Jump to content
Калькуляторы

Radware DefencePro - нужна помощь с защитой от UDP флуда

Собственно есть несколько железок Radware DefencePro двух моделей, DP 3020 и DP12412

Ни на одной из моделей я не смог заставить блокировать UDP флуд, а именно, стоит игровой сервер. аля контр страйк, работает по UDP, и тут на игровой порт UDP начинают литься левые пакеты.

В итоге эти хваленые железки ничего не могут с этим сделать, причем не важно какой силы флуд, 2 гигабита был в пике, а сегодня атаки были по 5 менабит, всего 5 мегаюбит!

 

Есть ли человек, который может помочь настроить эту железку для защиты от UDP флуда так, чтобы во время атаки игровой сервер был доступен и нормально работал.

 

Oct 18 20:05:12 10.10.14.131 DefensePro: 18-10-2014 20:05:12 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 109.226.75.183 57718 91.214.70.155 28015 5 Regular "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:12 10.10.14.131 DefensePro: 18-10-2014 20:05:12 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 109.254.70.42 51774 91.214.70.155 28015 7 Regular "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:12 10.10.14.131 DefensePro: 18-10-2014 20:05:12 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 78.37.226.38 53633 91.214.70.155 28015 1 Regular "artplanet" sampled 1 1 701 0 N/A high forward
Oct 18 20:05:12 10.10.14.131 DefensePro: 18-10-2014 20:05:12 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 46.0.27.174 56824 91.214.70.155 28015 1 Regular "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:12 10.10.14.131 DefensePro: 18-10-2014 20:05:12 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 5.165.54.234 62715 91.214.70.155 28015 7 Regular "artplanet" sampled 1 1 701 0 N/A high forward
Oct 18 20:05:12 10.10.14.131 DefensePro: 18-10-2014 20:05:12 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 0.0.0.0 0 91.214.70.155 28015 0 Regular "artplanet" ongoing 13629 9604 701 0 N/A high forward
Oct 18 20:05:17 10.10.14.131 DefensePro: 18-10-2014 20:05:17 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 76.222.188.108 47692 91.214.70.155 28015 5 Regular "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:17 10.10.14.131 DefensePro: 18-10-2014 20:05:17 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 152.183.213.184 52120 91.214.70.155 28015 3 Regular "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:17 10.10.14.131 DefensePro: 18-10-2014 20:05:17 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 176.116.253.239 64295 91.214.70.155 28015 1 Regular "artplanet" sampled 1 2 701 0 N/A high forward
Oct 18 20:05:17 10.10.14.131 DefensePro: 18-10-2014 20:05:17 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 112.113.142.150 15728 91.214.70.155 28015 3 Regular "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:17 10.10.14.131 DefensePro: 18-10-2014 20:05:17 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 200.20.170.131 7368 91.214.70.155 28015 5 Regular "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:17 10.10.14.131 DefensePro: 18-10-2014 20:05:17 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 176.116.253.239 64295 91.214.70.155 28015 1 Regular "artplanet" sampled 1 1 701 0 N/A high forward
Oct 18 20:05:17 10.10.14.131 DefensePro: 18-10-2014 20:05:17 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 0.0.0.0 0 91.214.70.155 28015 0 Regular "artplanet" ongoing 47869 30529 701 0 N/A high forward
Oct 18 20:05:22 10.10.14.131 DefensePro: 18-10-2014 20:05:22 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 62.16.15.216 2110 91.214.70.155 28015 7 Regular "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:22 10.10.14.131 DefensePro: 18-10-2014 20:05:22 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 83.110.247.167 63059 91.214.70.155 28015 5 Regular "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:22 10.10.14.131 DefensePro: 18-10-2014 20:05:22 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 162.102.2.221 31394 91.214.70.155 28015 5 Regular "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:22 10.10.14.131 DefensePro: 18-10-2014 20:05:22 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 5.229.128.132 21765 91.214.70.155 28015 5 Regular "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:22 10.10.14.131 DefensePro: 18-10-2014 20:05:22 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 128.115.31.69 22400 91.214.70.155 28015 3 Regular "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:22 10.10.14.131 DefensePro: 18-10-2014 20:05:22 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 79.99.52.205 63095 91.214.70.155 28015 5 Regular "artplanet" sampled 1 1 701 0 N/A high forward
Oct 18 20:05:22 10.10.14.131 DefensePro: 18-10-2014 20:05:22 WARNING 240 Anomalies "TCP handshake violation, first packet not syn" TCP 213.13.65.187 80 91.214.68.236 45019 5 Regular "artplanet" occur 1 0 701 0 N/A low drop
Oct 18 20:05:22 10.10.14.131 DefensePro: 18-10-2014 20:05:22 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 0.0.0.0 0 91.214.70.155 28015 0 Regular "artplanet" ongoing 20520 14549 701 0 N/A high forward
Oct 18 20:05:27 10.10.14.131 DefensePro: 18-10-2014 20:05:27 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 159.75.71.76 17311 91.214.70.155 28015 3 Regular "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:27 10.10.14.131 DefensePro: 18-10-2014 20:05:27 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 86.115.76.213 54266 91.214.70.155 28015 5 Regular "artplanet" sampled 1 1 701 0 N/A high forward
Oct 18 20:05:27 10.10.14.131 DefensePro: 18-10-2014 20:05:27 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 208.178.153.126 9936 91.214.70.155 28015 5 Regular "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:27 10.10.14.131 DefensePro: 18-10-2014 20:05:27 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 162.131.201.193 63394 91.214.70.155 28015 7 Regular "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:27 10.10.14.131 DefensePro: 18-10-2014 20:05:27 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 149.15.167.58 26517 91.214.70.155 28015 7 Regular "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:27 10.10.14.131 DefensePro: 18-10-2014 20:05:27 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 93.156.255.175 50720 91.214.70.155 28015 3 Regular "artplanet" sampled 1 1 701 0 N/A high forward
Oct 18 20:05:27 10.10.14.131 DefensePro: 18-10-2014 20:05:27 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 0.0.0.0 0 91.214.70.155 28015 0 Regular "artplanet" ongoing 41938 30610 701 0 N/A high forward
Oct 18 20:05:32 10.10.14.131 DefensePro: 18-10-2014 20:05:32 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 163.132.53.232 7331 91.214.70.155 28015 1 Regular "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:32 10.10.14.131 DefensePro: 18-10-2014 20:05:32 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 79.165.224.207 61794 91.214.70.155 28015 5 Regular "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:32 10.10.14.131 DefensePro: 18-10-2014 20:05:32 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 77.1.51.156 64699 91.214.70.155 28015 7 Regular "artplanet" sampled 1 1 701 0 N/A high forward
Oct 18 20:05:32 10.10.14.131 DefensePro: 18-10-2014 20:05:32 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 2.111.159.103 58286 91.214.70.155 28015 5 Regular "artplanet" sampled 1 1 701 0 N/A high forward
Oct 18 20:05:32 10.10.14.131 DefensePro: 18-10-2014 20:05:32 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 137.240.161.101 60553 91.214.70.155 28015 1 Regular "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:32 10.10.14.131 DefensePro: 18-10-2014 20:05:32 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 217.66.157.19 39855 91.214.70.155 28015 5 Regular "artplanet" sampled 1 1 701 0 N/A high forward
Oct 18 20:05:32 10.10.14.131 DefensePro: 18-10-2014 20:05:32 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 0.0.0.0 0 91.214.70.155 28015 0 Regular "artplanet" ongoing 25420 21354 701 0 N/A high forward
Oct 18 20:05:37 10.10.14.131 DefensePro: 18-10-2014 20:05:37 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 46.164.234.146 49766 91.214.70.155 28015 1 Regular "artplanet" sampled 1 1 701 0 N/A high drop
Oct 18 20:05:37 10.10.14.131 DefensePro: 18-10-2014 20:05:37 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 46.0.27.174 56824 91.214.70.155 28015 1 Regular "artplanet" sampled 1 0 701 0 N/A high drop
Oct 18 20:05:37 10.10.14.131 DefensePro: 18-10-2014 20:05:37 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 91.122.30.62 62917 91.214.70.155 28015 5 Regular "artplanet" sampled 1 1 701 0 N/A high drop
Oct 18 20:05:37 10.10.14.131 DefensePro: 18-10-2014 20:05:37 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 78.37.226.38 53633 91.214.70.155 28015 1 Regular "artplanet" sampled 1 1 701 0 N/A high drop
Oct 18 20:05:37 10.10.14.131 DefensePro: 18-10-2014 20:05:37 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 212.54.172.170 48852 91.214.70.155 28015 3 Regular "artplanet" sampled 1 0 701 0 N/A high drop
Oct 18 20:05:37 10.10.14.131 DefensePro: 18-10-2014 20:05:37 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 157.29.168.54 14749 91.214.70.155 28015 3 Regular "artplanet" sampled 1 0 701 0 N/A high drop
Oct 18 20:05:37 10.10.14.131 DefensePro: 18-10-2014 20:05:37 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 0.0.0.0 0 91.214.70.155 28015 0 Regular "artplanet" ongoing 22807 18261 701 0 N/A high forward
Oct 18 20:05:42 10.10.14.131 DefensePro: 18-10-2014 20:05:42 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 95.89.5.241 48479 91.214.70.155 28015 5 N/A "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:42 10.10.14.131 DefensePro: 18-10-2014 20:05:42 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 93.105.42.37 9139 91.214.70.155 28015 3 N/A "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:42 10.10.14.131 DefensePro: 18-10-2014 20:05:42 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 70.204.253.55 21574 91.214.70.155 28015 7 N/A "artplanet" sampled 1 0 701 0 N/A high forward
Oct 18 20:05:42 10.10.14.131 DefensePro: 18-10-2014 20:05:42 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 46.159.69.99 16285 91.214.70.155 28015 3 N/A "artplanet" sampled 1 1 701 0 N/A high forward
Oct 18 20:05:42 10.10.14.131 DefensePro: 18-10-2014 20:05:42 WARNING 70 Behavioral-DoS "network flood IPv4 UDP" UDP 41.74.94.94 49705 91.214.70.155 28015 1 N/A "artplanet" sampled 1 0 701 0 N/A high forward

Edited by artplanet

Share this post


Link to post
Share on other sites

Судя по логам полиси стоит на только репорт .

Попробуйте поменять на блок и репорт.

Share this post


Link to post
Share on other sites

Как раз стоит блок. Да и в логах иногда форвард, а иногда блок. Вообще ищу человека который поможет настроить железку, отблагодарю.

Share this post


Link to post
Share on other sites

Скинь конфигурацию в личку. Гляну.

Share this post


Link to post
Share on other sites

Что то вы в личке не ответили :-(

 

Все еще ищу спецов

Share this post


Link to post
Share on other sites

Ну а связаться с суппортом производителя что мешает?

Edited by Merridius

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this