Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


How to detect a DDoS attack?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

How to detect a DDoS attack?

geodirkgeodirk Member
edited October 2016 in Help

I've gotten a few notices over the last few months from a LEB provider that there was a DDoS attack on my server. Just for my education, how does one detect an attack? I realize that connection to my server might be sluggish under a DDoS. But how do I tell the difference between an attack and just a crappy provider's network?

Thanks

Comments

  • If it's a real DDoS your connection won't be sluggish, it will be completely down.

    You don't usually have the access to detect a real attack, as it's usually noticed (and action is taken) by the bandwidth providers or your service provider.

    If the network is bad most of the time then it's unlikely to be a DDoS attack and instead just a crappy network.

    Thanked by 1geodirk
  • @Ishaq said:
    If it's a real DDoS your connection won't be sluggish, it will be completely down.

    You don't usually have the access to detect a real attack, as it's usually noticed (and action is taken) by the bandwidth providers or your service provider.

    If the network is bad most of the time then it's unlikely to be a DDoS attack and instead just a crappy network.

    Makes sense...thanks!

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    Ishaq said: If it's a real DDoS your connection won't be sluggish, it will be completely down.

    It could be a compromised VPS sending an outbound DOS attack which likely wouldn't max the line so hard to drop the box but it would lag things pretty good :)

    XORDOS is still very much a thing.

    Francisco

Sign In or Register to comment.