DDOS attack
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-17-2024 10:52 AM
Hello,
Recently we've seen some real slow downs on our network. It turns out according to the netgear the ruckus APs are attached to something similar to a DDOS attack is occuring on the ports connected to our APs.
Is there a way to find the mac address on the Ruckus units that is causing the issue so we can block it?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-18-2024 11:06 PM
Dear @bdillard ,
Best source, is to do a packet capture on wired or wireless interface and you should be able to find the source of DDOS attack.
Regards,
Abilash
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-25-2024 06:29 PM
Thanks, all of these locations are remote so it will take a while to get it set up (plus I need to brush up on my Spanish for one of them)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-05-2025 02:14 AM - edited 05-07-2025 02:54 AM
I had a similar issue and found out it was caused by traffic generated through a Stresser tool aimed at random ports on my network. What helped was setting stricter firewall rules and temporarily geoblocking countries I don't interact with. Also noticed my logs filled up fast, so I set automated log rotation to keep things running smoother.

