OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • General Discussion »
  • DDOS protection
« previous next »
  • Print
Pages: [1]

Author Topic: DDOS protection  (Read 13329 times)

penley

  • Newbie
  • *
  • Posts: 26
  • Karma: 1
    • View Profile
DDOS protection
« on: October 07, 2016, 03:57:47 pm »
Does OPNsense by default have dos and ddos prevention or is this something that needs to be configured?
We're not experiencing any issues at the moment, I'm just asking for clarification.

Kind regards,
penley
Logged

fabian

  • Hero Member
  • *****
  • Posts: 2769
  • Karma: 200
  • OPNsense Contributor (Language, VPN, Proxy, etc.)
    • View Profile
    • Personal Homepage
Re: DDOS protection
« Reply #1 on: October 07, 2016, 07:16:39 pm »
As far as I know no appliance can do that for you because the problem of a DDoS usually is the limited bandwidth of your WAN connection.
OPNsense can use the synproxy state to protect against SYN floods, which can be enabled in the rules (advanced option).
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 17657
  • Karma: 1611
    • View Profile
Re: DDOS protection
« Reply #2 on: October 10, 2016, 11:34:17 pm »
Hi penley,

If the firewall machine is powerful enough to protect your internal assets the synproxy is good enough. So if you did not have one before that might work. If the traffic is too high, you need other kinds of mitigation, but it also depends on the type of attack.


Cheers,
Franco
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • General Discussion »
  • DDOS protection
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2