BANDWIDTH CONSUMPTION PROBLEM

[bluemax72]

Hi guys,
I have got a big problem. My server is under a DDoS attack. The problem is Bandwidth consumption. I am getting useless traffic which is consuming my bandwidth and the HTTP requests are valid. I am using a CISCO Core Router whose model is 7513. The bandwidth capacity which i am recieving is 155 MBPs i.e. T1. Please help me.

Blue Max

 

[meels]

I had several customers with the same issue. If the DDoS attack is ICMP based you can ask your ISP to limit the ICMP traffic to a small fraction out of your bandwidth. Or you can block completely.

It is always good to identify the sources of the attack. This can be done by enable IP accounting on Cisco (NetFlow) and you issue the following command:

show ip ca fl

it gives you helpful information and also the no'' of bytes associated with source and destination (flow). You need to issue the command several times when you feel there is an attack and after that you notice the huge increase in the number of bytes or packets for certain sources and then call your ISP to block these sources for you.

Please notice that you might have increase in cpu utilization when you enable NetFlow.

Hope this helps.
meels,