New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Other than those Incapsula also comes to mind, may be there are some more too who offer such protection.
Here is new link for you..I have many others
https://vpsflare.com/linuxvps.php
They're using OVH.
They are using OVH.
Ok thanks guys
OVH do offer good protection though so there is nothing wrong with that.But if you want to have a good experience of a good DDOS Protected server, choose some OVH reseller which offers KVM or XEN.
https://support.hostgator.com/articles/pre-sales-policies/security-abuse/what-security-measures-are-used-to-protect-my-server
http://www.online.net/en/dedicated-server/ddos-arbor
https://www.gforceservers.com/vps.php
Even http://www.clancoms.com/billing/ alerted clients that they will be adding DDOS protection within the coming week.
The list goes on and on.... Tons of VPS companies offer mitigation. I realized I needed mitigation when many of my personal client serivces were taken down by attacks. My clients told me to either include protection, or to offer it as an addon service, or else they would go to a better, DDOS protected host. So, I did what I had to do to stay relevant in the market. I got protection. That's just my personal experience. You would be surprised how many companies offer mitigation. I can guarantee you, the number is above 3.
What hostgator offer is not DDOS protection, they are just using some firewall to block UDP.
GForce offer only 1 Gbps protection with their VPS plans. Online.net's protection is very limited as well.
Directly from HG's website: If we do experience heavy flooding, we have our datacenter enable network level flood protection. Our datacenters are all highly secure facilities with restricted access.
They've obviously come up with a system that protects you from attacks, opposed to null routing your service. It's not merely a firewall.
And one thing is for sure, it won't be $20.
Protecting customers from attacks beyond 30-40gbit becomes expensive very quickly.
@jeffreywinters
Hostgator has a custom firewall that they use to help prevent their customers’ website from DDos protection. When their software firewall is not sufficient to the size of the attack that is coming in Hostgator datacenter, they will do one of two things.
1 is put the server under a Cisco Guard, which will filter the ips. If the attack goes beyond a certain amount of bandwidth however #2 will happen.
2 Is when they nullroute the ip so the attack will cease, Hostgator will try to have them help avoid this at all times but unfortunately sometimes that is the only way to mitigate the attack.
Here is a list of solutions. Some expensive, some more affordable.
Cisco Guard: Great if you are CCIE kind - requires extensive network re-architecture. Suited for ISPs and not so much for web-hosts because of costs and complexity. Involves traffic diversion. Very expensive. Can handle up to 3 Gbps and you can combine multiple blades to increase the throughput.
Juniper Netscreen: It is a firewall. Even though it claims DDoS like all other firewalls - doesn't have behavioral anomaly prevention required for DDoS mitigation. Great as a firewall. Expensive.
Riorey: DDoS solution. Appliance done in software - cannot handle large traffic. No third party validation - as far as I know.
Top Layer: Has a user base. Combines IPS with DDoS. IPS is not so much essential in data center. More suited for enterprise deployment. You can cluster multiple of these boxes to get throughput. Costs becomes higher as throughput grows - obviously. Tested by Tolly Group. Google Tolly+Top Layer.
IntruGuard: Very cost effective. Has large userbase in Europe and US. Done using ASICs (custom hardware). Can withstand 2 Gbps throughput during worst attacks. Great reviews by analysts and users. Must look at this. Custom solution for DDoS, easy to use GUI. Google for Planeetta and MetaNet and you will find out why webhosts like the appliance. It is very easy to use. Easy to plug-in - bump-in-the-wire. Self-learning and adaptive as your business grows. Tolly Group has great things to say in their performance test for this box. Google Tolly+IntruGuard.
Prolexic - requires you to reorganize your traffic.
You need very high bandwidth capacity to do DDoS protection. Putting a device on the network doesn't protect you from attacks that is above your bandwidth capacity. And bandwidth costs a lot of money for a +10Gbps attack mitigation that lasts more than a few minutes.
The most dangerous kind of knowledge is half knowledge, @Cltcam.
You need to have the bandwidth to use those devices. All those devices do is find the bad packets and attempt to filter them, but your bandwidth/port will still be saturated.
In addiction to companies already listed, RamNode has optional protection at their Seattle location. There are numerous ways to block-out DDOS attacks. Some defenses may allow more bandwidth to get through, yes. That's why it's all about being innovative and developing the best system at the cheapest rate. Some of the best real time algorithms can filter out bad IPs before lots of bandwidth hits the server. @serverian The most dangerous type of knowledge is believing you already have enough knowledge.
You don't understand the concept. You need more bandwidth than the attacker has no matter what mitigation devices you are using.
And also, the companies I listed before were only companies that can mitigate 80Gbps+
Yeah, you can filter 80Gbps with 10Gbps connection with your secret, innovative, cheap defense methods!
This may sound stupid but their is a way. You just DDoS the DDoS'er. With DNS amp you can probably get 8x
Fight fire with fire!
Good luck with that, for any number of reasons . . .
I'm sorry to hear about your negative experience with your current host. We'd be happy to migrate your DDoS attacks at our host. PM me if you're interested, or check out the links in my description.
OVH DDoS Protection isn't exactly stellar. An 80Gbps attack would still take the server down.
Uh? CloudFlare hides your IP behind them thus it's not about layer 3/4 attacks anymore.
The free plan will do you just fine with CF.
The free plan will do you just fine with CF.
If the attack is too large, they'll just let the traffic hit your origin IP and thus, revealing your IP again.
Unless you upgrade to the enterprise version.
It would migrate 80 Gbps, easily. I strony doubt the OP is even getting 80 Gbps.
OVH's DDOS Protection is one of the best in the world right now.They can easily mitigate upto 480 Gbps/Mpps attacks.
I can say this with surety because our own game servers got hit with a couple of 100+ Gbps attacks at Hetzner in last August & before Hetzner would ask us to leave we shifted all our servers to OVH & we have not had a problem since then.And that guy who was behind those attacks even offered lot of money at HackForums for whoever managed to take "a few OVH Ips down" which were indeed ours.But our servers have not even been down for a a second due to DDOS since then.
http://www.webhostingtalk.com/showthread.php?t=1269181
http://www.webhostingtalk.com/showthread.php?t=1322603
Any decent datacentre/hosting provider should be able to give you the flow data so you can confirm the type of attack against your server.
That will give you a clear understanding about which port they are attacking, whether its a amplification attack or just a flood.
You should request this information so you can lock down your box properly.
The first link is from May 2013, that is before they launched DDOS protection.In the 2nd link, it was still new & in "beta" but in that particular case another OVH server which was attacking his IP. You expect anti DDOS mechanisms to block internal traffic? NO DDOS protection in the world is 100% attack proof.Even they companies who specialize in this struggle with these things at times.But having used DDOS protection for my servers from several providers, I can say OVH's protection is definitely one of the best.