Re: [pfSense] Shutdown Interface?

Not at All Doug I just do not see the need for Strawberry's either and I hope there is a deep frost soon. Robert > On Dec 11, 2015, at 3:33 PM, Doug Lytle wrote: > > It would appear you're just interested in being confrontational. I have you > have a nice day. > >

Re: [pfSense] Shutdown Interface?

On Fri, Dec 11, 2015 at 9:03 AM, Robert Obrinsky wrote: > I am sorry to hear of the distributed responsibilities for the network, and > that only makes your job harder. > > Any possibility of using a protocol analyzer (Wireshark) to see what is > going out and where it is

Re: [pfSense] Shutdown Interface?

On Fri, Dec 11, 2015 at 3:33 PM, Doug Lytle wrote: > It would appear you're just interested in being confrontational. I have you > have a nice day. > > ___ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list >

Re: [pfSense] Shutdown Interface?

It would appear you're just interested in being confrontational. I have you have a nice day. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Shutdown Interface?

I just checked my lab system and you can view live logs. 'Status -->System Logs'. Then choose the Firewall tab and Dynamic View tab. On 12/10/2015 12:14 PM, Joshua Young wrote: At this point, I do not believe there are any services open for students to access servers remotely. But we are

Re: [pfSense] Shutdown Interface?

I am sorry to hear of the distributed responsibilities for the network, and that only makes your job harder. Any possibility of using a protocol analyzer (Wireshark) to see what is going out and where it is going? If you have managed switches with port mirroring capabilities, you can

Re: [pfSense] Shutdown Interface?

Doug the fact that everyone assumes they know better or the person didn't check google or try to find what they needed somewhere else first is just ignorant. when a person actually finds the Pfsense Support list and actually joins the list and actually asks a question that you cannot find on

Re: [pfSense] Shutdown Interface?

I will leave it alone at least you did try to help Thank You for that. Robert > On Dec 10, 2015, at 11:05 AM, Doug Lytle wrote: > > It's not always exactly what somebody wants that may be the best thing to do. > Offering other options is what I was doing, I'm sorry you

Re: [pfSense] Shutdown Interface?

Are there any services open on that interface so that students can access servers from remote sites? Does your public address respond to ICMP? Is it possible that some of your students' computers/devices are members of a botnet and reporting back to a command and control server? Have you or

Re: [pfSense] Shutdown Interface?

> yes but it doesn't do what he asked about and is a little out dated. > > this is more outdated but works on the current version and can block the ip > or drop the interface so the upstream provider will cut the bandwidth to that > ip address so his network users still have internet and aren't

Re: [pfSense] Shutdown Interface?

Yes I did read that rather outdated and irrelevant article from 2010 or 2011, but once again and for the second time what relevance is it to his question and how to shutdown the interface. I am not a very PC person so forgive me I have never found a use for it or need. Did you read and

Re: [pfSense] Shutdown Interface?

It's not always exactly what somebody wants that may be the best thing to do. Offering other options is what I was doing, I'm sorry you didn't approve. Doug ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project

Re: [pfSense] Shutdown Interface?

> can you get the ip address from the logs and whois them, that seems to soon > for a normal targeted dos attack. At desoto county here in Ms we had a > similar issue when windows 10 was rolling out and it ended up being microsoft > silently pushing the upgrades to all the window users on the

Re: [pfSense] Shutdown Interface?

> Doug what doese that link have to do with Pfsense and how does it help him > configure pfsense. > > > Robert > if you cannot help remain silent !! > > On Dec 8, 2015, at 4:05 AM, Doug Lytle wrote: > > Joshua Young wrote: >> We have recently been the target of DDoS

Re: [pfSense] Shutdown Interface?

- On Dec 8, 2015, at 5:41 PM, pfse...@douwifi.com wrote: > Doug what doese that link have to do with Pfsense and how does it help him > configure pfsense. > > > Robert Apparently you didn't review the link, I'll quote a portion of it: "How to prevent and mititgate DDoS part 1?"

Re: [pfSense] Shutdown Interface?

We have been working with our ISP but I'm looking for something we might be able to do here. I don't think there is a service that is being attacked. It's always the same interface - it's the public NAT IP for our High School wireless network. We change the public IP address and the problem goes

Re: [pfSense] Shutdown Interface?

pfse...@douwifi.com wrote on Tue, Dec 8 2015 at 4:41 pm: >> Doug what doese that link have to do with Pfsense and how does it help >> him configure pfsense. It has advice and instructions for configuring pfSense to mitigate DDOS, with screenshots. :) Including rate limiting on firewall

Re: [pfSense] Shutdown Interface?

On Mon, Dec 7, 2015 at 10:40 AM, Joshua Young wrote: > We have recently been the target of DDoS attacks. The same interface is > targeted each time. Is there any way we can shut down this interface > automatically when this happens? Is there a way to maybe set a

Re: [pfSense] Shutdown Interface?

Found the description of the attack on GRC. Of course, it is rather dated (2001), but may offer some help in dealing with your ISP. http://www.crime-research.org/library/grcdos.pdf On 12/7/2015 8:40 AM, Joshua Young wrote: We have recently been the target of DDoS attacks. The same interface

[pfSense] Shutdown Interface?

We have recently been the target of DDoS attacks. The same interface is targeted each time. Is there any way we can shut down this interface automatically when this happens? Is there a way to maybe set a threshold for traffic and, when it reaches that threshold, automatically shut the interface