Is this a DDoS attack?

I am no networking expert, so I wanted to reach out to get some insight on our firewall log. I took a look at it yesterday and noticed constant UDP traffic from all kinds of random IP address/port combinations. I know that a distributed denial of service attack is supposed to flood the firewall with UDP traffic so I wonder if this is what is occuring. I have included the most recent table of data, the log continuously appears this way, this is just the most recent snapshot. We do host a web server behind our firewall so our ip address is public. I think our firewall is stopping any malicious attacks, but I think this has to be somewhat affecting our network and bandwidth availability. I notice users experiencing times where the internet is extra slow, or they have to load a web page multiple times to get it to come up.

I have read that there is not much that can be done about this, but obviously there has to be something. I mean what would a larger corporation do if they were being overwhelmed by something like this? Is there any way to report these ip's? I'm sure they are spoofed though. I am just at a loss and want to make sure I do anything I can to help improve this situation. I have used xxx in the log to hide the real ip address of our server, but from the log you should be able to get the gist of the traffic flow. Thanks for any help you can provide.
Firewall-Log.docx
nextmedstaffAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David Johnson, CD, MVPOwnerCommented:
I use Cloudflare to mitigate DDOS attacks .. once under attack there isn't much you can do other than throw bandwidth at it.  I would expect to see more rejections in a shorter timespan than your log indicates..
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
nextmedstaffAuthor Commented:
I was looking into cloudflare, does it only protect by domain name though? Once they have your IP address how do you avoid this without possibly getting a new ip? Is there a way to point all your traffic by IP to cloudflare?
0
David Johnson, CD, MVPOwnerCommented:
ip's  unfortunately are direct items..
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.