Secure your online presence with dedicated internet defense solutions.
Secure your online presence with dedicated internet defense solutions.
It’s not feasible to stop your local IP from being flooded using those steps. The methods described don’t effectively block ICMP traffic at the source, and placing a device outside the firewall won’t change how attacks are processed through your network. The idea of absorbing the attack on the Raspberry Pi is misleading since it doesn’t intercept the original requests.
Your understanding is mostly correct. The issue often stems from your router's capacity being exceeded by the volume of packets. If your network is congested, it can't process all data efficiently, leading to performance drops. Flooding your own network doesn’t necessarily require high speeds on the attacking side, as local congestion limits throughput.
The Pi connects at a high speed, but it seems it will struggle under heavy DDoS attacks because it’s on the same network as your other devices. Could you describe your network setup? Is the router the main bottleneck, or is the issue with your connection or the server you’re using? This situation is similar to how a CDN works, but CDNs are designed to manage large volumes of traffic that a single Pi can’t handle.
It seems unlikely; you have no real chance. A drop of 500 to a 20 increase isn't strong enough to handle any DDoS attack. Are you running a website or something personal? Why would you do that? You could upgrade your connection to ten times larger for a modest monthly fee.
Imagine we place a highly capable machine outside the NAT with fast gigabit internet. Would that impact anything? Also, I’m uncertain whether it’s the link or the server, but I understand it won’t require more than 160mbps to completely cut me off. Yes, I’m trying to figure out how to handle these attacks and learn ways to absorb them. And by “few dollars a month” — do you mean a small monthly cost for this setup?
I also need to check if it's feasible to ensure my home connection remains secure against threats that don’t cause pipe overflow.
If you have a strong connection and can filter out the unwanted traffic, you're essentially creating a DDoS protection solution, similar to what many providers offer. What kind of network setup do you have? Home networks aren't designed for this, so you might consider using a VPS instead.
Network configuration involves only your router and modem linked together, with a NAS (Dell PowerEdge T30) in the center using gigabit connectivity. I needed a method to identify attacks so I could notify the responsible VPS provider, as this violates their terms of service completely.