New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
I admit, i'm not a hosting provider, you were right about the fence thing - I do not know everything going on @ the provider side but I'm not ignorant to what is really happening here. You have to start growing with those attacks and show that you can stand them, if you keep blackholing the way you are now then you wont get any better off it, it will keep going and you are just deploying temporary budget solutions instead of going the extra mile and actually starting to hold off those attacks.
You don't have much of an option here, to deal with this problem you will be forced to spend money. It is not a new threat and you should've thought about this before starting a hosting company in my opinion. You have no Plan B and this is the point where you either Quit or Fight it, which path do you choose? basicly I already gave you answers about how you could fight this situation but appearently you aren't willing to go that road or have no budget to-do so.
whatever.
Tempted to tell you how many DDOS attacks I've mitigated with software, including blackholes, successfully. Not every attack is the worst attack that you have a picture of in your head, and not every attacker even tries a second time.
It's up to the consumer to decide whether they go for high dollar DDOS protection. It costs money. Most people trade the cost for a roll of the dice and most of them still get 90-99% uptime.
See that is the kind of attitude that stinks in this world.
Why shoot on sight? That just ends the fun, leg shot, chase for 5 miles, upper body shot just to make a tingle and wear them down slow....
I actually believe that OVH needs more competition in this area, they basicly took the first step.
Any company that is providing ddos protection in uk ?
How is that OVH's fault if someone does not harden his server & run open resolvers?
http://lowendtalk.com/discussion/comment/643367/#Comment_643367
Like I stated in a previous post, providers should be adjusting to today's threats instead of hanging in the past, but if you prefer blackholing (not solving the problem) go ahead. i'm done for real now, I dont like repeating myself. If you prefer going down the road you are going now please feel free to-do so.
See that's where you go running your mouth about things you don't know. I just told you I've solved the problem doing it. Not every attacker is what you want them to be. And by the way:
Talk to me when you are one.
That's a lie and you know it.
Think you got an extra 'p' in there.
This thread escalated quickly...
"adjusting". It's not necessarily the providers fault for having customers that may have pissed someone off, and caused the big spoofed packet mess. Should we be telling the DC's to adjust? It's not that easy, and cost effective as you think.
Your fault. Either get a billion dollar loan to start your business and charge $300 per GB of RAM until you repay said loan, or only start a host if you're a multi-billionaire to begin with. Because our resident former skiddie (who doesn't remember that OVH made their money BEFORE adding DDOS protection) said so.
Your 'solution' is that providers pays money for ddos protection which in turn will increase the amounts of packages and/or servers used by the ddoser.
Not really a solution in my eyes. Better would be to find and eliminate the possible security holes/vulns used to abuse a server.
If people patched and knew what they were doing, this problem would be smaller then it is right now.
The problem lies behind the fact that you don't know how much BW costs @Mark_R
To have 10Gbps protection, you should have n x 20Gbps ports with the amounts of providers you use. Say, you are going to use 2 providers. You should have 2 x 20Gbps connections with at least 10Gbps commit to each. Most of the bandwidth providers don't have this kind of capacity on their every pop. So you have to pick a superpop like Dallas or New York. Say you choose the 2 cheapest providers around, which are He.net and Cogent with pricing around $0.50 per Mbps for that kind of commit. Then you should spend $10K just for the connection per month to have 10Gbps DDoS protection with the cheapest options.
If you count the price of the actual hardware device to filter the attacks like Arbor, you are looking to spend around $100K.
So, to have 10Gbps DDoS protection, you should spend $100K + $10K/month when you have a kid who has $15 and can buy a "stresser" and easily go over 10Gbps attack. You just spent $110K and got beaten by $15.
To have more protection, you should do a logarithmic calculation of the price till 100Gbps. Not linear since the port fees go higher after a couple of 10Gbps.
Or you can simply rent protection from 2-3 companies (Black Lotus & Staminus) who does this on their own for $15-20 per Mbit for 10+Gbps protection. So, for each TB of BW you run, you'll have to pay $45.
Don't get fooled by cheap prices from OVH. They are huge and their network is huge. That's why they are able to offer it for pennies. There are not too many providers with the capacity similar to OVH's network capacity.
its udp - its connectionless
Then you lost your clients to your competition because, quite frankly, most people still don't see a DDOS on themselves or the neighbors that would impact them. As common as it is, we forget just how large the market is, and most people won't buy it until they've seen first hand that they can be a victim. Even then, most still won't, they'll just yell.
@AnthonySmith you've attacking ip's right ? If you'll find the owner of one (computer itself), it's possible to find the source of infection and the main controller who have sent the command to attack. It's internet crime, you and guys (who have hitten by the same attack) should go to police department, open court. It's internet crime, you can only stop it legally way. If police will have court order for one of those computers then source as I said earlier can be found easily.
Attackers often give themselves away somewhere. Few tie up all loose ends. Especially with providers giving up after so many perfectly masked attacks, attackers can get lazy thinking the provider will consider it just another attack they can't trace.
That's my point... did you even read the topic? Plenty of providers can handle 3,000 packets per second on a VM for limited time.
nono dont be stupid, this is all my fault for not spending more money and putting the company in debt....I mean ovh can do it why cant I?
I know in 4 years I have had to deal with around 50 attacks and have prevented most of them through software within 15 minutes but I think the sage advice here is right.... I should spend 1000x more money than the problem costs or do nothing.
/sc
This sucks. However, this is the world we live in, don't like it, the heroin OD is at the corner. At least die happy.
OVH has great protection and the DDoS refugees should host there. However, this is different, it is an attack against a provider, there is another provider behind it and it is very likely they have some financial resources to buy quite a few booters and lists with exploitable IPs. This is also unlikely to be solved in software, they are probably not just the regular kid with pocket money, will use all the tricks in the book.
You do not need to spend a lot for DDoS protection. Light 1-2 Gbps/1 mil pps and autonull over that is affordable and can be easily implemented, it involves getting a different link for it, preferably with a cheap carrier and route everything over in case of attacks. It will not hurt your infrastructure more than a few seconds before the protection kicks in, it also sucks for the user and the attacks will get larger than that quickly, however, it will protect your infrastructure which is the main point here. The DDoS refugee can then go to another provider and the rolling attacks from other providers will just have affect temporarily, just set the check interval at random times, such as restore the IP between 5 and 10 minutes so the attacker wont know how to set the rolling attacks and will have to direct quite a few 1 gbps+ attacks in the same time to make a significant impact. Just activate all IPs, including the ones not in use so they will hit blank targets too. It is doable with guerrilla tactics like this.
DDoS attacks are up 240% in 2014, 1-2 Gbps above is now the average for "Stressers"
Some even hit 4 if they're lucky on a good day, try a provider that uses DDoS Protected Datacenters such as OVH, CNServers, Sharktech, Awknet, Centarra
Centarra offers great VPS's with DDoS Protection here: http://centarra.com/products/vservers.html
Up to 10Gbps they claim.
10 Gbps is nothing for a provider. I am sure the UK attackers can go over 100 gbps if needed, but it will cost them a bit.
I'm wondering how much/high the attack was
@AnthonySmith do you know with how much Gbps your servers were attacked?
It is the price you pay, when you have to chose. Some specs for cheap due to company's size, or better approach to the client?
You can pay OVH, a company that is a giant but has no human face (try their support or request them for something that fits your needs). While OVH can kick the ass of InceptionHosting dealing with a large DDoS attack, it is much more valuable at least for me, dealing with @AnthonySmith when you face a problem with the service or caused by you. Guys that hold a small company and are professionals, will try to do their best to keep their clients happy, even if they has no obligation to do so. And the service they provide is usually better than the big ones, because they matter.
I host my main news portal with Anthony and I have to say that his vps has nothing to be jealous from Linode (where I host another news portal for a friendly group of journalists). On the other hand, a similar vps I used from OVH for a sports portal, as a temporary server for 4 days when I had to reconstruct the main one from Prometeus, has dramatically different behavior (much worse) that the Uncle Sal's and Mao's one with the same specs. And when I opened a ticket at OVH, they claimed that the vps is behave very good and without any problems...
Did you have any issues with it?
@Maounique No, not at all. The opposite. I had to reconstruct the whole panel with some new tuning from the beginning, to fit my needs. So, I used a backup server just to keep the site on air till I finish the reconstruction. And I did a quicker job, because I was not at all happy with the performance of the OVH's server compared to yours.
Seems like they're having issues again? Saw this on their annoucements page: https://clients.inceptionhosting.com/announcements.php?id=118
My VPS with them is also down right now
I opened a ticket with them asking if they could transfer my VPS over to an other UK node if possible, but no reply yet
Mine down again too
It's starting to become annoying see you comment everywhere trying to read people the lesson with poorly copied arguments from the people who do know how it works or just spitting bullshit you came up with yourself.
Do proper research before claiming something without any grounds. Check your facts on wikipedia or whatever before you start ranting, because this 15 y/o teenage ignorance is starting to become really damn annoying.
You clearly don't have enough life experience in IT to be sure of your claims without checking them. Say something constructive or shut up. It's that simple.
PS: There's still a lot to learn, you shouldn't stop here. But stop trying to convince yourself you're the expert just because you know 101 about a topic. Just because you setup a VPS to host your own website and followed a couple of other tutorials of what to do with your VPS doesn't mean you know everything about hosting now. I say this because you act like you do know everything about it.