Rodney Dangerfield (from "I Get No Respect!").

  20. #20
    Join Date
    Dec 2002
    Location
    The Shadows
    Posts
    2,913
    Move to a DC like EV1 where their support is helpful and they actually implemented a "DOS mitigation System"...

    Aside from that, you could try null routing your IP for a few hours... Also, install mod_security, and setup some rules, if they are all requesting the same within one domain, it could be pretty painless to stop...

    Do you have SSH access to your server at the moment?
    Last edited by Sheps; 07-29-2005 at 10:57 AM.
    Dan Sheppard ~ Freelance whatever

  21. #21
    Join Date
    Mar 2004
    Posts
    1,005
    Yes it is HTTP GET ,they have changed the tactics a bit and attacking me again

    I cant keep fighting them forever ,thats DC level issue but theplanet doesnt care !

    Originally posted by Babushka99
    Arbor Network is expensive. US$60k for managing upto 5 routers. and this is just traffic analysis.

    1.5Mbps is not much - I think you may need to have your server checked out. If it was an HTTP GET, your timeout values on your HTTP server could alone bring your machine down. Have it checked by some security guru.
    Best Regards,
    Namesniper

  22. #22
    Join Date
    Mar 2004
    Posts
    1,005
    Are sure that EV1 DoS mitigation system could help in my case ?

    They are requesting the different files within the same domain but i have turn taht website down to stop them

    Mod_security is installed so far and it has helped last time but they are changing their tactics again and again


    Originally posted by Sheps
    Move to a DC like EV1 where their support is helpful and they actually implemented a "DOS mitigation System"...

    Aside from that, you could try null routing your IP for a few hours... Also, install mod_security, and setup some rules, if they are all requesting the same within one domain, it could be pretty painless to stop...

    Do you have SSH access to your server at the moment?
    Best Regards,
    Namesniper

  23. #23
    Join Date
    May 2002
    Location
    Moscow
    Posts
    1,490
    attacker usually change his tactic, so you should be ready to long time war.
    Rustelekom LLC Dedicated server since 2002, RIPE NCC member, LIR, AS51168

  24. #24
    Join Date
    Aug 2004
    Location
    Karachi, Pakistan
    Posts
    747
    At no offense to others who have made their own home-grown remedy for addressing DDoS attacks, but you really ought to be (a) either in a data-center that HAS the correct DDoS mitigatio devices, etc. (b) or have them leased yourself.

    HTTP GET is the worst kind of DoS/DDoS attack (contrary to what others may think). Its worst as in resourceful hungry for your server and network. Chances are some one is using Stacheldraht, or TFN type program to bombard you. Since IP spoofing is going on - there is very little you can do unless you have RPF (Reverse Path Forwarding) turned on and have some for of a connection limiting device installed.

    Your best bet would be to move your server's content/hositng to providers like gigeservers, staminus, etc. who specialize in such mitigation.

    I also would like to say, that its not actually the data-center's responsibility to protect you from DoS/DDoS attacks, this (i.e. prevention) is today a major premium service. With 1000s of servers in a data-center and your server getting 1.5Mbps or even 50Mbps of DDos traffic is hardly worth investigating for them, if they are not getting paid for it. (this is my opinion, as I do not have any first hand direct experience with the planet. I could very well be corrected on this opinion).

    With less than 400k in size - stacheldraht can easily be deployed on a linux server and you can ddos the crap out of others. I really wish you good luck. Being on the receiving end of ddos is not a nice experience.


    Faisal
    "I drink too much. The last time I gave a urine sample it had an olive in it. ".
    Rodney Dangerfield (from "I Get No Respect!").

  25. #25
    Join Date
    Mar 2004
    Posts
    1,005
    Thats pity fact,they are changing their tactics every hour

    Originally posted by worldhosting
    attacker usually change his tactic, so you should be ready to long time war.
    Best Regards,
    Namesniper

  26. #26
    Join Date
    Mar 2004
    Posts
    1,005
    At no offense to others who have made their own home-grown remedy for addressing DDoS attacks, but you really ought to be (a) either in a data-center that HAS the correct DDoS mitigatio devices, etc. (b) or have them leased yourself.

    ----------------
    I am hosted at theplanet.com one of the biggest hosting companies in the US but i dint know that they are NOT ready for DDoS attacks at least against most of them



    HTTP GET is the worst kind of DoS/DDoS attack (contrary to what others may think). Its worst as in resourceful hungry for your server and network. Chances are some one is using Stacheldraht, or TFN type program to bombard you. Since IP spoofing is going on - there is very little you can do unless you have RPF (Reverse Path Forwarding) turned on and have some for of a connection limiting device installed.
    ------------------------
    Exactly,there is not much i can do against it and since the DC doesnt heling me much then there is no way out except moving to other DC and even then there is no guarantee that the DC is DDoS proof

    Your best bet would be to move your server's content/hositng to providers like gigeservers, staminus, etc. who specialize in such mitigation.
    ----------------------
    Have you heard anything about EV1 from teh point of DDoS ?


    I also would like to say, that its not actually the data-center's responsibility to protect you from DoS/DDoS attacks, this (i.e. prevention) is today a major premium service. With 1000s of servers in a data-center and your server getting 1.5Mbps or even 50Mbps of DDos traffic is hardly worth investigating for them, if they are not getting paid for it. (this is my opinion, as I do not have any first hand direct experience with the planet. I could very well be corrected on this opinion).

    -----------------------
    I dont think i am the only one who has expirienced such a attack in their DC,at least they could be ready for it,not only for me but also for many other customers

    With less than 400k in size - stacheldraht can easily be deployed on a linux server and you can ddos the crap out of others. I really wish you good luck. Being on the receiving end of ddos is not a nice experience.



    Faisal
    [/QUOTE]
    Last edited by NameSniper; 07-29-2005 at 02:29 PM.
    Best Regards,
    Namesniper

  27. #27
    Join Date
    Jun 2001
    Location
    Denver, CO
    Posts
    3,301
    Well, there's really no such thing as a DDoS attack that can't be blocked - it all just comes down to the effort that the particular data center takes to mitigate it, and the tools at their disposal. The Planet, as you noted, probably could care less about the fact that your server is getting a 1.5Mb/sec HTTP GET flood.

    As for Arbornetworks.com - they are very expensive, but they know what they're doing. I actually happened to run into most of their upper level management and development team at a bar in Vermont this past winter, and it was a very memorable night. You've gotta love corporate sponsored binge drinking.

    Interestingly enough, abornetworks.com lists The Planet as one of their customers .... http://www.arbornetworks.com/news_detail.php?id=330
    Jay Sudowski // Handy Networks LLC // Co-Founder & CTO
    AS30475 - Level(3), HE, Telia, XO and Cogent. Noction optimized network.
    Offering Dedicated Server and Colocation Hosting from our SSAE 16 SOC 2, Type 2 Certified Data Center.
    Current specials here. Check them out.

  28. #28
    Join Date
    Aug 2004
    Location
    Karachi, Pakistan
    Posts
    747
    FYI: Arbor will detect the traffic, but you still it to be applied towards the mitigation device - for the attack to be mitigated.
    "I drink too much. The last time I gave a urine sample it had an olive in it. ".
    Rodney Dangerfield (from "I Get No Respect!").

  29. #29
    Some things to keep in mind, I am sure that you did not get DDoS'd out of the blue. What were the circumstances of the situation, ie who did you piss off? Though many of these solutions have helped you over time some times contacting the person can prove fruitful.

    Did you ever analyze what they were actually requesting from your web server? An effective http get attack will place it's focus on pages that require a large amount of processor time to generate. For example search pages, or large database lists like forums. A temporary disablement of these or a restriction to registered members may alleviate some of the load on your server and make it a bit more operational.

    Only through a combination of these methods plus a hardware protection device can you truly reduce your risk.
    Last edited by GSecur; 07-29-2005 at 05:34 PM.
    Governmentsecurity.org One of the largest security forums. DataStronghold.com Security Archive.

  30. #30
    Join Date
    Aug 2004
    Location
    Karachi, Pakistan
    Posts
    747
    SFTD: I meant to say...

    FYI: Arbor will detect the traffic, but you still need it to be applied towards the mitigation device - for the attack to be mitigated.
    "I drink too much. The last time I gave a urine sample it had an olive in it. ".
    Rodney Dangerfield (from "I Get No Respect!").

  31. #31
    Join Date
    Mar 2004
    Posts
    1,005
    http://www.arbornetworks.com/news_detail.php?id=330

    Very interesting


    Then either TP cant deploy it as it has to either something else (unknown) !

    Originally posted by Jay Suds
    Well, there's really no such thing as a DDoS attack that can't be blocked - it all just comes down to the effort that the particular data center takes to mitigate it, and the tools at their disposal. The Planet, as you noted, probably could care less about the fact that your server is getting a 1.5Mb/sec HTTP GET flood.

    As for Arbornetworks.com - they are very expensive, but they know what they're doing. I actually happened to run into most of their upper level management and development team at a bar in Vermont this past winter, and it was a very memorable night. You've gotta love corporate sponsored binge drinking.

    Interestingly enough, abornetworks.com lists The Planet as one of their customers .... http://www.arbornetworks.com/news_detail.php?id=330
    Best Regards,
    Namesniper

  32. #32
    Join Date
    Mar 2004
    Posts
    1,005
    Did you ever analyze what they were actually requesting from your web server? An effective http get attack will place it's focus on pages that require a large amount of processor time to generate. For example search pages, or large database lists like forums. A temporary disablement of these or a restriction to registered members may alleviate some of the load on your server and make it a bit more operational.

    Exactly,they are requesting horde mail pages,i have disabled horde but in seconds they has started requesting other php pages,their script is setup so its requesting known pages which may place the load,for example they are requesting invisionboard pages,phpbb pages(since its automated they dont know that i dont have phpbb installed)
    ----------------

    Only through a combination of these methods plus a hardware protection device can you truly reduce your risk

    Hardware protection had to be at datacenter level..
    Best Regards,
    Namesniper

  33. #33
    Why don't you talk to the guys over at Prolexic ( http://www.prolexic.com ). It won't be cheap but they will filter out any type of attack before it even reaches theplanet.

  34. #34
    Join Date
    Aug 2004
    Location
    Karachi, Pakistan
    Posts
    747
    Prolexic would run you approximately 2MB (based on 95th Percentile) for $5,000/month. Cross the limit and you have an additional charge. For $5,000 per month, one can lease a TopLayer IPS 5500 with GigE interfaces and connect place that box at the planet and be able to thwart off a considerable amount of traffic. Prolexic is good (no doubt there), but expensive.
    "I drink too much. The last time I gave a urine sample it had an olive in it. ".
    Rodney Dangerfield (from "I Get No Respect!").

  35. #35
    Join Date
    Mar 2004
    Posts
    1,005
    Babushka99,

    If you are correct and they are charging $5.000 a month for 2 MB attack then they a way expensive and only biggest corporations can afford to hire them
    By the way i dint found their prices on their website but found this
    http://www.prolexic.com/solutions/cleanpipe/
    "The Prolexic Intrusion Prevention Network (IPN) is a multi-million-dollar"

    Originally posted by Babushka99
    Prolexic would run you approximately 2MB (based on 95th Percentile) for $5,000/month. Cross the limit and you have an additional charge. For $5,000 per month, one can lease a TopLayer IPS 5500 with GigE interfaces and connect place that box at the planet and be able to thwart off a considerable amount of traffic. Prolexic is good (no doubt there), but expensive.
    Best Regards,
    Namesniper

  36. #36
    Join Date
    Mar 2004
    Posts
    1,005
    Can anyone please tell me if there is a way to find out the real IP if an ip is beeing spoofed ?
    Best Regards,
    Namesniper

  37. #37
    Join Date
    Aug 2004
    Location
    Karachi, Pakistan
    Posts
    747
    Reverse Path Fordwarding (RPF) perhaps....
    "I drink too much. The last time I gave a urine sample it had an olive in it. ".
    Rodney Dangerfield (from "I Get No Respect!").

  38. #38
    Join Date
    Mar 2004
    Posts
    1,005
    As you have noted it should be done at routers level and theplanet.com rarely will take care about it




    Originally posted by Babushka99
    Reverse Path Fordwarding (RPF) perhaps....
    Best Regards,
    Namesniper

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •