A bit of a technology idea I had

[KillerCop311]

I call it:
"The Reverse DDoS Shield"

What it does, is that if mass connections are being sent from several IPs at once (Aka: 192.168.2.150 spams several connections to https://importantbank.com), the connections will be denied, and will be redirected towards the attacker, causing their own internet to slow down and crash. It would be mainly for large businesses and governments, educational/.edu pages, and other important or general stuff.

Does something like this actually exist? Or am I just making up something that will never work?

Either way, late night ideas bring up neat stuff. What do you guys think of this?

[Ad Bot]

[jtizzle]

i know theres like a thing where if someone tries to hit you w/ a ddos it blocks it and you grab their ip and can ddos them on your own
either way your idea seems dope

it would be neat to see something though that can grab not only the ip but the internet provider and grab all kinds of other personal information so instead of petty stuff like ddosing you can make legitimate threats on someones life with proof to scare em lol

[Daswiruch]

i pitched this same idea to wafflecake like a month ago

[Blockaium]

im pretty sure that when someone ddoses their internet is almost just as slow because sending them out is almost the same as recieving

its like launching the missile except the missile has a huge explosion when it launches

[jtizzle]

im pretty sure that when someone ddoses their internet is almost just as slow because sending them out is almost the same as recieving

its like launching the missile except the missile has a huge explosion when it launches

youve obv never ddosed anyone before
stick to trick-linking people to rick roll bud c]:-)

[McJob]

Either your router, firewall or modem still has to process every request. The reason a DDoS works is because the device in question receives too many requests, and eventually has to throttle (for lack of a better term).

Even if you "block" the IPs, your device still has to read the IP -or- the packet data, depending on the type of block you use, and then decide what to do with it. When you've got hundreds of requests coming in at the same time, it's simply not possible to continue normal operation until you clear all the requests.

This shield couldn't operate instantly. It would have to wait until the majority of packets are cleared, and then it could potentially fire a counter-attack, but there lies another problem.

DDoS = Distributed Denial of Service attack
DoS = Denial of Service attack

If somebody is hitting you with a DDoS, they're using multiple servers to hit a specific target. It's basically multiplying the power. If you have one device, this counter-attack is going to be a DoS, which would take far longer, has less power and can be resolved faster.

Good try, but this device would not work at all.

[Steve5451²]

/thread

[phflack]

I think people are mixing up DoS and DDoS
if a person is going use a DoS on you from their own computer, this is possible
if they are using a bot net to use a DDoS on you, then their identity, IP, any information should not be revealed - unless they are majorly stupid

[BluetoothBoy]

Either your router, firewall or modem still has to process every request. The reason a DDoS works is because the device in question receives too many requests, and eventually has to throttle (for lack of a better term).

Even if you "block" the IPs, your device still has to read the IP -or- the packet data, depending on the type of block you use, and then decide what to do with it. When you've got hundreds of requests coming in at the same time, it's simply not possible to continue normal operation until you clear all the requests.

This shield couldn't operate instantly. It would have to wait until the majority of packets are cleared, and then it could potentially fire a counter-attack, but there lies another problem.

DDoS = Distributed Denial of Service attack
DoS = Denial of Service attack

If somebody is hitting you with a DDoS, they're using multiple servers to hit a specific target. It's basically multiplying the power. If you have one device, this counter-attack is going to be a DoS, which would take far longer, has less power and can be resolved faster.

Good try, but this device would not work at all.

Seems to me like the best course of action would be to create an external device, or "gate," as it were, that does no processing of IPs or any data. Instead, it measures (possibly with hardware only) how much traffic the server is receiving, and in the case of an overload, simply blocks incoming connections, or somehow bounces them like OP said. The non-software-processing, external nature of this is the key to making it work.

[Zeblote]

Seems to me like the best course of action would be to create an external device, or "gate," as it were, that does no processing of IPs or any data. Instead, it measures (possibly with hardware only) how much traffic the server is receiving, and in the case of an overload, simply blocks incoming connections, or somehow bounces them like OP said. The non-software-processing, external nature of this is the key to making it work.

You have to process the data to block incoming connections. You could easily block every ddos attack - as long as the device has more throughput than the attack bandwidth.

[Blockzillahead]

rest assured if it was possible it would already be done. you would need some serious next level stuff intense computing to determine and deny malicious ips. cloudflare is the closest thing to a ddos shield. they just use dummys to take on attacks that go nowhere.

[Blockaium]

youve obv never ddosed anyone before
stick to trick-linking people to rick roll bud c]:-)

ayy lmao