Boulder // Denver // Fort Collins

pfSense – DDoS

pfSense – DDoS

Last Updated: April 12th, 2018/Published On: February 19th, 2015/By Dave Morrison/Views: 4466/

PfBlocker

See 192.168.30.1 (intranet) as an example

Click System>Packages
Install PfBlocker
Click Firewall>PfBlocker>General
- Enable with Defaults
Click Firewall>PfBlocker>Lists
- Add Spamhaus and/or others
- Full lists options here: https://doc.pfsense.org/index.php/Pfblocker#Available_lists
Click Firewall>PfBlocker>Top Spammers
- Select appropriate lists

Code Way to do it

This should work for all versions of pfSense:

Under Diagnostics -> Edit file Browse to /etc open ntpd.conf at the end add:
- restrict -4 default kod notrap nomodify nopeer noquery restrict -6 default kod notrap nomodify nopeer noquery restrict 127.0.0.1 restrict ::1
save the file, then go back to Diagnostics -> Command Prompt and execute two commands
- killall ntpd service ntpd onestart
You can test for vulnerable installs from any BSD/Linux/Mac from the terminal with: ntpdc -n -c monlist <ip address>
You can use pfSense to test other installs by using that command in the Diagnostics Command Prompt :)

Categories: Blog, Product SpecificTags: PFSense, Tech Wiki

Table of Contents

PfBlocker
Code Way to do it

Solutions Partner Large

DT_GoldPartner_4C

Komen-Sponsor

Status Checks

Rocky Mountain Tech Team

Since 2002, we’ve provided full service computer help, network support and IT consulting to hundreds of small businesses across Colorado.

Today, we have locations in Denver, Boulder and Fort Collins with best-in-class tools to remotely support clients everywhere. Contact us for more about the Rocky Mountain Tech Team advantage!

Denver // 303.732.3200

Denver Location

Boulder // 303.815.1900

Boulder Location

Fort Collins // 970.294.0000

Fort Collins Location

Copyright 2023 | Rocky Mountain Tech Team | All Rights Reserved