Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Who's got the best DDOS protection nowadays!?!?!??!
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Who's got the best DDOS protection nowadays!?!?!??!

DamianDamian Member
edited October 2015 in General

As the title says. Data will be served via HTTP, and I can deal with tarpitting/slow start connections. Just need something to filter floods before it gets to the application layer. Reduced responsiveness is fine.

I've got a project coming online in the next few days that's probably going to antagonize some people, and want to make sure it stays online.

I see a lot of the kiddie hosts are offering "DDOS Protection" now that's passed on from their host; I'd really like something offered by the company themselves where they fully understand what they're offering. I'm looking for it on a VPS, since it won't need enough resources to warrant an entire dedicated server.

«13

Comments

  • NexHostNexHost Member
    edited October 2015

    I have been providing DDoS Filtering for the last several years. a mixture of between Blacklotus and CNServers and OVH.

    You can never the Best DDoS Protection as people can hit you with unique floods that just slice straight through the Filtering that is in place. I have had providers where I never experience a issue and some where I do experience problems with the filtering. How ever that could simply be that these providers never got hit with the complex floods I see now.

    DDoS Attacks vary in Size and Type. some are easy to mitigate where other attacks. can be more difficult to mitigate. it all boils down to what Application the user is running. and the type of attacks they are getting hit with. I also see that these providers such as OVH and Voxility claim to offer 480Gbps Filtering. but in reality they won't mitigate anything above 100Gbps or will null route you when the attack is sustained.

    I provide 20Gbps / 12Mpps Filtering to all my clients. some people say that is too low. and that a booter can hit 100Gbps+ but in reality. most booters hit far less. and are saturated due to the amount of users using that booter. the Average attack now is just over 20Gbps in size. How ever with offering the protection above. I know what I can expect and I know what size of attacks can be mitigated. and I know that the attacks can be sustained without any worry of my provider null routing the IP.

    Thanked by 1deadbeef
  • I expected a thread written in caps lock.

    Now I'm disappointed.

  • It's better to actually know the type of attacks you might face.

  • UrDN said: It's better to actually know the type of attacks you might face.

    Good point, I'll update the original posting.

  • depend, if huge packet udp ovh and voxility best way, if for filter tcp betters cnservers

  • X4B.net

    Multiple locations and service types, remote mitigation (reverse proxy, tunnels (GRE, IPIP), and VPN (IPSec, L2TP) for Windows).

    Extensive knowledgebase available with many guides for different applications/services:

    https://www.x4b.net/kb/

    All services come with custom Layer 7 (web traffic) mitigation including browser/signature verification, user tracking, and CAPTCHA, all configurable by the user.

    ACL is also provided to allow/block IPs at the proxy before it even reaches your server.

    Full features:

    https://www.x4b.net/protection/features

    Thanked by 1vimalware
  • I have experienced the best protection with Psychz Networks/limestone networks/ reliablesite.net

    Sorry but ovh and voxility disappointed me

  • We're offering native DDOS mitigation via Psychz on our new lineup. :)

  • Steven_F said: native DDOS mitigation

    Give me more information on it.

    Ishaq said: X4B.net

    Multiple locations and service types, remote mitigation (reverse proxy, tunnels (GRE, IPIP), and VPN (IPSec, L2TP) for Windows).

    Thanks, this looks like what I'm looking for.

  • Steven_FSteven_F Member
    edited October 2015

    @Damian said:

    KVM

    512 MB RAM

    20 GB RAID 10 HDD

    500 GB Bandwidth

    1 x E3-1230 v2 core or better

    10 Gbps / 10 Mpps Native DDoS Mitigation

    1 IPv4 and a /64 IPv6

    $6 a month, discounted to $4.20 for the launch.

    1 GB is double the RAM, storage, and bandwidth and comes with 2 cores, $10 a month, discounted to $7 for the launch.

    LA or Dallas

  • @Ishaq Just out of interest: Do you have an API that has function to block IPs?

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    jmckeag12 said: but in reality they won't mitigate anything above 100Gbps or will null route you when the attack is sustained.

    For what it's worth that's not true. We've had multiple 200GBit+ attacks on our anycast users and they weren't nulled or suffered any issues. I talked to Voxility about it and they kinda just shrugged and went "Not the biggest we've seen this week".

    We only list 100gbit because that's what we had personal experience seeing filtered. With the newest floods we've had we'll likely bump the listing on our site.

    Francisco

    Thanked by 1deadbeef
  • MacPacMacPac Member
    edited October 2015

    ovh and voxility both are good incase of a volumetric attack like UDP and dns amp but not good at all incase of a layer 7 and new attack techniques.

    For me 10 Gbps that is capable to keep my website online is better than 500 Gbps which fails to keep me online...

  • tr1ckytr1cky Member
    edited October 2015

    @MacPac said:
    ovh and voxility both are good incase of a volumetric attack like UDP and dns amp but not good at all incase of a layer 7 and new attack techniques.

    For me 10 Gbps that is capable to keep my website online is better than 500 Gbps which fails to keep me online...

    If you spend more money on DDoS-protection you can find very decent providers:

    • hyperfilter.com
    • incapsula.com's 299$ Business plan
    • cnservers.com

    For budget I currently like:

    • ginernet.com: They layer Voxility and OVH, which is pretty decent combined
    • ramnode.com: Allthough the standard blacklotus protection isn't that great, blacklotus seems to provide good custom filters
    • kms-hosting.com: Pretty good against small attacks, they use their own filtering
    • fireserv.de: Probably the best protection out there for UDP services (gameservers), they use firstcolo's DDoS protection (not in terms of size but in terms of filtering quality)
    Thanked by 3Frecyboy paily jmginer
  • @tr1cky Did you ever used the protection Core-Backbone provides? They claim they mitigated 800 GBit/s last year on facebook. Had a VPS there a while ago, and it was like the best network I've ever used.

  • @Frecyboy said:
    tr1cky Did you ever used the protection Core-Backbone provides? They claim they mitigated 800 GBit/s last year on facebook. Had a VPS there a while ago, and it was like the best network I've ever used.

    No, actually it's the first time I hear about them.

  • @tr1cky said:
    Ishaq Just out of interest: Do you have an API that has function to block IPs?

    Yes, https://www.x4b.net/kb/PublicAPI

    Search for "ACL".

    Individual IPs (/32) or larger subnets in CIDR notation can be added to the ACL either via the panel or API.

    Thanked by 2linuxthefish tr1cky
  • tr1cky said: No, actually it's the first time I hear about them.

    They've got a huge backbone with pops around the world, and actually provide transit for hetzner.... I really have to find a host using their network again.

  • SplitIceSplitIce Member, Host Rep
    edited October 2015

    @tr1cky said:
    Ishaq Just out of interest: Do you have an API that has function to block IPs?

    For HTTP(s) services yes. We currently dont provide functionality for blocking IPs to Layer 4 services (this is easily done if using a Tunnel on windows or linux on the backend).

    https://www.x4b.net/api/ACL/addAcl?service_id=&port_id=&acl[mask]=1.1.1.1/32&acl[mode]=allow&order=10

    Keep in mind the API is not finalized yet, although there is no plans to depreciate any parts of it any time soon.

    Thanked by 1tr1cky
  • oalarooalaro Member
    edited October 2015

    Alot of polish teamspeaks use hosteam vps. I guess it must be pretty good filtering for UDP services, since ddosing is common occurence for big teamspeak servers.

  • MacPac said: ovh and voxility both are good incase of a volumetric attack like UDP and dns amp but not good at all incase of a layer 7 and new attack techniques.

    Pretty much that.

    Thanked by 2MacPac J1021
  • https://schnellno.de is using Core-Backbone

    @Frecyboy said:
    tr1cky Did you ever used the protection Core-Backbone provides? They claim they mitigated 800 GBit/s last year on facebook. Had a VPS there a while ago, and it was like the best network I've ever used.

    Thanked by 1Frecyboy
  • IshaqIshaq Member
    edited October 2015

    oalaro said: Alot of polish teamspeaks use hosteam vps

    Yes, I know someone who uses Hosteam for Teamspeak.

  • Butters said: https://schnellno.de is using Core-Backbone

    Sold out. I know I saw one a while ago, maybe have to search webhostlist and serversupportforum for it.

  • @Butters said:
    https://schnellno.de is using Core-Backbone

    Wow. Those guys have the most typos on their site that I have seen for a long time. Not too professional...

    Thanked by 1salakis
  • MrRadicMrRadic Patron Provider, Veteran

    @MacPac said:

    I have experienced the best ddos protection with reliablesite.net

    Thank you for the recommendaion.

  • @Butters said:
    https://schnellno.de is using Core-Backbone

    The way they advertise their DDoS-protection makes me question it a bit though.
    They basically don't advertise it at all, but they mention it in their ToS: https://schnellno.de/tos.php

    That doesn't sound too confident to me.

  • ProfforgProfforg Member
    edited October 2015

    Hi.

    Application level flood is pain, that's why it's very hard to find anything to suite your needs.

    The best solution is hosted solution - i mean the combination of four services 1) Website optimization/load mitigation 2) Caching enchancements (a lot) 3) Webserver logic revamp - for example force no query strings with combination of caching, a lot of enchacements can be done on that level 4) In-house layer 7 filtering

    If you're fine with such hosted solution - i can offer you my service. By default there are simple rate-limiting (smart), block for most popular layer 7 attacks noways (for example the ones using popular services - google spreadsheet, facebook) and simple WAF (web application firewall). In case of massive flood transparent browser analyzing may be enabled (searchengines passed). This is either the best solution and price-effective solution. This includes splitting the load between servers and load-balancing (if needed). This way i am trying to make sure that your website is online at any traffic.

    Alternatively i can also do proxying. That's not price-effective and there still will be a possibility to down you if your server can't handle the traffic, which will pass filters.

    Thanked by 1deadbeef
  • @Damian Please feel free to drop me a PM, I will be more than happy to let you trial running either a TCP Tunnel (Optional Load-Balancing) or a GRE Tunnel, attack capacity volume wise which can be sustained is 40Gbps.

Sign In or Register to comment.